Canonical USN OVAL Generator 1 5.11.1 2025-06-09T10:47:25 Copyright (C) 2025 Canonical LTD. All rights reserved. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for more details. You should have received a copy of the GNU General Public License version 3 along with this program. If not, see http://www.gnu.org/licenses/. Ubuntu 20.04 LTS USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481) Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482) Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483) Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. (CVE-2019-11485) Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-15790) Update Instructions: Run `sudo pro fix USN-4171-6` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.12 apport-kde - 2.20.11-0ubuntu27.12 apport-retrace - 2.20.11-0ubuntu27.12 apport-valgrind - 2.20.11-0ubuntu27.12 python3-apport - 2.20.11-0ubuntu27.12 dh-apport - 2.20.11-0ubuntu27.12 apport-gtk - 2.20.11-0ubuntu27.12 apport - 2.20.11-0ubuntu27.12 apport-noui - 2.20.11-0ubuntu27.12 No subscription required None https://launchpad.net/bugs/1903332 Ubuntu 20.04 LTS USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. (CVE-2020-7064) It was discovered that PHP incorrectly handled certain UTF strings. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2020-7065) It was discovered that PHP incorrectly handled certain URLs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7066) Update Instructions: Run `sudo pro fix USN-4330-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu1.1 php7.4 - 7.4.3-4ubuntu1.1 php7.4-dba - 7.4.3-4ubuntu1.1 php7.4-bcmath - 7.4.3-4ubuntu1.1 php7.4-xmlrpc - 7.4.3-4ubuntu1.1 php7.4-intl - 7.4.3-4ubuntu1.1 php7.4-phpdbg - 7.4.3-4ubuntu1.1 php7.4-sybase - 7.4.3-4ubuntu1.1 php7.4-ldap - 7.4.3-4ubuntu1.1 php7.4-readline - 7.4.3-4ubuntu1.1 php7.4-curl - 7.4.3-4ubuntu1.1 php7.4-xsl - 7.4.3-4ubuntu1.1 php7.4-pgsql - 7.4.3-4ubuntu1.1 php7.4-pspell - 7.4.3-4ubuntu1.1 php7.4-zip - 7.4.3-4ubuntu1.1 php7.4-enchant - 7.4.3-4ubuntu1.1 php7.4-odbc - 7.4.3-4ubuntu1.1 php7.4-json - 7.4.3-4ubuntu1.1 php7.4-mbstring - 7.4.3-4ubuntu1.1 php7.4-imap - 7.4.3-4ubuntu1.1 php7.4-bz2 - 7.4.3-4ubuntu1.1 php7.4-cgi - 7.4.3-4ubuntu1.1 php7.4-common - 7.4.3-4ubuntu1.1 php7.4-dev - 7.4.3-4ubuntu1.1 php7.4-interbase - 7.4.3-4ubuntu1.1 php7.4-tidy - 7.4.3-4ubuntu1.1 php7.4-gmp - 7.4.3-4ubuntu1.1 php7.4-sqlite3 - 7.4.3-4ubuntu1.1 php7.4-fpm - 7.4.3-4ubuntu1.1 php7.4-soap - 7.4.3-4ubuntu1.1 php7.4-cli - 7.4.3-4ubuntu1.1 libphp7.4-embed - 7.4.3-4ubuntu1.1 libapache2-mod-php7.4 - 7.4.3-4ubuntu1.1 php7.4-mysql - 7.4.3-4ubuntu1.1 php7.4-snmp - 7.4.3-4ubuntu1.1 php7.4-xml - 7.4.3-4ubuntu1.1 php7.4-opcache - 7.4.3-4ubuntu1.1 No subscription required Medium CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 Ubuntu 20.04 LTS USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4332-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: file-roller - 3.36.1-1ubuntu0.1 No subscription required Medium CVE-2020-11736 Ubuntu 20.04 LTS USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348) It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492) Update Instructions: Run `sudo pro fix USN-4333-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.2-1ubuntu1.1 python3.8-examples - 3.8.2-1ubuntu1.1 python3.8-dev - 3.8.2-1ubuntu1.1 libpython3.8-minimal - 3.8.2-1ubuntu1.1 libpython3.8-dev - 3.8.2-1ubuntu1.1 python3.8-venv - 3.8.2-1ubuntu1.1 libpython3.8 - 3.8.2-1ubuntu1.1 idle-python3.8 - 3.8.2-1ubuntu1.1 libpython3.8-testsuite - 3.8.2-1ubuntu1.1 libpython3.8-stdlib - 3.8.2-1ubuntu1.1 python3.8 - 3.8.2-1ubuntu1.1 python3.8-doc - 3.8.2-1ubuntu1.1 No subscription required Medium CVE-2019-18348 CVE-2020-8492 Ubuntu 20.04 LTS USN-4338-1 fixed vulnerabilities in re2c. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4338-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: re2c - 1.3-1ubuntu0.1 No subscription required Medium CVE-2020-11958 Ubuntu 20.04 LTS Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. (CVE-2017-9111, CVE-2017-9113, CVE-2017-9115) Tan Jie discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. (CVE-2018-18444) Samuel Groß discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2020-11758, CVE-2020-11759, CVE-2020-11760, CVE-2020-11761, CVE-2020-11762, CVE-2020-11763, CVE-2020-11764) It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service. (CVE-2020-11765) Update Instructions: Run `sudo pro fix USN-4339-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.1 openexr - 2.3.0-6ubuntu0.1 libopenexr24 - 2.3.0-6ubuntu0.1 openexr-doc - 2.3.0-6ubuntu0.1 No subscription required Medium CVE-2017-9111 CVE-2017-9113 CVE-2017-9115 CVE-2018-18444 CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-2228) Stephan Zeisberg discovered that CUPS incorrectly handled certain malformed ppd files. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2020-3898) Update Instructions: Run `sudo pro fix USN-4340-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.1 cups-bsd - 2.3.1-9ubuntu1.1 cups-common - 2.3.1-9ubuntu1.1 cups-core-drivers - 2.3.1-9ubuntu1.1 cups-server-common - 2.3.1-9ubuntu1.1 libcupsimage2 - 2.3.1-9ubuntu1.1 cups-client - 2.3.1-9ubuntu1.1 cups-ipp-utils - 2.3.1-9ubuntu1.1 libcups2 - 2.3.1-9ubuntu1.1 cups-ppdc - 2.3.1-9ubuntu1.1 cups - 2.3.1-9ubuntu1.1 libcupsimage2-dev - 2.3.1-9ubuntu1.1 cups-daemon - 2.3.1-9ubuntu1.1 No subscription required Medium CVE-2019-2228 CVE-2020-3898 Ubuntu 20.04 LTS Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10700) It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704) Update Instructions: Run `sudo pro fix USN-4341-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.1 samba - 2:4.11.6+dfsg-0ubuntu1.1 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.1 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.1 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.1 smbclient - 2:4.11.6+dfsg-0ubuntu1.1 winbind - 2:4.11.6+dfsg-0ubuntu1.1 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.1 python3-samba - 2:4.11.6+dfsg-0ubuntu1.1 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.1 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.1 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.1 samba-dev - 2:4.11.6+dfsg-0ubuntu1.1 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.1 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.1 samba-common - 2:4.11.6+dfsg-0ubuntu1.1 registry-tools - 2:4.11.6+dfsg-0ubuntu1.1 samba-libs - 2:4.11.6+dfsg-0ubuntu1.1 ctdb - 2:4.11.6+dfsg-0ubuntu1.1 No subscription required Medium CVE-2020-10700 CVE-2020-10704 Ubuntu 20.04 LTS Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4343-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-28-generic-lpae - 5.4.0-28.32 linux-image-5.4.0-28-generic - 5.4.0-28.32 linux-image-5.4.0-28-lowlatency - 5.4.0-28.32 No subscription required linux-image-virtual-hwe-20.04 - 5.4.0.28.33 linux-image-generic-lpae-hwe-20.04 - 5.4.0.28.33 linux-image-lowlatency-hwe-18.04 - 5.4.0.28.33 linux-image-generic - 5.4.0.28.33 linux-image-virtual-hwe-18.04 - 5.4.0.28.33 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.28.33 linux-image-generic-lpae-hwe-18.04 - 5.4.0.28.33 linux-image-oem - 5.4.0.28.33 linux-image-generic-hwe-20.04 - 5.4.0.28.33 linux-image-lowlatency-hwe-20.04 - 5.4.0.28.33 linux-image-oem-osp1 - 5.4.0.28.33 linux-image-generic-lpae - 5.4.0.28.33 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.28.33 linux-image-generic-hwe-18.04-edge - 5.4.0.28.33 linux-image-lowlatency - 5.4.0.28.33 linux-image-generic-hwe-18.04 - 5.4.0.28.33 linux-image-virtual-hwe-18.04-edge - 5.4.0.28.33 linux-image-virtual - 5.4.0.28.33 No subscription required High CVE-2020-11884 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.28.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.28.2-0ubuntu0.20.04.1 webkit2gtk-driver - 2.28.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.28.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.28.2-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.28.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.28.2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-3899 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html https://www.oracle.com/security-alerts/cpuapr2020.html Update Instructions: Run `sudo pro fix USN-4350-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.20-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.20-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-router - 8.0.20-0ubuntu0.20.04.1 mysql-server - 8.0.20-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.20-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-testsuite - 8.0.20-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.20-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.20-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-2759 CVE-2020-2760 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020-2901 CVE-2020-2903 CVE-2020-2904 CVE-2020-2921 CVE-2020-2922 CVE-2020-2923 CVE-2020-2924 CVE-2020-2925 CVE-2020-2926 CVE-2020-2928 CVE-2020-2930 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4352-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.2 libldap-common - 2.4.49+dfsg-2ubuntu1.2 slapd-contrib - 2.4.49+dfsg-2ubuntu1.2 slapi-dev - 2.4.49+dfsg-2ubuntu1.2 ldap-utils - 2.4.49+dfsg-2ubuntu1.2 libldap2-dev - 2.4.49+dfsg-2ubuntu1.2 slapd - 2.4.49+dfsg-2ubuntu1.2 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.2 No subscription required Medium CVE-2020-12243 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396) It was discovered that the Devtools’ ‘Copy as cURL’ feature did not properly escape the HTTP POST data of a request. If a user were tricked in to using the ‘Copy as cURL’ feature to copy and paste a command with specially crafted data in to a terminal, an attacker could potentially exploit this to obtain sensitive information from local files. (CVE-2020-12392) Update Instructions: Run `sudo pro fix USN-4353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 76.0+build2-0ubuntu0.20.04.1 firefox - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 76.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 76.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 76.0+build2-0ubuntu0.20.04.1 firefox-dev - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 76.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 76.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12387 CVE-2020-12390 CVE-2020-12391 CVE-2020-12392 CVE-2020-12394 CVE-2020-12395 CVE-2020-12396 CVE-2020-6831 Ubuntu 20.04 LTS USN-4353-1 fixed vulnerabilities in Firefox. The update caused a regression that impaired the functionality of some addons. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396) It was discovered that the Devtools’ ‘Copy as cURL’ feature did not properly HTTP POST data of a request. If a user were tricked in to using the ‘Copy as cURL’ feature to copy and paste a command with specially crafted data in to a terminal, an attacker could potentially exploit this to obtain sensitive information from local files. (CVE-2020-12392) Update Instructions: Run `sudo pro fix USN-4353-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 76.0.1+build1-0ubuntu0.20.04.1 firefox - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 76.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 76.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 76.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 76.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 76.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1878251 Ubuntu 20.04 LTS PulseAudio in Ubuntu contains additional functionality to mediate audio recording for snap packages and it was discovered that this functionality did not mediate PulseAudio module unloading. An attacker-controlled snap with only the audio-playback interface connected could exploit this to bypass access controls and record audio. Update Instructions: Run `sudo pro fix USN-4355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpulse0 - 1:13.99.1-1ubuntu3.2 pulseaudio-module-zeroconf - 1:13.99.1-1ubuntu3.2 pulseaudio-module-gsettings - 1:13.99.1-1ubuntu3.2 pulseaudio-module-bluetooth - 1:13.99.1-1ubuntu3.2 libpulse-dev - 1:13.99.1-1ubuntu3.2 pulseaudio-utils - 1:13.99.1-1ubuntu3.2 pulseaudio-module-raop - 1:13.99.1-1ubuntu3.2 pulseaudio - 1:13.99.1-1ubuntu3.2 libpulsedsp - 1:13.99.1-1ubuntu3.2 pulseaudio-equalizer - 1:13.99.1-1ubuntu3.2 libpulse-mainloop-glib0 - 1:13.99.1-1ubuntu3.2 pulseaudio-module-lirc - 1:13.99.1-1ubuntu3.2 pulseaudio-module-jack - 1:13.99.1-1ubuntu3.2 No subscription required Medium CVE-2020-11931 https://launchpad.net/bugs/1877102 Ubuntu 20.04 LTS Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. (CVE-2019-12519, CVE-2019-12521) It was discovered that Squid incorrectly handled the hostname parameter to cachemgr.cgi when certain browsers are used. A remote attacker could possibly use this issue to inject HTML or invalid characters in the hostname parameter. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-18860) Clément Berthaux and Florian Guilbert discovered that Squid incorrectly handled Digest Authentication nonce values. A remote attacker could use this issue to replay nonce values, or possibly execute arbitrary code. (CVE-2020-11945) Update Instructions: Run `sudo pro fix USN-4356-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.1 squidclient - 4.10-1ubuntu1.1 squid-purge - 4.10-1ubuntu1.1 squid - 4.10-1ubuntu1.1 squid-cgi - 4.10-1ubuntu1.1 No subscription required Medium CVE-2019-12519 CVE-2019-12521 CVE-2019-18860 CVE-2020-11945 Ubuntu 20.04 LTS It was discovered that libexif incorrectly handled certain tags. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-20030) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. (CVE-2020-12767) Update Instructions: Run `sudo pro fix USN-4358-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexif-doc - 0.6.21-6ubuntu0.1 libexif-dev - 0.6.21-6ubuntu0.1 libexif12 - 0.6.21-6ubuntu0.1 No subscription required Medium CVE-2018-20030 CVE-2020-12767 Ubuntu 20.04 LTS It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash. Update Instructions: Run `sudo pro fix USN-4359-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apt-doc - 2.0.2ubuntu0.1 libapt-pkg6.0 - 2.0.2ubuntu0.1 apt-transport-https - 2.0.2ubuntu0.1 libapt-pkg-doc - 2.0.2ubuntu0.1 apt - 2.0.2ubuntu0.1 apt-utils - 2.0.2ubuntu0.1 libapt-pkg-dev - 2.0.2ubuntu0.1 No subscription required Medium CVE-2020-3810 Ubuntu 20.04 LTS It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-c4-udeb - 0.13.1+dfsg-7ubuntu0.1 libjson-c-doc - 0.13.1+dfsg-7ubuntu0.1 libjson-c-dev - 0.13.1+dfsg-7ubuntu0.1 libjson-c4 - 0.13.1+dfsg-7ubuntu0.1 No subscription required Medium CVE-2020-12762 Ubuntu 20.04 LTS USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak in some scenarios. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4360-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-c4-udeb - 0.13.1+dfsg-7ubuntu0.2 libjson-c-doc - 0.13.1+dfsg-7ubuntu0.2 libjson-c-dev - 0.13.1+dfsg-7ubuntu0.2 libjson-c4 - 0.13.1+dfsg-7ubuntu0.2 No subscription required None https://launchpad.net/bugs/1878723 Ubuntu 20.04 LTS USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides the correct fix update for CVE-2020-12762. Original advisory details: It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4360-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-c4-udeb - 0.13.1+dfsg-7ubuntu0.3 libjson-c-doc - 0.13.1+dfsg-7ubuntu0.3 libjson-c-dev - 0.13.1+dfsg-7ubuntu0.3 libjson-c4 - 0.13.1+dfsg-7ubuntu0.3 No subscription required Medium CVE-2020-12762 Ubuntu 20.04 LTS Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-10957, CVE-2020-10967) Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-10958) Update Instructions: Run `sudo pro fix USN-4361-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.1 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.1 dovecot-mysql - 1:2.3.7.2-1ubuntu3.1 dovecot-sieve - 1:2.3.7.2-1ubuntu3.1 dovecot-core - 1:2.3.7.2-1ubuntu3.1 dovecot-ldap - 1:2.3.7.2-1ubuntu3.1 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.1 dovecot-dev - 1:2.3.7.2-1ubuntu3.1 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.1 dovecot-imapd - 1:2.3.7.2-1ubuntu3.1 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.1 dovecot-lucene - 1:2.3.7.2-1ubuntu3.1 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.1 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.1 dovecot-solr - 1:2.3.7.2-1ubuntu3.1 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.1 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.1 No subscription required Medium CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 Ubuntu 20.04 LTS It was discovered that DPDK incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726) Update Instructions: Run `sudo pro fix USN-4362-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.1-0ubuntu1.1 librte-pmd-memif20.0 - 19.11.1-0ubuntu1.1 dpdk-igb-uio-dkms - 19.11.1-0ubuntu1.1 librte-pmd-iavf20.0 - 19.11.1-0ubuntu1.1 librte-pmd-enic20.0 - 19.11.1-0ubuntu1.1 librte-pmd-af-packet20.0 - 19.11.1-0ubuntu1.1 librte-pmd-netvsc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx2-event20.0 - 19.11.1-0ubuntu1.1 librte-bus-ifpga20.0 - 19.11.1-0ubuntu1.1 librte-mempool-dpaa2-20.0 - 19.11.1-0ubuntu1.1 librte-stack0.200 - 19.11.1-0ubuntu1.1 librte-pmd-e1000-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa2-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bbdev-null20.0 - 19.11.1-0ubuntu1.1 librte-pipeline20.0 - 19.11.1-0ubuntu1.1 librte-sched20.0 - 19.11.1-0ubuntu1.1 librte-distributor20.0 - 19.11.1-0ubuntu1.1 librte-efd20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ark20.0 - 19.11.1-0ubuntu1.1 librte-gro20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa20.0 - 19.11.1-0ubuntu1.1 librte-pmd-sfc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-failsafe20.0 - 19.11.1-0ubuntu1.1 librte-pmd-pcap20.0 - 19.11.1-0ubuntu1.1 librte-rawdev20.0 - 19.11.1-0ubuntu1.1 librte-meter20.0 - 19.11.1-0ubuntu1.1 librte-hash20.0 - 19.11.1-0ubuntu1.1 librte-ring20.0 - 19.11.1-0ubuntu1.1 librte-mempool-octeontx20.0 - 19.11.1-0ubuntu1.1 librte-telemetry0.200 - 19.11.1-0ubuntu1.1 librte-rawdev-skeleton20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bond20.0 - 19.11.1-0ubuntu1.1 librte-pmd-hinic20.0 - 19.11.1-0ubuntu1.1 librte-pmd-skeleton-event20.0 - 19.11.1-0ubuntu1.1 librte-pmd-mlx5-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-dpaa2-cmdif20.0 - 19.11.1-0ubuntu1.1 librte-pmd-fm10k20.0 - 19.11.1-0ubuntu1.1 librte-cryptodev20.0 - 19.11.1-0ubuntu1.1 librte-pmd-i40e20.0 - 19.11.1-0ubuntu1.1 librte-cmdline20.0 - 19.11.1-0ubuntu1.1 librte-jobstats20.0 - 19.11.1-0ubuntu1.1 dpdk-dev - 19.11.1-0ubuntu1.1 librte-pmd-ccp20.0 - 19.11.1-0ubuntu1.1 librte-pmd-atlantic20.0 - 19.11.1-0ubuntu1.1 librte-pmd-sw-event20.0 - 19.11.1-0ubuntu1.1 librte-ip-frag20.0 - 19.11.1-0ubuntu1.1 librte-pmd-isal20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dsw-event20.0 - 19.11.1-0ubuntu1.1 librte-pmd-nitrox20.0 - 19.11.1-0ubuntu1.1 librte-pmd-kni20.0 - 19.11.1-0ubuntu1.1 librte-mempool-bucket20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa2-event20.0 - 19.11.1-0ubuntu1.1 librte-gso20.0 - 19.11.1-0ubuntu1.1 librte-pmd-vdev-netvsc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-openssl20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bnx2x20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx-compress20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-ioat20.0 - 19.11.1-0ubuntu1.1 librte-mempool-dpaa20.0 - 19.11.1-0ubuntu1.1 librte-latencystats20.0 - 19.11.1-0ubuntu1.1 librte-mempool-octeontx2-20.0 - 19.11.1-0ubuntu1.1 librte-kvargs20.0 - 19.11.1-0ubuntu1.1 librte-bus-fslmc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-avp20.0 - 19.11.1-0ubuntu1.1 librte-pdump20.0 - 19.11.1-0ubuntu1.1 librte-metrics20.0 - 19.11.1-0ubuntu1.1 librte-bbdev0.200 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa-sec20.0 - 19.11.1-0ubuntu1.1 librte-bus-vmbus20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bnxt20.0 - 19.11.1-0ubuntu1.1 librte-timer20.0 - 19.11.1-0ubuntu1.1 librte-cfgfile20.0 - 19.11.1-0ubuntu1.1 librte-rcu0.200 - 19.11.1-0ubuntu1.1 librte-pmd-qat20.0 - 19.11.1-0ubuntu1.1 librte-mempool20.0 - 19.11.1-0ubuntu1.1 libdpdk-dev - 19.11.1-0ubuntu1.1 librte-pmd-null20.0 - 19.11.1-0ubuntu1.1 librte-pmd-virtio20.0 - 19.11.1-0ubuntu1.1 librte-pmd-axgbe20.0 - 19.11.1-0ubuntu1.1 librte-port20.0 - 19.11.1-0ubuntu1.1 librte-pmd-aesni-mb20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-ntb20.0 - 19.11.1-0ubuntu1.1 librte-pmd-softnic20.0 - 19.11.1-0ubuntu1.1 dpdk-doc - 19.11.1-0ubuntu1.1 librte-pmd-mlx4-20.0 - 19.11.1-0ubuntu1.1 librte-net20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.1-0ubuntu1.1 librte-pmd-null-crypto20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ena20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ice20.0 - 19.11.1-0ubuntu1.1 librte-common-dpaax20.0 - 19.11.1-0ubuntu1.1 librte-member20.0 - 19.11.1-0ubuntu1.1 librte-bus-pci20.0 - 19.11.1-0ubuntu1.1 librte-kni20.0 - 19.11.1-0ubuntu1.1 librte-pmd-thunderx20.0 - 19.11.1-0ubuntu1.1 librte-common-octeontx20.0 - 19.11.1-0ubuntu1.1 dpdk - 19.11.1-0ubuntu1.1 librte-pmd-ifc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-opdl-event20.0 - 19.11.1-0ubuntu1.1 librte-pci20.0 - 19.11.1-0ubuntu1.1 librte-eal20.0 - 19.11.1-0ubuntu1.1 librte-pmd-bbdev-turbo-sw20.0 - 19.11.1-0ubuntu1.1 librte-ethdev20.0 - 19.11.1-0ubuntu1.1 librte-table20.0 - 19.11.1-0ubuntu1.1 librte-pmd-hns3-20.0 - 19.11.1-0ubuntu1.1 librte-ipsec0.200 - 19.11.1-0ubuntu1.1 librte-pmd-zlib20.0 - 19.11.1-0ubuntu1.1 librte-bitratestats20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa2-sec20.0 - 19.11.1-0ubuntu1.1 librte-pmd-caam-jr20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-octeontx2-dma20.0 - 19.11.1-0ubuntu1.1 librte-mbuf20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx-event20.0 - 19.11.1-0ubuntu1.1 librte-mempool-stack20.0 - 19.11.1-0ubuntu1.1 librte-power20.0 - 19.11.1-0ubuntu1.1 librte-pmd-liquidio20.0 - 19.11.1-0ubuntu1.1 librte-vhost20.0 - 19.11.1-0ubuntu1.1 librte-pmd-vhost20.0 - 19.11.1-0ubuntu1.1 librte-pmd-virtio-crypto20.0 - 19.11.1-0ubuntu1.1 librte-reorder20.0 - 19.11.1-0ubuntu1.1 librte-pmd-qede20.0 - 19.11.1-0ubuntu1.1 librte-pmd-pfe20.0 - 19.11.1-0ubuntu1.1 librte-flow-classify0.200 - 19.11.1-0ubuntu1.1 librte-rib0.200 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx2-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-cxgbe20.0 - 19.11.1-0ubuntu1.1 librte-mempool-ring20.0 - 19.11.1-0ubuntu1.1 librte-acl20.0 - 19.11.1-0ubuntu1.1 librte-common-cpt20.0 - 19.11.1-0ubuntu1.1 librte-pmd-aesni-gcm20.0 - 19.11.1-0ubuntu1.1 librte-rawdev-dpaa2-qdma20.0 - 19.11.1-0ubuntu1.1 librte-lpm20.0 - 19.11.1-0ubuntu1.1 librte-pmd-tap20.0 - 19.11.1-0ubuntu1.1 librte-eventdev20.0 - 19.11.1-0ubuntu1.1 librte-pmd-nfp20.0 - 19.11.1-0ubuntu1.1 librte-bus-dpaa20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ring20.0 - 19.11.1-0ubuntu1.1 librte-bus-vdev20.0 - 19.11.1-0ubuntu1.1 librte-common-octeontx2-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-ixgbe20.0 - 19.11.1-0ubuntu1.1 librte-pmd-vmxnet3-20.0 - 19.11.1-0ubuntu1.1 librte-pmd-crypto-scheduler20.0 - 19.11.1-0ubuntu1.1 librte-pmd-enetc20.0 - 19.11.1-0ubuntu1.1 librte-pmd-dpaa-event20.0 - 19.11.1-0ubuntu1.1 librte-pmd-octeontx2-crypto20.0 - 19.11.1-0ubuntu1.1 librte-security20.0 - 19.11.1-0ubuntu1.1 librte-compressdev0.200 - 19.11.1-0ubuntu1.1 librte-fib0.200 - 19.11.1-0ubuntu1.1 librte-bpf0.200 - 19.11.1-0ubuntu1.1 No subscription required Medium CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 Ubuntu 20.04 LTS Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. (CVE-2020-8616) Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. (CVE-2020-8617) Update Instructions: Run `sudo pro fix USN-4365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.1 bind9-libs - 1:9.16.1-0ubuntu2.1 bind9utils - 1:9.16.1-0ubuntu2.1 bind9-doc - 1:9.16.1-0ubuntu2.1 bind9-utils - 1:9.16.1-0ubuntu2.1 bind9 - 1:9.16.1-0ubuntu2.1 bind9-dnsutils - 1:9.16.1-0ubuntu2.1 bind9-host - 1:9.16.1-0ubuntu2.1 No subscription required Medium CVE-2020-8616 CVE-2020-8617 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass. Update Instructions: Run `sudo pro fix USN-4366-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.1 eximon4 - 4.93-13ubuntu1.1 exim4 - 4.93-13ubuntu1.1 exim4-daemon-light - 4.93-13ubuntu1.1 exim4-config - 4.93-13ubuntu1.1 exim4-daemon-heavy - 4.93-13ubuntu1.1 exim4-base - 4.93-13ubuntu1.1 No subscription required Medium CVE-2020-12783 Ubuntu 20.04 LTS It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657) Update Instructions: Run `sudo pro fix USN-4367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1011-aws - 5.4.0-1011.11 linux-image-5.4.0-1011-gcp - 5.4.0-1011.11 linux-image-5.4.0-1011-kvm - 5.4.0-1011.11 linux-image-5.4.0-1011-raspi - 5.4.0-1011.11 linux-image-5.4.0-1011-oracle - 5.4.0-1011.11 No subscription required linux-image-5.4.0-1012-azure - 5.4.0-1012.12 No subscription required linux-image-5.4.0-26-generic - 5.4.0-26.30 No subscription required linux-image-5.4.0-31-lowlatency - 5.4.0-31.35 linux-image-5.4.0-31-generic - 5.4.0-31.35 linux-image-5.4.0-31-generic-lpae - 5.4.0-31.35 No subscription required linux-image-raspi - 5.4.0.1011.11 linux-image-raspi2 - 5.4.0.1011.11 No subscription required linux-image-gke - 5.4.0.1011.12 linux-image-oracle - 5.4.0.1011.12 linux-image-kvm - 5.4.0.1011.12 linux-image-gcp - 5.4.0.1011.12 No subscription required linux-image-aws - 5.4.0.1011.14 No subscription required linux-image-azure - 5.4.0.1012.14 No subscription required linux-image-oem-osp1 - 5.4.0.31.36 linux-image-generic-hwe-20.04 - 5.4.0.31.36 linux-image-generic-hwe-18.04 - 5.4.0.31.36 linux-image-generic-lpae-hwe-20.04 - 5.4.0.31.36 linux-image-generic-lpae-hwe-18.04 - 5.4.0.31.36 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.31.36 linux-image-virtual - 5.4.0.31.36 linux-image-virtual-hwe-20.04 - 5.4.0.31.36 linux-image-lowlatency-hwe-18.04 - 5.4.0.31.36 linux-image-generic - 5.4.0.31.36 linux-image-virtual-hwe-18.04 - 5.4.0.31.36 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.31.36 linux-image-oem - 5.4.0.31.36 linux-image-generic-hwe-18.04-edge - 5.4.0.31.36 linux-image-generic-lpae - 5.4.0.31.36 linux-image-virtual-hwe-18.04-edge - 5.4.0.31.36 linux-image-lowlatency-hwe-20.04 - 5.4.0.31.36 linux-image-lowlatency - 5.4.0.31.36 No subscription required Medium CVE-2019-19377 CVE-2020-11565 CVE-2020-12657 CVE-2020-12826 Ubuntu 20.04 LTS USN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657) Update Instructions: Run `sudo pro fix USN-4367-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-33-generic - 5.4.0-33.37 linux-image-5.4.0-33-lowlatency - 5.4.0-33.37 linux-image-5.4.0-33-generic-lpae - 5.4.0-33.37 No subscription required linux-image-virtual-hwe-20.04 - 5.4.0.33.38 linux-image-generic-lpae-hwe-20.04 - 5.4.0.33.38 linux-image-lowlatency-hwe-18.04 - 5.4.0.33.38 linux-image-generic - 5.4.0.33.38 linux-image-virtual-hwe-18.04 - 5.4.0.33.38 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.33.38 linux-image-generic-lpae-hwe-18.04 - 5.4.0.33.38 linux-image-oem - 5.4.0.33.38 linux-image-generic-hwe-20.04 - 5.4.0.33.38 linux-image-lowlatency-hwe-20.04 - 5.4.0.33.38 linux-image-oem-osp1 - 5.4.0.33.38 linux-image-generic-lpae - 5.4.0.33.38 linux-image-lowlatency - 5.4.0.33.38 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.33.38 linux-image-generic-hwe-18.04-edge - 5.4.0.33.38 linux-image-generic-hwe-18.04 - 5.4.0.33.38 linux-image-virtual-hwe-18.04-edge - 5.4.0.33.38 linux-image-virtual - 5.4.0.33.38 No subscription required None https://launchpad.net/bugs/1879690 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3327) It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3341) Update Instructions: Run `sudo pro fix USN-4370-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-base - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.102.3+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.102.3+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.102.3+dfsg-0ubuntu0.20.04.1 clamdscan - 0.102.3+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-3327 CVE-2020-3341 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. (CVE-2019-15034) It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-20382) It was discovered that QEMU incorrectly generated QEMU Pointer Authentication signatures on ARM. A local attacker could possibly use this issue to bypass PAuth. This issue only affected Ubuntu 19.10. (CVE-2020-10702) Ziming Zhang discovered that QEMU incorrectly handled ATI VGA emulation. A local attacker in a guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11869) Aviv Sasson discovered that QEMU incorrectly handled Slirp networking. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2020-1983) Update Instructions: Run `sudo pro fix USN-4372-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.1 qemu-system-common - 1:4.2-3ubuntu6.1 qemu-system-data - 1:4.2-3ubuntu6.1 qemu-system-s390x - 1:4.2-3ubuntu6.1 qemu-block-extra - 1:4.2-3ubuntu6.1 qemu-system-misc - 1:4.2-3ubuntu6.1 qemu-user - 1:4.2-3ubuntu6.1 qemu-system-sparc - 1:4.2-3ubuntu6.1 qemu-guest-agent - 1:4.2-3ubuntu6.1 qemu-system - 1:4.2-3ubuntu6.1 qemu-utils - 1:4.2-3ubuntu6.1 qemu-user-static - 1:4.2-3ubuntu6.1 qemu-kvm - 1:4.2-3ubuntu6.1 qemu-user-binfmt - 1:4.2-3ubuntu6.1 qemu-system-x86 - 1:4.2-3ubuntu6.1 qemu-system-arm - 1:4.2-3ubuntu6.1 qemu-system-gui - 1:4.2-3ubuntu6.1 qemu - 1:4.2-3ubuntu6.1 qemu-system-ppc - 1:4.2-3ubuntu6.1 qemu-system-mips - 1:4.2-3ubuntu6.1 qemu-system-x86-xen - 1:4.2-3ubuntu6.1 No subscription required Medium CVE-2019-15034 CVE-2019-20382 CVE-2020-10702 CVE-2020-11869 CVE-2020-1983 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12395) It was discovered that the Devtools’ ‘Copy as cURL’ feature did not properly escape the HTTP POST data of a request. If a user were tricked in to using the ‘Copy as cURL’ feature to copy and paste a command with specially crafted data in to a terminal, an attacker could potentially exploit this to obtain sensitive information from local files. (CVE-2020-12392) It was discovered that Thunderbird did not correctly handle Unicode whitespace characters within the From email header. An attacker could potentially exploit this to spoof the sender email address that Thunderbird displays. (CVE-2020-12397) Update Instructions: Run `sudo pro fix USN-4373-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-br - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-be - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-si - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-en - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:68.8.0+build2-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-de - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-da - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-dev - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-el - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-et - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-es - 1:68.8.0+build2-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:68.8.0+build2-0ubuntu0.20.04.2 xul-ext-lightning - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-he - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-af - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-is - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-it - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:68.8.0+build2-0ubuntu0.20.04.2 thunderbird-locale-id - 1:68.8.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 Ubuntu 20.04 LTS Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. (CVE-2020-12662) It was discovered that Unbound incorrectly handled certain malformed answers. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. (CVE-2020-12663) Update Instructions: Run `sudo pro fix USN-4374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.1 python3-unbound - 1.9.4-2ubuntu1.1 libunbound8 - 1.9.4-2ubuntu1.1 python-unbound - 1.9.4-2ubuntu1.1 unbound-anchor - 1.9.4-2ubuntu1.1 unbound-host - 1.9.4-2ubuntu1.1 libunbound-dev - 1.9.4-2ubuntu1.1 No subscription required Medium CVE-2020-12662 CVE-2020-12663 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4375-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.2 php7.4 - 7.4.3-4ubuntu2.2 php7.4-dba - 7.4.3-4ubuntu2.2 php7.4-bcmath - 7.4.3-4ubuntu2.2 php7.4-xmlrpc - 7.4.3-4ubuntu2.2 php7.4-intl - 7.4.3-4ubuntu2.2 php7.4-phpdbg - 7.4.3-4ubuntu2.2 php7.4-sybase - 7.4.3-4ubuntu2.2 php7.4-ldap - 7.4.3-4ubuntu2.2 php7.4-readline - 7.4.3-4ubuntu2.2 php7.4-curl - 7.4.3-4ubuntu2.2 php7.4-xsl - 7.4.3-4ubuntu2.2 php7.4-pgsql - 7.4.3-4ubuntu2.2 php7.4-pspell - 7.4.3-4ubuntu2.2 php7.4-zip - 7.4.3-4ubuntu2.2 php7.4-enchant - 7.4.3-4ubuntu2.2 php7.4-odbc - 7.4.3-4ubuntu2.2 php7.4-json - 7.4.3-4ubuntu2.2 php7.4-mbstring - 7.4.3-4ubuntu2.2 php7.4-imap - 7.4.3-4ubuntu2.2 php7.4-bz2 - 7.4.3-4ubuntu2.2 php7.4-cgi - 7.4.3-4ubuntu2.2 php7.4-common - 7.4.3-4ubuntu2.2 php7.4-dev - 7.4.3-4ubuntu2.2 php7.4-interbase - 7.4.3-4ubuntu2.2 php7.4-tidy - 7.4.3-4ubuntu2.2 php7.4-gmp - 7.4.3-4ubuntu2.2 php7.4-sqlite3 - 7.4.3-4ubuntu2.2 php7.4-fpm - 7.4.3-4ubuntu2.2 php7.4-soap - 7.4.3-4ubuntu2.2 php7.4-cli - 7.4.3-4ubuntu2.2 libphp7.4-embed - 7.4.3-4ubuntu2.2 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.2 php7.4-mysql - 7.4.3-4ubuntu2.2 php7.4-snmp - 7.4.3-4ubuntu2.2 php7.4-xml - 7.4.3-4ubuntu2.2 php7.4-opcache - 7.4.3-4ubuntu2.2 No subscription required Medium CVE-2019-11048 Ubuntu 20.04 LTS The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the "AddTrust External Root" CA. In addition, on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, this update refreshes the included certificates to those contained in the 20190110 package. Update Instructions: Run `sudo pro fix USN-4377-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates-udeb - 20190110ubuntu1.1 ca-certificates - 20190110ubuntu1.1 No subscription required None https://launchpad.net/bugs/1881533 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code. Update Instructions: Run `sudo pro fix USN-4379-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-shadow-x11 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-dev - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-wayland - 2.1.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-dev - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libuwac0-0 - 2.1.1+dfsg1-0ubuntu0.20.04.1 freerdp2-x11 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libwinpr-tools2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libuwac0-dev - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow-subsystem2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-client2-2 - 2.1.1+dfsg1-0ubuntu0.20.04.1 winpr-utils - 2.1.1+dfsg1-0ubuntu0.20.04.1 No subscription required Medium CVE-2018-1000852 CVE-2019-17177 CVE-2020-11042 CVE-2020-11044 CVE-2020-11045 CVE-2020-11046 CVE-2020-11047 CVE-2020-11048 CVE-2020-11049 CVE-2020-11058 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Ubuntu 20.04 LTS Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of service and obtain sensitive information. (CVE-2020-13254) Jon Dufresne discovered that Django incorrectly encoded query parameters for the admin ForeignKeyRawIdWidget. A remote attacker could possibly use this issue to perform XSS attacks. (CVE-2020-13596) Update Instructions: Run `sudo pro fix USN-4381-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.1 python-django-doc - 2:2.2.12-1ubuntu0.1 No subscription required Medium CVE-2020-13254 CVE-2020-13596 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. (CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411) It was discovered that NSS showed timing differences when performing DSA signatures. An attacker could potentially exploit this to obtain private keys using a timing attack. (CVE-2020-12399) Update Instructions: Run `sudo pro fix USN-4383-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 77.0.1+build1-0ubuntu0.20.04.1 firefox - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 77.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 77.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 77.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 77.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 77.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12407 CVE-2020-12408 CVE-2020-12409 CVE-2020-12410 CVE-2020-12411 Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information. Update Instructions: Run `sudo pro fix USN-4384-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnutls30 - 3.6.13-2ubuntu1.1 libgnutls28-dev - 3.6.13-2ubuntu1.1 libgnutlsxx28 - 3.6.13-2ubuntu1.1 gnutls-doc - 3.6.13-2ubuntu1.1 libgnutls-dane0 - 3.6.13-2ubuntu1.1 gnutls-bin - 3.6.13-2ubuntu1.1 guile-gnutls - 3.6.13-2ubuntu1.1 libgnutls-openssl27 - 3.6.13-2ubuntu1.1 No subscription required High CVE-2020-13777 Ubuntu 20.04 LTS It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. (CVE-2020-0548) It was discovered that on some Intel processors, data from the most recently evicted modified L1 data cache (L1D) line may be propagated into an unused (invalid) L1D fill buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2020-0549) Update Instructions: Run `sudo pro fix USN-4385-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20200609.0ubuntu0.20.04.0 No subscription required Medium CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS Ubuntu 20.04 LTS USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family (06_4EH) from booting successfully. Additonally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update reverts the microcode update for the Skylake processor family and disables the late loading option on Ubuntu 20.04 LTS. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. We apologize for the inconvenience. Original advisory details: It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. (CVE-2020-0548) It was discovered that on some Intel processors, data from the most recently evicted modified L1 data cache (L1D) line may be propagated into an unused (invalid) L1D fill buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2020-0549) Update Instructions: Run `sudo pro fix USN-4385-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20200609.0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/1882890 https://launchpad.net/bugs/1883002 Ubuntu 20.04 LTS It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information. Update Instructions: Run `sudo pro fix USN-4386-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libturbojpeg0-dev - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo8-dev - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo-progs - 2.0.3-0ubuntu1.20.04.1 libturbojpeg - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo8 - 2.0.3-0ubuntu1.20.04.1 libjpeg-turbo-test - 2.0.3-0ubuntu1.20.04.1 No subscription required Medium CVE-2020-13790 Ubuntu 20.04 LTS It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067) It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114) It was discovered that the USB susbsystem's scatter-gather implementation in the Linux kernel did not properly take data references in some situations, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12464) Bui Quang Minh discovered that the XDP socket implementation in the Linux kernel did not properly validate meta-data passed from user space, leading to an out-of-bounds write vulnerability. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12659) Dmitry Vyukov discovered that the SELinux netlink security hook in the Linux kernel did not validate messages in some situations. A privileged attacker could use this to bypass SELinux netlink restrictions. (CVE-2020-10751) Update Instructions: Run `sudo pro fix USN-4389-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1012-raspi - 5.4.0-1012.12 No subscription required linux-image-5.4.0-1015-kvm - 5.4.0-1015.15 linux-image-5.4.0-1015-gcp - 5.4.0-1015.15 linux-image-5.4.0-1015-aws - 5.4.0-1015.15 linux-image-5.4.0-1015-oracle - 5.4.0-1015.15 No subscription required linux-image-5.4.0-1016-azure - 5.4.0-1016.16 No subscription required linux-image-5.4.0-27-generic - 5.4.0-27.31 No subscription required linux-image-5.4.0-37-lowlatency - 5.4.0-37.41 linux-image-5.4.0-37-generic - 5.4.0-37.41 linux-image-5.4.0-37-generic-lpae - 5.4.0-37.41 No subscription required linux-image-raspi - 5.4.0.1012.12 linux-image-raspi2 - 5.4.0.1012.12 No subscription required linux-image-gke - 5.4.0.1015.14 linux-image-oracle - 5.4.0.1015.14 linux-image-kvm - 5.4.0.1015.14 linux-image-gcp - 5.4.0.1015.14 No subscription required linux-image-aws - 5.4.0.1015.16 No subscription required linux-image-azure - 5.4.0.1016.16 No subscription required linux-image-virtual - 5.4.0.27.34 linux-image-virtual-hwe-20.04 - 5.4.0.27.34 No subscription required linux-image-oem-osp1 - 5.4.0.37.40 linux-image-generic-hwe-20.04 - 5.4.0.37.40 linux-image-generic-hwe-18.04 - 5.4.0.37.40 linux-image-generic-lpae-hwe-20.04 - 5.4.0.37.40 linux-image-generic-lpae-hwe-18.04 - 5.4.0.37.40 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.37.40 linux-image-lowlatency-hwe-18.04 - 5.4.0.37.40 linux-image-generic - 5.4.0.37.40 linux-image-virtual-hwe-18.04 - 5.4.0.37.40 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.37.40 linux-image-oem - 5.4.0.37.40 linux-image-generic-hwe-18.04-edge - 5.4.0.37.40 linux-image-generic-lpae - 5.4.0.37.40 linux-image-lowlatency - 5.4.0.37.40 linux-image-lowlatency-hwe-20.04 - 5.4.0.37.40 linux-image-virtual-hwe-18.04-edge - 5.4.0.37.40 No subscription required Medium CVE-2020-0067 CVE-2020-0543 CVE-2020-10751 CVE-2020-12114 CVE-2020-12464 CVE-2020-12659 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740) It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603) It was discovered that SQLite incorrectly handled certain self-referential views. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19645) Henry Liu discovered that SQLite incorrectly handled certain malformed window-function queries. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-11655) It was discovered that SQLite incorrectly handled certain string operations. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13434) It was discovered that SQLite incorrectly handled certain expressions. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435) It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13630) It was discovered that SQLite incorrectly handled certain virtual table names. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13631) It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13632) Update Instructions: Run `sudo pro fix USN-4394-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.1 sqlite3-doc - 3.31.1-4ubuntu0.1 libsqlite3-0 - 3.31.1-4ubuntu0.1 libsqlite3-tcl - 3.31.1-4ubuntu0.1 sqlite3 - 3.31.1-4ubuntu0.1 libsqlite3-dev - 3.31.1-4ubuntu0.1 No subscription required Medium CVE-2018-8740 CVE-2019-19603 CVE-2019-19645 CVE-2020-11655 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 Ubuntu 20.04 LTS Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware. Update Instructions: Run `sudo pro fix USN-4395-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-fwupdplugin-1.0 - 1.3.9-4ubuntu0.1 fwupd-amd64-signed-template - 1.3.9-4ubuntu0.1 libfwupd-dev - 1.3.9-4ubuntu0.1 fwupd-armhf-signed-template - 1.3.9-4ubuntu0.1 gir1.2-fwupd-2.0 - 1.3.9-4ubuntu0.1 fwupd-tests - 1.3.9-4ubuntu0.1 fwupd-doc - 1.3.9-4ubuntu0.1 fwupd-arm64-signed-template - 1.3.9-4ubuntu0.1 libfwupdplugin-dev - 1.3.9-4ubuntu0.1 libfwupdplugin1 - 1.3.9-4ubuntu0.1 fwupd - 1.3.9-4ubuntu0.1 libfwupd2 - 1.3.9-4ubuntu0.1 No subscription required Medium CVE-2020-10759 Ubuntu 20.04 LTS It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-0093, CVE-2020-0182) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. (CVE-2020-0198) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2020-13112) It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. (CVE-2020-13113) It was discovered libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-13114) Update Instructions: Run `sudo pro fix USN-4396-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexif-doc - 0.6.21-6ubuntu0.3 libexif-dev - 0.6.21-6ubuntu0.3 libexif12 - 0.6.21-6ubuntu0.3 No subscription required Medium CVE-2020-0093 CVE-2020-0182 CVE-2020-0198 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-17023) Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. (CVE-2020-12399) Update Instructions: Run `sudo pro fix USN-4397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.1 libnss3 - 2:3.49.1-1ubuntu1.1 libnss3-tools - 2:3.49.1-1ubuntu1.1 No subscription required Medium CVE-2019-17023 CVE-2020-12399 Ubuntu 20.04 LTS Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4398-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dbus-1-doc - 1.12.16-2ubuntu2.1 dbus - 1.12.16-2ubuntu2.1 libdbus-1-dev - 1.12.16-2ubuntu2.1 dbus-udeb - 1.12.16-2ubuntu2.1 dbus-user-session - 1.12.16-2ubuntu2.1 libdbus-1-3-udeb - 1.12.16-2ubuntu2.1 dbus-x11 - 1.12.16-2ubuntu2.1 dbus-tests - 1.12.16-2ubuntu2.1 libdbus-1-3 - 1.12.16-2ubuntu2.1 No subscription required Medium CVE-2020-12049 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled large responses during zone transfers. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8618) It was discovered that Bind incorrectly handled certain asterisk characters in zone files. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8619) Update Instructions: Run `sudo pro fix USN-4399-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.2 bind9-libs - 1:9.16.1-0ubuntu2.2 bind9utils - 1:9.16.1-0ubuntu2.2 bind9-doc - 1:9.16.1-0ubuntu2.2 bind9-utils - 1:9.16.1-0ubuntu2.2 bind9 - 1:9.16.1-0ubuntu2.2 bind9-dnsutils - 1:9.16.1-0ubuntu2.2 bind9-host - 1:9.16.1-0ubuntu2.2 No subscription required Medium CVE-2020-8618 CVE-2020-8619 Ubuntu 20.04 LTS It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4400-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nfs-kernel-server - 1:1.3.4-2.5ubuntu3.3 nfs-common - 1:1.3.4-2.5ubuntu3.3 No subscription required Low CVE-2019-3689 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. (CVE-2020-14093) It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate certificate. (CVE-2020-14154) Update Instructions: Run `sudo pro fix USN-4401-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.1 No subscription required Medium CVE-2020-14093 CVE-2020-14154 Ubuntu 20.04 LTS Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-8169) It was discovered that curl incorrectly handled certain parameters. An attacker could possibly use this issue to overwrite a local file. (CVE-2020-8177) Update Instructions: Run `sudo pro fix USN-4402-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.1 libcurl4-openssl-dev - 7.68.0-1ubuntu2.1 libcurl3-gnutls - 7.68.0-1ubuntu2.1 libcurl4-doc - 7.68.0-1ubuntu2.1 libcurl3-nss - 7.68.0-1ubuntu2.1 libcurl4-nss-dev - 7.68.0-1ubuntu2.1 libcurl4 - 7.68.0-1ubuntu2.1 curl - 7.68.0-1ubuntu2.1 No subscription required Medium CVE-2020-8169 CVE-2020-8177 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. (CVE-2020-14954) This update also address a regression caused in the last update USN-4401-1. It only affected Ubuntu 12.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. Update Instructions: Run `sudo pro fix USN-4403-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.2 No subscription required Medium CVE-2020-14954 https://launchpad.net/bugs/1884588 Ubuntu 20.04 LTS Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963) It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967) It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973) Update Instructions: Run `sudo pro fix USN-4404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnvidia-common-390 - 390.138-0ubuntu0.20.04.1 nvidia-384 - 390.138-0ubuntu0.20.04.1 nvidia-compute-utils-390 - 390.138-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.138-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.138-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.138-0ubuntu0.20.04.1 nvidia-driver-390 - 390.138-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.138-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.138-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.138-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.138-0ubuntu0.20.04.1 nvidia-384-dev - 390.138-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.138-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.138-0ubuntu0.20.04.1 nvidia-headless-390 - 390.138-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.138-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.138-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.138-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.138-0ubuntu0.20.04.1 libcuda1-384 - 390.138-0ubuntu0.20.04.1 nvidia-utils-390 - 390.138-0ubuntu0.20.04.1 No subscription required xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-common-440 - 440.100-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440 - 440.100-0ubuntu0.20.04.1 libnvidia-decode-440 - 440.100-0ubuntu0.20.04.1 libnvidia-gl-430 - 440.100-0ubuntu0.20.04.1 libnvidia-common-440 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-source-430 - 440.100-0ubuntu0.20.04.1 libnvidia-encode-440 - 440.100-0ubuntu0.20.04.1 nvidia-dkms-440 - 440.100-0ubuntu0.20.04.1 libnvidia-cfg1-430 - 440.100-0ubuntu0.20.04.1 nvidia-compute-utils-430 - 440.100-0ubuntu0.20.04.1 nvidia-utils-430 - 440.100-0ubuntu0.20.04.1 libnvidia-encode-430 - 440.100-0ubuntu0.20.04.1 nvidia-headless-440 - 440.100-0ubuntu0.20.04.1 libnvidia-extra-440 - 440.100-0ubuntu0.20.04.1 libnvidia-compute-440 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-common-430 - 440.100-0ubuntu0.20.04.1 nvidia-utils-440 - 440.100-0ubuntu0.20.04.1 nvidia-driver-440 - 440.100-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-430 - 440.100-0ubuntu0.20.04.1 nvidia-driver-430 - 440.100-0ubuntu0.20.04.1 libnvidia-common-430 - 440.100-0ubuntu0.20.04.1 libnvidia-decode-430 - 440.100-0ubuntu0.20.04.1 libnvidia-ifr1-440 - 440.100-0ubuntu0.20.04.1 libnvidia-fbc1-430 - 440.100-0ubuntu0.20.04.1 libnvidia-cfg1-440 - 440.100-0ubuntu0.20.04.1 nvidia-headless-no-dkms-430 - 440.100-0ubuntu0.20.04.1 libnvidia-fbc1-440 - 440.100-0ubuntu0.20.04.1 libnvidia-compute-430 - 440.100-0ubuntu0.20.04.1 nvidia-dkms-430 - 440.100-0ubuntu0.20.04.1 nvidia-compute-utils-440 - 440.100-0ubuntu0.20.04.1 libnvidia-ifr1-430 - 440.100-0ubuntu0.20.04.1 nvidia-kernel-source-440 - 440.100-0ubuntu0.20.04.1 libnvidia-gl-440 - 440.100-0ubuntu0.20.04.1 nvidia-headless-430 - 440.100-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-5963 CVE-2020-5967 CVE-2020-5973 Ubuntu 20.04 LTS USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963) It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967) It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973) Update Instructions: Run `sudo pro fix USN-4404-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1017-aws - 5.4.0-1017.17 No subscription required linux-image-5.4.0-1018-oracle - 5.4.0-1018.18 linux-image-5.4.0-1018-gcp - 5.4.0-1018.18 No subscription required linux-image-5.4.0-1019-azure - 5.4.0-1019.19 No subscription required linux-image-5.4.0-39-generic-lpae - 5.4.0-39.43 linux-image-5.4.0-39-lowlatency - 5.4.0-39.43 linux-image-5.4.0-39-generic - 5.4.0-39.43 No subscription required linux-image-aws - 5.4.0.1017.18 No subscription required linux-image-gke - 5.4.0.1018.16 linux-image-gcp - 5.4.0.1018.16 linux-image-oracle - 5.4.0.1018.16 No subscription required linux-image-azure - 5.4.0.1019.18 No subscription required linux-image-oem-osp1 - 5.4.0.39.42 linux-image-generic-hwe-20.04 - 5.4.0.39.42 linux-image-generic-hwe-18.04 - 5.4.0.39.42 linux-image-generic-lpae-hwe-20.04 - 5.4.0.39.42 linux-image-generic-lpae-hwe-18.04 - 5.4.0.39.42 linux-image-virtual - 5.4.0.39.42 linux-image-virtual-hwe-20.04 - 5.4.0.39.42 linux-image-lowlatency-hwe-18.04 - 5.4.0.39.42 linux-image-generic - 5.4.0.39.42 linux-image-virtual-hwe-18.04 - 5.4.0.39.42 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.39.42 linux-image-oem - 5.4.0.39.42 linux-image-generic-hwe-18.04-edge - 5.4.0.39.42 linux-image-generic-lpae - 5.4.0.39.42 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.39.42 linux-image-lowlatency - 5.4.0.39.42 linux-image-lowlatency-hwe-20.04 - 5.4.0.39.42 linux-image-virtual-hwe-18.04-edge - 5.4.0.39.42 No subscription required Medium CVE-2020-5963 CVE-2020-5967 CVE-2020-5973 Ubuntu 20.04 LTS It was discovered that glib-networking skipped hostname certificate verification if the application failed to specify the server identity. A remote attacker could use this to perform a person-in-the-middle attack and expose sensitive information. Update Instructions: Run `sudo pro fix USN-4405-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glib-networking - 2.64.2-1ubuntu0.1 glib-networking-services - 2.64.2-1ubuntu0.1 glib-networking-tests - 2.64.2-1ubuntu0.1 glib-networking-common - 2.64.2-1ubuntu0.1 No subscription required Medium CVE-2020-13645 Ubuntu 20.04 LTS It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2019-15680) It was discovered that an information disclosure vulnerability existed in LibVNCServer when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2019-15681) It was discovered that LibVNCServer incorrectly handled cursor shape updates. If a user were tricked in to connecting to a malicious server, an attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2019-15690, CVE-2019-20788) It was discovered that LibVNCServer incorrectly handled decoding WebSocket frames. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. (CVE-2017-18922) Update Instructions: Run `sudo pro fix USN-4407-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvncserver1 - 0.9.12+dfsg-9ubuntu0.1 libvncserver-dev - 0.9.12+dfsg-9ubuntu0.1 libvncclient1 - 0.9.12+dfsg-9ubuntu0.1 No subscription required Medium CVE-2017-18922 CVE-2019-15680 CVE-2019-15681 CVE-2019-15690 CVE-2019-20788 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. (CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426) It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. (CVE-2020-12421) Update Instructions: Run `sudo pro fix USN-4408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 78.0.1+build1-0ubuntu0.20.04.1 firefox - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 78.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 78.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 78.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 78.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 78.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 Ubuntu 20.04 LTS Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10730) Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-10745) Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10760) Update Instructions: Run `sudo pro fix USN-4409-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.3 samba - 2:4.11.6+dfsg-0ubuntu1.3 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.3 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.3 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.3 smbclient - 2:4.11.6+dfsg-0ubuntu1.3 winbind - 2:4.11.6+dfsg-0ubuntu1.3 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.3 python3-samba - 2:4.11.6+dfsg-0ubuntu1.3 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.3 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.3 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.3 samba-dev - 2:4.11.6+dfsg-0ubuntu1.3 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.3 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.3 samba-common - 2:4.11.6+dfsg-0ubuntu1.3 registry-tools - 2:4.11.6+dfsg-0ubuntu1.3 samba-libs - 2:4.11.6+dfsg-0ubuntu1.3 ctdb - 2:4.11.6+dfsg-0ubuntu1.3 No subscription required Medium CVE-2020-10730 CVE-2020-10745 CVE-2020-10760 Ubuntu 20.04 LTS A double-free bug was discovered in snmpd server. An authenticated user could potentially cause a DoS by sending a crafted request to the server. (CVE-2019-20892) Update Instructions: Run `sudo pro fix USN-4410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.1 libsnmp-dev - 5.8+dfsg-2ubuntu2.1 libsnmp-base - 5.8+dfsg-2ubuntu2.1 snmp - 5.8+dfsg-2ubuntu2.1 libsnmp-perl - 5.8+dfsg-2ubuntu2.1 tkmib - 5.8+dfsg-2ubuntu2.1 snmpd - 5.8+dfsg-2ubuntu2.1 libsnmp35 - 5.8+dfsg-2ubuntu2.1 No subscription required Medium CVE-2019-20892 Ubuntu 20.04 LTS It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2020-10732) Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service (system crash). (CVE-2020-10711) It was discovered that the SCSI generic (sg) driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-12770) It was discovered that the USB Gadget device driver in the Linux kernel did not validate arguments passed from configfs in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-13143) It was discovered that the KVM implementation in the Linux kernel did not properly deallocate memory on initialization for some processors. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12768) Update Instructions: Run `sudo pro fix USN-4411-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1013-raspi - 5.4.0-1013.13 No subscription required linux-image-5.4.0-1018-aws - 5.4.0-1018.18 No subscription required linux-image-5.4.0-1019-gcp - 5.4.0-1019.19 linux-image-5.4.0-1019-oracle - 5.4.0-1019.19 No subscription required linux-image-5.4.0-1020-azure - 5.4.0-1020.20 No subscription required linux-image-5.4.0-28-generic - 5.4.0-28.32 No subscription required linux-image-5.4.0-40-generic - 5.4.0-40.44 linux-image-5.4.0-40-generic-lpae - 5.4.0-40.44 linux-image-5.4.0-40-lowlatency - 5.4.0-40.44 No subscription required linux-image-raspi - 5.4.0.1013.13 linux-image-raspi2 - 5.4.0.1013.13 No subscription required linux-image-kvm - 5.4.0.1018.17 No subscription required linux-image-aws - 5.4.0.1018.19 No subscription required linux-image-oracle - 5.4.0.1019.17 linux-image-gke - 5.4.0.1019.17 linux-image-gcp - 5.4.0.1019.17 No subscription required linux-image-azure - 5.4.0.1020.19 No subscription required linux-image-oem-osp1 - 5.4.0.40.43 linux-image-generic-hwe-20.04 - 5.4.0.40.43 linux-image-generic-hwe-18.04 - 5.4.0.40.43 linux-image-generic-lpae-hwe-20.04 - 5.4.0.40.43 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.40.43 linux-image-generic-lpae-hwe-18.04 - 5.4.0.40.43 linux-image-virtual - 5.4.0.40.43 linux-image-lowlatency-hwe-18.04 - 5.4.0.40.43 linux-image-generic - 5.4.0.40.43 linux-image-virtual-hwe-18.04 - 5.4.0.40.43 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.40.43 linux-image-oem - 5.4.0.40.43 linux-image-generic-hwe-18.04-edge - 5.4.0.40.43 linux-image-virtual-hwe-20.04 - 5.4.0.40.43 linux-image-lowlatency - 5.4.0.40.43 linux-image-lowlatency-hwe-20.04 - 5.4.0.40.43 linux-image-generic-lpae - 5.4.0.40.43 linux-image-virtual-hwe-18.04-edge - 5.4.0.40.43 No subscription required Low CVE-2020-10711 CVE-2020-10732 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143 Ubuntu 20.04 LTS Felix Dörre discovered that coTURN response buffer is not initialized properly. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-4067) It was discovered that coTURN web server incorrectly handled HTTP POST requests. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact. (CVE-2020-6061, CVE-2020-6062) Update Instructions: Run `sudo pro fix USN-4415-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: coturn - 4.5.1.1-1.1ubuntu0.20.04.1 No subscription required Medium CVE-2020-4067 CVE-2020-6061 CVE-2020-6062 Ubuntu 20.04 LTS Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys. Update Instructions: Run `sudo pro fix USN-4417-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.2 libnss3 - 2:3.49.1-1ubuntu1.2 libnss3-tools - 2:3.49.1-1ubuntu1.2 No subscription required Medium CVE-2020-12402 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4418-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.2 openexr - 2.3.0-6ubuntu0.2 libopenexr24 - 2.3.0-6ubuntu0.2 openexr-doc - 2.3.0-6ubuntu0.2 No subscription required Medium CVE-2020-15305 CVE-2020-15306 Ubuntu 20.04 LTS David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4420-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-backup - 2:16.1.0-0ubuntu1 cinder-api - 2:16.1.0-0ubuntu1 cinder-volume - 2:16.1.0-0ubuntu1 cinder-common - 2:16.1.0-0ubuntu1 python3-cinder - 2:16.1.0-0ubuntu1 cinder-scheduler - 2:16.1.0-0ubuntu1 No subscription required os-brick-common - 3.0.1-0ubuntu1.2 python-os-brick-doc - 3.0.1-0ubuntu1.2 python3-os-brick - 3.0.1-0ubuntu1.2 No subscription required Low CVE-2020-10755 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbtirary code. (CVE-2020-12405, CVE-2020-12406, CVE-2020-12410, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420) It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. (CVE-2020-12398) It was discovered that NSS showed timing differences when performing DSA signatures. An attacker could potentially exploit this to obtain private keys using a timing attack. (CVE-2020-12399) It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. (CVE-2020-12421) Update Instructions: Run `sudo pro fix USN-4421-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:68.10.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:68.10.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:68.10.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:68.10.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:68.10.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12398 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.28.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.28.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.28.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.28.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.28.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.28.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.28.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13753 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 Ubuntu 20.04 LTS It was discovered that X-Frame-Options could be bypassed in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct clickjacking attacks. Update Instructions: Run `sudo pro fix USN-4423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ne - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nb - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fa - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fi - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fy - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-or - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kab - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-oc - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cs - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ga - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gd - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pa - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cy - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pt - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hi - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-he - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hy - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-as - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ar - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ia - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-az - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-id - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mai - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-af - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-is - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-it - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-an - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bs - 78.0.2+build2-0ubuntu0.20.04.1 firefox - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ro - 78.0.2+build2-0ubuntu0.20.04.1 firefox-geckodriver - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ja - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ru - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-br - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-be - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bg - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sl - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-si - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sw - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sv - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sq - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ko - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-km - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ka - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-xh - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ca - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ku - 78.0.2+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lv - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lt - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-th - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 78.0.2+build2-0ubuntu0.20.04.1 firefox-dev - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-te - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cak - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ta - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lg - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-tr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nso - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-de - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-da - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ms - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mr - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-my - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uz - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ml - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mn - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mk - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ur - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-vi - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-et - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-es - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-csb - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-el - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eo - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-en - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zu - 78.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ast - 78.0.2+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1887576 Ubuntu 20.04 LTS It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. (CVE-2020-11933) It was discovered that snapctl user-open allowed altering the XDG_DATA_DIRS environment variable when calling the system xdg-open. A malicious snap could exploit this to bypass intended access restrictions to control how the host system xdg-open script opens the URL. This issue did not affect Ubuntu Core systems. (CVE-2020-11934) Update Instructions: Run `sudo pro fix USN-4424-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.45.1+20.04.2 ubuntu-core-launcher - 2.45.1+20.04.2 snap-confine - 2.45.1+20.04.2 ubuntu-snappy-cli - 2.45.1+20.04.2 golang-github-snapcore-snapd-dev - 2.45.1+20.04.2 snapd-xdg-open - 2.45.1+20.04.2 snapd - 2.45.1+20.04.2 golang-github-ubuntu-core-snappy-dev - 2.45.1+20.04.2 ubuntu-snappy - 2.45.1+20.04.2 No subscription required Medium CVE-2020-11933 CVE-2020-11934 Ubuntu 20.04 LTS It was discovered that the network block device (nbd) implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16089) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly check return values in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19462) Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service. (CVE-2020-11935) Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading ACPI tables via configfs. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2020-15780) Update Instructions: Run `sudo pro fix USN-4425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1015-raspi - 5.4.0-1015.15 No subscription required linux-image-5.4.0-1020-aws - 5.4.0-1020.20 No subscription required linux-image-5.4.0-1021-oracle - 5.4.0-1021.21 linux-image-5.4.0-1021-gcp - 5.4.0-1021.21 No subscription required linux-image-5.4.0-1022-azure - 5.4.0-1022.22 No subscription required linux-image-5.4.0-30-generic - 5.4.0-30.34 No subscription required linux-image-5.4.0-42-generic-lpae - 5.4.0-42.46 linux-image-5.4.0-42-generic - 5.4.0-42.46 linux-image-5.4.0-42-lowlatency - 5.4.0-42.46 No subscription required linux-image-raspi - 5.4.0.1015.50 linux-image-raspi2 - 5.4.0.1015.50 linux-image-raspi-hwe-18.04-edge - 5.4.0.1015.50 linux-image-raspi-hwe-18.04 - 5.4.0.1015.50 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1015.50 linux-image-raspi2-hwe-18.04 - 5.4.0.1015.50 No subscription required linux-image-kvm - 5.4.0.1020.19 No subscription required linux-image-aws - 5.4.0.1020.21 No subscription required linux-image-gke - 5.4.0.1021.19 linux-image-oracle - 5.4.0.1021.19 linux-image-gcp - 5.4.0.1021.19 No subscription required linux-image-azure - 5.4.0.1022.21 No subscription required linux-image-oem-osp1 - 5.4.0.42.45 linux-image-generic-hwe-20.04 - 5.4.0.42.45 linux-image-generic-hwe-18.04 - 5.4.0.42.45 linux-image-generic-lpae-hwe-20.04 - 5.4.0.42.45 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.42.45 linux-image-generic-lpae-hwe-18.04 - 5.4.0.42.45 linux-image-virtual - 5.4.0.42.45 linux-image-lowlatency - 5.4.0.42.45 linux-image-virtual-hwe-20.04 - 5.4.0.42.45 linux-image-lowlatency-hwe-18.04 - 5.4.0.42.45 linux-image-generic - 5.4.0.42.45 linux-image-virtual-hwe-18.04 - 5.4.0.42.45 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.42.45 linux-image-oem - 5.4.0.42.45 linux-image-generic-hwe-18.04-edge - 5.4.0.42.45 linux-image-generic-lpae - 5.4.0.42.45 linux-image-virtual-hwe-18.04-edge - 5.4.0.42.45 linux-image-lowlatency-hwe-20.04 - 5.4.0.42.45 No subscription required Medium CVE-2019-16089 CVE-2019-19462 CVE-2020-11935 CVE-2020-15780 Ubuntu 20.04 LTS It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907) It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14422) Update Instructions: Run `sudo pro fix USN-4428-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.2-1ubuntu1.2 python3.8-examples - 3.8.2-1ubuntu1.2 python3.8-dev - 3.8.2-1ubuntu1.2 libpython3.8-minimal - 3.8.2-1ubuntu1.2 libpython3.8-dev - 3.8.2-1ubuntu1.2 python3.8-venv - 3.8.2-1ubuntu1.2 libpython3.8 - 3.8.2-1ubuntu1.2 idle-python3.8 - 3.8.2-1ubuntu1.2 libpython3.8-testsuite - 3.8.2-1ubuntu1.2 libpython3.8-stdlib - 3.8.2-1ubuntu1.2 python3.8 - 3.8.2-1ubuntu1.2 python3.8-doc - 3.8.2-1ubuntu1.2 No subscription required Medium CVE-2019-17514 CVE-2019-20907 CVE-2019-9674 CVE-2020-14422 Ubuntu 20.04 LTS It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack. Update Instructions: Run `sudo pro fix USN-4429-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libedataserver-1.2-24 - 3.36.3-0ubuntu1.1 libedata-cal2.0-dev - 3.36.3-0ubuntu1.1 libebackend-1.2-10 - 3.36.3-0ubuntu1.1 libebook1.2-dev - 3.36.3-0ubuntu1.1 evolution-data-server-tests - 3.36.3-0ubuntu1.1 gir1.2-camel-1.2 - 3.36.3-0ubuntu1.1 libedata-cal-2.0-1 - 3.36.3-0ubuntu1.1 gir1.2-ecal-2.0 - 3.36.3-0ubuntu1.1 libebook-contacts-1.2-3 - 3.36.3-0ubuntu1.1 libedata-book1.2-dev - 3.36.3-0ubuntu1.1 libebackend1.2-dev - 3.36.3-0ubuntu1.1 libebook-1.2-20 - 3.36.3-0ubuntu1.1 libcamel1.2-dev - 3.36.3-0ubuntu1.1 gir1.2-ebackend-1.2 - 3.36.3-0ubuntu1.1 gir1.2-edatacal-2.0 - 3.36.3-0ubuntu1.1 gir1.2-edatabook-1.2 - 3.36.3-0ubuntu1.1 gir1.2-edataserver-1.2 - 3.36.3-0ubuntu1.1 libecal2.0-dev - 3.36.3-0ubuntu1.1 libedataserver1.2-dev - 3.36.3-0ubuntu1.1 libebook-contacts1.2-dev - 3.36.3-0ubuntu1.1 gir1.2-ebookcontacts-1.2 - 3.36.3-0ubuntu1.1 libedata-book-1.2-26 - 3.36.3-0ubuntu1.1 libedataserverui-1.2-2 - 3.36.3-0ubuntu1.1 libcamel-1.2-62 - 3.36.3-0ubuntu1.1 evolution-data-server - 3.36.3-0ubuntu1.1 evolution-data-server-common - 3.36.3-0ubuntu1.1 gir1.2-edataserverui-1.2 - 3.36.3-0ubuntu1.1 libedataserverui1.2-dev - 3.36.3-0ubuntu1.1 libecal-2.0-1 - 3.36.3-0ubuntu1.1 evolution-data-server-doc - 3.36.3-0ubuntu1.1 evolution-data-server-dev - 3.36.3-0ubuntu1.1 gir1.2-ebook-1.2 - 3.36.3-0ubuntu1.1 No subscription required Medium CVE-2020-14928 Ubuntu 20.04 LTS USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4430-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.1 python-pil-doc - 7.0.0-4ubuntu0.1 python3-pil - 7.0.0-4ubuntu0.1 No subscription required Medium CVE-2020-10177 CVE-2020-10378 CVE-2020-10379 CVE-2020-10994 CVE-2020-11538 Ubuntu 20.04 LTS It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see: https://usn.ubuntu.com/usn/usn-3967-1 (CVE-2018-15822, CVE-2019-11338) It was discovered that FFmpeg incorrectly handled sscanf failures. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-12730) It was discovered that FFmpeg incorrectly handled certain WEBM files. An attacker could possibly use this issue to obtain sensitive data or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-13312) It was discovered that FFmpeg incorrectly handled certain AVI files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-13390) It was discovered that FFmpeg incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17539) It was discovered that FFmpeg incorrectly handled certain input during decoding of VQA files. An attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17542) It was discovered that FFmpeg incorrectly handled certain JPEG files. An attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-12284) It was discovered that FFmpeg incorrectly handled certain M3U8 files. An attacker could possibly use this issue to obtain sensitive information or other unspecified impact. (CVE-2020-13904) Update Instructions: Run `sudo pro fix USN-4431-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.4-1ubuntu0.1 libavcodec-extra - 7:4.2.4-1ubuntu0.1 libavfilter-extra7 - 7:4.2.4-1ubuntu0.1 libswscale5 - 7:4.2.4-1ubuntu0.1 libavresample4 - 7:4.2.4-1ubuntu0.1 libavcodec-dev - 7:4.2.4-1ubuntu0.1 libavutil-dev - 7:4.2.4-1ubuntu0.1 libavfilter-extra - 7:4.2.4-1ubuntu0.1 libswscale-dev - 7:4.2.4-1ubuntu0.1 libswresample-dev - 7:4.2.4-1ubuntu0.1 libswresample3 - 7:4.2.4-1ubuntu0.1 libavdevice-dev - 7:4.2.4-1ubuntu0.1 libavformat58 - 7:4.2.4-1ubuntu0.1 libavdevice58 - 7:4.2.4-1ubuntu0.1 libavfilter-dev - 7:4.2.4-1ubuntu0.1 libpostproc55 - 7:4.2.4-1ubuntu0.1 libpostproc-dev - 7:4.2.4-1ubuntu0.1 libavcodec-extra58 - 7:4.2.4-1ubuntu0.1 libavformat-dev - 7:4.2.4-1ubuntu0.1 libavutil56 - 7:4.2.4-1ubuntu0.1 libavfilter7 - 7:4.2.4-1ubuntu0.1 ffmpeg - 7:4.2.4-1ubuntu0.1 ffmpeg-doc - 7:4.2.4-1ubuntu0.1 libavcodec58 - 7:4.2.4-1ubuntu0.1 No subscription required Medium CVE-2018-15822 CVE-2019-11338 CVE-2019-12730 CVE-2019-13312 CVE-2019-13390 CVE-2019-17539 CVE-2019-17542 CVE-2020-12284 CVE-2020-13904 Ubuntu 20.04 LTS Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706) Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311) It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions. (CVE-2020-15705) Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707) Update Instructions: Run `sudo pro fix USN-4432-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.142.3+2.04-1ubuntu26.1 grub-efi-arm64-signed - 1.142.3+2.04-1ubuntu26.1 No subscription required grub-ieee1275 - 2.04-1ubuntu26.1 grub-efi-amd64 - 2.04-1ubuntu26.1 grub2-common - 2.04-1ubuntu26.1 grub-pc-bin - 2.04-1ubuntu26.1 grub-uboot-bin - 2.04-1ubuntu26.1 grub-common - 2.04-1ubuntu26.1 grub-efi-amd64-bin - 2.04-1ubuntu26.1 grub-firmware-qemu - 2.04-1ubuntu26.1 grub-theme-starfield - 2.04-1ubuntu26.1 grub-efi-arm - 2.04-1ubuntu26.1 grub2 - 2.04-1ubuntu26.1 grub-xen-host - 2.04-1ubuntu26.1 grub-efi-arm64-bin - 2.04-1ubuntu26.1 grub-pc - 2.04-1ubuntu26.1 grub-emu - 2.04-1ubuntu26.1 grub-efi-arm-bin - 2.04-1ubuntu26.1 grub-linuxbios - 2.04-1ubuntu26.1 grub-xen - 2.04-1ubuntu26.1 grub-uboot - 2.04-1ubuntu26.1 grub-efi-ia32 - 2.04-1ubuntu26.1 grub-coreboot - 2.04-1ubuntu26.1 grub-efi-ia32-bin - 2.04-1ubuntu26.1 grub-ieee1275-bin - 2.04-1ubuntu26.1 grub-xen-bin - 2.04-1ubuntu26.1 grub-efi-amd64-signed-template - 2.04-1ubuntu26.1 grub-rescue-pc - 2.04-1ubuntu26.1 grub-mount-udeb - 2.04-1ubuntu26.1 grub-coreboot-bin - 2.04-1ubuntu26.1 grub-efi-arm64-signed-template - 2.04-1ubuntu26.1 grub-efi-arm64 - 2.04-1ubuntu26.1 grub-efi - 2.04-1ubuntu26.1 No subscription required High CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15705 CVE-2020-15706 CVE-2020-15707 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass Ubuntu 20.04 LTS USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems (either pre-UEFI or UEFI configured in Legacy mode), preventing them from successfully booting. This update addresses the issue. Users with BIOS systems that installed GRUB2 versions from USN-4432-1 should verify that their GRUB2 installation has a correct understanding of their boot device location and installed the boot loader correctly. We apologize for the inconvenience. Original advisory details: Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706) Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311) It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions. (CVE-2020-15705) Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707) Update Instructions: Run `sudo pro fix USN-4432-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.142.4+2.04-1ubuntu26.2 grub-efi-arm64-signed - 1.142.4+2.04-1ubuntu26.2 No subscription required grub-ieee1275 - 2.04-1ubuntu26.2 grub-efi-amd64 - 2.04-1ubuntu26.2 grub2-common - 2.04-1ubuntu26.2 grub-pc-bin - 2.04-1ubuntu26.2 grub-uboot-bin - 2.04-1ubuntu26.2 grub-common - 2.04-1ubuntu26.2 grub-efi-amd64-bin - 2.04-1ubuntu26.2 grub-firmware-qemu - 2.04-1ubuntu26.2 grub-theme-starfield - 2.04-1ubuntu26.2 grub-efi-arm - 2.04-1ubuntu26.2 grub2 - 2.04-1ubuntu26.2 grub-xen-host - 2.04-1ubuntu26.2 grub-efi-arm64-bin - 2.04-1ubuntu26.2 grub-pc - 2.04-1ubuntu26.2 grub-emu - 2.04-1ubuntu26.2 grub-efi-arm-bin - 2.04-1ubuntu26.2 grub-linuxbios - 2.04-1ubuntu26.2 grub-xen - 2.04-1ubuntu26.2 grub-uboot - 2.04-1ubuntu26.2 grub-efi-ia32 - 2.04-1ubuntu26.2 grub-coreboot - 2.04-1ubuntu26.2 grub-efi-ia32-bin - 2.04-1ubuntu26.2 grub-ieee1275-bin - 2.04-1ubuntu26.2 grub-xen-bin - 2.04-1ubuntu26.2 grub-efi-amd64-signed-template - 2.04-1ubuntu26.2 grub-rescue-pc - 2.04-1ubuntu26.2 grub-mount-udeb - 2.04-1ubuntu26.2 grub-coreboot-bin - 2.04-1ubuntu26.2 grub-efi-arm64-signed-template - 2.04-1ubuntu26.2 grub-efi-arm64 - 2.04-1ubuntu26.2 grub-efi - 2.04-1ubuntu26.2 No subscription required None https://launchpad.net/bugs/1889556 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass Ubuntu 20.04 LTS Johannes Kuhn discovered that OpenJDK incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-14556) It was discovered that OpenJDK incorrectly handled memory allocation when reading TIFF image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-14562) It was discovered that OpenJDK incorrectly handled input data. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-14573) Philippe Arteau discovered that OpenJDK incorrectly verified names in TLS server's X.509 certificates. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14577) It was discovered that OpenJDK incorrectly handled image files. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14581) Markus Loewe discovered that OpenJDK incorrectly handled concurrent access in java.nio.Buffer class. An attacker could use this issue to bypass the sandbox restrictions and cause unspecified impact. (CVE-2020-14583) It was discovered that OpenJDK incorrectly handled transformation of images. An attacker could possibly use this issue to bypass sandbox restrictions and insert, edit or obtain sensitive information. (CVE-2020-14593) Roman Shemyakin discovered that OpenJDK incorrectly handled XML files. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-14621) Update Instructions: Run `sudo pro fix USN-4433-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.8+10-0ubuntu1~20.04 openjdk-11-doc - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jdk - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.8+10-0ubuntu1~20.04 openjdk-11-jre - 11.0.8+10-0ubuntu1~20.04 openjdk-11-demo - 11.0.8+10-0ubuntu1~20.04 No subscription required Medium CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 Ubuntu 20.04 LTS Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker could exploit this with a crafted socket name, leading to a denial of service, or possibly execute arbitrary code. (CVE-2019-20839) It was discovered that LibVNCServer did not properly access byte-aligned data. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-20840) Christian Beier discovered that LibVNCServer incorrectly handled anonymous TLS connections. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-14396) It was discovered that LibVNCServer incorrectly handled region clipping. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2020-14397) It was discovered that LibVNCServer did not properly reset incorrectly terminated TCP connections. A remote attacker could possibly use this issue to cause an infinite loop, resulting in a denial of service. (CVE-2020-14398) It was discovered that LibVNCServer did not properly access byte-aligned data. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2020-14399, CVE-2020-14400) It was discovered that LibVNCServer incorrectly handled screen scaling on the server side. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-14401) It was discovered that LibVNCServer incorrectly handled encodings. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-14402, CVE-2020-14403, CVE-2020-14404) It was discovered that LibVNCServer incorrectly handled TextChat messages. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2020-14405) Update Instructions: Run `sudo pro fix USN-4434-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvncserver1 - 0.9.12+dfsg-9ubuntu0.2 libvncserver-dev - 0.9.12+dfsg-9ubuntu0.2 libvncclient1 - 0.9.12+dfsg-9ubuntu0.2 No subscription required Medium CVE-2019-20839 CVE-2019-20840 CVE-2020-14396 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14405 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3327) It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could possibly use this issue to delete arbitrary files. (CVE-2020-3350) It was discovered that ClamAV incorrectly handled parsing EGG archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3481) Update Instructions: Run `sudo pro fix USN-4435-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-base - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.102.4+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.102.4+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.102.4+dfsg-0ubuntu0.20.04.1 clamdscan - 0.102.4+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-3327 CVE-2020-3350 CVE-2020-3481 Ubuntu 20.04 LTS Ziming Zhang and VictorV discovered that libslirp incorrectly handled replying to certain ICMP echo requests. A remote attacker could possibly use this issue to cause libslirp to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4437-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libslirp0 - 4.1.0-2ubuntu2.1 libslirp-dev - 4.1.0-2ubuntu2.1 No subscription required Medium CVE-2020-10756 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled query-flattener optimization. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4438-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.2 sqlite3-doc - 3.31.1-4ubuntu0.2 libsqlite3-0 - 3.31.1-4ubuntu0.2 libsqlite3-tcl - 3.31.1-4ubuntu0.2 sqlite3 - 3.31.1-4ubuntu0.2 libsqlite3-dev - 3.31.1-4ubuntu0.2 No subscription required Medium CVE-2020-15358 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-31.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-21.html https://www.oracle.com/security-alerts/cpujul2020.html Update Instructions: Run `sudo pro fix USN-4441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.21-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.21-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-router - 8.0.21-0ubuntu0.20.04.3 mysql-server - 8.0.21-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.21-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-testsuite - 8.0.21-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.21-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.21-0ubuntu0.20.04.3 No subscription required Medium CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14568 CVE-2020-14575 CVE-2020-14576 CVE-2020-14586 CVE-2020-14591 CVE-2020-14597 CVE-2020-14619 CVE-2020-14620 CVE-2020-14623 CVE-2020-14624 CVE-2020-14631 CVE-2020-14632 CVE-2020-14633 CVE-2020-14634 CVE-2020-14641 CVE-2020-14643 CVE-2020-14651 CVE-2020-14654 CVE-2020-14656 CVE-2020-14663 CVE-2020-14678 CVE-2020-14680 CVE-2020-14697 CVE-2020-14702 Ubuntu 20.04 LTS USN-4441-1 fixed vulnerabilities in MySQL. The new upstream version changed compiler options and caused a regression in certain scenarios. This update fixes the problem. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-31.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-21.html https://www.oracle.com/security-alerts/cpujul2020.html Update Instructions: Run `sudo pro fix USN-4441-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.21-0ubuntu0.20.04.4 libmysqlclient-dev - 8.0.21-0ubuntu0.20.04.4 mysql-testsuite-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-router - 8.0.21-0ubuntu0.20.04.4 mysql-server - 8.0.21-0ubuntu0.20.04.4 libmysqlclient21 - 8.0.21-0ubuntu0.20.04.4 mysql-client-core-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-server-core-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-server-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-testsuite - 8.0.21-0ubuntu0.20.04.4 mysql-client-8.0 - 8.0.21-0ubuntu0.20.04.4 mysql-source-8.0 - 8.0.21-0ubuntu0.20.04.4 No subscription required None https://launchpad.net/bugs/1889851 Ubuntu 20.04 LTS USN-4442-1 fixed vulnerabilities in Sympa. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. Original advisory details: Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this issue with a setuid binary and gain root privileges. (CVE-2020-10936) Michael Kaczmarczik discovered that Sympa incorrectly handled HTTP GET/POST requests. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-1000550) It was discovered that Sympa incorrectly handled URL parameters. An attacker could possibly use this issue to perform XSS attacks. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-1000671) Update Instructions: Run `sudo pro fix USN-4442-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sympa - 6.2.40~dfsg-4ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2018-1000550 CVE-2018-1000671 CVE-2020-10936 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary code. (CVE-2020-6463, CVE-2020-6514, CVE-2020-15652, CVE-2020-15653, CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15659) It was discovered that redirected HTTP requests which are observed or modified through a web extension could bypass existing CORS checks. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information across origins. (CVE-2020-15655) Update Instructions: Run `sudo pro fix USN-4443-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 79.0+build1-0ubuntu0.20.04.1 firefox - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 79.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 79.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 79.0+build1-0ubuntu0.20.04.1 firefox-dev - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 79.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 79.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15658 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4444-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.28.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.28.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.28.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.28.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.28.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.28.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.28.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, Update Instructions: Run `sudo pro fix USN-4445-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.1 ghostscript-x - 9.50~dfsg-5ubuntu4.1 libgs-dev - 9.50~dfsg-5ubuntu4.1 ghostscript-doc - 9.50~dfsg-5ubuntu4.1 libgs9 - 9.50~dfsg-5ubuntu4.1 libgs9-common - 9.50~dfsg-5ubuntu4.1 No subscription required Medium CVE-2020-15900 Ubuntu 20.04 LTS It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4447-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.1 libssh-doc - 0.9.3-2ubuntu2.1 libssh-gcrypt-4 - 0.9.3-2ubuntu2.1 libssh-dev - 0.9.3-2ubuntu2.1 libssh-4 - 0.9.3-2ubuntu2.1 No subscription required Medium CVE-2020-16135 Ubuntu 20.04 LTS Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936) Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701) Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702) Update Instructions: Run `sudo pro fix USN-4449-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.6 apport-kde - 2.20.11-0ubuntu27.6 apport-retrace - 2.20.11-0ubuntu27.6 apport-valgrind - 2.20.11-0ubuntu27.6 python3-apport - 2.20.11-0ubuntu27.6 dh-apport - 2.20.11-0ubuntu27.6 apport-gtk - 2.20.11-0ubuntu27.6 apport - 2.20.11-0ubuntu27.6 apport-noui - 2.20.11-0ubuntu27.6 No subscription required Medium CVE-2020-11936 CVE-2020-15701 CVE-2020-15702 Ubuntu 20.04 LTS Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-11937) Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12135) Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-15570) Update Instructions: Run `sudo pro fix USN-4450-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: whoopsie - 0.2.69ubuntu0.1 libwhoopsie0 - 0.2.69ubuntu0.1 libwhoopsie-dev - 0.2.69ubuntu0.1 No subscription required Medium CVE-2020-11937 CVE-2020-12135 CVE-2020-15570 Ubuntu 20.04 LTS Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative, discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4451-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ppp-udeb - 2.4.7-2+4.1ubuntu5.1 ppp - 2.4.7-2+4.1ubuntu5.1 ppp-dev - 2.4.7-2+4.1ubuntu5.1 No subscription required Medium CVE-2020-15704 Ubuntu 20.04 LTS Trent Shea working with Trend Micro´s Zero Day Initiative, discovered that the libvirt package set incorrect permissions on the UNIX domain socket. A local attacker could use this issue to access libvirt and escalate privileges. Update Instructions: Run `sudo pro fix USN-4452-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirt0 - 6.0.0-0ubuntu8.3 libvirt-dev - 6.0.0-0ubuntu8.3 libnss-libvirt - 6.0.0-0ubuntu8.3 libvirt-sanlock - 6.0.0-0ubuntu8.3 libvirt-daemon-system-systemd - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-xen - 6.0.0-0ubuntu8.3 libvirt-daemon - 6.0.0-0ubuntu8.3 libvirt-wireshark - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-storage-rbd - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-qemu - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-storage-gluster - 6.0.0-0ubuntu8.3 libvirt-doc - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-vbox - 6.0.0-0ubuntu8.3 libvirt-daemon-system-sysv - 6.0.0-0ubuntu8.3 libvirt-daemon-system - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-lxc - 6.0.0-0ubuntu8.3 libvirt-clients - 6.0.0-0ubuntu8.3 libvirt-daemon-driver-storage-zfs - 6.0.0-0ubuntu8.3 No subscription required Medium CVE-2020-15708 Ubuntu 20.04 LTS Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-14556) Philippe Arteau discovered that OpenJDK 8 incorrectly verified names in TLS server's X.509 certificates. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14577) It was discovered that OpenJDK 8 incorrectly handled exceptions in DerInputStream class and in the DerValue.equals() method. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-14578, CVE-2020-14579) It was discovered that OpenJDK 8 incorrectly handled image files. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14581) Markus Loewe discovered that OpenJDK 8 incorrectly handled concurrent access in java.nio.Buffer class. An attacker could use this issue to bypass sandbox restrictions. (CVE-2020-14583) It was discovered that OpenJDK 8 incorrectly handled transformation of images. An attacker could possibly use this issue to bypass sandbox restrictions and insert, edit or obtain sensitive information. (CVE-2020-14593) Roman Shemyakin discovered that OpenJDK 8 incorrectly handled XML files. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-14621) Update Instructions: Run `sudo pro fix USN-4453-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u265-b01-0ubuntu2~20.04 openjdk-8-jdk - 8u265-b01-0ubuntu2~20.04 openjdk-8-jre-headless - 8u265-b01-0ubuntu2~20.04 openjdk-8-jre - 8u265-b01-0ubuntu2~20.04 openjdk-8-jdk-headless - 8u265-b01-0ubuntu2~20.04 openjdk-8-source - 8u265-b01-0ubuntu2~20.04 openjdk-8-jre-zero - 8u265-b01-0ubuntu2~20.04 openjdk-8-demo - 8u265-b01-0ubuntu2~20.04 No subscription required Medium CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 Ubuntu 20.04 LTS Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4454-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.4 samba - 2:4.11.6+dfsg-0ubuntu1.4 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.4 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.4 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.4 smbclient - 2:4.11.6+dfsg-0ubuntu1.4 winbind - 2:4.11.6+dfsg-0ubuntu1.4 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.4 python3-samba - 2:4.11.6+dfsg-0ubuntu1.4 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.4 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.4 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.4 samba-dev - 2:4.11.6+dfsg-0ubuntu1.4 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.4 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.4 samba-common - 2:4.11.6+dfsg-0ubuntu1.4 registry-tools - 2:4.11.6+dfsg-0ubuntu1.4 samba-libs - 2:4.11.6+dfsg-0ubuntu1.4 ctdb - 2:4.11.6+dfsg-0ubuntu1.4 No subscription required Medium CVE-2020-14303 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829) Update Instructions: Run `sudo pro fix USN-4455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.4 libnss3 - 2:3.49.1-1ubuntu1.4 libnss3-tools - 2:3.49.1-1ubuntu1.4 No subscription required Medium CVE-2020-12400 CVE-2020-12401 CVE-2020-6829 Ubuntu 20.04 LTS It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. (CVE-2020-12100) It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-12673) It was discovered that the Dovecot RPA mechanism incorrectly handled zero-length messages. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-12674) Update Instructions: Run `sudo pro fix USN-4456-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.2 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.2 dovecot-mysql - 1:2.3.7.2-1ubuntu3.2 dovecot-sieve - 1:2.3.7.2-1ubuntu3.2 dovecot-core - 1:2.3.7.2-1ubuntu3.2 dovecot-ldap - 1:2.3.7.2-1ubuntu3.2 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.2 dovecot-dev - 1:2.3.7.2-1ubuntu3.2 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.2 dovecot-imapd - 1:2.3.7.2-1ubuntu3.2 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.2 dovecot-lucene - 1:2.3.7.2-1ubuntu3.2 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.2 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.2 dovecot-solr - 1:2.3.7.2-1ubuntu3.2 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.2 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.2 No subscription required Medium CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 Ubuntu 20.04 LTS Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen. Update Instructions: Run `sudo pro fix USN-4457-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: software-properties-common - 0.98.9.2 software-properties-gtk - 0.98.9.2 python3-software-properties - 0.98.9.2 software-properties-qt - 0.98.9.2 No subscription required Medium CVE-2020-15709 Ubuntu 20.04 LTS Fabrice Perez discovered that the Apache mod_rewrite module incorrectly handled certain redirects. A remote attacker could possibly use this issue to perform redirects to an unexpected URL. (CVE-2020-1927) Chamal De Silva discovered that the Apache mod_proxy_ftp module incorrectly handled memory when proxying to a malicious FTP server. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2020-1934) Felix Wilhelm discovered that the HTTP/2 implementation in Apache did not properly handle certain Cache-Digest headers. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9490) Felix Wilhelm discovered that the Apache mod_proxy_uwsgi module incorrectly handled large headers. A remote attacker could use this issue to obtain sensitive information or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11984) Felix Wilhelm discovered that the HTTP/2 implementation in Apache did not properly handle certain logging statements. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11993) Update Instructions: Run `sudo pro fix USN-4458-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.1 libapache2-mod-md - 2.4.41-4ubuntu3.1 apache2-utils - 2.4.41-4ubuntu3.1 apache2-dev - 2.4.41-4ubuntu3.1 apache2-suexec-pristine - 2.4.41-4ubuntu3.1 apache2-suexec-custom - 2.4.41-4ubuntu3.1 apache2 - 2.4.41-4ubuntu3.1 apache2-doc - 2.4.41-4ubuntu3.1 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.1 apache2-ssl-dev - 2.4.41-4ubuntu3.1 apache2-bin - 2.4.41-4ubuntu3.1 No subscription required Medium CVE-2020-11984 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490 Ubuntu 20.04 LTS Dominik Penner discovered that Ark did not properly sanitize zip archive files before performing extraction. An attacker could use this to construct a malicious zip archive that, when opened, would create files outside the extraction directory. Update Instructions: Run `sudo pro fix USN-4461-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ark - 4:19.12.3-0ubuntu1.1 No subscription required Medium CVE-2020-16116 Ubuntu 20.04 LTS It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout. Update Instructions: Run `sudo pro fix USN-4464-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnome-shell - 3.36.4-1ubuntu1~20.04.2 gnome-shell-common - 3.36.4-1ubuntu1~20.04.2 gnome-shell-extension-prefs - 3.36.4-1ubuntu1~20.04.2 No subscription required Medium CVE-2020-17489 Ubuntu 20.04 LTS Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-4466-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.2 libcurl4-openssl-dev - 7.68.0-1ubuntu2.2 libcurl3-gnutls - 7.68.0-1ubuntu2.2 libcurl4-doc - 7.68.0-1ubuntu2.2 libcurl3-nss - 7.68.0-1ubuntu2.2 libcurl4-nss-dev - 7.68.0-1ubuntu2.2 libcurl4 - 7.68.0-1ubuntu2.2 curl - 7.68.0-1ubuntu2.2 No subscription required Low CVE-2020-8231 Ubuntu 20.04 LTS Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-10756) Eric Blake and Xueqiang Wei discovered that the QEMU NDB implementation incorrectly handled certain requests. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-10761) Ziming Zhang discovered that the QEMU SM501 graphics driver incorrectly handled certain operations. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12829) It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13253) Ren Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver incorrectly handled certain invalid frame counts. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13361) Ren Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13362) Alexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory space operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13659) Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13754) It was discovered that QEMU incorrectly handled certain memory copy operations when loading ROM contents. If a user were tricked into running an untrusted kernel image, a remote attacker could possibly use this issue to run arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-13765) Ren Ding, Hanqing Zhao, and Yi Ren discovered that the QEMU ATI video driver incorrectly handled certain index values. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-13800) Ziming Zhang discovered that the QEMU OSS audio driver incorrectly handled certain operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-14415) Ziming Zhang discovered that the QEMU XGMAC Ethernet controller incorrectly handled packet transmission. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-15863) Ziming Zhang discovered that the QEMU e1000e Ethernet controller incorrectly handled packet processing. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-16092) Update Instructions: Run `sudo pro fix USN-4467-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.4 qemu-system-common - 1:4.2-3ubuntu6.4 qemu-system-data - 1:4.2-3ubuntu6.4 qemu-system-s390x - 1:4.2-3ubuntu6.4 qemu-block-extra - 1:4.2-3ubuntu6.4 qemu-system-misc - 1:4.2-3ubuntu6.4 qemu-user - 1:4.2-3ubuntu6.4 qemu-system-sparc - 1:4.2-3ubuntu6.4 qemu-guest-agent - 1:4.2-3ubuntu6.4 qemu-system - 1:4.2-3ubuntu6.4 qemu-utils - 1:4.2-3ubuntu6.4 qemu-user-static - 1:4.2-3ubuntu6.4 qemu-kvm - 1:4.2-3ubuntu6.4 qemu-user-binfmt - 1:4.2-3ubuntu6.4 qemu-system-x86 - 1:4.2-3ubuntu6.4 qemu-system-arm - 1:4.2-3ubuntu6.4 qemu-system-gui - 1:4.2-3ubuntu6.4 qemu - 1:4.2-3ubuntu6.4 qemu-system-ppc - 1:4.2-3ubuntu6.4 qemu-system-mips - 1:4.2-3ubuntu6.4 qemu-system-x86-xen - 1:4.2-3ubuntu6.4 No subscription required Medium CVE-2020-10756 CVE-2020-10761 CVE-2020-12829 CVE-2020-13253 CVE-2020-13361 CVE-2020-13362 CVE-2020-13659 CVE-2020-13754 CVE-2020-13765 CVE-2020-13800 CVE-2020-14415 CVE-2020-15863 CVE-2020-16092 Ubuntu 20.04 LTS USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13754) Update Instructions: Run `sudo pro fix USN-4467-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.14 qemu-system-data - 1:4.2-3ubuntu6.14 qemu-system-misc - 1:4.2-3ubuntu6.14 qemu-block-extra - 1:4.2-3ubuntu6.14 qemu-system-s390x - 1:4.2-3ubuntu6.14 qemu-user - 1:4.2-3ubuntu6.14 qemu-system-gui - 1:4.2-3ubuntu6.14 qemu-guest-agent - 1:4.2-3ubuntu6.14 qemu - 1:4.2-3ubuntu6.14 qemu-system - 1:4.2-3ubuntu6.14 qemu-utils - 1:4.2-3ubuntu6.14 qemu-user-static - 1:4.2-3ubuntu6.14 qemu-kvm - 1:4.2-3ubuntu6.14 qemu-user-binfmt - 1:4.2-3ubuntu6.14 qemu-system-x86 - 1:4.2-3ubuntu6.14 qemu-system-arm - 1:4.2-3ubuntu6.14 qemu-system-sparc - 1:4.2-3ubuntu6.14 qemu-system-x86-microvm - 1:4.2-3ubuntu6.14 qemu-system-ppc - 1:4.2-3ubuntu6.14 qemu-system-mips - 1:4.2-3ubuntu6.14 qemu-system-x86-xen - 1:4.2-3ubuntu6.14 No subscription required None https://launchpad.net/bugs/1914883 Ubuntu 20.04 LTS Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8620) Joseph Gullo discovered that Bind incorrectly handled QNAME minimization when used in certain configurations. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8621) Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind incorrectly handled certain truncated responses to a TSIG-signed request. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8622) Lyu Chiy discovered that Bind incorrectly handled certain queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8623) Joop Boonen discovered that Bind incorrectly handled certain subdomain update-policy rules. A remote attacker granted privileges to change certain parts of a zone could use this issue to change other contents of the zone, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8624) Update Instructions: Run `sudo pro fix USN-4468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.3 bind9-libs - 1:9.16.1-0ubuntu2.3 bind9utils - 1:9.16.1-0ubuntu2.3 bind9-doc - 1:9.16.1-0ubuntu2.3 bind9-utils - 1:9.16.1-0ubuntu2.3 bind9 - 1:9.16.1-0ubuntu2.3 bind9-dnsutils - 1:9.16.1-0ubuntu2.3 bind9-host - 1:9.16.1-0ubuntu2.3 No subscription required Medium CVE-2020-8620 CVE-2020-8621 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain document files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4469-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.2 ghostscript-x - 9.50~dfsg-5ubuntu4.2 libgs-dev - 9.50~dfsg-5ubuntu4.2 ghostscript-doc - 9.50~dfsg-5ubuntu4.2 libgs9 - 9.50~dfsg-5ubuntu4.2 libgs9-common - 9.50~dfsg-5ubuntu4.2 No subscription required Medium CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290 CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 CVE-2020-16295 CVE-2020-16296 CVE-2020-16297 CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305 CVE-2020-16306 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309 CVE-2020-16310 CVE-2020-17538 Ubuntu 20.04 LTS Kritphong Mongkhonvanit discovered that sane-backends incorrectly handled certain packets. A remote attacker could possibly use this issue to obtain sensitive memory information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-6318) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only applied to Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-12861) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2020-12862, CVE-2020-12863) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive information. This issue only applied to Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-12864) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-12865) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause a denial of service. This issue only applied to Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-12866) It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-12867) Update Instructions: Run `sudo pro fix USN-4470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsane - 1.0.29-0ubuntu5.1 libsane-common - 1.0.29-0ubuntu5.1 libsane1 - 1.0.29-0ubuntu5.1 sane-utils - 1.0.29-0ubuntu5.1 libsane-dev - 1.0.29-0ubuntu5.1 No subscription required Medium CVE-2017-6318 CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 Ubuntu 20.04 LTS Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. (CVE-2020-15861) It was discovered that Net-SNMP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-15862) Update Instructions: Run `sudo pro fix USN-4471-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.3 libsnmp-dev - 5.8+dfsg-2ubuntu2.3 libsnmp-base - 5.8+dfsg-2ubuntu2.3 snmp - 5.8+dfsg-2ubuntu2.3 libsnmp-perl - 5.8+dfsg-2ubuntu2.3 tkmib - 5.8+dfsg-2ubuntu2.3 snmpd - 5.8+dfsg-2ubuntu2.3 libsnmp35 - 5.8+dfsg-2ubuntu2.3 No subscription required Medium CVE-2020-15861 CVE-2020-15862 Ubuntu 20.04 LTS Noah Misch discovered that PostgreSQL incorrectly handled the search_path setting when used with logical replication. A remote attacker could possibly use this issue to execute arbitrary SQL code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14349) Andres Freund discovered that PostgreSQL incorrectly handled search path elements in CREATE EXTENSION. A remote attacker could possibly use this issue to execute arbitrary SQL code. (CVE-2020-14350) Update Instructions: Run `sudo pro fix USN-4472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.4-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.4-0ubuntu0.20.04.1 libecpg-dev - 12.4-0ubuntu0.20.04.1 libecpg6 - 12.4-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.4-0ubuntu0.20.04.1 libpgtypes3 - 12.4-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.4-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.4-0ubuntu0.20.04.1 libpq-dev - 12.4-0ubuntu0.20.04.1 postgresql-doc-12 - 12.4-0ubuntu0.20.04.1 postgresql-12 - 12.4-0ubuntu0.20.04.1 postgresql-client-12 - 12.4-0ubuntu0.20.04.1 libecpg-compat3 - 12.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-14349 CVE-2020-14350 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. (CVE-2020-15664, CVE-2020-15665, CVE-2020-15666, CVE-2020-15670) It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829) A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. (CVE-2020-15668) Update Instructions: Run `sudo pro fix USN-4474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 80.0+build2-0ubuntu0.20.04.1 firefox - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 80.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 80.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 80.0+build2-0ubuntu0.20.04.1 firefox-dev - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 80.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 80.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12400 CVE-2020-12401 CVE-2020-15664 CVE-2020-15665 CVE-2020-15666 CVE-2020-15668 CVE-2020-15670 CVE-2020-6829 Ubuntu 20.04 LTS USN-4474-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. (CVE-2020-15664, CVE-2020-15665, CVE-2020-15666, CVE-2020-15670) It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829) A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. (CVE-2020-15668) Update Instructions: Run `sudo pro fix USN-4474-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 80.0.1+build1-0ubuntu0.20.04.1 firefox - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 80.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 80.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 80.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 80.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 80.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1893021 Ubuntu 20.04 LTS It was discovered that Chrony incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Update Instructions: Run `sudo pro fix USN-4475-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: chrony - 3.5-6ubuntu6.2 No subscription required Medium CVE-2020-14367 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4476-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.5 libnss3 - 2:3.49.1-1ubuntu1.5 libnss3-tools - 2:3.49.1-1ubuntu1.5 No subscription required Medium CVE-2020-12403 Ubuntu 20.04 LTS Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. (CVE-2020-15810) Régis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. (CVE-2020-15811) Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. (CVE-2020-24606) Update Instructions: Run `sudo pro fix USN-4477-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.2 squidclient - 4.10-1ubuntu1.2 squid-purge - 4.10-1ubuntu1.2 squid - 4.10-1ubuntu1.2 squid-cgi - 4.10-1ubuntu1.2 No subscription required Medium CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 Ubuntu 20.04 LTS USN-4478-1 fixed a vulnerability in Python-RSA. This update provides the corresponding update for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. Original advisory details: It was discovered that Python-RSA incorrectly handled certain ciphertexts. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4478-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rsa - 4.0-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13757 Ubuntu 20.04 LTS It was discovered that Django, when used with Python 3.7 or higher, incorrectly handled directory permissions. A local attacker could possibly use this issue to obtain sensitive information, or escalate permissions. Update Instructions: Run `sudo pro fix USN-4479-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.2 python-django-doc - 2:2.2.12-1ubuntu0.2 No subscription required Medium CVE-2020-24583 CVE-2020-24584 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4481-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.1 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.1 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.1 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-15103 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 Ubuntu 20.04 LTS Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory. Update Instructions: Run `sudo pro fix USN-4482-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ark - 4:19.12.3-0ubuntu1.2 No subscription required Medium CVE-2020-24654 Ubuntu 20.04 LTS Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810) Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757) It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766) It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767) It was discovered that the Linux kernel could incorrectly enable Indirect Branch Speculation after it has been disabled for a process via a prctl() call. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10768) Luca Bruno discovered that the zram module in the Linux kernel did not properly restrict unprivileged users from accessing the hot_add sysfs file. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-10781) It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. (CVE-2020-12655) It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771) It was discovered that the Virtual Terminal keyboard driver in the Linux kernel contained an integer overflow. A local attacker could possibly use this to have an unspecified impact. (CVE-2020-13974) It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356) Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-15393) It was discovered that the NFS server implementation in the Linux kernel did not properly honor umask settings when setting permissions while creating file system objects if the underlying file system did not support ACLs. An attacker could possibly use this to expose sensitive information or violate system integrity. (CVE-2020-24394) It was discovered that the Kerberos SUNRPC GSS implementation in the Linux kernel did not properly deallocate memory on module unload. A local privileged attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2020-12656) Update Instructions: Run `sudo pro fix USN-4483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1016-raspi - 5.4.0-1016.17 No subscription required linux-image-5.4.0-1022-oracle - 5.4.0-1022.22 linux-image-5.4.0-1022-gcp - 5.4.0-1022.22 linux-image-5.4.0-1022-aws - 5.4.0-1022.22 No subscription required linux-image-5.4.0-1023-azure - 5.4.0-1023.23 No subscription required linux-image-5.4.0-45-generic - 5.4.0-45.49 linux-image-5.4.0-45-lowlatency - 5.4.0-45.49 linux-image-5.4.0-45-generic-lpae - 5.4.0-45.49 No subscription required linux-image-raspi - 5.4.0.1016.51 linux-image-raspi2 - 5.4.0.1016.51 linux-image-raspi-hwe-18.04-edge - 5.4.0.1016.51 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1016.51 linux-image-raspi-hwe-18.04 - 5.4.0.1016.51 linux-image-raspi2-hwe-18.04 - 5.4.0.1016.51 No subscription required linux-image-kvm - 5.4.0.1021.20 No subscription required linux-image-gke - 5.4.0.1022.20 linux-image-oracle - 5.4.0.1022.20 linux-image-gcp - 5.4.0.1022.20 No subscription required linux-image-aws - 5.4.0.1022.23 No subscription required linux-image-azure - 5.4.0.1023.22 No subscription required linux-image-oem-osp1 - 5.4.0.45.49 linux-image-generic-hwe-20.04 - 5.4.0.45.49 linux-image-generic-hwe-18.04 - 5.4.0.45.49 linux-image-generic-lpae-hwe-20.04 - 5.4.0.45.49 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.45.49 linux-image-generic-lpae-hwe-18.04 - 5.4.0.45.49 linux-image-virtual - 5.4.0.45.49 linux-image-lowlatency - 5.4.0.45.49 linux-image-virtual-hwe-20.04 - 5.4.0.45.49 linux-image-lowlatency-hwe-18.04 - 5.4.0.45.49 linux-image-generic - 5.4.0.45.49 linux-image-virtual-hwe-18.04 - 5.4.0.45.49 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.45.49 linux-image-oem - 5.4.0.45.49 linux-image-generic-hwe-18.04-edge - 5.4.0.45.49 linux-image-generic-lpae - 5.4.0.45.49 linux-image-lowlatency-hwe-20.04 - 5.4.0.45.49 linux-image-virtual-hwe-18.04-edge - 5.4.0.45.49 No subscription required Medium CVE-2019-20810 CVE-2020-10757 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10781 CVE-2020-12655 CVE-2020-12656 CVE-2020-12771 CVE-2020-13974 CVE-2020-14356 CVE-2020-15393 CVE-2020-24394 Ubuntu 20.04 LTS Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14344) Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14363) Update Instructions: Run `sudo pro fix USN-4487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.1 libx11-data - 2:1.6.9-2ubuntu1.1 libx11-xcb-dev - 2:1.6.9-2ubuntu1.1 libx11-xcb1 - 2:1.6.9-2ubuntu1.1 libx11-doc - 2:1.6.9-2ubuntu1.1 libx11-6-udeb - 2:1.6.9-2ubuntu1.1 libx11-dev - 2:1.6.9-2ubuntu1.1 No subscription required Medium CVE-2020-14344 CVE-2020-14363 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14346) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14347) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14361) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14362) Update Instructions: Run `sudo pro fix USN-4488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.8-2ubuntu2.3 xwayland - 2:1.20.8-2ubuntu2.3 xorg-server-source - 2:1.20.8-2ubuntu2.3 xdmx - 2:1.20.8-2ubuntu2.3 xserver-xorg-dev - 2:1.20.8-2ubuntu2.3 xvfb - 2:1.20.8-2ubuntu2.3 xnest - 2:1.20.8-2ubuntu2.3 xserver-xorg-legacy - 2:1.20.8-2ubuntu2.3 xdmx-tools - 2:1.20.8-2ubuntu2.3 xserver-xephyr - 2:1.20.8-2ubuntu2.3 xserver-xorg-core-udeb - 2:1.20.8-2ubuntu2.3 xserver-common - 2:1.20.8-2ubuntu2.3 No subscription required Medium CVE-2020-14346 CVE-2020-14347 CVE-2020-14361 CVE-2020-14362 Ubuntu 20.04 LTS Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4489-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1018-raspi - 5.4.0-1018.20 No subscription required linux-image-5.4.0-1024-oracle - 5.4.0-1024.24 linux-image-5.4.0-1024-gcp - 5.4.0-1024.24 linux-image-5.4.0-1024-aws - 5.4.0-1024.24 No subscription required linux-image-5.4.0-1025-azure - 5.4.0-1025.25 No subscription required linux-image-5.4.0-47-generic - 5.4.0-47.51 linux-image-5.4.0-47-generic-lpae - 5.4.0-47.51 linux-image-5.4.0-47-lowlatency - 5.4.0-47.51 No subscription required linux-image-raspi - 5.4.0.1018.53 linux-image-raspi2 - 5.4.0.1018.53 linux-image-raspi-hwe-18.04-edge - 5.4.0.1018.53 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1018.53 linux-image-raspi-hwe-18.04 - 5.4.0.1018.53 linux-image-raspi2-hwe-18.04 - 5.4.0.1018.53 No subscription required linux-image-kvm - 5.4.0.1023.21 No subscription required linux-image-oracle - 5.4.0.1024.21 linux-image-gke - 5.4.0.1024.21 linux-image-gcp - 5.4.0.1024.21 No subscription required linux-image-aws - 5.4.0.1024.25 No subscription required linux-image-azure - 5.4.0.1025.24 No subscription required linux-image-oem-osp1 - 5.4.0.47.50 linux-image-generic-hwe-20.04 - 5.4.0.47.50 linux-image-generic-hwe-18.04 - 5.4.0.47.50 linux-image-generic-lpae-hwe-20.04 - 5.4.0.47.50 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.47.50 linux-image-generic-lpae-hwe-18.04 - 5.4.0.47.50 linux-image-virtual - 5.4.0.47.50 linux-image-lowlatency-hwe-18.04 - 5.4.0.47.50 linux-image-generic - 5.4.0.47.50 linux-image-virtual-hwe-18.04 - 5.4.0.47.50 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.47.50 linux-image-oem - 5.4.0.47.50 linux-image-generic-hwe-18.04-edge - 5.4.0.47.50 linux-image-virtual-hwe-20.04 - 5.4.0.47.50 linux-image-generic-lpae - 5.4.0.47.50 linux-image-lowlatency - 5.4.0.47.50 linux-image-lowlatency-hwe-20.04 - 5.4.0.47.50 linux-image-virtual-hwe-18.04-edge - 5.4.0.47.50 No subscription required High CVE-2020-14386 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4490-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.8-2ubuntu2.4 xwayland - 2:1.20.8-2ubuntu2.4 xorg-server-source - 2:1.20.8-2ubuntu2.4 xdmx - 2:1.20.8-2ubuntu2.4 xserver-xorg-dev - 2:1.20.8-2ubuntu2.4 xvfb - 2:1.20.8-2ubuntu2.4 xnest - 2:1.20.8-2ubuntu2.4 xserver-xorg-legacy - 2:1.20.8-2ubuntu2.4 xserver-common - 2:1.20.8-2ubuntu2.4 xserver-xephyr - 2:1.20.8-2ubuntu2.4 xserver-xorg-core-udeb - 2:1.20.8-2ubuntu2.4 xdmx-tools - 2:1.20.8-2ubuntu2.4 No subscription required Medium CVE-2020-14345 Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled certain alerts when being used with TLS 1.3 servers. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4491-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnutls30 - 3.6.13-2ubuntu1.3 libgnutls28-dev - 3.6.13-2ubuntu1.3 libgnutlsxx28 - 3.6.13-2ubuntu1.3 gnutls-doc - 3.6.13-2ubuntu1.3 libgnutls-dane0 - 3.6.13-2ubuntu1.3 gnutls-bin - 3.6.13-2ubuntu1.3 guile-gnutls - 3.6.13-2ubuntu1.3 libgnutls-openssl27 - 3.6.13-2ubuntu1.3 No subscription required Medium CVE-2020-24659 Ubuntu 20.04 LTS It was discovered that cryptsetup incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cryptsetup - 2:2.2.2-3ubuntu2.2 libcryptsetup12-udeb - 2:2.2.2-3ubuntu2.2 cryptsetup-run - 2:2.2.2-3ubuntu2.2 libcryptsetup12 - 2:2.2.2-3ubuntu2.2 libcryptsetup-dev - 2:2.2.2-3ubuntu2.2 cryptsetup-udeb - 2:2.2.2-3ubuntu2.2 cryptsetup-bin - 2:2.2.2-3ubuntu2.2 cryptsetup-initramfs - 2:2.2.2-3ubuntu2.2 No subscription required Medium CVE-2020-14382 Ubuntu 20.04 LTS It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks. Update Instructions: Run `sudo pro fix USN-4494-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gupnp-1.2 - 1.2.3-0ubuntu0.20.04.1 libgupnp-doc - 1.2.3-0ubuntu0.20.04.1 libgupnp-1.2-dev - 1.2.3-0ubuntu0.20.04.1 libgupnp-1.2-0 - 1.2.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-12695 Ubuntu 20.04 LTS It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service. (CVE-2020-7663) Update Instructions: Run `sudo pro fix USN-4502-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-websocket-extensions - 0.1.2-1+deb9u1build0.20.04.1 No subscription required Medium CVE-2020-7663 Ubuntu 20.04 LTS It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code. (CVE-2020-7040) Update Instructions: Run `sudo pro fix USN-4508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: storebackup - 3.2.1-1+deb8u1build0.20.04.1 No subscription required Medium CVE-2020-7040 Ubuntu 20.04 LTS Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Update Instructions: Run `sudo pro fix USN-4511-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.6 qemu-system-common - 1:4.2-3ubuntu6.6 qemu-system-data - 1:4.2-3ubuntu6.6 qemu-system-s390x - 1:4.2-3ubuntu6.6 qemu-block-extra - 1:4.2-3ubuntu6.6 qemu-system-misc - 1:4.2-3ubuntu6.6 qemu-user - 1:4.2-3ubuntu6.6 qemu-system-sparc - 1:4.2-3ubuntu6.6 qemu-guest-agent - 1:4.2-3ubuntu6.6 qemu-system - 1:4.2-3ubuntu6.6 qemu-utils - 1:4.2-3ubuntu6.6 qemu-user-static - 1:4.2-3ubuntu6.6 qemu-kvm - 1:4.2-3ubuntu6.6 qemu-user-binfmt - 1:4.2-3ubuntu6.6 qemu-system-x86 - 1:4.2-3ubuntu6.6 qemu-system-arm - 1:4.2-3ubuntu6.6 qemu-system-gui - 1:4.2-3ubuntu6.6 qemu - 1:4.2-3ubuntu6.6 qemu-system-ppc - 1:4.2-3ubuntu6.6 qemu-system-mips - 1:4.2-3ubuntu6.6 qemu-system-x86-xen - 1:4.2-3ubuntu6.6 No subscription required Medium CVE-2020-14364 Ubuntu 20.04 LTS It was discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4514-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libproxy-cil-dev - 0.4.15-10ubuntu1.1 libproxy1v5 - 0.4.15-10ubuntu1.1 libproxy0.4-cil - 0.4.15-10ubuntu1.1 libproxy1-plugin-gsettings - 0.4.15-10ubuntu1.1 libproxy-dev - 0.4.15-10ubuntu1.1 python3-libproxy - 0.4.15-10ubuntu1.1 libproxy1-plugin-webkit - 0.4.15-10ubuntu1.1 libproxy1-plugin-kconfig - 0.4.15-10ubuntu1.1 libproxy1-plugin-mozjs - 0.4.15-10ubuntu1.1 libproxy1-plugin-networkmanager - 0.4.15-10ubuntu1.1 libproxy-tools - 0.4.15-10ubuntu1.1 No subscription required Medium CVE-2020-25219 Ubuntu 20.04 LTS It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4521-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-tacplus - 1.3.8-2+deb8u1build0.20.04.1 No subscription required Low CVE-2020-13881 Ubuntu 20.04 LTS It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808) It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054) It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888) It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166) It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212) Update Instructions: Run `sudo pro fix USN-4525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1019-raspi - 5.4.0-1019.21 No subscription required linux-image-5.4.0-1024-kvm - 5.4.0-1024.24 No subscription required linux-image-5.4.0-1025-oracle - 5.4.0-1025.25 linux-image-5.4.0-1025-gcp - 5.4.0-1025.25 linux-image-5.4.0-1025-aws - 5.4.0-1025.25 No subscription required linux-image-5.4.0-1026-azure - 5.4.0-1026.26 No subscription required linux-image-5.4.0-48-generic-lpae - 5.4.0-48.52 linux-image-5.4.0-48-generic - 5.4.0-48.52 linux-image-5.4.0-48-lowlatency - 5.4.0-48.52 No subscription required linux-image-raspi - 5.4.0.1019.54 linux-image-raspi2 - 5.4.0.1019.54 linux-image-raspi-hwe-18.04-edge - 5.4.0.1019.54 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1019.54 linux-image-raspi-hwe-18.04 - 5.4.0.1019.54 linux-image-raspi2-hwe-18.04 - 5.4.0.1019.54 No subscription required linux-image-kvm - 5.4.0.1024.22 No subscription required linux-image-gke - 5.4.0.1025.22 linux-image-oracle - 5.4.0.1025.22 linux-image-gcp - 5.4.0.1025.22 No subscription required linux-image-aws - 5.4.0.1025.26 No subscription required linux-image-azure - 5.4.0.1026.25 No subscription required linux-image-oem-osp1 - 5.4.0.48.51 linux-image-generic-hwe-20.04 - 5.4.0.48.51 linux-image-generic-hwe-18.04 - 5.4.0.48.51 linux-image-generic-lpae-hwe-20.04 - 5.4.0.48.51 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.48.51 linux-image-generic-lpae-hwe-18.04 - 5.4.0.48.51 linux-image-virtual - 5.4.0.48.51 linux-image-lowlatency-hwe-18.04 - 5.4.0.48.51 linux-image-generic - 5.4.0.48.51 linux-image-virtual-hwe-18.04 - 5.4.0.48.51 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.48.51 linux-image-oem - 5.4.0.48.51 linux-image-generic-hwe-18.04-edge - 5.4.0.48.51 linux-image-virtual-hwe-20.04 - 5.4.0.48.51 linux-image-generic-lpae - 5.4.0.48.51 linux-image-lowlatency - 5.4.0.48.51 linux-image-lowlatency-hwe-20.04 - 5.4.0.48.51 linux-image-virtual-hwe-18.04-edge - 5.4.0.48.51 No subscription required Medium CVE-2019-18808 CVE-2019-19054 CVE-2020-12888 CVE-2020-16166 CVE-2020-25212 Ubuntu 20.04 LTS It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications. Update Instructions: Run `sudo pro fix USN-4531-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: busybox - 1:1.30.1-4ubuntu6.2 udhcpc - 1:1.30.1-4ubuntu6.2 busybox-syslogd - 1:1.30.1-4ubuntu6.2 udhcpd - 1:1.30.1-4ubuntu6.2 busybox-initramfs - 1:1.30.1-4ubuntu6.2 busybox-udeb - 1:1.30.1-4ubuntu6.2 busybox-static - 1:1.30.1-4ubuntu6.2 No subscription required Medium CVE-2018-1000500 Ubuntu 20.04 LTS Veeti Veteläinen discovered that the LTSP Display Manager (ldm) incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges. (CVE-2019-20373) Update Instructions: Run `sudo pro fix USN-4533-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldm-server - 2:2.18.06-1+deb10u1build0.20.04.1 ldm - 2:2.18.06-1+deb10u1build0.20.04.1 No subscription required None https://launchpad.net/bugs/1839431 Ubuntu 20.04 LTS Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files. Update Instructions: Run `sudo pro fix USN-4537-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aptdaemon - 1.1.1+bzr982-0ubuntu32.2 python3-aptdaemon.gtk3widgets - 1.1.1+bzr982-0ubuntu32.2 aptdaemon-data - 1.1.1+bzr982-0ubuntu32.2 python3-aptdaemon.test - 1.1.1+bzr982-0ubuntu32.2 python3-aptdaemon - 1.1.1+bzr982-0ubuntu32.2 No subscription required Medium CVE-2020-15703 Ubuntu 20.04 LTS Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. (CVE-2020-16121) Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary to expectations. (CVE-2020-16122) Update Instructions: Run `sudo pro fix USN-4538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: packagekit-docs - 1.1.13-2ubuntu1.1 libpackagekit-glib2-dev - 1.1.13-2ubuntu1.1 packagekit - 1.1.13-2ubuntu1.1 packagekit-tools - 1.1.13-2ubuntu1.1 libpackagekit-glib2-18 - 1.1.13-2ubuntu1.1 packagekit-command-not-found - 1.1.13-2ubuntu1.1 packagekit-gtk3-module - 1.1.13-2ubuntu1.1 gir1.2-packagekitglib-1.0 - 1.1.13-2ubuntu1.1 gstreamer1.0-packagekit - 1.1.13-2ubuntu1.1 No subscription required Medium CVE-2020-16121 CVE-2020-16122 Ubuntu 20.04 LTS Andrew Bartlett discovered that DAViCal Andrew's Web Libraries (AWL) did not properly manage session keys. An attacker could possibly use this issue to impersonate a session. (CVE-2020-11728) Update Instructions: Run `sudo pro fix USN-4539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libawl-php - 0.60-1+deb10u1ubuntu1 awl-doc - 0.60-1+deb10u1ubuntu1 No subscription required Medium CVE-2020-11728 Ubuntu 20.04 LTS Michał Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2020-4054) Update Instructions: Run `sudo pro fix USN-4543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-sanitize - 4.6.6-2.1~0.20.04.1 No subscription required Medium CVE-2020-4054 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4546-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 81.0+build2-0ubuntu0.20.04.1 firefox - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 81.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 81.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 81.0+build2-0ubuntu0.20.04.1 firefox-dev - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 81.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 81.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-15673 CVE-2020-15674 CVE-2020-15675 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 Ubuntu 20.04 LTS USN-4546-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4546-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 81.0.2+build1-0ubuntu0.20.04.1 firefox - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 81.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 81.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 81.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 81.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 81.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1900032 Ubuntu 20.04 LTS It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4548-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1-dev - 1.34.2-1ubuntu1.1 libuv1 - 1.34.2-1ubuntu1.1 No subscription required Medium CVE-2020-8252 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact. (CVE-2019-19948, CVE-2019-19949) Update Instructions: Run `sudo pro fix USN-4549-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.1 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.1 No subscription required Low CVE-2019-19948 CVE-2019-19949 Ubuntu 20.04 LTS Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host. Update Instructions: Run `sudo pro fix USN-4550-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.3-0ubuntu0.2 librte-pmd-memif20.0 - 19.11.3-0ubuntu0.2 dpdk-igb-uio-dkms - 19.11.3-0ubuntu0.2 librte-pmd-iavf20.0 - 19.11.3-0ubuntu0.2 librte-pmd-enic20.0 - 19.11.3-0ubuntu0.2 librte-pmd-af-packet20.0 - 19.11.3-0ubuntu0.2 librte-pmd-netvsc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx2-event20.0 - 19.11.3-0ubuntu0.2 librte-bus-ifpga20.0 - 19.11.3-0ubuntu0.2 librte-mempool-dpaa2-20.0 - 19.11.3-0ubuntu0.2 librte-stack0.200 - 19.11.3-0ubuntu0.2 librte-pmd-e1000-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa2-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bbdev-null20.0 - 19.11.3-0ubuntu0.2 librte-pipeline20.0 - 19.11.3-0ubuntu0.2 librte-sched20.0 - 19.11.3-0ubuntu0.2 librte-distributor20.0 - 19.11.3-0ubuntu0.2 librte-efd20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ark20.0 - 19.11.3-0ubuntu0.2 librte-gro20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa20.0 - 19.11.3-0ubuntu0.2 librte-pmd-sfc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-failsafe20.0 - 19.11.3-0ubuntu0.2 librte-pmd-pcap20.0 - 19.11.3-0ubuntu0.2 librte-rawdev20.0 - 19.11.3-0ubuntu0.2 librte-meter20.0 - 19.11.3-0ubuntu0.2 librte-hash20.0 - 19.11.3-0ubuntu0.2 librte-ring20.0 - 19.11.3-0ubuntu0.2 librte-mempool-octeontx20.0 - 19.11.3-0ubuntu0.2 librte-telemetry0.200 - 19.11.3-0ubuntu0.2 librte-rawdev-skeleton20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bond20.0 - 19.11.3-0ubuntu0.2 librte-pmd-hinic20.0 - 19.11.3-0ubuntu0.2 librte-pmd-skeleton-event20.0 - 19.11.3-0ubuntu0.2 librte-pmd-mlx5-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-dpaa2-cmdif20.0 - 19.11.3-0ubuntu0.2 librte-pmd-fm10k20.0 - 19.11.3-0ubuntu0.2 librte-cryptodev20.0 - 19.11.3-0ubuntu0.2 librte-pmd-i40e20.0 - 19.11.3-0ubuntu0.2 librte-cmdline20.0 - 19.11.3-0ubuntu0.2 librte-jobstats20.0 - 19.11.3-0ubuntu0.2 dpdk-dev - 19.11.3-0ubuntu0.2 librte-pmd-ccp20.0 - 19.11.3-0ubuntu0.2 librte-pmd-atlantic20.0 - 19.11.3-0ubuntu0.2 librte-pmd-sw-event20.0 - 19.11.3-0ubuntu0.2 librte-ip-frag20.0 - 19.11.3-0ubuntu0.2 librte-pmd-isal20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dsw-event20.0 - 19.11.3-0ubuntu0.2 librte-pmd-nitrox20.0 - 19.11.3-0ubuntu0.2 librte-pmd-kni20.0 - 19.11.3-0ubuntu0.2 librte-mempool-bucket20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa2-event20.0 - 19.11.3-0ubuntu0.2 librte-gso20.0 - 19.11.3-0ubuntu0.2 librte-pmd-vdev-netvsc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-openssl20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bnx2x20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx-compress20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-ioat20.0 - 19.11.3-0ubuntu0.2 librte-mempool-dpaa20.0 - 19.11.3-0ubuntu0.2 librte-latencystats20.0 - 19.11.3-0ubuntu0.2 librte-mempool-octeontx2-20.0 - 19.11.3-0ubuntu0.2 librte-kvargs20.0 - 19.11.3-0ubuntu0.2 librte-bus-fslmc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-avp20.0 - 19.11.3-0ubuntu0.2 librte-pdump20.0 - 19.11.3-0ubuntu0.2 librte-metrics20.0 - 19.11.3-0ubuntu0.2 librte-bbdev0.200 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa-sec20.0 - 19.11.3-0ubuntu0.2 librte-bus-vmbus20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bnxt20.0 - 19.11.3-0ubuntu0.2 librte-timer20.0 - 19.11.3-0ubuntu0.2 librte-cfgfile20.0 - 19.11.3-0ubuntu0.2 librte-rcu0.200 - 19.11.3-0ubuntu0.2 librte-pmd-qat20.0 - 19.11.3-0ubuntu0.2 librte-mempool20.0 - 19.11.3-0ubuntu0.2 libdpdk-dev - 19.11.3-0ubuntu0.2 librte-pmd-null20.0 - 19.11.3-0ubuntu0.2 librte-pmd-virtio20.0 - 19.11.3-0ubuntu0.2 librte-pmd-axgbe20.0 - 19.11.3-0ubuntu0.2 librte-port20.0 - 19.11.3-0ubuntu0.2 librte-pmd-aesni-mb20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-ntb20.0 - 19.11.3-0ubuntu0.2 librte-pmd-softnic20.0 - 19.11.3-0ubuntu0.2 dpdk-doc - 19.11.3-0ubuntu0.2 librte-pmd-mlx4-20.0 - 19.11.3-0ubuntu0.2 librte-net20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.3-0ubuntu0.2 librte-pmd-null-crypto20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ena20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ice20.0 - 19.11.3-0ubuntu0.2 librte-common-dpaax20.0 - 19.11.3-0ubuntu0.2 librte-member20.0 - 19.11.3-0ubuntu0.2 librte-bus-pci20.0 - 19.11.3-0ubuntu0.2 librte-kni20.0 - 19.11.3-0ubuntu0.2 librte-pmd-thunderx20.0 - 19.11.3-0ubuntu0.2 librte-common-octeontx20.0 - 19.11.3-0ubuntu0.2 dpdk - 19.11.3-0ubuntu0.2 librte-pmd-ifc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-opdl-event20.0 - 19.11.3-0ubuntu0.2 librte-pci20.0 - 19.11.3-0ubuntu0.2 librte-eal20.0 - 19.11.3-0ubuntu0.2 librte-pmd-bbdev-turbo-sw20.0 - 19.11.3-0ubuntu0.2 librte-ethdev20.0 - 19.11.3-0ubuntu0.2 librte-table20.0 - 19.11.3-0ubuntu0.2 librte-pmd-hns3-20.0 - 19.11.3-0ubuntu0.2 librte-ipsec0.200 - 19.11.3-0ubuntu0.2 librte-pmd-zlib20.0 - 19.11.3-0ubuntu0.2 librte-bitratestats20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa2-sec20.0 - 19.11.3-0ubuntu0.2 librte-pmd-caam-jr20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-octeontx2-dma20.0 - 19.11.3-0ubuntu0.2 librte-mbuf20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx-event20.0 - 19.11.3-0ubuntu0.2 librte-mempool-stack20.0 - 19.11.3-0ubuntu0.2 librte-power20.0 - 19.11.3-0ubuntu0.2 librte-pmd-liquidio20.0 - 19.11.3-0ubuntu0.2 librte-vhost20.0 - 19.11.3-0ubuntu0.2 librte-pmd-vhost20.0 - 19.11.3-0ubuntu0.2 librte-pmd-virtio-crypto20.0 - 19.11.3-0ubuntu0.2 librte-reorder20.0 - 19.11.3-0ubuntu0.2 librte-pmd-qede20.0 - 19.11.3-0ubuntu0.2 librte-pmd-pfe20.0 - 19.11.3-0ubuntu0.2 librte-flow-classify0.200 - 19.11.3-0ubuntu0.2 librte-rib0.200 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx2-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-cxgbe20.0 - 19.11.3-0ubuntu0.2 librte-mempool-ring20.0 - 19.11.3-0ubuntu0.2 librte-acl20.0 - 19.11.3-0ubuntu0.2 librte-common-cpt20.0 - 19.11.3-0ubuntu0.2 librte-pmd-aesni-gcm20.0 - 19.11.3-0ubuntu0.2 librte-rawdev-dpaa2-qdma20.0 - 19.11.3-0ubuntu0.2 librte-lpm20.0 - 19.11.3-0ubuntu0.2 librte-pmd-tap20.0 - 19.11.3-0ubuntu0.2 librte-eventdev20.0 - 19.11.3-0ubuntu0.2 librte-pmd-nfp20.0 - 19.11.3-0ubuntu0.2 librte-bus-dpaa20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ring20.0 - 19.11.3-0ubuntu0.2 librte-bus-vdev20.0 - 19.11.3-0ubuntu0.2 librte-common-octeontx2-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-ixgbe20.0 - 19.11.3-0ubuntu0.2 librte-pmd-vmxnet3-20.0 - 19.11.3-0ubuntu0.2 librte-pmd-crypto-scheduler20.0 - 19.11.3-0ubuntu0.2 librte-pmd-enetc20.0 - 19.11.3-0ubuntu0.2 librte-pmd-dpaa-event20.0 - 19.11.3-0ubuntu0.2 librte-pmd-octeontx2-crypto20.0 - 19.11.3-0ubuntu0.2 librte-security20.0 - 19.11.3-0ubuntu0.2 librte-compressdev0.200 - 19.11.3-0ubuntu0.2 librte-fib0.200 - 19.11.3-0ubuntu0.2 librte-bpf0.200 - 19.11.3-0ubuntu0.2 No subscription required Medium CVE-2020-14374 CVE-2020-14375 CVE-2020-14376 CVE-2020-14377 CVE-2020-14378 Ubuntu 20.04 LTS It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash. Update Instructions: Run `sudo pro fix USN-4553-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: teeworlds-data - 0.7.2-5ubuntu1.1 teeworlds-server - 0.7.2-5ubuntu1.1 teeworlds - 0.7.2-5ubuntu1.1 No subscription required Medium CVE-2020-12066 Ubuntu 20.04 LTS It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. (CVE-2005-1513, CVE-2005-1514, CVE-2005-1515) It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. (CVE-2020-3811) It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this vulnerability to cause netqmail to disclose sensitive information. (CVE-2020-3812) Update Instructions: Run `sudo pro fix USN-4556-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qmail - 1.06-6.2~deb10u1build0.20.04.1 qmail-uids-gids - 1.06-6.2~deb10u1build0.20.04.1 No subscription required Medium CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812 Ubuntu 20.04 LTS Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. For compatibility reasons with older devices, Samba now allows specifying an insecure netlogon configuration per machine. See the following link for examples: https://www.samba.org/samba/security/CVE-2020-1472.html In addition, this update adds additional server checks for the protocol attack in the client-specified challenge to provide some protection when 'server schannel = no/auto' and avoid the false-positive results when running the proof-of-concept exploit. Update Instructions: Run `sudo pro fix USN-4559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.5 samba - 2:4.11.6+dfsg-0ubuntu1.5 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.5 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.5 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.5 smbclient - 2:4.11.6+dfsg-0ubuntu1.5 winbind - 2:4.11.6+dfsg-0ubuntu1.5 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.5 python3-samba - 2:4.11.6+dfsg-0ubuntu1.5 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.5 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.5 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.5 samba-dev - 2:4.11.6+dfsg-0ubuntu1.5 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.5 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.5 samba-common - 2:4.11.6+dfsg-0ubuntu1.5 registry-tools - 2:4.11.6+dfsg-0ubuntu1.5 samba-libs - 2:4.11.6+dfsg-0ubuntu1.5 ctdb - 2:4.11.6+dfsg-0ubuntu1.5 No subscription required Medium CVE-2020-1472 Ubuntu 20.04 LTS USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8161) It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. (CVE-2020-8184) Update Instructions: Run `sudo pro fix USN-4561-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1 No subscription required Medium CVE-2020-8161 CVE-2020-8184 Ubuntu 20.04 LTS It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4562-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kramdown - 1.17.0-4ubuntu0.1 ruby-kramdown - 1.17.0-4ubuntu0.1 No subscription required Medium CVE-2020-14001 Ubuntu 20.04 LTS USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service (crash). Update Instructions: Run `sudo pro fix USN-4563-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 sntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 ntp-doc - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 ntpdate - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 No subscription required Medium CVE-2019-8936 Ubuntu 20.04 LTS It was discovered that Brotli incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-4568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbrotli1 - 1.0.7-6ubuntu0.1 python3-brotli - 1.0.7-6ubuntu0.1 brotli - 1.0.7-6ubuntu0.1 libbrotli-dev - 1.0.7-6ubuntu0.1 No subscription required Medium CVE-2020-8927 Ubuntu 20.04 LTS It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection. Update Instructions: Run `sudo pro fix USN-4570-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.1 No subscription required Medium CVE-2020-26137 Ubuntu 20.04 LTS Frediano Ziglio discovered that Spice incorrectly handled QUIC image decoding. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4572-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libspice-server1 - 0.14.2-4ubuntu3.1 libspice-server-dev - 0.14.2-4ubuntu3.1 No subscription required Medium CVE-2020-14355 Ubuntu 20.04 LTS Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2014-6053) It was discovered that Vino incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. (CVE-2018-7225) Pavel Cheremushkin discovered that an information disclosure vulnerability existed in Vino when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. (CVE-2019-15681) It was discovered that Vino incorrectly handled region clipping. A remote attacker could possibly use this issue to cause Vino to crash, resulting in a denial of service. (CVE-2020-14397) It was discovered that Vino incorrectly handled encodings. A remote attacker could use this issue to cause Vino to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-14402, CVE-2020-14403, CVE-2020-14404) Update Instructions: Run `sudo pro fix USN-4573-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vino - 3.22.0-5ubuntu2.1 No subscription required Medium CVE-2014-6053 CVE-2018-7225 CVE-2019-15681 CVE-2020-14397 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 Ubuntu 20.04 LTS Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-16119) Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314) David Alan Gilbert discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation in some circumstances. A local attacker could use this to cause a denial of service. (CVE-2020-14385) Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. (CVE-2020-16120) It was discovered that a race condition existed in the hugetlb sysctl implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-25285) It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641) Update Instructions: Run `sudo pro fix USN-4576-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1021-raspi - 5.4.0-1021.24 No subscription required linux-image-5.4.0-1026-kvm - 5.4.0-1026.27 No subscription required linux-image-5.4.0-1028-oracle - 5.4.0-1028.29 linux-image-5.4.0-1028-aws - 5.4.0-1028.29 linux-image-5.4.0-1028-gcp - 5.4.0-1028.29 No subscription required linux-image-5.4.0-1031-azure - 5.4.0-1031.32 No subscription required linux-image-5.4.0-51-generic-lpae - 5.4.0-51.56 linux-image-5.4.0-51-lowlatency - 5.4.0-51.56 linux-image-5.4.0-51-generic - 5.4.0-51.56 No subscription required linux-image-raspi - 5.4.0.1021.56 linux-image-raspi2 - 5.4.0.1021.56 linux-image-raspi-hwe-18.04-edge - 5.4.0.1021.56 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1021.56 linux-image-raspi-hwe-18.04 - 5.4.0.1021.56 linux-image-raspi2-hwe-18.04 - 5.4.0.1021.56 No subscription required linux-image-kvm - 5.4.0.1026.24 No subscription required linux-image-oracle - 5.4.0.1028.25 No subscription required linux-image-aws - 5.4.0.1028.29 No subscription required linux-image-gke - 5.4.0.1028.36 linux-image-gcp - 5.4.0.1028.36 No subscription required linux-image-azure - 5.4.0.1031.29 No subscription required linux-image-oem-osp1 - 5.4.0.51.54 linux-image-generic-hwe-20.04 - 5.4.0.51.54 linux-image-generic-hwe-18.04 - 5.4.0.51.54 linux-image-generic-lpae-hwe-20.04 - 5.4.0.51.54 linux-image-generic-lpae-hwe-18.04 - 5.4.0.51.54 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.51.54 linux-image-lowlatency - 5.4.0.51.54 linux-image-virtual - 5.4.0.51.54 linux-image-virtual-hwe-20.04 - 5.4.0.51.54 linux-image-lowlatency-hwe-18.04 - 5.4.0.51.54 linux-image-generic - 5.4.0.51.54 linux-image-virtual-hwe-18.04 - 5.4.0.51.54 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.51.54 linux-image-lowlatency-hwe-20.04 - 5.4.0.51.54 linux-image-oem - 5.4.0.51.54 linux-image-generic-lpae - 5.4.0.51.54 linux-image-generic-hwe-18.04-edge - 5.4.0.51.54 linux-image-virtual-hwe-18.04-edge - 5.4.0.51.54 No subscription required High CVE-2020-14314 CVE-2020-14385 CVE-2020-16119 CVE-2020-16120 CVE-2020-25285 CVE-2020-25641 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-7069) It was discorevered that PHP incorrectly handled certain HTTP cookies. An attacker could possibly use this issue to forge cookie which is supposed to be secure. (CVE-2020-7070) Update Instructions: Run `sudo pro fix USN-4583-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.4 php7.4 - 7.4.3-4ubuntu2.4 php7.4-dba - 7.4.3-4ubuntu2.4 php7.4-bcmath - 7.4.3-4ubuntu2.4 php7.4-xmlrpc - 7.4.3-4ubuntu2.4 php7.4-intl - 7.4.3-4ubuntu2.4 php7.4-phpdbg - 7.4.3-4ubuntu2.4 php7.4-sybase - 7.4.3-4ubuntu2.4 php7.4-ldap - 7.4.3-4ubuntu2.4 php7.4-readline - 7.4.3-4ubuntu2.4 php7.4-curl - 7.4.3-4ubuntu2.4 php7.4-xsl - 7.4.3-4ubuntu2.4 php7.4-pgsql - 7.4.3-4ubuntu2.4 php7.4-pspell - 7.4.3-4ubuntu2.4 php7.4-zip - 7.4.3-4ubuntu2.4 php7.4-enchant - 7.4.3-4ubuntu2.4 php7.4-odbc - 7.4.3-4ubuntu2.4 php7.4-json - 7.4.3-4ubuntu2.4 php7.4-mbstring - 7.4.3-4ubuntu2.4 php7.4-imap - 7.4.3-4ubuntu2.4 php7.4-bz2 - 7.4.3-4ubuntu2.4 php7.4-cgi - 7.4.3-4ubuntu2.4 php7.4-common - 7.4.3-4ubuntu2.4 php7.4-dev - 7.4.3-4ubuntu2.4 php7.4-interbase - 7.4.3-4ubuntu2.4 php7.4-tidy - 7.4.3-4ubuntu2.4 php7.4-gmp - 7.4.3-4ubuntu2.4 php7.4-sqlite3 - 7.4.3-4ubuntu2.4 php7.4-fpm - 7.4.3-4ubuntu2.4 php7.4-soap - 7.4.3-4ubuntu2.4 php7.4-cli - 7.4.3-4ubuntu2.4 libphp7.4-embed - 7.4.3-4ubuntu2.4 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.4 php7.4-mysql - 7.4.3-4ubuntu2.4 php7.4-snmp - 7.4.3-4ubuntu2.4 php7.4-xml - 7.4.3-4ubuntu2.4 php7.4-opcache - 7.4.3-4ubuntu2.4 No subscription required Medium CVE-2020-7069 CVE-2020-7070 Ubuntu 20.04 LTS USN-4589-1 fixed a vulnerability in containerd. This update provides the corresponding update for docker.io. Original advisory details: It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials. Update Instructions: Run `sudo pro fix USN-4589-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 19.03.8-0ubuntu1.20.04.1 docker.io - 19.03.8-0ubuntu1.20.04.1 golang-docker-dev - 19.03.8-0ubuntu1.20.04.1 vim-syntax-docker - 19.03.8-0ubuntu1.20.04.1 docker-doc - 19.03.8-0ubuntu1.20.04.1 No subscription required Medium CVE-2020-15157 Ubuntu 20.04 LTS Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Update Instructions: Run `sudo pro fix USN-4591-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1022-raspi - 5.4.0-1022.25 No subscription required linux-image-5.4.0-52-lowlatency - 5.4.0-52.57 linux-image-5.4.0-52-generic-lpae - 5.4.0-52.57 linux-image-5.4.0-52-generic - 5.4.0-52.57 No subscription required linux-image-raspi - 5.4.0.1022.57 linux-image-raspi2 - 5.4.0.1022.57 linux-image-raspi-hwe-18.04-edge - 5.4.0.1022.57 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1022.57 linux-image-raspi-hwe-18.04 - 5.4.0.1022.57 linux-image-raspi2-hwe-18.04 - 5.4.0.1022.57 No subscription required linux-image-oem-osp1 - 5.4.0.52.55 linux-image-generic-hwe-20.04 - 5.4.0.52.55 linux-image-generic-hwe-18.04 - 5.4.0.52.55 linux-image-generic-lpae-hwe-20.04 - 5.4.0.52.55 linux-image-generic-lpae-hwe-18.04 - 5.4.0.52.55 linux-image-virtual - 5.4.0.52.55 linux-image-virtual-hwe-20.04 - 5.4.0.52.55 linux-image-lowlatency-hwe-18.04 - 5.4.0.52.55 linux-image-generic - 5.4.0.52.55 linux-image-virtual-hwe-18.04 - 5.4.0.52.55 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.52.55 linux-image-oem - 5.4.0.52.55 linux-image-generic-hwe-18.04-edge - 5.4.0.52.55 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.52.55 linux-image-generic-lpae - 5.4.0.52.55 linux-image-lowlatency - 5.4.0.52.55 linux-image-lowlatency-hwe-20.04 - 5.4.0.52.55 linux-image-virtual-hwe-18.04-edge - 5.4.0.52.55 No subscription required High CVE-2020-12351 CVE-2020-12352 Ubuntu 20.04 LTS Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-4593-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreetype6-udeb - 2.10.1-2ubuntu0.1 libfreetype6 - 2.10.1-2ubuntu0.1 libfreetype6-dev - 2.10.1-2ubuntu0.1 freetype2-doc - 2.10.1-2ubuntu0.1 libfreetype-dev - 2.10.1-2ubuntu0.1 freetype2-demos - 2.10.1-2ubuntu0.1 No subscription required High CVE-2020-15999 Ubuntu 20.04 LTS It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. (CVE-2020-11996) It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An attacker could possibly use this to generate an OutOfMemoryException, resulting in a denial of service. (CVE-2020-13934) It was discovered that Tomcat did not properly validate the payload length in a WebSocket frame. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service. (CVE-2020-13935) It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484) Update Instructions: Run `sudo pro fix USN-4596-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tomcat9-docs - 9.0.31-1ubuntu0.1 libtomcat9-embed-java - 9.0.31-1ubuntu0.1 tomcat9-admin - 9.0.31-1ubuntu0.1 tomcat9-common - 9.0.31-1ubuntu0.1 libtomcat9-java - 9.0.31-1ubuntu0.1 tomcat9-user - 9.0.31-1ubuntu0.1 tomcat9 - 9.0.31-1ubuntu0.1 tomcat9-examples - 9.0.31-1ubuntu0.1 No subscription required Medium CVE-2020-11996 CVE-2020-13934 CVE-2020-13935 CVE-2020-9484 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4599-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 82.0+build2-0ubuntu0.20.04.1 firefox - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 82.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 82.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 82.0+build2-0ubuntu0.20.04.1 firefox-dev - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 82.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 82.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-15254 CVE-2020-15680 CVE-2020-15681 CVE-2020-15682 CVE-2020-15683 CVE-2020-15684 CVE-2020-15969 Ubuntu 20.04 LTS USN-4599-1 and USN-4599-2 fixed vulnerabilities in Firefox. The updates introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4599-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 82.0.2+build1-0ubuntu0.20.04.1 firefox - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 82.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 82.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 82.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 82.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 82.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1903197 https://usn.ubuntu.com/4599-2 Ubuntu 20.04 LTS ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543) Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878) Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723) Update Instructions: Run `sudo pro fix USN-4602-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.2 libperl-dev - 5.30.0-9ubuntu0.2 perl-doc - 5.30.0-9ubuntu0.2 perl - 5.30.0-9ubuntu0.2 perl-base - 5.30.0-9ubuntu0.2 libperl5.30 - 5.30.0-9ubuntu0.2 perl-debug - 5.30.0-9ubuntu0.2 No subscription required Low CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 Ubuntu 20.04 LTS It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. (CVE-2020-13249) It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash (denial of service). (CVE-2020-15180, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-4603-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.25-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.25-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.25-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.25-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.25-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.25-0ubuntu0.20.04.1 mariadb-client - 1:10.3.25-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.25-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.25-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.25-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.25-0ubuntu0.20.04.1 mariadb-server - 1:10.3.25-0ubuntu0.20.04.1 mariadb-common - 1:10.3.25-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.25-0ubuntu0.20.04.1 mariadb-test - 1:10.3.25-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13249 CVE-2020-15180 CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-32.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-22.html https://www.oracle.com/security-alerts/cpuoct2020.html Update Instructions: Run `sudo pro fix USN-4604-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.22-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.22-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-router - 8.0.22-0ubuntu0.20.04.2 mysql-server - 8.0.22-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.22-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-testsuite - 8.0.22-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.22-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.22-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-14672 CVE-2020-14760 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 CVE-2020-14814 CVE-2020-14821 CVE-2020-14827 CVE-2020-14828 CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14853 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 CVE-2020-14868 CVE-2020-14869 CVE-2020-14870 CVE-2020-14873 CVE-2020-14878 CVE-2020-14888 CVE-2020-14891 CVE-2020-14893 Ubuntu 20.04 LTS Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. (CVE-2020-15238) Update Instructions: Run `sudo pro fix USN-4605-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: blueman - 2.1.2-1ubuntu0.1 No subscription required Medium CVE-2020-15238 Ubuntu 20.04 LTS Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. (CVE-2020-15238) While a previous security update fixed the issue, this update provides additional improvements by enabling PolicyKit authentication for privileged commands. Update Instructions: Run `sudo pro fix USN-4605-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: blueman - 2.1.2-1ubuntu0.2 No subscription required None https://launchpad.net/bugs/1897287 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service (memory consumption) via a specially crafted input. (CVE-2020-14779) Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. (CVE-2020-14781) It was discovered that OpenJDK incorrectly handled untrusted certificates. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14782) Zhiqiang Zang discovered that OpenJDK incorrectly checked for integer overflows. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14792) Markus Loewe discovered that OpenJDK incorrectly checked permissions when converting a file system path to an URI. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14796) Markus Loewe discovered that OpenJDK incorrectly checked for invalid characters when converting an URI to a path. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14797) Markus Loewe discovered that OpenJDK incorrectly checked the length of input strings. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14798) It was discovered that OpenJDK incorrectly handled boundary checks. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14803) Update Instructions: Run `sudo pro fix USN-4607-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.9+11-0ubuntu1~20.04 openjdk-11-doc - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jdk - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.9+11-0ubuntu1~20.04 openjdk-11-jre - 11.0.9+11-0ubuntu1~20.04 openjdk-11-demo - 11.0.9+11-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u272-b10-0ubuntu1~20.04 openjdk-8-doc - 8u272-b10-0ubuntu1~20.04 openjdk-8-jdk - 8u272-b10-0ubuntu1~20.04 openjdk-8-jre-headless - 8u272-b10-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u272-b10-0ubuntu1~20.04 openjdk-8-jre - 8u272-b10-0ubuntu1~20.04 openjdk-8-jre-zero - 8u272-b10-0ubuntu1~20.04 openjdk-8-demo - 8u272-b10-0ubuntu1~20.04 No subscription required Medium CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Ubuntu 20.04 LTS USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cause TLS connections with client certificate authentication to fail in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service (memory consumption) via a specially crafted input. (CVE-2020-14779) Sergey Ostanin discovered that OpenJDK incorrectly restricted authentication mechanisms. A remote attacker could possibly use this issue to obtain sensitive information over an unencrypted connection. (CVE-2020-14781) It was discovered that OpenJDK incorrectly handled untrusted certificates. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14782) Zhiqiang Zang discovered that OpenJDK incorrectly checked for integer overflows. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14792) Markus Loewe discovered that OpenJDK incorrectly checked permissions when converting a file system path to an URI. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14796) Markus Loewe discovered that OpenJDK incorrectly checked for invalid characters when converting an URI to a path. An attacker could possibly use this issue to read or write sensitive information. (CVE-2020-14797) Markus Loewe discovered that OpenJDK incorrectly checked the length of input strings. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14798) It was discovered that OpenJDK incorrectly handled boundary checks. An attacker could possibly use this issue to bypass certain Java sandbox restrictions. (CVE-2020-14803) Update Instructions: Run `sudo pro fix USN-4607-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-doc - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-jre - 11.0.9.1+1-0ubuntu1~20.04 openjdk-11-demo - 11.0.9.1+1-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u275-b01-0ubuntu1~20.04 openjdk-8-doc - 8u275-b01-0ubuntu1~20.04 openjdk-8-jdk - 8u275-b01-0ubuntu1~20.04 openjdk-8-jre-headless - 8u275-b01-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u275-b01-0ubuntu1~20.04 openjdk-8-jre - 8u275-b01-0ubuntu1~20.04 openjdk-8-jre-zero - 8u275-b01-0ubuntu1~20.04 openjdk-8-demo - 8u275-b01-0ubuntu1~20.04 No subscription required Medium CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-4608-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates-udeb - 20201027ubuntu0.20.04.1 ca-certificates - 20201027ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1900727 Ubuntu 20.04 LTS It was discovered that fastd did not properly handle receive buffers under certain circumstances. A remote attacker could possibly use this issue to cause a memory leak, resulting in a denial of service. (CVE-2020-27638) Update Instructions: Run `sudo pro fix USN-4610-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fastd - 18-3ubuntu0.1 No subscription required Medium CVE-2020-27638 Ubuntu 20.04 LTS Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. (CVE-2020-14318) Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use this issue to cause winbind to crash, resulting in a denial of service. (CVE-2020-14323) Francis Brosnan Blázquez discovered that Samba incorrectly handled certain invalid DNS records. A remote attacker could possibly use this issue to cause the DNS server to crash, resulting in a denial of service. (CVE-2020-14383) Update Instructions: Run `sudo pro fix USN-4611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.6 samba - 2:4.11.6+dfsg-0ubuntu1.6 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.6 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.6 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.6 ctdb - 2:4.11.6+dfsg-0ubuntu1.6 smbclient - 2:4.11.6+dfsg-0ubuntu1.6 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.6 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.6 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.6 winbind - 2:4.11.6+dfsg-0ubuntu1.6 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.6 samba-dev - 2:4.11.6+dfsg-0ubuntu1.6 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.6 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.6 samba-common - 2:4.11.6+dfsg-0ubuntu1.6 registry-tools - 2:4.11.6+dfsg-0ubuntu1.6 samba-libs - 2:4.11.6+dfsg-0ubuntu1.6 python3-samba - 2:4.11.6+dfsg-0ubuntu1.6 No subscription required Medium CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 Ubuntu 20.04 LTS Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cryptography - 2.8-3ubuntu0.1 python-cryptography - 2.8-3ubuntu0.1 python-cryptography-doc - 2.8-3ubuntu0.1 No subscription required Medium CVE-2020-25659 Ubuntu 20.04 LTS Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user. Update Instructions: Run `sudo pro fix USN-4614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gdm-1.0 - 3.36.3-0ubuntu0.20.04.2 libgdm-dev - 3.36.3-0ubuntu0.20.04.2 gdm3 - 3.36.3-0ubuntu0.20.04.2 libgdm1 - 3.36.3-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-16125 Ubuntu 20.04 LTS Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. (CVE-2020-16126) Kevin Backhouse discovered that AccountsService incorrectly handled reading .pam_environment files. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-16127) Matthias Gerstner discovered that AccountsService incorrectly handled certain path checks. A local attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14036) Update Instructions: Run `sudo pro fix USN-4616-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.4 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.4 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.4 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.4 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.4 No subscription required Medium CVE-2018-14036 CVE-2020-16126 CVE-2020-16127 Ubuntu 20.04 LTS Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. (CVE-2020-25650) Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service, or obtain sensitive file contents. (CVE-2020-25651) Matthias Gerstner discovered that SPICE vdagent incorrectly handled a large number of client connections. A local attacker could possibly use this issue to cause SPICE vdagent to consume resources, resulting in a denial of service. (CVE-2020-25652) Matthias Gerstner discovered that SPICE vdagent incorrectly handled client connections. A local attacker could possibly use this issue to obtain sensitive information, paste clipboard contents, and transfer files into the active session. (CVE-2020-25653) Update Instructions: Run `sudo pro fix USN-4617-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spice-vdagent - 0.19.0-2ubuntu0.2 No subscription required Low CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 Ubuntu 20.04 LTS Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4618-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tmux - 3.0a-2ubuntu0.2 No subscription required Medium CVE-2020-27347 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.4 libldap-common - 2.4.49+dfsg-2ubuntu1.4 slapd-contrib - 2.4.49+dfsg-2ubuntu1.4 slapi-dev - 2.4.49+dfsg-2ubuntu1.4 ldap-utils - 2.4.49+dfsg-2ubuntu1.4 libldap2-dev - 2.4.49+dfsg-2ubuntu1.4 slapd - 2.4.49+dfsg-2ubuntu1.4 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.4 No subscription required Medium CVE-2020-25692 Ubuntu 20.04 LTS Ken Gaillot discovered that Pacemaker incorrectly handled IPC communications permissions. A local attacker could possibly use this issue to bypass ACL restrictions and execute arbitrary code as root. Update Instructions: Run `sudo pro fix USN-4623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pacemaker-remote - 2.0.3-3ubuntu4.1 libcrmcommon-dev - 2.0.3-3ubuntu4.1 libcib27 - 2.0.3-3ubuntu4.1 pacemaker-resource-agents - 2.0.3-3ubuntu4.1 pacemaker-cli-utils - 2.0.3-3ubuntu4.1 libstonithd26 - 2.0.3-3ubuntu4.1 liblrmd28 - 2.0.3-3ubuntu4.1 libcrmservice28 - 2.0.3-3ubuntu4.1 pacemaker-common - 2.0.3-3ubuntu4.1 libcrmcluster-dev - 2.0.3-3ubuntu4.1 libstonithd-dev - 2.0.3-3ubuntu4.1 libpe-rules26 - 2.0.3-3ubuntu4.1 pacemaker-dev - 2.0.3-3ubuntu4.1 libcrmcluster29 - 2.0.3-3ubuntu4.1 libcib-dev - 2.0.3-3ubuntu4.1 pacemaker - 2.0.3-3ubuntu4.1 libcrmservice-dev - 2.0.3-3ubuntu4.1 libcrmcommon34 - 2.0.3-3ubuntu4.1 liblrmd-dev - 2.0.3-3ubuntu4.1 libpe-status28 - 2.0.3-3ubuntu4.1 libpacemaker1 - 2.0.3-3ubuntu4.1 libpengine-dev - 2.0.3-3ubuntu4.1 pacemaker-doc - 2.0.3-3ubuntu4.1 No subscription required Medium CVE-2020-25654 Ubuntu 20.04 LTS It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4624-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexif-doc - 0.6.21-6ubuntu0.4 libexif-dev - 0.6.21-6ubuntu0.4 libexif12 - 0.6.21-6ubuntu0.4 No subscription required Medium CVE-2020-0452 Ubuntu 20.04 LTS A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4625-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ne - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nb - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fa - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fi - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fy - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-or - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kab - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-oc - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cs - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ga - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gd - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pa - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cy - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pt - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hi - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-he - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hy - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-as - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ar - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ia - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-az - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-id - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mai - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-af - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-is - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-it - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-an - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bs - 82.0.3+build1-0ubuntu0.20.04.1 firefox - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ro - 82.0.3+build1-0ubuntu0.20.04.1 firefox-geckodriver - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ja - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ru - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-br - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-be - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bg - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sl - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-si - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sw - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sv - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sq - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ko - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-km - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ka - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-xh - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ca - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ku - 82.0.3+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lv - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lt - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-th - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 82.0.3+build1-0ubuntu0.20.04.1 firefox-dev - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-te - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cak - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ta - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lg - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nso - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-de - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-da - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ms - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mr - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-my - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uz - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ml - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mn - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mk - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ur - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-vi - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-et - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-es - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-csb - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-el - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eo - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-en - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zu - 82.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ast - 82.0.3+build1-0ubuntu0.20.04.1 No subscription required High CVE-2020-26950 Ubuntu 20.04 LTS Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4627-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1029-oracle - 5.4.0-1029.31 linux-image-5.4.0-1029-gcp - 5.4.0-1029.31 No subscription required linux-image-5.4.0-53-generic - 5.4.0-53.59 linux-image-5.4.0-53-lowlatency - 5.4.0-53.59 linux-image-5.4.0-53-generic-lpae - 5.4.0-53.59 No subscription required linux-image-oracle - 5.4.0.1029.26 No subscription required linux-image-gke - 5.4.0.1029.37 linux-image-gcp - 5.4.0.1029.37 No subscription required linux-image-oem-osp1 - 5.4.0.53.56 linux-image-generic-hwe-20.04 - 5.4.0.53.56 linux-image-generic-hwe-18.04 - 5.4.0.53.56 linux-image-generic-lpae-hwe-20.04 - 5.4.0.53.56 linux-image-generic-lpae-hwe-18.04 - 5.4.0.53.56 linux-image-virtual - 5.4.0.53.56 linux-image-virtual-hwe-20.04 - 5.4.0.53.56 linux-image-lowlatency-hwe-18.04 - 5.4.0.53.56 linux-image-generic - 5.4.0.53.56 linux-image-virtual-hwe-18.04 - 5.4.0.53.56 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.53.56 linux-image-oem - 5.4.0.53.56 linux-image-generic-hwe-18.04-edge - 5.4.0.53.56 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.53.56 linux-image-generic-lpae - 5.4.0.53.56 linux-image-lowlatency - 5.4.0.53.56 linux-image-lowlatency-hwe-20.04 - 5.4.0.53.56 linux-image-virtual-hwe-18.04-edge - 5.4.0.53.56 No subscription required Medium CVE-2020-8694 Ubuntu 20.04 LTS Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update Instructions: Run `sudo pro fix USN-4628-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20201110.0ubuntu0.20.04.1 No subscription required Medium CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 Ubuntu 20.04 LTS USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. We apologize for the inconvenience. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update Instructions: Run `sudo pro fix USN-4628-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20201110.0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/1903883 Ubuntu 20.04 LTS USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update Instructions: Run `sudo pro fix USN-4628-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20210216.0ubuntu0.20.04.1 No subscription required Medium CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 Ubuntu 20.04 LTS Hanno Böck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4630-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraptor2-doc - 2.0.15-0ubuntu1.20.04.1 raptor2-utils - 2.0.15-0ubuntu1.20.04.1 libraptor2-dev - 2.0.15-0ubuntu1.20.04.1 libraptor2-0 - 2.0.15-0ubuntu1.20.04.1 No subscription required Medium CVE-2017-18926 Ubuntu 20.04 LTS It was discovered that libmaxminddb incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause applications using libmaxminddb to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4631-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mmdb-bin - 1.4.2-0ubuntu1.20.04.1 libmaxminddb-dev - 1.4.2-0ubuntu1.20.04.1 libmaxminddb0 - 1.4.2-0ubuntu1.20.04.1 No subscription required Medium CVE-2020-28241 Ubuntu 20.04 LTS Peter Eisentraut discovered that PostgreSQL incorrectly handled connection security settings. Client applications could possibly be connecting with certain security parameters dropped, contrary to expectations. (CVE-2020-25694) Etienne Stalmans discovered that PostgreSQL incorrectly handled the security restricted operation sandbox. An authenticated remote attacker could possibly use this issue to execute arbitrary SQL functions as a superuser. (CVE-2020-25695) Nick Cleaton discovered that PostgreSQL incorrectly handled the \gset meta-command. A remote attacker with a compromised server could possibly use this issue to execute arbitrary code. (CVE-2020-25696) Update Instructions: Run `sudo pro fix USN-4633-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.5-0ubuntu0.20.04.1 libecpg6 - 12.5-0ubuntu0.20.04.1 libpq-dev - 12.5-0ubuntu0.20.04.1 libpgtypes3 - 12.5-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.5-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.5-0ubuntu0.20.04.1 libecpg-dev - 12.5-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.5-0ubuntu0.20.04.1 libpq5 - 12.5-0ubuntu0.20.04.1 postgresql-doc-12 - 12.5-0ubuntu0.20.04.1 postgresql-12 - 12.5-0ubuntu0.20.04.1 postgresql-client-12 - 12.5-0ubuntu0.20.04.1 libecpg-compat3 - 12.5-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4634-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.5 libldap-common - 2.4.49+dfsg-2ubuntu1.5 slapd-contrib - 2.4.49+dfsg-2ubuntu1.5 slapi-dev - 2.4.49+dfsg-2ubuntu1.5 ldap-utils - 2.4.49+dfsg-2ubuntu1.5 libldap2-dev - 2.4.49+dfsg-2ubuntu1.5 slapd - 2.4.49+dfsg-2ubuntu1.5 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.5 No subscription required Medium CVE-2020-25709 CVE-2020-25710 Ubuntu 20.04 LTS Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4635-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-doc - 1.17-6ubuntu4.1 krb5-kpropd - 1.17-6ubuntu4.1 libkdb5-9 - 1.17-6ubuntu4.1 krb5-user - 1.17-6ubuntu4.1 libgssrpc4 - 1.17-6ubuntu4.1 libkrb5support0 - 1.17-6ubuntu4.1 libk5crypto3 - 1.17-6ubuntu4.1 libkrb5-dev - 1.17-6ubuntu4.1 krb5-pkinit - 1.17-6ubuntu4.1 libkrb5-3 - 1.17-6ubuntu4.1 krb5-kdc-ldap - 1.17-6ubuntu4.1 krb5-otp - 1.17-6ubuntu4.1 krb5-gss-samples - 1.17-6ubuntu4.1 libkrad-dev - 1.17-6ubuntu4.1 krb5-locales - 1.17-6ubuntu4.1 libgssapi-krb5-2 - 1.17-6ubuntu4.1 krb5-kdc - 1.17-6ubuntu4.1 krb5-multidev - 1.17-6ubuntu4.1 krb5-k5tls - 1.17-6ubuntu4.1 libkrad0 - 1.17-6ubuntu4.1 libkadm5srv-mit11 - 1.17-6ubuntu4.1 libkadm5clnt-mit11 - 1.17-6ubuntu4.1 krb5-admin-server - 1.17-6ubuntu4.1 No subscription required Medium CVE-2020-28196 Ubuntu 20.04 LTS It was discovered that LibVNCServer incorrectly handled certain internals. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Vino package ships with a LibVNCServer source and all listed releases were affected for this package. Update Instructions: Run `sudo pro fix USN-4636-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvncserver1 - 0.9.12+dfsg-9ubuntu0.3 libvncserver-dev - 0.9.12+dfsg-9ubuntu0.3 libvncclient1 - 0.9.12+dfsg-9ubuntu0.3 No subscription required vino - 3.22.0-5ubuntu2.2 No subscription required Medium CVE-2020-25708 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting (XSS) attacks, bypass Content Security Policy (CSP) restrictions, conduct DNS rebinding attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4637-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 83.0+build2-0ubuntu0.20.04.1 firefox - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 83.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 83.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 83.0+build2-0ubuntu0.20.04.1 firefox-dev - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 83.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 83.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-16012 CVE-2020-26951 CVE-2020-26952 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26962 CVE-2020-26963 CVE-2020-26965 CVE-2020-26967 CVE-2020-26968 CVE-2020-26969 Ubuntu 20.04 LTS James Henstridge discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle snap client connections. An attacker could possibly use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4640-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpulse0 - 1:13.99.1-1ubuntu3.8 pulseaudio-module-zeroconf - 1:13.99.1-1ubuntu3.8 pulseaudio-module-gsettings - 1:13.99.1-1ubuntu3.8 pulseaudio-module-bluetooth - 1:13.99.1-1ubuntu3.8 libpulse-dev - 1:13.99.1-1ubuntu3.8 pulseaudio-utils - 1:13.99.1-1ubuntu3.8 pulseaudio-module-raop - 1:13.99.1-1ubuntu3.8 pulseaudio - 1:13.99.1-1ubuntu3.8 libpulsedsp - 1:13.99.1-1ubuntu3.8 pulseaudio-equalizer - 1:13.99.1-1ubuntu3.8 libpulse-mainloop-glib0 - 1:13.99.1-1ubuntu3.8 pulseaudio-module-lirc - 1:13.99.1-1ubuntu3.8 pulseaudio-module-jack - 1:13.99.1-1ubuntu3.8 No subscription required Medium CVE-2020-16123 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain connections. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4645-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.3 No subscription required Medium CVE-2020-28896 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4648-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.30.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.30.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.30.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.30.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.30.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.30.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.30.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13753 CVE-2020-9948 CVE-2020-9951 CVE-2020-9952 CVE-2020-9983 Ubuntu 20.04 LTS Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4649-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdg-utils - 1.1.3-2ubuntu1.20.04.1 No subscription required Low CVE-2020-27748 Ubuntu 20.04 LTS USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original advisory details: Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4649-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdg-utils - 1.1.3-2ubuntu1.20.04.2 No subscription required None https://launchpad.net/bugs/1909941 Ubuntu 20.04 LTS Alexander Bulekov discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2020-17380) Sergej Schumilo, Cornelius Aschermann, and Simon Wrner discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25084) Sergej Schumilo, Cornelius Aschermann, and Simon Wrner discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25085) Gaoning Pan, Yongkang Jia, and Yi Ren discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25624) It was discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service. (CVE-2020-25625) Cheolwoo Myung discovered that QEMU incorrectly handled USB device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-25723) Gaoning Pan discovered that QEMU incorrectly handled ATI graphics device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-27616) Gaoning Pan discovered that QEMU incorrectly handled networking. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-27617) Update Instructions: Run `sudo pro fix USN-4650-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.10 qemu-system-data - 1:4.2-3ubuntu6.10 qemu-system-misc - 1:4.2-3ubuntu6.10 qemu-block-extra - 1:4.2-3ubuntu6.10 qemu-system-s390x - 1:4.2-3ubuntu6.10 qemu-user - 1:4.2-3ubuntu6.10 qemu-system-gui - 1:4.2-3ubuntu6.10 qemu-guest-agent - 1:4.2-3ubuntu6.10 qemu - 1:4.2-3ubuntu6.10 qemu-system - 1:4.2-3ubuntu6.10 qemu-utils - 1:4.2-3ubuntu6.10 qemu-user-static - 1:4.2-3ubuntu6.10 qemu-kvm - 1:4.2-3ubuntu6.10 qemu-user-binfmt - 1:4.2-3ubuntu6.10 qemu-system-x86 - 1:4.2-3ubuntu6.10 qemu-system-arm - 1:4.2-3ubuntu6.10 qemu-system-sparc - 1:4.2-3ubuntu6.10 qemu-system-x86-microvm - 1:4.2-3ubuntu6.10 qemu-system-ppc - 1:4.2-3ubuntu6.10 qemu-system-mips - 1:4.2-3ubuntu6.10 qemu-system-x86-xen - 1:4.2-3ubuntu6.10 No subscription required Medium CVE-2020-17380 CVE-2020-25084 CVE-2020-25085 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27616 CVE-2020-27617 Ubuntu 20.04 LTS Tom Reynolds discovered that due to a packaging error, the MySQL X Plugin was listening to all network interfaces by default, contrary to expectations. This update changes the default MySQL configuration to bind the MySQL X Plugin to localhost only. This change may impact environments where the MySQL X Plugin needs to be accessible from the network. The mysqlx-bind-address setting in the /etc/mysql/mysql.conf.d/mysqld.cnf file can be modified to allow network access. Update Instructions: Run `sudo pro fix USN-4651-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.22-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.22-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.22-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-router - 8.0.22-0ubuntu0.20.04.3 mysql-server - 8.0.22-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.22-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-testsuite - 8.0.22-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.22-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.22-0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1857584 Ubuntu 20.04 LTS It was discovered that access controls for the shim’s API socket did not restrict access to the abstract unix domain socket in some cases. An attacker could use this vulnerability to run containers with elevated privileges. Update Instructions: Run `sudo pro fix USN-4653-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.3.3-0ubuntu2.1 golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.1 No subscription required Medium CVE-2020-15257 Ubuntu 20.04 LTS USN-4653-1 fixed a vulnerability in containerd. Unfortunately, those containerd packages introduced a regression in docker.io and the update was reverted. This update addresses the docker.io issue and reintroduces the fixes from USN-4653-1. We apologize for the inconvenience. Update Instructions: Run `sudo pro fix USN-4653-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.3.3-0ubuntu2.2 golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.2 No subscription required Medium CVE-2020-15257 https://launchpad.net/bugs/1870514 Ubuntu 20.04 LTS It was discovered that PEAR incorrectly sanitized filenames. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-pear - 1:1.10.9+submodules+notgz-1ubuntu0.20.04.1 No subscription required High CVE-2020-28948 CVE-2020-28949 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4656-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.8-2ubuntu2.6 xwayland - 2:1.20.8-2ubuntu2.6 xorg-server-source - 2:1.20.8-2ubuntu2.6 xdmx - 2:1.20.8-2ubuntu2.6 xserver-xorg-dev - 2:1.20.8-2ubuntu2.6 xvfb - 2:1.20.8-2ubuntu2.6 xnest - 2:1.20.8-2ubuntu2.6 xserver-xorg-legacy - 2:1.20.8-2ubuntu2.6 xserver-common - 2:1.20.8-2ubuntu2.6 xserver-xephyr - 2:1.20.8-2ubuntu2.6 xserver-xorg-core-udeb - 2:1.20.8-2ubuntu2.6 xdmx-tools - 2:1.20.8-2ubuntu2.6 No subscription required Medium CVE-2020-14360 CVE-2020-25712 Ubuntu 20.04 LTS It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423) Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351) It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390) It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25211) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645) Keyu Man discovered that the ICMP global rate limiter in the Linux kernel could be used to assist in scanning open UDP ports. A remote attacker could use to facilitate attacks on UDP based services that depend on source port randomization. (CVE-2020-25705) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788) Update Instructions: Run `sudo pro fix USN-4658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1023-raspi - 5.4.0-1023.26 No subscription required linux-image-5.4.0-1028-kvm - 5.4.0-1028.29 No subscription required linux-image-5.4.0-1030-aws - 5.4.0-1030.31 No subscription required linux-image-5.4.0-1030-gcp - 5.4.0-1030.32 linux-image-5.4.0-1030-oracle - 5.4.0-1030.32 No subscription required linux-image-5.4.0-1032-azure - 5.4.0-1032.33 No subscription required linux-image-5.4.0-56-generic-lpae - 5.4.0-56.62 linux-image-5.4.0-56-lowlatency - 5.4.0-56.62 linux-image-5.4.0-56-generic - 5.4.0-56.62 No subscription required linux-image-raspi2-hwe-18.04-edge - 5.4.0.1023.58 linux-image-raspi - 5.4.0.1023.58 linux-image-raspi2 - 5.4.0.1023.58 linux-image-raspi-hwe-18.04-edge - 5.4.0.1023.58 linux-image-raspi-hwe-18.04 - 5.4.0.1023.58 linux-image-raspi2-hwe-18.04 - 5.4.0.1023.58 No subscription required linux-image-kvm - 5.4.0.1028.26 No subscription required linux-image-oracle - 5.4.0.1030.27 No subscription required linux-image-aws - 5.4.0.1030.31 No subscription required linux-image-gke - 5.4.0.1030.38 linux-image-gcp - 5.4.0.1030.38 No subscription required linux-image-azure - 5.4.0.1032.30 No subscription required linux-image-oem-osp1 - 5.4.0.56.59 linux-image-generic-hwe-20.04 - 5.4.0.56.59 linux-image-generic-hwe-18.04 - 5.4.0.56.59 linux-image-generic-lpae-hwe-20.04 - 5.4.0.56.59 linux-image-generic-lpae-hwe-18.04 - 5.4.0.56.59 linux-image-virtual - 5.4.0.56.59 linux-image-virtual-hwe-20.04 - 5.4.0.56.59 linux-image-lowlatency-hwe-18.04 - 5.4.0.56.59 linux-image-generic - 5.4.0.56.59 linux-image-virtual-hwe-18.04 - 5.4.0.56.59 linux-image-oem - 5.4.0.56.59 linux-image-generic-hwe-18.04-edge - 5.4.0.56.59 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.56.59 linux-image-generic-lpae - 5.4.0.56.59 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.56.59 linux-image-lowlatency - 5.4.0.56.59 linux-image-lowlatency-hwe-20.04 - 5.4.0.56.59 linux-image-virtual-hwe-18.04-edge - 5.4.0.56.59 No subscription required Medium CVE-2020-0423 CVE-2020-10135 CVE-2020-14351 CVE-2020-14390 CVE-2020-25211 CVE-2020-25284 CVE-2020-25643 CVE-2020-25645 CVE-2020-25705 CVE-2020-28915 CVE-2020-4788 Ubuntu 20.04 LTS USN-4658-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423) Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351) It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390) It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25211) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645) Keyu Man discovered that the ICMP global rate limiter in the Linux kernel could be used to assist in scanning open UDP ports. A remote attacker could use to facilitate attacks on UDP based services that depend on source port randomization. (CVE-2020-25705) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788) Update Instructions: Run `sudo pro fix USN-4658-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1025-raspi - 5.4.0-1025.28 No subscription required linux-image-5.4.0-1030-kvm - 5.4.0-1030.31 No subscription required linux-image-5.4.0-1032-aws - 5.4.0-1032.33 No subscription required linux-image-5.4.0-1032-oracle - 5.4.0-1032.34 linux-image-5.4.0-1032-gcp - 5.4.0-1032.34 No subscription required linux-image-5.4.0-1034-azure - 5.4.0-1034.35 No subscription required linux-image-5.4.0-58-lowlatency - 5.4.0-58.64 linux-image-5.4.0-58-generic - 5.4.0-58.64 linux-image-5.4.0-58-generic-lpae - 5.4.0-58.64 No subscription required linux-image-raspi - 5.4.0.1025.60 linux-image-raspi2 - 5.4.0.1025.60 linux-image-raspi-hwe-18.04-edge - 5.4.0.1025.60 linux-image-raspi-hwe-18.04 - 5.4.0.1025.60 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1025.60 linux-image-raspi2-hwe-18.04 - 5.4.0.1025.60 No subscription required linux-image-kvm - 5.4.0.1030.28 No subscription required linux-image-oracle - 5.4.0.1032.29 No subscription required linux-image-aws - 5.4.0.1032.33 No subscription required linux-image-gke - 5.4.0.1032.41 linux-image-gcp - 5.4.0.1032.41 No subscription required linux-image-azure - 5.4.0.1034.32 No subscription required linux-image-oem-osp1 - 5.4.0.58.61 linux-image-generic-hwe-20.04 - 5.4.0.58.61 linux-image-generic-hwe-18.04 - 5.4.0.58.61 linux-image-generic-lpae-hwe-20.04 - 5.4.0.58.61 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.58.61 linux-image-generic-lpae-hwe-18.04 - 5.4.0.58.61 linux-image-virtual - 5.4.0.58.61 linux-image-lowlatency - 5.4.0.58.61 linux-image-virtual-hwe-20.04 - 5.4.0.58.61 linux-image-lowlatency-hwe-18.04 - 5.4.0.58.61 linux-image-generic - 5.4.0.58.61 linux-image-virtual-hwe-18.04 - 5.4.0.58.61 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.58.61 linux-image-oem - 5.4.0.58.61 linux-image-generic-hwe-18.04-edge - 5.4.0.58.61 linux-image-generic-lpae - 5.4.0.58.61 linux-image-virtual-hwe-18.04-edge - 5.4.0.58.61 linux-image-lowlatency-hwe-20.04 - 5.4.0.58.61 No subscription required None https://launchpad.net/bugs/1907262 Ubuntu 20.04 LTS David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4662-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcrypto1.1-udeb - 1.1.1f-1ubuntu2.1 libssl-dev - 1.1.1f-1ubuntu2.1 openssl - 1.1.1f-1ubuntu2.1 libssl-doc - 1.1.1f-1ubuntu2.1 libssl1.1-udeb - 1.1.1f-1ubuntu2.1 libssl1.1 - 1.1.1f-1ubuntu2.1 No subscription required High CVE-2020-1971 Ubuntu 20.04 LTS Melvin Kool discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to hang, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-0-udeb - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.1 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.1 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.1 No subscription required Medium CVE-2020-29385 Ubuntu 20.04 LTS Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test for the presence of local files. (CVE-2020-16128) Kevin Backhouse discovered that Aptdaemon incorrectly handled permission checks. A local attacker could possibly use this issue to cause a denial of service. (CVE-2020-27349) Update Instructions: Run `sudo pro fix USN-4664-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aptdaemon-data - 1.1.1+bzr982-0ubuntu32.3 python3-aptdaemon.gtk3widgets - 1.1.1+bzr982-0ubuntu32.3 aptdaemon - 1.1.1+bzr982-0ubuntu32.3 python3-aptdaemon.test - 1.1.1+bzr982-0ubuntu32.3 python3-aptdaemon - 1.1.1+bzr982-0ubuntu32.3 No subscription required Medium CVE-2020-16128 CVE-2020-27349 Ubuntu 20.04 LTS Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. (CVE-2020-8231) Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to trick curl into connecting to an arbitrary IP address and be used to perform port scanner and other information gathering. (CVE-2020-8284) It was discovered that curl incorrectly handled FTP wildcard matchins. A remote attacker could possibly use this issue to cause curl to consume resources and crash, resulting in a denial of service. (CVE-2020-8285) It was discovered that curl incorrectly handled OCSP response verification. A remote attacker could possibly use this issue to provide a fraudulent OCSP response. (CVE-2020-8286) Update Instructions: Run `sudo pro fix USN-4665-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.4 libcurl4-openssl-dev - 7.68.0-1ubuntu2.4 libcurl3-gnutls - 7.68.0-1ubuntu2.4 libcurl4-doc - 7.68.0-1ubuntu2.4 libcurl3-nss - 7.68.0-1ubuntu2.4 libcurl4-nss-dev - 7.68.0-1ubuntu2.4 libcurl4 - 7.68.0-1ubuntu2.4 curl - 7.68.0-1ubuntu2.4 No subscription required Medium CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 Ubuntu 20.04 LTS It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4666-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.1 python-lxml - 4.5.0-1ubuntu0.1 python-lxml-doc - 4.5.0-1ubuntu0.1 No subscription required Medium CVE-2020-27783 Ubuntu 20.04 LTS USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. Original advisory details: It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4666-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.2 python-lxml - 4.5.0-1ubuntu0.2 python-lxml-doc - 4.5.0-1ubuntu0.2 No subscription required Medium CVE-2020-27783 Ubuntu 20.04 LTS Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4667-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apt-doc - 2.0.2ubuntu0.2 libapt-pkg6.0 - 2.0.2ubuntu0.2 apt-transport-https - 2.0.2ubuntu0.2 libapt-pkg-doc - 2.0.2ubuntu0.2 apt - 2.0.2ubuntu0.2 apt-utils - 2.0.2ubuntu0.2 libapt-pkg-dev - 2.0.2ubuntu0.2 No subscription required Medium CVE-2020-27350 Ubuntu 20.04 LTS Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-4668-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-apt - 2.0.0ubuntu0.20.04.2 python-apt - 2.0.0ubuntu0.20.04.2 python-apt-common - 2.0.0ubuntu0.20.04.2 python-apt-dev - 2.0.0ubuntu0.20.04.2 python-apt-doc - 2.0.0ubuntu0.20.04.2 No subscription required Medium CVE-2020-27351 Ubuntu 20.04 LTS USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-4668-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-apt - 2.0.0ubuntu0.20.04.3 python-apt - 2.0.0ubuntu0.20.04.3 python-apt-common - 2.0.0ubuntu0.20.04.3 python-apt-dev - 2.0.0ubuntu0.20.04.3 python-apt-doc - 2.0.0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1907676 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.10. (CVE-2019-19948, CVE-2019-19949) It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2020-27560) Update Instructions: Run `sudo pro fix USN-4670-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.2 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.2 No subscription required Low CVE-2019-19948 CVE-2019-19949 CVE-2020-27560 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-16042, CVE-2020-26971, CVE-2020-26972, CVE-2020-26793, CVE-2020-26974, CVE-2020-26976, CVE-2020-26978, CVE-2020-26979, CVE-2020-35113, CVE-2020-35114) It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. (CVE-2020-35111) Update Instructions: Run `sudo pro fix USN-4671-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 84.0+build3-0ubuntu0.20.04.1 firefox - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 84.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 84.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 84.0+build3-0ubuntu0.20.04.1 firefox-dev - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 84.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 84.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-16042 CVE-2020-26971 CVE-2020-26972 CVE-2020-26973 CVE-2020-26974 CVE-2020-26976 CVE-2020-26978 CVE-2020-26979 CVE-2020-35111 CVE-2020-35113 CVE-2020-35114 Ubuntu 20.04 LTS Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libproxy-cil-dev - 0.4.15-10ubuntu1.2 libproxy1v5 - 0.4.15-10ubuntu1.2 libproxy0.4-cil - 0.4.15-10ubuntu1.2 libproxy1-plugin-gsettings - 0.4.15-10ubuntu1.2 libproxy-dev - 0.4.15-10ubuntu1.2 python3-libproxy - 0.4.15-10ubuntu1.2 libproxy1-plugin-webkit - 0.4.15-10ubuntu1.2 libproxy1-plugin-kconfig - 0.4.15-10ubuntu1.2 libproxy1-plugin-mozjs - 0.4.15-10ubuntu1.2 libproxy1-plugin-networkmanager - 0.4.15-10ubuntu1.2 libproxy-tools - 0.4.15-10ubuntu1.2 No subscription required Medium CVE-2020-26154 Ubuntu 20.04 LTS It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-24386) Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-25275) Update Instructions: Run `sudo pro fix USN-4674-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.3 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.3 dovecot-mysql - 1:2.3.7.2-1ubuntu3.3 dovecot-sieve - 1:2.3.7.2-1ubuntu3.3 dovecot-core - 1:2.3.7.2-1ubuntu3.3 dovecot-ldap - 1:2.3.7.2-1ubuntu3.3 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.3 dovecot-dev - 1:2.3.7.2-1ubuntu3.3 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.3 dovecot-imapd - 1:2.3.7.2-1ubuntu3.3 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.3 dovecot-lucene - 1:2.3.7.2-1ubuntu3.3 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.3 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.3 dovecot-solr - 1:2.3.7.2-1ubuntu3.3 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.3 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.3 No subscription required Medium CVE-2020-24386 CVE-2020-25275 Ubuntu 20.04 LTS Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL. Update Instructions: Run `sudo pro fix USN-4675-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openstack-dashboard - 3:18.3.2-0ubuntu0.20.04.4 python3-django-horizon - 3:18.3.2-0ubuntu0.20.04.4 openstack-dashboard-common - 3:18.3.2-0ubuntu0.20.04.4 python3-django-openstack-auth - 3:18.3.2-0ubuntu0.20.04.4 openstack-dashboard-ubuntu-theme - 3:18.3.2-0ubuntu0.20.04.4 No subscription required Medium CVE-2020-29565 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4676-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.3 openexr - 2.3.0-6ubuntu0.3 libopenexr24 - 2.3.0-6ubuntu0.3 openexr-doc - 2.3.0-6ubuntu0.3 No subscription required Medium CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 Ubuntu 20.04 LTS David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libp11-kit0 - 0.23.20-1ubuntu0.1 libp11-kit-dev - 0.23.20-1ubuntu0.1 p11-kit-modules - 0.23.20-1ubuntu0.1 p11-kit - 0.23.20-1ubuntu0.1 No subscription required Medium CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 Ubuntu 20.04 LTS It was discovered that the AMD Running Average Power Limit (RAPL) driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. (CVE-2020-12912) Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations. A local attacker could use this to expose sensitive information or possibly escalate privileges. (CVE-2020-29534) Update Instructions: Run `sudo pro fix USN-4678-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-34-generic - 5.8.0-34.37~20.04.2 linux-image-5.8.0-34-generic-lpae - 5.8.0-34.37~20.04.2 linux-image-5.8.0-34-lowlatency - 5.8.0-34.37~20.04.2 No subscription required linux-image-virtual-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-generic-hwe-20.04-edge - 5.8.0.34.37~20.04.20 linux-image-virtual-hwe-20.04-edge - 5.8.0.34.37~20.04.20 linux-image-generic-lpae-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.34.37~20.04.20 linux-image-lowlatency-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-generic-hwe-20.04 - 5.8.0.34.37~20.04.20 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.34.37~20.04.20 No subscription required Medium CVE-2020-12912 CVE-2020-29534 Ubuntu 20.04 LTS It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675) Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777) Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-28974) Update Instructions: Run `sudo pro fix USN-4679-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1026-raspi - 5.4.0-1026.29 No subscription required linux-image-5.4.0-1031-kvm - 5.4.0-1031.32 No subscription required linux-image-5.4.0-1033-gcp - 5.4.0-1033.35 No subscription required linux-image-5.4.0-1034-aws - 5.4.0-1034.35 No subscription required linux-image-5.4.0-1034-oracle - 5.4.0-1034.36 No subscription required linux-image-5.4.0-1035-azure - 5.4.0-1035.36 No subscription required linux-image-5.4.0-59-generic - 5.4.0-59.65 linux-image-5.4.0-59-generic-lpae - 5.4.0-59.65 linux-image-5.4.0-59-lowlatency - 5.4.0-59.65 No subscription required linux-image-raspi - 5.4.0.1026.61 linux-image-raspi2 - 5.4.0.1026.61 linux-image-raspi-hwe-18.04-edge - 5.4.0.1026.61 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1026.61 linux-image-raspi-hwe-18.04 - 5.4.0.1026.61 linux-image-raspi2-hwe-18.04 - 5.4.0.1026.61 No subscription required linux-image-kvm - 5.4.0.1031.29 No subscription required linux-image-gcp - 5.4.0.1033.42 No subscription required linux-image-oracle - 5.4.0.1034.31 No subscription required linux-image-aws - 5.4.0.1034.35 No subscription required linux-image-azure - 5.4.0.1035.33 No subscription required linux-image-oem-osp1 - 5.4.0.59.62 linux-image-generic-hwe-20.04 - 5.4.0.59.62 linux-image-generic-hwe-18.04 - 5.4.0.59.62 linux-image-generic-lpae-hwe-20.04 - 5.4.0.59.62 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.59.62 linux-image-generic-lpae-hwe-18.04 - 5.4.0.59.62 linux-image-virtual - 5.4.0.59.62 linux-image-virtual-hwe-20.04 - 5.4.0.59.62 linux-image-lowlatency-hwe-18.04 - 5.4.0.59.62 linux-image-generic - 5.4.0.59.62 linux-image-virtual-hwe-18.04 - 5.4.0.59.62 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.59.62 linux-image-oem - 5.4.0.59.62 linux-image-generic-hwe-18.04-edge - 5.4.0.59.62 linux-image-generic-lpae - 5.4.0.59.62 linux-image-lowlatency - 5.4.0.59.62 linux-image-lowlatency-hwe-20.04 - 5.4.0.59.62 linux-image-virtual-hwe-18.04-edge - 5.4.0.59.62 No subscription required Medium CVE-2020-25656 CVE-2020-25668 CVE-2020-25704 CVE-2020-27675 CVE-2020-27777 CVE-2020-28974 Ubuntu 20.04 LTS It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-4682-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwavpack1 - 5.2.0-1ubuntu0.1 libwavpack-dev - 5.2.0-1ubuntu0.1 wavpack - 5.2.0-1ubuntu0.1 No subscription required Medium CVE-2020-35738 Ubuntu 20.04 LTS Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Update Instructions: Run `sudo pro fix USN-4683-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1039-oem - 5.6.0-1039.43 No subscription required linux-image-oem-20.04 - 5.6.0.1039.37 No subscription required Medium CVE-2020-28974 Ubuntu 20.04 LTS Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14562) It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-14584) Update Instructions: Run `sudo pro fix USN-4684-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.1 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.1 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.1 ovmf - 0~20191122.bd85bf54-2ubuntu3.1 No subscription required Low CVE-2019-14562 CVE-2019-14584 Ubuntu 20.04 LTS It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4685-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenjp2-tools - 2.3.1-1ubuntu4.20.04.1 libopenjpip-server - 2.3.1-1ubuntu4.20.04.1 libopenjpip-viewer - 2.3.1-1ubuntu4.20.04.1 libopenjp3d-tools - 2.3.1-1ubuntu4.20.04.1 libopenjpip7 - 2.3.1-1ubuntu4.20.04.1 libopenjp2-7 - 2.3.1-1ubuntu4.20.04.1 libopenjp2-7-dev - 2.3.1-1ubuntu4.20.04.1 libopenjp3d7 - 2.3.1-1ubuntu4.20.04.1 libopenjpip-dec-server - 2.3.1-1ubuntu4.20.04.1 No subscription required Medium CVE-2020-15389 CVE-2020-27814 CVE-2020-27823 CVE-2020-27824 CVE-2020-27841 CVE-2020-27842 CVE-2020-27843 CVE-2020-27845 Ubuntu 20.04 LTS A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4687-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 84.0.2+build1-0ubuntu0.20.04.1 firefox - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 84.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 84.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 84.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 84.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 84.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-16044 Ubuntu 20.04 LTS It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.141-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.141-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.141-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.141-0ubuntu0.20.04.1 nvidia-utils-390 - 390.141-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.141-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.141-0ubuntu0.20.04.1 nvidia-driver-390 - 390.141-0ubuntu0.20.04.1 nvidia-384-dev - 390.141-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.141-0ubuntu0.20.04.1 libcuda1-384 - 390.141-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.141-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.141-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.141-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.141-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.141-0ubuntu0.20.04.1 nvidia-headless-390 - 390.141-0ubuntu0.20.04.1 libnvidia-common-390 - 390.141-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.141-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.141-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.141-0ubuntu0.20.04.1 nvidia-384 - 390.141-0ubuntu0.20.04.1 No subscription required libnvidia-encode-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-encode-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-450 - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-440 - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-440 - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-440 - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-450 - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-450 - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-440 - 450.102.04-0ubuntu0.20.04.1 No subscription required libnvidia-common-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-fbc1-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-gl-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-common-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-encode-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 460.32.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-cfg1-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-utils-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-compute-460 - 460.32.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-driver-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-dkms-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-extra-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-compute-utils-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-common-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-decode-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-driver-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-kernel-source-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-ifr1-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-decode-460 - 460.32.03-0ubuntu0.20.04.1 libnvidia-encode-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-utils-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-gl-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 460.32.03-0ubuntu0.20.04.1 nvidia-dkms-455 - 460.32.03-0ubuntu0.20.04.1 nvidia-headless-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-extra-455 - 460.32.03-0ubuntu0.20.04.1 libnvidia-compute-455 - 460.32.03-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1052 CVE-2021-1053 CVE-2021-1056 Ubuntu 20.04 LTS USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1034-gcp - 5.4.0-1034.37 No subscription required linux-image-5.4.0-1035-aws - 5.4.0-1035.37 No subscription required linux-image-5.4.0-1035-oracle - 5.4.0-1035.38 No subscription required linux-image-5.4.0-1036-azure - 5.4.0-1036.38 No subscription required linux-image-5.4.0-60-lowlatency - 5.4.0-60.67 linux-image-5.4.0-60-generic-lpae - 5.4.0-60.67 linux-image-5.4.0-60-generic - 5.4.0-60.67 No subscription required linux-image-gcp - 5.4.0.1034.43 No subscription required linux-image-oracle - 5.4.0.1035.32 No subscription required linux-image-aws - 5.4.0.1035.36 No subscription required linux-image-azure - 5.4.0.1036.34 No subscription required linux-image-oem-osp1 - 5.4.0.60.63 linux-image-generic-hwe-18.04 - 5.4.0.60.63 linux-image-generic-lpae-hwe-18.04 - 5.4.0.60.63 linux-image-virtual - 5.4.0.60.63 linux-image-lowlatency-hwe-18.04 - 5.4.0.60.63 linux-image-generic - 5.4.0.60.63 linux-image-virtual-hwe-18.04 - 5.4.0.60.63 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.60.63 linux-image-oem - 5.4.0.60.63 linux-image-generic-hwe-18.04-edge - 5.4.0.60.63 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.60.63 linux-image-generic-lpae - 5.4.0.60.63 linux-image-lowlatency - 5.4.0.60.63 linux-image-virtual-hwe-18.04-edge - 5.4.0.60.63 No subscription required linux-image-5.6.0-1042-oem - 5.6.0-1042.46 No subscription required linux-image-oem-20.04 - 5.6.0.1042.38 No subscription required linux-image-5.8.0-36-generic - 5.8.0-36.40~20.04.1 linux-image-5.8.0-36-generic-lpae - 5.8.0-36.40~20.04.1 linux-image-5.8.0-36-lowlatency - 5.8.0-36.40~20.04.1 No subscription required linux-image-generic-hwe-20.04 - 5.8.0.36.40~20.04.21 linux-image-virtual-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-generic-lpae-hwe-20.04 - 5.8.0.36.40~20.04.21 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-virtual-hwe-20.04 - 5.8.0.36.40~20.04.21 linux-image-generic-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.36.40~20.04.21 linux-image-lowlatency-hwe-20.04 - 5.8.0.36.40~20.04.21 No subscription required Medium CVE-2021-1052 CVE-2021-1053 CVE-2021-1056 Ubuntu 20.04 LTS It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-headless-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-kernel-source-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-decode-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-ifr1-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-encode-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-compute-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-utils-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-gl-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-common-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-dkms-418-server - 418.181.07-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-fbc1-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-driver-418-server - 418.181.07-0ubuntu0.20.04.1 libnvidia-cfg1-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-compute-utils-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-kernel-common-418-server - 418.181.07-0ubuntu0.20.04.1 nvidia-headless-no-dkms-418-server - 418.181.07-0ubuntu0.20.04.1 No subscription required nvidia-headless-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.102.04-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.102.04-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.102.04-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.102.04-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1052 CVE-2021-1053 Ubuntu 20.04 LTS USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update Instructions: Run `sudo pro fix USN-4689-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-64-generic-lpae - 5.4.0-64.72 linux-image-5.4.0-64-generic - 5.4.0-64.72 linux-image-5.4.0-64-lowlatency - 5.4.0-64.72 No subscription required linux-image-oem-osp1 - 5.4.0.64.67 linux-image-generic-hwe-18.04 - 5.4.0.64.67 linux-image-generic-lpae-hwe-18.04 - 5.4.0.64.67 linux-image-virtual - 5.4.0.64.67 linux-image-lowlatency-hwe-18.04 - 5.4.0.64.67 linux-image-generic - 5.4.0.64.67 linux-image-virtual-hwe-18.04 - 5.4.0.64.67 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.64.67 linux-image-oem - 5.4.0.64.67 linux-image-generic-hwe-18.04-edge - 5.4.0.64.67 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.64.67 linux-image-generic-lpae - 5.4.0.64.67 linux-image-lowlatency - 5.4.0.64.67 linux-image-virtual-hwe-18.04-edge - 5.4.0.64.67 No subscription required linux-image-5.8.0-40-generic - 5.8.0-40.45~20.04.1 linux-image-5.8.0-40-lowlatency - 5.8.0-40.45~20.04.1 linux-image-5.8.0-40-generic-lpae - 5.8.0-40.45~20.04.1 No subscription required linux-image-generic-hwe-20.04 - 5.8.0.40.45~20.04.25 linux-image-virtual-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-generic-lpae-hwe-20.04 - 5.8.0.40.45~20.04.25 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-virtual-hwe-20.04 - 5.8.0.40.45~20.04.25 linux-image-generic-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.40.45~20.04.25 linux-image-lowlatency-hwe-20.04 - 5.8.0.40.45~20.04.25 No subscription required Medium CVE-2021-1052 CVE-2021-1053 Ubuntu 20.04 LTS It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface. Update Instructions: Run `sudo pro fix USN-4690-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: coturn - 4.5.1.1-1.1ubuntu0.20.04.2 No subscription required Medium CVE-2020-26262 Ubuntu 20.04 LTS Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.1-0ubuntu0.20.04.3 openvswitch-switch - 2.13.1-0ubuntu0.20.04.3 openvswitch-pki - 2.13.1-0ubuntu0.20.04.3 openvswitch-common - 2.13.1-0ubuntu0.20.04.3 openvswitch-testcontroller - 2.13.1-0ubuntu0.20.04.3 openvswitch-vtep - 2.13.1-0ubuntu0.20.04.3 openvswitch-source - 2.13.1-0ubuntu0.20.04.3 python3-openvswitch - 2.13.1-0ubuntu0.20.04.3 openvswitch-switch-dpdk - 2.13.1-0ubuntu0.20.04.3 openvswitch-test - 2.13.1-0ubuntu0.20.04.3 No subscription required Medium CVE-2015-8011 CVE-2020-27827 Ubuntu 20.04 LTS Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-20482) Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. (CVE-2019-9923) Update Instructions: Run `sudo pro fix USN-4692-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.1 tar - 1.30+dfsg-7ubuntu0.20.04.1 No subscription required Low CVE-2018-20482 CVE-2019-9923 Ubuntu 20.04 LTS It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Update Instructions: Run `sudo pro fix USN-4694-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-62-generic-lpae - 5.4.0-62.70 linux-image-5.4.0-62-generic - 5.4.0-62.70 linux-image-5.4.0-62-lowlatency - 5.4.0-62.70 No subscription required linux-image-oem-osp1 - 5.4.0.62.65 linux-image-generic-hwe-18.04 - 5.4.0.62.65 linux-image-generic-lpae-hwe-18.04 - 5.4.0.62.65 linux-image-virtual - 5.4.0.62.65 linux-image-lowlatency-hwe-18.04 - 5.4.0.62.65 linux-image-generic - 5.4.0.62.65 linux-image-virtual-hwe-18.04 - 5.4.0.62.65 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.62.65 linux-image-oem - 5.4.0.62.65 linux-image-generic-hwe-18.04-edge - 5.4.0.62.65 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.62.65 linux-image-generic-lpae - 5.4.0.62.65 linux-image-lowlatency - 5.4.0.62.65 linux-image-virtual-hwe-18.04-edge - 5.4.0.62.65 No subscription required linux-image-5.8.0-38-lowlatency - 5.8.0-38.43~20.04.1 linux-image-5.8.0-38-generic-lpae - 5.8.0-38.43~20.04.1 linux-image-5.8.0-38-generic - 5.8.0-38.43~20.04.1 No subscription required linux-image-generic-hwe-20.04 - 5.8.0.38.43~20.04.23 linux-image-virtual-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-generic-lpae-hwe-20.04 - 5.8.0.38.43~20.04.23 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-virtual-hwe-20.04 - 5.8.0.38.43~20.04.23 linux-image-generic-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.38.43~20.04.23 linux-image-lowlatency-hwe-20.04 - 5.8.0.38.43~20.04.23 No subscription required High CVE-2020-28374 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. (CVE-2020-35653) It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-35654) It was discovered that Pillow incorrectly handled certain SGI image files. If a user or automated system were tricked into opening a specially-crafted SGI file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-35655) Update Instructions: Run `sudo pro fix USN-4697-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.2 python-pil-doc - 7.0.0-4ubuntu0.2 python3-pil - 7.0.0-4ubuntu0.2 No subscription required Medium CVE-2020-35653 CVE-2020-35654 CVE-2020-35655 Ubuntu 20.04 LTS Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25686) It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834) Update Instructions: Run `sudo pro fix USN-4698-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.2 dnsmasq-base-lua - 2.80-1.1ubuntu1.2 dnsmasq-utils - 2.80-1.1ubuntu1.2 dnsmasq-base - 2.80-1.1ubuntu1.2 No subscription required Medium CVE-2019-14834 CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 Ubuntu 20.04 LTS USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Original advisory details: Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25686) It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834) Update Instructions: Run `sudo pro fix USN-4698-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.3 dnsmasq-utils - 2.80-1.1ubuntu1.3 dnsmasq-base-lua - 2.80-1.1ubuntu1.3 dnsmasq-base - 2.80-1.1ubuntu1.3 No subscription required None https://launchpad.net/bugs/1916462 Ubuntu 20.04 LTS It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4699-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4net1.2-cil - 1.2.10+dfsg-7ubuntu0.20.04.1 liblog4net-cil-dev - 1.2.10+dfsg-7ubuntu0.20.04.1 No subscription required Medium CVE-2018-1285 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4703-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.4 No subscription required Medium CVE-2021-3181 Ubuntu 20.04 LTS It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. (CVE-2021-3156) It was discovered that the Sudo sudoedit utility incorrectly handled checking directory permissions. A local attacker could possibly use this issue to bypass file permissions and determine if a directory exists or not. (CVE-2021-23239) Update Instructions: Run `sudo pro fix USN-4705-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sudo-ldap - 1.8.31-1ubuntu1.2 sudo - 1.8.31-1ubuntu1.2 No subscription required High CVE-2021-23239 CVE-2021-3156 Ubuntu 20.04 LTS Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. (CVE-2020-10736) Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header injection via a CORS ExposeHeader tag. An attacker could use this to gain access or cause a crash. (CVE-2020-10753) Ilya Dryomov found that Cephx authentication did not verify Ceph clients correctly and was then vulnerable to replay attacks in Nautilus. An attacker could use the Ceph cluster network to authenticate via a packet sniffer and perform actions. This issue is a reintroduction of CVE-2018-1128. (CVE-2020-25660) Update Instructions: Run `sudo pro fix USN-4706-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rbd - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-modules-core - 15.2.7-0ubuntu0.20.04.2 ceph-mgr - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-cephadm - 15.2.7-0ubuntu0.20.04.2 ceph - 15.2.7-0ubuntu0.20.04.2 ceph-osd - 15.2.7-0ubuntu0.20.04.2 rbd-mirror - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-diskprediction-local - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-dashboard - 15.2.7-0ubuntu0.20.04.2 librbd-dev - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-rook - 15.2.7-0ubuntu0.20.04.2 rbd-fuse - 15.2.7-0ubuntu0.20.04.2 libradospp-dev - 15.2.7-0ubuntu0.20.04.2 librados-dev - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-diskprediction-cloud - 15.2.7-0ubuntu0.20.04.2 python3-ceph - 15.2.7-0ubuntu0.20.04.2 cephadm - 15.2.7-0ubuntu0.20.04.2 libradosstriper-dev - 15.2.7-0ubuntu0.20.04.2 librados2 - 15.2.7-0ubuntu0.20.04.2 ceph-mon - 15.2.7-0ubuntu0.20.04.2 libcephfs2 - 15.2.7-0ubuntu0.20.04.2 ceph-immutable-object-cache - 15.2.7-0ubuntu0.20.04.2 librgw2 - 15.2.7-0ubuntu0.20.04.2 ceph-mds - 15.2.7-0ubuntu0.20.04.2 radosgw - 15.2.7-0ubuntu0.20.04.2 librbd1 - 15.2.7-0ubuntu0.20.04.2 python3-rgw - 15.2.7-0ubuntu0.20.04.2 rbd-nbd - 15.2.7-0ubuntu0.20.04.2 libcephfs-dev - 15.2.7-0ubuntu0.20.04.2 rados-objclass-dev - 15.2.7-0ubuntu0.20.04.2 libradosstriper1 - 15.2.7-0ubuntu0.20.04.2 python3-ceph-argparse - 15.2.7-0ubuntu0.20.04.2 python3-ceph-common - 15.2.7-0ubuntu0.20.04.2 librgw-dev - 15.2.7-0ubuntu0.20.04.2 python3-rados - 15.2.7-0ubuntu0.20.04.2 ceph-base - 15.2.7-0ubuntu0.20.04.2 ceph-mgr-k8sevents - 15.2.7-0ubuntu0.20.04.2 python3-cephfs - 15.2.7-0ubuntu0.20.04.2 ceph-fuse - 15.2.7-0ubuntu0.20.04.2 cephfs-shell - 15.2.7-0ubuntu0.20.04.2 ceph-common - 15.2.7-0ubuntu0.20.04.2 libcephfs-java - 15.2.7-0ubuntu0.20.04.2 ceph-resource-agents - 15.2.7-0ubuntu0.20.04.2 libcephfs-jni - 15.2.7-0ubuntu0.20.04.2 No subscription required Medium CVE-2020-10736 CVE-2020-10753 CVE-2020-25660 Ubuntu 20.04 LTS It was discovered that TCMU lacked a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. Update Instructions: Run `sudo pro fix USN-4707-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcmu-runner - 1.5.2-5ubuntu0.20.04.1 libtcmu2 - 1.5.2-5ubuntu0.20.04.1 No subscription required Medium CVE-2021-3139 Ubuntu 20.04 LTS USN-4576-1 fixed a vulnerability in the overlay file system implementation in the Linux kernel. Unfortunately, that fix introduced a regression that could incorrectly deny access to overlay files in some situations. This update fixes the problem. We apologize for the inconvenience. Original vulnerability details: Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. Update Instructions: Run `sudo pro fix USN-4712-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-65-generic - 5.4.0-65.73 linux-image-5.4.0-65-generic-lpae - 5.4.0-65.73 linux-image-5.4.0-65-lowlatency - 5.4.0-65.73 No subscription required linux-image-oem-osp1 - 5.4.0.65.68 linux-image-generic-hwe-18.04 - 5.4.0.65.68 linux-image-generic-lpae-hwe-18.04 - 5.4.0.65.68 linux-image-virtual - 5.4.0.65.68 linux-image-lowlatency-hwe-18.04 - 5.4.0.65.68 linux-image-generic - 5.4.0.65.68 linux-image-virtual-hwe-18.04 - 5.4.0.65.68 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.65.68 linux-image-oem - 5.4.0.65.68 linux-image-generic-hwe-18.04-edge - 5.4.0.65.68 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.65.68 linux-image-generic-lpae - 5.4.0.65.68 linux-image-lowlatency - 5.4.0.65.68 linux-image-virtual-hwe-18.04-edge - 5.4.0.65.68 No subscription required linux-image-5.8.0-41-generic - 5.8.0-41.46~20.04.1 linux-image-5.8.0-41-lowlatency - 5.8.0-41.46~20.04.1 linux-image-5.8.0-41-generic-lpae - 5.8.0-41.46~20.04.1 No subscription required linux-image-generic-64k-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-generic-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-virtual-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-generic-lpae-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-virtual-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-generic-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-generic-64k-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.41.46~20.04.27 linux-image-lowlatency-hwe-20.04 - 5.8.0.41.46~20.04.27 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.41.46~20.04.27 No subscription required None https://bugs.launchpad.net/bugs/1900141 https://usn.ubuntu.com/usn/usn-4576-1 Ubuntu 20.04 LTS It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Update Instructions: Run `sudo pro fix USN-4713-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1028-raspi - 5.4.0-1028.31 No subscription required linux-image-5.4.0-1032-kvm - 5.4.0-1032.33 No subscription required linux-image-5.4.0-1036-gcp - 5.4.0-1036.39 No subscription required linux-image-5.4.0-1037-aws - 5.4.0-1037.39 No subscription required linux-image-5.4.0-1037-oracle - 5.4.0-1037.40 No subscription required linux-image-5.4.0-1039-azure - 5.4.0-1039.41 No subscription required linux-image-raspi-hwe-18.04-edge - 5.4.0.1028.63 linux-image-raspi-hwe-18.04 - 5.4.0.1028.63 linux-image-raspi - 5.4.0.1028.63 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1028.63 linux-image-raspi2 - 5.4.0.1028.63 linux-image-raspi2-hwe-18.04 - 5.4.0.1028.63 No subscription required linux-image-kvm - 5.4.0.1032.30 No subscription required linux-image-gcp - 5.4.0.1036.45 No subscription required linux-image-oracle - 5.4.0.1037.34 No subscription required linux-image-aws - 5.4.0.1037.38 No subscription required linux-image-azure - 5.4.0.1039.37 No subscription required High CVE-2020-28374 Ubuntu 20.04 LTS Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. (CVE-2020-26217) It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. (CVE-2020-26258) It was discovered that XStream was vulnerable to arbitrary file deletion on the local host. A remote attacker could use this to delete arbitrary known files on the host as long as the executing process had sufficient rights only by manipulating the processed input stream. (CVE-2020-26259) Update Instructions: Run `sudo pro fix USN-4714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxstream-java - 1.4.11.1-1ubuntu0.1 No subscription required Medium CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 Ubuntu 20.04 LTS Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location. Update Instructions: Run `sudo pro fix USN-4715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.3 python-django-doc - 2:2.2.12-1ubuntu0.3 No subscription required Medium CVE-2021-3281 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-23.html https://www.oracle.com/security-alerts/cpujan2021.html Update Instructions: Run `sudo pro fix USN-4716-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.23-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.23-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-router - 8.0.23-0ubuntu0.20.04.1 mysql-server - 8.0.23-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.23-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-testsuite - 8.0.23-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.23-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.23-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2002 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038 CVE-2021-2046 CVE-2021-2048 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 CVE-2021-2076 CVE-2021-2081 CVE-2021-2087 CVE-2021-2088 CVE-2021-2122 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 85.0+build1-0ubuntu0.20.04.1 firefox - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 85.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 85.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 85.0+build1-0ubuntu0.20.04.1 firefox-dev - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 85.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 85.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23953 CVE-2021-23954 CVE-2021-23955 CVE-2021-23956 CVE-2021-23958 CVE-2021-23960 CVE-2021-23961 CVE-2021-23962 CVE-2021-23963 CVE-2021-23964 CVE-2021-23965 Ubuntu 20.04 LTS USN-4717-1 fixed vulnerabilities in Firefox. The update caused a startup hang in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4717-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 85.0.1+build1-0ubuntu0.20.04.1 firefox - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 85.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 85.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 85.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 85.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 85.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1914147 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-4719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates-udeb - 20210119~20.04.1 ca-certificates - 20210119~20.04.1 No subscription required None https://launchpad.net/bugs/1914064 Ubuntu 20.04 LTS Itai Greenhut discovered that Apport incorrectly parsed certain files in the /proc filesystem. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2021-25682, CVE-2021-25683) Itai Greenhut discovered that Apport incorrectly handled opening certain special files. A local attacker could possibly use this issue to cause Apport to hang, resulting in a denial of service. (CVE-2021-25684) Update Instructions: Run `sudo pro fix USN-4720-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.16 apport-kde - 2.20.11-0ubuntu27.16 apport-retrace - 2.20.11-0ubuntu27.16 apport-valgrind - 2.20.11-0ubuntu27.16 python3-apport - 2.20.11-0ubuntu27.16 dh-apport - 2.20.11-0ubuntu27.16 apport-gtk - 2.20.11-0ubuntu27.16 apport - 2.20.11-0ubuntu27.16 apport-noui - 2.20.11-0ubuntu27.16 No subscription required Medium CVE-2021-25682 CVE-2021-25683 CVE-2021-25684 Ubuntu 20.04 LTS Simon McVittie discovered that flatpak-portal service allowed sandboxed applications to execute arbitrary code on the host system (a sandbox escape). A malicious user could create a Flatpak application that set environment variables, trusted by the Flatpak "run" command, and use it to execute arbitrary code outside the sandbox. Update Instructions: Run `sudo pro fix USN-4721-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflatpak0 - 1.6.5-0ubuntu0.2 libflatpak-dev - 1.6.5-0ubuntu0.2 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.2 libflatpak-doc - 1.6.5-0ubuntu0.2 flatpak - 1.6.5-0ubuntu0.2 flatpak-tests - 1.6.5-0ubuntu0.2 No subscription required Medium CVE-2021-21261 Ubuntu 20.04 LTS It was discovered that ReadyMedia (MiniDLNA) allowed subscription requests with a delivery URL on a different network segment than the fully qualified event- subscription URL. An attacker could use this to hijack smart devices and cause denial of service attacks. (CVE-2020-12695) It was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. A remote attacker could send a malicious UPnP HTTP request to the service using HTTP chunked encoding and cause a denial of service. (CVE-2020-28926) Update Instructions: Run `sudo pro fix USN-4722-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: minidlna - 1.2.1+dfsg-1ubuntu0.20.04.1 No subscription required Medium CVE-2020-12695 CVE-2020-28926 Ubuntu 20.04 LTS It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4723-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-pear - 1:1.10.9+submodules+notgz-1ubuntu0.20.04.2 No subscription required Medium CVE-2020-36193 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36221) It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-36222, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) It was discovered that OpenLDAP incorrectly handled Return Filter control handling. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-36223) It was discovered that OpenLDAP incorrectly handled certain cancel operations. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36227) It was discovered that OpenLDAP incorrectly handled Certificate List Extract Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36228) It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36229, CVE-2020-36230) Update Instructions: Run `sudo pro fix USN-4724-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.6 libldap-common - 2.4.49+dfsg-2ubuntu1.6 slapd-contrib - 2.4.49+dfsg-2ubuntu1.6 slapi-dev - 2.4.49+dfsg-2ubuntu1.6 ldap-utils - 2.4.49+dfsg-2ubuntu1.6 libldap2-dev - 2.4.49+dfsg-2ubuntu1.6 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.6 slapd - 2.4.49+dfsg-2ubuntu1.6 No subscription required Medium CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-11947) Alexander Bulekov discovered that QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-15859) Alexander Bulekov discovered that QEMU incorrectly handled memory region cache. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-27821) Cheol-woo Myung discovered that QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-28916) Wenxiang Qian discovered that QEMU incorrectly handled ATAPI emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-29443) It was discovered that QEMU incorrectly handled VirtFS directory sharing. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20181) Update Instructions: Run `sudo pro fix USN-4725-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.12 qemu-system-common - 1:4.2-3ubuntu6.12 qemu-system-data - 1:4.2-3ubuntu6.12 qemu-system-s390x - 1:4.2-3ubuntu6.12 qemu-block-extra - 1:4.2-3ubuntu6.12 qemu-system-misc - 1:4.2-3ubuntu6.12 qemu-user - 1:4.2-3ubuntu6.12 qemu-system-sparc - 1:4.2-3ubuntu6.12 qemu-guest-agent - 1:4.2-3ubuntu6.12 qemu-system - 1:4.2-3ubuntu6.12 qemu-utils - 1:4.2-3ubuntu6.12 qemu-user-static - 1:4.2-3ubuntu6.12 qemu-kvm - 1:4.2-3ubuntu6.12 qemu-user-binfmt - 1:4.2-3ubuntu6.12 qemu-system-x86 - 1:4.2-3ubuntu6.12 qemu-system-arm - 1:4.2-3ubuntu6.12 qemu-system-gui - 1:4.2-3ubuntu6.12 qemu - 1:4.2-3ubuntu6.12 qemu-system-ppc - 1:4.2-3ubuntu6.12 qemu-system-mips - 1:4.2-3ubuntu6.12 qemu-system-x86-xen - 1:4.2-3ubuntu6.12 No subscription required Medium CVE-2020-11947 CVE-2020-15859 CVE-2020-27821 CVE-2020-28916 CVE-2020-29443 CVE-2021-20181 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled the direct buffering of characters. An attacker could use this issue to cause OpenJDK to crash, resulting in a denial of service, or cause other unspecified impact. Update Instructions: Run `sudo pro fix USN-4726-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.10+9-0ubuntu1~20.04 openjdk-11-doc - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jdk - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.10+9-0ubuntu1~20.04 openjdk-11-jre - 11.0.10+9-0ubuntu1~20.04 openjdk-11-demo - 11.0.10+9-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u282-b08-0ubuntu1~20.04 openjdk-8-doc - 8u282-b08-0ubuntu1~20.04 openjdk-8-jdk - 8u282-b08-0ubuntu1~20.04 openjdk-8-jre-headless - 8u282-b08-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u282-b08-0ubuntu1~20.04 openjdk-8-jre - 8u282-b08-0ubuntu1~20.04 openjdk-8-jre-zero - 8u282-b08-0ubuntu1~20.04 openjdk-8-demo - 8u282-b08-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/1914824 Ubuntu 20.04 LTS Alexander Popov discovered that multiple race conditions existed in the AF_VSOCK implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4727-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1047-oem - 5.6.0-1047.51 No subscription required linux-image-oem-20.04 - 5.6.0.1047.43 No subscription required linux-image-5.8.0-43-generic - 5.8.0-43.49~20.04.1 linux-image-5.8.0-43-generic-lpae - 5.8.0-43.49~20.04.1 linux-image-5.8.0-43-lowlatency - 5.8.0-43.49~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-virtual-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-lpae-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-generic-64k-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-generic-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-generic-hwe-20.04-edge - 5.8.0.43.49~20.04.29 linux-image-lowlatency-hwe-20.04 - 5.8.0.43.49~20.04.29 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.43.49~20.04.29 No subscription required High CVE-2021-26708 Ubuntu 20.04 LTS Gilad Reti and Nimrod Stoler discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for various container management snaps. This could allow a local attacker to escalate privileges via access to arbitrary devices of the container host from within a compromised or malicious container. Update Instructions: Run `sudo pro fix USN-4728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.48.3+20.04 ubuntu-core-launcher - 2.48.3+20.04 snap-confine - 2.48.3+20.04 ubuntu-snappy-cli - 2.48.3+20.04 golang-github-snapcore-snapd-dev - 2.48.3+20.04 snapd-xdg-open - 2.48.3+20.04 snapd - 2.48.3+20.04 golang-github-ubuntu-core-snappy-dev - 2.48.3+20.04 ubuntu-snappy - 2.48.3+20.04 No subscription required High CVE-2020-27352 Ubuntu 20.04 LTS Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain network packets. A remote attacker could use this issue to cause a denial of service, or possibly alter packet classification. Update Instructions: Run `sudo pro fix USN-4729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.1-0ubuntu0.20.04.4 openvswitch-switch - 2.13.1-0ubuntu0.20.04.4 openvswitch-pki - 2.13.1-0ubuntu0.20.04.4 openvswitch-common - 2.13.1-0ubuntu0.20.04.4 openvswitch-testcontroller - 2.13.1-0ubuntu0.20.04.4 openvswitch-vtep - 2.13.1-0ubuntu0.20.04.4 openvswitch-source - 2.13.1-0ubuntu0.20.04.4 python3-openvswitch - 2.13.1-0ubuntu0.20.04.4 openvswitch-switch-dpdk - 2.13.1-0ubuntu0.20.04.4 openvswitch-test - 2.13.1-0ubuntu0.20.04.4 No subscription required Medium CVE-2020-35498 Ubuntu 20.04 LTS It was discovered that JUnit 4 contains a local information disclosure vulnerability. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: junit4 - 4.12-8ubuntu0.20.04.1 junit4-doc - 4.12-8ubuntu0.20.04.1 No subscription required Medium CVE-2020-15250 Ubuntu 20.04 LTS Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.1 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.1 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.1 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.1 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.1 libgnome-autoar-doc - 0.2.3-2ubuntu0.1 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.1 No subscription required Medium CVE-2020-36241 Ubuntu 20.04 LTS USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Original advisory details: Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4733-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.2 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.2 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.2 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.2 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.2 libgnome-autoar-doc - 0.2.3-2ubuntu0.2 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.2 No subscription required None https://launchpad.net/bugs/1917812 Ubuntu 20.04 LTS It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-0326) It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. (CVE-2020-12695) Update Instructions: Run `sudo pro fix USN-4734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hostapd - 2:2.9-1ubuntu4.2 wpagui - 2:2.9-1ubuntu4.2 wpasupplicant - 2:2.9-1ubuntu4.2 wpasupplicant-udeb - 2:2.9-1ubuntu4.2 No subscription required High CVE-2020-12695 CVE-2021-0326 Ubuntu 20.04 LTS Heikki Linnakangas discovered that PostgreSQL incorrectly leaked values of denied columns when handling certain errors. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4735-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.6-0ubuntu0.20.04.1 libpq-dev - 12.6-0ubuntu0.20.04.1 libecpg6 - 12.6-0ubuntu0.20.04.1 libpq5 - 12.6-0ubuntu0.20.04.1 libpgtypes3 - 12.6-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.6-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.6-0ubuntu0.20.04.1 libecpg-dev - 12.6-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.6-0ubuntu0.20.04.1 postgresql-doc-12 - 12.6-0ubuntu0.20.04.1 postgresql-12 - 12.6-0ubuntu0.20.04.1 postgresql-client-12 - 12.6-0ubuntu0.20.04.1 libecpg-compat3 - 12.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-3393 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the Bind AppArmor profile. Update Instructions: Run `sudo pro fix USN-4737-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.6 bind9-libs - 1:9.16.1-0ubuntu2.6 bind9utils - 1:9.16.1-0ubuntu2.6 bind9-doc - 1:9.16.1-0ubuntu2.6 bind9-utils - 1:9.16.1-0ubuntu2.6 bind9 - 1:9.16.1-0ubuntu2.6 bind9-dnsutils - 1:9.16.1-0ubuntu2.6 bind9-host - 1:9.16.1-0ubuntu2.6 No subscription required Medium CVE-2020-8625 Ubuntu 20.04 LTS Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23840) Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer fields. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23841) Update Instructions: Run `sudo pro fix USN-4738-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcrypto1.1-udeb - 1.1.1f-1ubuntu2.2 libssl-dev - 1.1.1f-1ubuntu2.2 openssl - 1.1.1f-1ubuntu2.2 libssl-doc - 1.1.1f-1ubuntu2.2 libssl1.1-udeb - 1.1.1f-1ubuntu2.2 libssl1.1 - 1.1.1f-1ubuntu2.2 No subscription required Medium CVE-2021-23840 CVE-2021-23841 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4739-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.30.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.30.5-0ubuntu0.20.04.1 webkit2gtk-driver - 2.30.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.30.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.30.5-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.30.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.30.5-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-13558 Ubuntu 20.04 LTS It was discovered that Apache Shiro mishandled specially crafted requests. An attacker could use this vulnerability to bypass authentication mechanisms. Update Instructions: Run `sudo pro fix USN-4740-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libshiro-java - 1.3.2-4ubuntu0.1 No subscription required Medium CVE-2020-11989 CVE-2020-1957 Ubuntu 20.04 LTS It was discovered that Django incorrectly accepted semicolons as query parameters. A remote attacker could possibly use this issue to perform a Web Cache Poisoning attack. Update Instructions: Run `sudo pro fix USN-4742-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.4 python-django-doc - 2:2.2.12-1ubuntu0.4 No subscription required Low CVE-2021-23336 Ubuntu 20.04 LTS It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4743-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-0-udeb - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.2 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.2 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.2 No subscription required Medium CVE-2021-20240 Ubuntu 20.04 LTS Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4744-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.7 libldap-common - 2.4.49+dfsg-2ubuntu1.7 slapd-contrib - 2.4.49+dfsg-2ubuntu1.7 slapi-dev - 2.4.49+dfsg-2ubuntu1.7 ldap-utils - 2.4.49+dfsg-2ubuntu1.7 libldap2-dev - 2.4.49+dfsg-2ubuntu1.7 slapd - 2.4.49+dfsg-2ubuntu1.7 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.7 No subscription required Medium CVE-2021-27212 Ubuntu 20.04 LTS Tavis Ormandy discovered that xterm incorrectly handled certain character sequences. A remote attacker could use this issue to cause xterm to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4746-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xterm - 353-1ubuntu1.20.04.2 No subscription required Medium CVE-2021-27135 Ubuntu 20.04 LTS Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4747-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: screen - 4.8.0-1ubuntu0.1 screen-udeb - 4.8.0-1ubuntu0.1 No subscription required Medium CVE-2021-26937 Ubuntu 20.04 LTS Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830, CVE-2020-28941) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568) Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29569) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle filter rules in some situations. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. (CVE-2021-20177) Update Instructions: Run `sudo pro fix USN-4750-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1010-gkeop - 5.4.0-1010.11 No subscription required linux-image-5.4.0-1029-raspi - 5.4.0-1029.32 No subscription required linux-image-5.4.0-1033-kvm - 5.4.0-1033.34 No subscription required linux-image-5.4.0-1037-gcp - 5.4.0-1037.40 No subscription required linux-image-5.4.0-1038-aws - 5.4.0-1038.40 No subscription required linux-image-5.4.0-1038-oracle - 5.4.0-1038.41 No subscription required linux-image-5.4.0-1040-azure - 5.4.0-1040.42 No subscription required linux-image-5.4.0-66-lowlatency - 5.4.0-66.74 linux-image-5.4.0-66-generic-lpae - 5.4.0-66.74 linux-image-5.4.0-66-generic - 5.4.0-66.74 No subscription required linux-image-gkeop-5.4 - 5.4.0.1010.13 linux-image-gkeop - 5.4.0.1010.13 No subscription required linux-image-raspi - 5.4.0.1029.64 linux-image-raspi2 - 5.4.0.1029.64 linux-image-raspi-hwe-18.04-edge - 5.4.0.1029.64 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1029.64 linux-image-raspi-hwe-18.04 - 5.4.0.1029.64 linux-image-raspi2-hwe-18.04 - 5.4.0.1029.64 No subscription required linux-image-kvm - 5.4.0.1033.31 No subscription required linux-image-gcp - 5.4.0.1037.46 No subscription required linux-image-oracle - 5.4.0.1038.35 No subscription required linux-image-aws - 5.4.0.1038.39 No subscription required linux-image-azure - 5.4.0.1040.38 No subscription required linux-image-oem-osp1 - 5.4.0.66.69 linux-image-generic-hwe-18.04 - 5.4.0.66.69 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.66.69 linux-image-generic-lpae-hwe-18.04 - 5.4.0.66.69 linux-image-virtual - 5.4.0.66.69 linux-image-lowlatency-hwe-18.04 - 5.4.0.66.69 linux-image-generic - 5.4.0.66.69 linux-image-virtual-hwe-18.04 - 5.4.0.66.69 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.66.69 linux-image-oem - 5.4.0.66.69 linux-image-generic-hwe-18.04-edge - 5.4.0.66.69 linux-image-generic-lpae - 5.4.0.66.69 linux-image-lowlatency - 5.4.0.66.69 linux-image-virtual-hwe-18.04-edge - 5.4.0.66.69 No subscription required High CVE-2020-25669 CVE-2020-27815 CVE-2020-27830 CVE-2020-28588 CVE-2020-28941 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2021-20177 Ubuntu 20.04 LTS It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) Julien Grall discovered that the Xen dom0 event handler in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-27673) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675) Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830, CVE-2020-28941) It was discovered that a use-after-free vulnerability existed in the infiniband hfi1 device driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-27835) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-28974) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568) Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29569) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that a race condition existed that caused the Linux kernel to not properly restrict exit signal delivery. A local attacker could possibly use this to send signals to arbitrary processes. (CVE-2020-35508) Update Instructions: Run `sudo pro fix USN-4751-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-44-lowlatency - 5.8.0-44.50~20.04.1 linux-image-5.8.0-44-generic-lpae - 5.8.0-44.50~20.04.1 linux-image-5.8.0-44-generic - 5.8.0-44.50~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-generic-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-generic-lpae-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-generic-64k-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-lowlatency-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.44.50~20.04.30 linux-image-virtual-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-generic-hwe-20.04 - 5.8.0.44.50~20.04.30 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.44.50~20.04.30 No subscription required High CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-27673 CVE-2020-27675 CVE-2020-27777 CVE-2020-27815 CVE-2020-27830 CVE-2020-27835 CVE-2020-28588 CVE-2020-28941 CVE-2020-28974 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-35508 Ubuntu 20.04 LTS Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314) It was discovered that the block layer implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-15436) It was discovered that the serial port driver in the Linux kernel did not properly initialize a pointer in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-15437) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) It was discovered that the KVM hypervisor in the Linux kernel did not properly handle interrupts in certain situations. A local attacker in a guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2020-27152) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) Jann Horn discovered a race condition in the copy-on-write implementation in the Linux kernel when handling hugepages. A local attacker could use this to gain unintended write access to read-only memory pages. (CVE-2020-29368) Jann Horn discovered that the mmap implementation in the Linux kernel contained a race condition when handling munmap() operations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-29369) Jann Horn discovered that the romfs file system in the Linux kernel did not properly validate file system meta-data, leading to an out-of-bounds read. An attacker could use this to construct a malicious romfs image that, when mounted, exposed sensitive information (kernel memory). (CVE-2020-29371) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that a race condition existed that caused the Linux kernel to not properly restrict exit signal delivery. A local attacker could possibly use this to send signals to arbitrary processes. (CVE-2020-35508) Update Instructions: Run `sudo pro fix USN-4752-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1048-oem - 5.6.0-1048.52 No subscription required linux-image-oem-20.04 - 5.6.0.1048.44 No subscription required High CVE-2020-10135 CVE-2020-14314 CVE-2020-15436 CVE-2020-15437 CVE-2020-24490 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-25704 CVE-2020-27152 CVE-2020-27815 CVE-2020-28588 CVE-2020-28915 CVE-2020-29368 CVE-2020-29369 CVE-2020-29371 CVE-2020-29660 CVE-2020-29661 CVE-2020-35508 Ubuntu 20.04 LTS It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Update Instructions: Run `sudo pro fix USN-4753-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1014-oem - 5.10.0-1014.15 No subscription required linux-image-oem-20.04-edge - 5.10.0.1014.15 linux-image-oem-20.04b - 5.10.0.1014.15 No subscription required High CVE-2020-28374 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177) Update Instructions: Run `sudo pro fix USN-4754-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.5-1~20.04.2 python3.8-examples - 3.8.5-1~20.04.2 python3.8-dev - 3.8.5-1~20.04.2 libpython3.8-minimal - 3.8.5-1~20.04.2 libpython3.8-dev - 3.8.5-1~20.04.2 python3.8-venv - 3.8.5-1~20.04.2 libpython3.8 - 3.8.5-1~20.04.2 idle-python3.8 - 3.8.5-1~20.04.2 libpython3.8-testsuite - 3.8.5-1~20.04.2 libpython3.8-stdlib - 3.8.5-1~20.04.2 python3.8 - 3.8.5-1~20.04.2 python3.8-doc - 3.8.5-1~20.04.2 No subscription required Medium CVE-2020-27619 CVE-2021-3177 Ubuntu 20.04 LTS USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 and Ubuntu 20.04. In the case of Python 2.7 for 20.04, these additional fixes are included: It was dicovered that Python allowed remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. (CVE-2019-9674) It was discovered that Python had potentially misleading information about whether sorting occurs. This fix updates the documentation about it. (CVE-2019-17514) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907) It was discovered that Python allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. (CVE-2020-8492) It was discovered that Python allowed CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116) Original advisory details: It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177) Update Instructions: Run `sudo pro fix USN-4754-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpython2.7-minimal - 2.7.18-1~20.04.1 libpython2.7 - 2.7.18-1~20.04.1 python2.7 - 2.7.18-1~20.04.1 idle-python2.7 - 2.7.18-1~20.04.1 libpython2.7-testsuite - 2.7.18-1~20.04.1 libpython2.7-dev - 2.7.18-1~20.04.1 python2.7-minimal - 2.7.18-1~20.04.1 python2.7-doc - 2.7.18-1~20.04.1 python2.7-dev - 2.7.18-1~20.04.1 python2.7-examples - 2.7.18-1~20.04.1 libpython2.7-stdlib - 2.7.18-1~20.04.1 No subscription required Medium CVE-2019-17514 CVE-2019-20907 CVE-2019-9674 CVE-2020-26116 CVE-2020-27619 CVE-2020-8492 CVE-2021-3177 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-4755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.1 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.1 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.1 No subscription required Medium CVE-2020-35523 CVE-2020-35524 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct cross-site scripting (XSS) attacks, bypass HTTP auth phishing warnings, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 86.0+build3-0ubuntu0.20.04.1 firefox - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 86.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 86.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 86.0+build3-0ubuntu0.20.04.1 firefox-dev - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 86.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 86.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23968 CVE-2021-23969 CVE-2021-23970 CVE-2021-23971 CVE-2021-23972 CVE-2021-23973 CVE-2021-23974 CVE-2021-23975 CVE-2021-23978 CVE-2021-23979 Ubuntu 20.04 LTS It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) provision discovery requests in some situations. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4757-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hostapd - 2:2.9-1ubuntu4.3 wpagui - 2:2.9-1ubuntu4.3 wpasupplicant - 2:2.9-1ubuntu4.3 wpasupplicant-udeb - 2:2.9-1ubuntu4.3 No subscription required Medium CVE-2021-27803 Ubuntu 20.04 LTS It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4758-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.14 - 1.14.3-2ubuntu2~20.04.2 golang-1.14-doc - 1.14.3-2ubuntu2~20.04.2 golang-1.14-go - 1.14.3-2ubuntu2~20.04.2 golang-1.14-src - 1.14.3-2ubuntu2~20.04.2 No subscription required Low CVE-2020-24553 Ubuntu 20.04 LTS Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27218) Kevin Backhouse discovered that GLib incorrectly handled certain memory allocations. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27219) Update Instructions: Run `sudo pro fix USN-4759-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.2 libglib2.0-data - 2.64.6-1~ubuntu20.04.2 libglib2.0-udeb - 2.64.6-1~ubuntu20.04.2 libglib2.0-tests - 2.64.6-1~ubuntu20.04.2 libglib2.0-doc - 2.64.6-1~ubuntu20.04.2 libglib2.0-bin - 2.64.6-1~ubuntu20.04.2 libglib2.0-dev - 2.64.6-1~ubuntu20.04.2 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.2 No subscription required Medium CVE-2021-27218 CVE-2021-27219 Ubuntu 20.04 LTS It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations. Update Instructions: Run `sudo pro fix USN-4760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zstd - 1.4.4+dfsg-3ubuntu0.1 libzstd-dev - 1.4.4+dfsg-3ubuntu0.1 libzstd1 - 1.4.4+dfsg-3ubuntu0.1 libzstd1-udeb - 1.4.4+dfsg-3ubuntu0.1 No subscription required Medium CVE-2021-24031 CVE-2021-24032 Ubuntu 20.04 LTS Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.1 gitweb - 1:2.25.1-1ubuntu3.1 git-gui - 1:2.25.1-1ubuntu3.1 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.1 git-el - 1:2.25.1-1ubuntu3.1 gitk - 1:2.25.1-1ubuntu3.1 git-all - 1:2.25.1-1ubuntu3.1 git-mediawiki - 1:2.25.1-1ubuntu3.1 git-daemon-run - 1:2.25.1-1ubuntu3.1 git-man - 1:2.25.1-1ubuntu3.1 git-doc - 1:2.25.1-1ubuntu3.1 git-svn - 1:2.25.1-1ubuntu3.1 git-cvs - 1:2.25.1-1ubuntu3.1 git-email - 1:2.25.1-1ubuntu3.1 No subscription required Medium CVE-2021-21300 Ubuntu 20.04 LTS It was discovered that the OpenSSH ssh-agent incorrectly handled memory. A remote attacker able to connect to the agent could use this issue to cause it to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4762-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-server-udeb - 1:8.2p1-4ubuntu0.2 openssh-client - 1:8.2p1-4ubuntu0.2 openssh-server - 1:8.2p1-4ubuntu0.2 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.2 ssh - 1:8.2p1-4ubuntu0.2 openssh-tests - 1:8.2p1-4ubuntu0.2 openssh-client-udeb - 1:8.2p1-4ubuntu0.2 openssh-sftp-server - 1:8.2p1-4ubuntu0.2 No subscription required Medium CVE-2021-28041 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-25289, CVE-2021-25291) It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-25290) It was discovered that Pillow incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially-crafted PDF file, a remote attacker could cause Pillow to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-25292) It was discovered that Pillow incorrectly handled certain SGI image files. If a user or automated system were tricked into opening a specially-crafted SGI file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-25293) Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that Pillow incorrectly handled certain BLP files. If a user or automated system were tricked into opening a specially-crafted BLP file, a remote attacker could possibly cause Pillow to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-27921) Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that Pillow incorrectly handled certain ICNS files. If a user or automated system were tricked into opening a specially-crafted ICNS file, a remote attacker could possibly cause Pillow to consume resources, resulting in a denial of service. (CVE-2021-27922) Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that Pillow incorrectly handled certain ICO files. If a user or automated system were tricked into opening a specially-crafted ICO file, a remote attacker could possibly cause Pillow to consume resources, resulting in a denial of service. (CVE-2021-27922) Update Instructions: Run `sudo pro fix USN-4763-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.3 python-pil-doc - 7.0.0-4ubuntu0.3 python3-pil - 7.0.0-4ubuntu0.3 No subscription required Medium CVE-2021-25289 CVE-2021-25290 CVE-2021-25291 CVE-2021-25292 CVE-2021-25293 CVE-2021-27921 CVE-2021-27922 CVE-2021-27923 Ubuntu 20.04 LTS It was discovered that GLib incorrectly handled certain symlinks when replacing files. If a user or automated system were tricked into extracting a specially crafted file with File Roller, a remote attacker could possibly create files outside of the intended directory. Update Instructions: Run `sudo pro fix USN-4764-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.3 libglib2.0-data - 2.64.6-1~ubuntu20.04.3 libglib2.0-udeb - 2.64.6-1~ubuntu20.04.3 libglib2.0-tests - 2.64.6-1~ubuntu20.04.3 libglib2.0-doc - 2.64.6-1~ubuntu20.04.3 libglib2.0-bin - 2.64.6-1~ubuntu20.04.3 libglib2.0-dev - 2.64.6-1~ubuntu20.04.3 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.3 No subscription required Medium CVE-2021-28153 Ubuntu 20.04 LTS Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-11800) It was discovered that Zabbix incorrectly handled certain requests. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-2824, CVE-2017-2825) It was discovered that Zabbix incorrectly handled certain XML files. A remote attacker could possibly use this issue to read arbitrary files or potentially execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. (CVE-2014-3005) It was discovered that Zabbix incorrectly handled certain inputs. A remote attacker could possibly use this issue to execute arbitrary SQL commands. This issue only affected Ubuntu 14.04 ESM. (CVE-2016-10134, CVE-2016-4338) It was discovered that Zabbix incorrectly handled the request parameter. A remote attacker could possibly use this issue to redirect requests to external links. This issue only affected Ubuntu 14.04 ESM and Ubuntu 18.04 ESM. (CVE-2016-10742) It was discovered that Zabbix incorrectly handled failed login attempts. A remote attacker could possibly use this issue to enumerate users. (CVE-2019-15132) It was discovered that Zabbix did not properly validate input. A remote attacker could exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-15803) Update Instructions: Run `sudo pro fix USN-4767-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zabbix-java-gateway - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-frontend-php - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-server-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-server-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-sqlite3 - 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-agent - 1:4.0.17+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2014-3005 CVE-2016-10134 CVE-2016-10742 CVE-2016-4338 CVE-2017-2824 CVE-2017-2825 CVE-2019-15132 CVE-2020-11800 CVE-2020-15803 Ubuntu 20.04 LTS It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. (CVE-2016-10030) It was discovered that Slurm mishandled SPANK environment variables. An attacker could possibly use this issue to gain elevated privileges. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-15566) It was discovered that Slurm mishandled certain SQL queries. A local attacker could use this issue to gain elevated privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-7033) It was discovered that Slurm mishandled user names and group ids. A local attacker could use this issue to gain administrative privileges. This issue only affected Ubuntu 14.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-10995) It was discovered that Slurm mishandled 23-bit systems. A local attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-6438) It was discovered that Slurm incorrectly handled certain inputs when Message Aggregation is enabled. An attacker could possibly use this issue to launch a process as an arbitrary user. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12693) It was discovered that Slurm incorrectly handled certain RPC inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-27745) Jonas Stare discovered that Slurm exposes sensitive information related to the X protocol. An attacker could possibly use this issue to obtain a graphical session from an arbitrary user. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-27746) It was discovered that Slurm incorrectly handled environment parameters. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-31215) Update Instructions: Run `sudo pro fix USN-4781-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpmi0-dev - 19.05.5-1ubuntu0.1~esm1 slurmctld - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-basic-plugins-dev - 19.05.5-1ubuntu0.1~esm1 libslurmdb-perl - 19.05.5-1ubuntu0.1~esm1 libpmi0 - 19.05.5-1ubuntu0.1~esm1 slurm-wlm - 19.05.5-1ubuntu0.1~esm1 libslurm-dev - 19.05.5-1ubuntu0.1~esm1 slurm-client - 19.05.5-1ubuntu0.1~esm1 libpam-slurm - 19.05.5-1ubuntu0.1~esm1 slurmd - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-torque - 19.05.5-1ubuntu0.1~esm1 slurm-client-emulator - 19.05.5-1ubuntu0.1~esm1 libpam-slurm-adopt - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-emulator - 19.05.5-1ubuntu0.1~esm1 libpmi2-0 - 19.05.5-1ubuntu0.1~esm1 slurmdbd - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-doc - 19.05.5-1ubuntu0.1~esm1 libslurm34 - 19.05.5-1ubuntu0.1~esm1 libpmi2-0-dev - 19.05.5-1ubuntu0.1~esm1 libslurm-perl - 19.05.5-1ubuntu0.1~esm1 sview - 19.05.5-1ubuntu0.1~esm1 slurm-wlm-basic-plugins - 19.05.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2016-10030 CVE-2017-15566 CVE-2018-7033 CVE-2018-10995 CVE-2019-6438 CVE-2020-12693 CVE-2020-27745 CVE-2020-27746 CVE-2021-31215 Ubuntu 20.04 LTS It was discovered that Lynx incorrectly handled certain URLs. A remote attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 ESM. (CVE-2016-9179) It was discovered that Lynx incorrectly handled certain HTML files. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-1000211) Thorsten Glaser discovered that Lynx mishandles the userinfo subcomponents of a URI. An attacker monitoring the network could discover cleartext credentials because they may appear in SNI data. (CVE-2021-38165) Update Instructions: Run `sudo pro fix USN-4800-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lynx-common - 2.9.0dev.5-1ubuntu0.1~esm1 lynx - 2.9.0dev.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-9179 CVE-2017-1000211 CVE-2021-38165 Ubuntu 20.04 LTS Javier Nieto and Andres Rojas discovered that phpMyAdmin incorrectly managed input in the form of passwords. An attacker could use this vulnerability to cause a denial-of-service (DoS). This issue only affected Ubuntu 14.04 ESM. (CVE-2014-9218) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input in the form of database names in the PHP Array export feature. An authenticated attacker could use this vulnerability to run arbitrary PHP commands. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-6609) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute SQL injection attacks. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-6619) Emanuel Bronshtein discovered that phpMyadmin failed to properly sanitize input. An authenticated attacker could use this vulnerability to cause a denial-of-service (DoS). This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-6630) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to bypass AllowRoot restrictions and deny rules for usernames. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-9849) Emanuel Bronshtein discovered that phpMyAdmin would allow sensitive information to be leaked when the argument separator in a URL was not the default & value. An attacker could use this vulnerability to obtain the CSRF token of a user. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2016-9866) Isaac Bennetch discovered that phpMyAdmin was incorrectly restricting user access due to the behavior of the substr function on some PHP versions. An attacker could use this vulnerability to bypass login restrictions established for users that have no password set. This issue only affected Ubuntu 14.04 ESM. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-18264) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input in the form of parameters sent during a table editing operation. An attacker could use this vulnerability to trigger an endless recursion and cause a denial-of-service (DoS). This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-1000014) Emanuel Bronshtein discovered that phpMyAdmin failed to properly sanitize input used to generate a web page. An authenticated attacker could use this vulnerability to execute CSS injection attacks. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-1000015) It was discovered that phpMyAdmin incorrectly handled certain input. An attacker could use this vulnerability to execute a cross-site scripting (XSS) attack via a crafted URL. This issue only affected Ubuntu 16.04 ESM. (CVE-2018-7260) It was discovered phpMyAdmin incorrectly handled database names. An attacker could possibly use this to trigger a cross-site scripting attack. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-12581) Daniel Le Gall discovered that phpMyAdmin would expose sensitive information to unauthorized actors due to an error in its transformation feature. An authenticated attacker could use this vulnerability to leak the contents of a local file. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-19968) It was discovered that phpMyAdmin incorrectly handled user input. An attacker could possibly use this to perform a cross-site scripting attack. This issue only affected Ubuntu 16.04 ESM. (CVE-2018-19970) It was discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute an SQL injection attack via a specially crafted database name. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-11768) It was discovered that phpMyAdmin incorrectly handled some requests. An attacker could possibly use this to perform a cross site request forgery attack. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-12616) It was discovered that phpMyAdmin incorrectly handled some requests. An attacker could possibly use this to perform a cross site request forgery attack. This issue only affected Ubuntu 14.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-12922) It was discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute an SQL injection attack via a specially crafted username. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-6798) It was discovered that phpMyAdmin did not properly sanitize certain input. An attacker could use this vulnerability to possibly execute an HTML injection or a cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2019-19617) CSW Research Labs discovered that phpMyAdmin failed to properly sanitize input. An attacker could use this vulnerability to execute SQL injection attacks. This issue only affected Ubuntu 16.04 ESM. (CVE-2020-5504) Giwan Go and Yelang Lee discovered that phpMyAdmin was vulnerable to an XSS attack in the transformation feature. If a victim were to click on a crafted link, an attacker could run malicious JavaScript on the victim's system. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-26934) Andre Sá discovered that phpMyAdmin incorrectly handled certain SQL statements in the search feature. A remote, authenticated attacker could use this to inject malicious SQL into a query. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-26935) Update Instructions: Run `sudo pro fix USN-4843-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: phpmyadmin - 4:4.9.5+dfsg1-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2014-9218 CVE-2016-6609 CVE-2016-6619 CVE-2016-6630 CVE-2016-9849 CVE-2016-9866 CVE-2017-18264 CVE-2017-1000014 CVE-2017-1000015 CVE-2018-7260 CVE-2018-12581 CVE-2018-19968 CVE-2018-19970 CVE-2019-6798 CVE-2019-11768 CVE-2019-12616 CVE-2019-12922 CVE-2019-19617 CVE-2020-5504 CVE-2020-26934 CVE-2020-26935 Ubuntu 20.04 LTS It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration resulting in a denial of service, obtain sensitive information or execute arbitrary code. (CVE-2020-10699) It was discovered that targetcli-fb did not properly manage permissions for /etc/target and underneath backup directory/files. An attacker could use this issue to access sensitive information. (CVE-2020-13867) Update Instructions: Run `sudo pro fix USN-4871-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: targetcli-fb - 1:2.1.51-0ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2020-10699 CVE-2020-13867 Ubuntu 20.04 LTS It was discovered that Axel did not properly verify the certificates for hostnames. An attacker could use this vulnerability to impersonate another server and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-4872-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: axel - 2.17.5-1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13614 Ubuntu 20.04 LTS It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant. Update Instructions: Run `sudo pro fix USN-4874-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ant - 1.10.7-1ubuntu0.1~esm1 ant-doc - 1.10.7-1ubuntu0.1~esm1 ant-optional - 1.10.7-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-1945 Ubuntu 20.04 LTS It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. (CVE-2021-20239) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178) Update Instructions: Run `sudo pro fix USN-4878-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1011-gkeop - 5.4.0-1011.12 No subscription required linux-image-5.4.0-1030-raspi - 5.4.0-1030.33 No subscription required linux-image-5.4.0-1034-kvm - 5.4.0-1034.35 No subscription required linux-image-5.4.0-1038-gcp - 5.4.0-1038.41 No subscription required linux-image-5.4.0-1039-aws - 5.4.0-1039.41 No subscription required linux-image-5.4.0-1039-oracle - 5.4.0-1039.42 No subscription required linux-image-5.4.0-1041-azure - 5.4.0-1041.43 No subscription required linux-image-5.4.0-67-generic-lpae - 5.4.0-67.75 linux-image-5.4.0-67-generic - 5.4.0-67.75 linux-image-5.4.0-67-lowlatency - 5.4.0-67.75 No subscription required linux-image-gkeop-5.4 - 5.4.0.1011.14 linux-image-gkeop - 5.4.0.1011.14 No subscription required linux-image-raspi - 5.4.0.1030.65 linux-image-raspi2 - 5.4.0.1030.65 linux-image-raspi-hwe-18.04-edge - 5.4.0.1030.65 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1030.65 linux-image-raspi-hwe-18.04 - 5.4.0.1030.65 linux-image-raspi2-hwe-18.04 - 5.4.0.1030.65 No subscription required linux-image-kvm - 5.4.0.1034.32 No subscription required linux-image-gcp - 5.4.0.1038.47 No subscription required linux-image-oracle - 5.4.0.1039.36 No subscription required linux-image-aws - 5.4.0.1039.40 No subscription required linux-image-azure - 5.4.0.1041.39 No subscription required linux-image-virtual - 5.4.0.67.70 linux-image-oem-osp1 - 5.4.0.67.70 linux-image-generic-hwe-18.04 - 5.4.0.67.70 linux-image-generic-lpae-hwe-18.04 - 5.4.0.67.70 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.67.70 linux-image-generic - 5.4.0.67.70 linux-image-virtual-hwe-18.04 - 5.4.0.67.70 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.67.70 linux-image-oem - 5.4.0.67.70 linux-image-generic-hwe-18.04-edge - 5.4.0.67.70 linux-image-lowlatency-hwe-18.04 - 5.4.0.67.70 linux-image-generic-lpae - 5.4.0.67.70 linux-image-lowlatency - 5.4.0.67.70 linux-image-virtual-hwe-18.04-edge - 5.4.0.67.70 No subscription required Medium CVE-2020-36158 CVE-2021-20239 CVE-2021-3178 CVE-2021-3347 Ubuntu 20.04 LTS It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Update Instructions: Run `sudo pro fix USN-4879-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-45-generic-lpae - 5.8.0-45.51~20.04.1 linux-image-5.8.0-45-generic - 5.8.0-45.51~20.04.1 linux-image-5.8.0-45-generic-64k - 5.8.0-45.51~20.04.1 linux-image-5.8.0-45-lowlatency - 5.8.0-45.51~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-virtual-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.45.51~20.04.31 linux-image-generic-hwe-20.04 - 5.8.0.45.51~20.04.31 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.45.51~20.04.31 No subscription required Medium CVE-2020-36158 CVE-2021-20194 Ubuntu 20.04 LTS It was discovered that containerd incorrectly handled certain environment variables. Contrary to expectations, a container could receive environment variables defined for a different container, possibly containing sensitive information. Update Instructions: Run `sudo pro fix USN-4881-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.3.3-0ubuntu2.3 golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.3 No subscription required Medium CVE-2021-21334 Ubuntu 20.04 LTS It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-10663) It was discovered that Ruby incorrectly handled certain socket memory operations. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-10933) It was discovered that Ruby incorrectly handled certain transfer-encoding headers when using Webrick. A remote attacker could possibly use this issue to bypass a reverse proxy. (CVE-2020-25613) Update Instructions: Run `sudo pro fix USN-4882-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.3 ruby2.7-doc - 2.7.0-5ubuntu1.3 ruby2.7-dev - 2.7.0-5ubuntu1.3 libruby2.7 - 2.7.0-5ubuntu1.3 No subscription required Medium CVE-2020-10663 CVE-2020-10933 CVE-2020-25613 Ubuntu 20.04 LTS Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348) Update Instructions: Run `sudo pro fix USN-4884-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1017-oem - 5.10.0-1017.18 No subscription required linux-image-oem-20.04b - 5.10.0.1017.18 linux-image-oem-20.04-edge - 5.10.0.1017.18 No subscription required Medium CVE-2021-20194 CVE-2021-3347 CVE-2021-3348 Ubuntu 20.04 LTS It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially crafted SML file, a remote attacker could cause Pygments to hang, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4885-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pygments-doc - 2.3.1+dfsg-1ubuntu2.1 python3-pygments - 2.3.1+dfsg-1ubuntu2.1 python-pygments - 2.3.1+dfsg-1ubuntu2.1 No subscription required Medium CVE-2021-20270 Ubuntu 20.04 LTS It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20213, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, CVE-2021-20272, CVE-2021-20273, CVE-2021-20275) It was discovered that Privoxy incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2021-20212, CVE-2021-20276) It was discovered that Privoxy incorrectly handled client tags. An attacker could possibly use this issue to cause Privoxy to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-20211) It was discovered that Privoxy incorrectly handled client tags. An attacker could possibly use this issue to cause Privoxy to consume resources, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-20214) Update Instructions: Run `sudo pro fix USN-4886-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: privoxy - 3.0.28-2ubuntu0.1 No subscription required Medium CVE-2020-35502 CVE-2021-20209 CVE-2021-20210 CVE-2021-20211 CVE-2021-20212 CVE-2021-20213 CVE-2021-20214 CVE-2021-20215 CVE-2021-20216 CVE-2021-20217 CVE-2021-20272 CVE-2021-20273 CVE-2021-20275 CVE-2021-20276 Ubuntu 20.04 LTS De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2021-3444) Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170) Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363) Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364) Update Instructions: Run `sudo pro fix USN-4887-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1019-oem - 5.10.0-1019.20 No subscription required linux-image-oem-20.04b - 5.10.0.1019.20 linux-image-oem-20.04-edge - 5.10.0.1019.20 No subscription required linux-image-5.4.0-1012-gkeop - 5.4.0-1012.13 No subscription required linux-image-5.4.0-1032-raspi - 5.4.0-1032.35 No subscription required linux-image-5.4.0-1036-kvm - 5.4.0-1036.37 No subscription required linux-image-5.4.0-1040-gcp - 5.4.0-1040.43 No subscription required linux-image-5.4.0-1041-aws - 5.4.0-1041.43 No subscription required linux-image-5.4.0-1041-oracle - 5.4.0-1041.44 No subscription required linux-image-5.4.0-1043-azure - 5.4.0-1043.45 No subscription required linux-image-5.4.0-70-generic-lpae - 5.4.0-70.78 linux-image-5.4.0-70-generic - 5.4.0-70.78 linux-image-5.4.0-70-lowlatency - 5.4.0-70.78 No subscription required linux-image-gkeop-5.4 - 5.4.0.1012.15 linux-image-gkeop - 5.4.0.1012.15 No subscription required linux-image-raspi - 5.4.0.1032.67 linux-image-raspi2 - 5.4.0.1032.67 linux-image-raspi-hwe-18.04-edge - 5.4.0.1032.67 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1032.67 linux-image-raspi-hwe-18.04 - 5.4.0.1032.67 linux-image-raspi2-hwe-18.04 - 5.4.0.1032.67 No subscription required linux-image-kvm - 5.4.0.1036.34 No subscription required linux-image-gcp - 5.4.0.1040.49 No subscription required linux-image-oracle - 5.4.0.1041.38 No subscription required linux-image-aws - 5.4.0.1041.42 No subscription required linux-image-azure - 5.4.0.1043.41 No subscription required linux-image-oem-osp1 - 5.4.0.70.73 linux-image-generic-hwe-18.04 - 5.4.0.70.73 linux-image-generic-lpae-hwe-18.04 - 5.4.0.70.73 linux-image-virtual - 5.4.0.70.73 linux-image-lowlatency-hwe-18.04 - 5.4.0.70.73 linux-image-generic - 5.4.0.70.73 linux-image-virtual-hwe-18.04 - 5.4.0.70.73 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.70.73 linux-image-generic-hwe-18.04-edge - 5.4.0.70.73 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.70.73 linux-image-oem - 5.4.0.70.73 linux-image-generic-lpae - 5.4.0.70.73 linux-image-lowlatency - 5.4.0.70.73 linux-image-virtual-hwe-18.04-edge - 5.4.0.70.73 No subscription required linux-image-5.6.0-1052-oem - 5.6.0-1052.56 No subscription required linux-image-oem-20.04 - 5.6.0.1052.48 No subscription required linux-image-5.8.0-48-lowlatency - 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic - 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic-64k - 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic-lpae - 5.8.0-48.54~20.04.1 No subscription required linux-image-generic-64k-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-generic-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-virtual-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-generic-lpae-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-virtual-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-generic-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-generic-64k-hwe-20.04 - 5.8.0.48.54~20.04.32 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.48.54~20.04.32 linux-image-lowlatency-hwe-20.04 - 5.8.0.48.54~20.04.32 No subscription required High CVE-2020-27170 CVE-2020-27171 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-3444 Ubuntu 20.04 LTS Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. (CVE-2021-20277) Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain DN strings. A remote attacker could use this issue to cause the LDAP server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-27840) Update Instructions: Run `sudo pro fix USN-4888-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldb-tools - 2:2.0.10-0ubuntu0.20.04.3 libldb2 - 2:2.0.10-0ubuntu0.20.04.3 python3-ldb - 2:2.0.10-0ubuntu0.20.04.3 libldb-dev - 2:2.0.10-0ubuntu0.20.04.3 python3-ldb-dev - 2:2.0.10-0ubuntu0.20.04.3 No subscription required High CVE-2020-27840 CVE-2021-20277 Ubuntu 20.04 LTS It was discovered that OpenSSL incorrectly handled certain renegotiation ClientHello messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4891-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcrypto1.1-udeb - 1.1.1f-1ubuntu2.3 libssl-dev - 1.1.1f-1ubuntu2.3 openssl - 1.1.1f-1ubuntu2.3 libssl-doc - 1.1.1f-1ubuntu2.3 libssl1.1-udeb - 1.1.1f-1ubuntu2.3 libssl1.1 - 1.1.1f-1ubuntu2.3 No subscription required High CVE-2021-3449 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm. Update Instructions: Run `sudo pro fix USN-4892-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jre-zero - 11.0.11+9-0ubuntu2~20.04 openjdk-11-doc - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jre-headless - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jdk - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jdk-headless - 11.0.11+9-0ubuntu2~20.04 openjdk-11-jre - 11.0.11+9-0ubuntu2~20.04 openjdk-11-demo - 11.0.11+9-0ubuntu2~20.04 No subscription required openjdk-8-source - 8u292-b10-0ubuntu1~20.04 openjdk-8-doc - 8u292-b10-0ubuntu1~20.04 openjdk-8-jdk - 8u292-b10-0ubuntu1~20.04 openjdk-8-jre-headless - 8u292-b10-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u292-b10-0ubuntu1~20.04 openjdk-8-jre - 8u292-b10-0ubuntu1~20.04 openjdk-8-jre-zero - 8u292-b10-0ubuntu1~20.04 openjdk-8-demo - 8u292-b10-0ubuntu1~20.04 No subscription required Medium CVE-2021-2163 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23987, CVE-2021-23988) It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spook a website and trick the user into providing credentials. (CVE-2021-23984) It was discovered that the DevTools remote debugging feature could be enabled without an indication to the user. If a local attacker could modify the browser configuration, a remote attacker could potentially exploit this to obtain sensitive information. (CVE-2021-23985) It was discovered that extensions could read the response of cross origin requests in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information. (CVE-2021-23986) Update Instructions: Run `sudo pro fix USN-4893-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-nn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ne - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-nb - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fa - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fi - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-fy - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-or - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-kab - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-oc - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-cs - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ga - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gd - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-gu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-pa - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-pl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-cy - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-pt - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-szl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hi - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-uk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-he - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hy - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-as - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ar - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ia - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-az - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-id - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mai - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-af - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-is - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-it - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-an - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-bs - 87.0+build3-0ubuntu0.20.04.2 firefox - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ro - 87.0+build3-0ubuntu0.20.04.2 firefox-geckodriver - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ja - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ru - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-br - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hant - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hans - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-bn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-be - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-bg - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sl - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-si - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sw - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sv - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-sq - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ko - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-kn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-km - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-kk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ka - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-xh - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ca - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ku - 87.0+build3-0ubuntu0.20.04.2 firefox-mozsymbols - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-lv - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-lt - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-th - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-hsb - 87.0+build3-0ubuntu0.20.04.2 firefox-dev - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-te - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-cak - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ta - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-lg - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-csb - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-tr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-nso - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-de - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-da - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ms - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mr - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-my - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-uz - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ml - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mn - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-mk - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ur - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-eu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-et - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-es - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-vi - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-el - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-eo - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-en - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-zu - 87.0+build3-0ubuntu0.20.04.2 firefox-locale-ast - 87.0+build3-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-23981 CVE-2021-23982 CVE-2021-23983 CVE-2021-23984 CVE-2021-23985 CVE-2021-23986 CVE-2021-23987 CVE-2021-23988 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4894-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.30.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.30.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.30.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.30.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.30.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.30.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.30.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1789 CVE-2021-1799 CVE-2021-1801 CVE-2021-1870 Ubuntu 20.04 LTS Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15049) Jianjun Chen discovered that Squid incorrectly validated certain input. A remote attacker could use this issue to perform HTTP Request Smuggling and possibly access services forbidden by the security controls. (CVE-2020-25097) Update Instructions: Run `sudo pro fix USN-4895-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.3 squidclient - 4.10-1ubuntu1.3 squid-purge - 4.10-1ubuntu1.3 squid - 4.10-1ubuntu1.3 squid-cgi - 4.10-1ubuntu1.3 No subscription required Medium CVE-2020-15049 CVE-2020-25097 Ubuntu 20.04 LTS It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-4896-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.3 python-lxml - 4.5.0-1ubuntu0.3 python-lxml-doc - 4.5.0-1ubuntu0.3 No subscription required Medium CVE-2021-28957 Ubuntu 20.04 LTS Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4897-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pygments-doc - 2.3.1+dfsg-1ubuntu2.2 python3-pygments - 2.3.1+dfsg-1ubuntu2.2 python-pygments - 2.3.1+dfsg-1ubuntu2.2 No subscription required Medium CVE-2021-27291 Ubuntu 20.04 LTS Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-22876) Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-22890) Update Instructions: Run `sudo pro fix USN-4898-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.5 libcurl4-openssl-dev - 7.68.0-1ubuntu2.5 libcurl3-gnutls - 7.68.0-1ubuntu2.5 libcurl4-doc - 7.68.0-1ubuntu2.5 libcurl3-nss - 7.68.0-1ubuntu2.5 libcurl4-nss-dev - 7.68.0-1ubuntu2.5 libcurl4 - 7.68.0-1ubuntu2.5 curl - 7.68.0-1ubuntu2.5 No subscription required Medium CVE-2021-22876 CVE-2021-22890 Ubuntu 20.04 LTS Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code. Update Instructions: Run `sudo pro fix USN-4899-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spamassassin - 3.4.4-1ubuntu1.1 sa-compile - 3.4.4-1ubuntu1.1 spamc - 3.4.4-1ubuntu1.1 No subscription required Medium CVE-2020-1946 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4900-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.5 openexr - 2.3.0-6ubuntu0.5 libopenexr24 - 2.3.0-6ubuntu0.5 openexr-doc - 2.3.0-6ubuntu0.5 No subscription required Medium CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVE-2021-3477 CVE-2021-3478 CVE-2021-3479 Ubuntu 20.04 LTS Dennis Brinkrolf discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories. Update Instructions: Run `sudo pro fix USN-4902-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.5 python-django-doc - 2:2.2.12-1ubuntu0.5 No subscription required Low CVE-2021-28658 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4905-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.9-2ubuntu1.2~20.04.2 xwayland - 2:1.20.9-2ubuntu1.2~20.04.2 xorg-server-source - 2:1.20.9-2ubuntu1.2~20.04.2 xdmx - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xorg-dev - 2:1.20.9-2ubuntu1.2~20.04.2 xvfb - 2:1.20.9-2ubuntu1.2~20.04.2 xnest - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xorg-legacy - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-common - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xephyr - 2:1.20.9-2ubuntu1.2~20.04.2 xserver-xorg-core-udeb - 2:1.20.9-2ubuntu1.2~20.04.2 xdmx-tools - 2:1.20.9-2ubuntu1.2~20.04.2 No subscription required Medium CVE-2021-3472 Ubuntu 20.04 LTS It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures. Update Instructions: Run `sudo pro fix USN-4906-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnettle7 - 3.5.1+really3.5.1-2ubuntu0.1 nettle-bin - 3.5.1+really3.5.1-2ubuntu0.1 libhogweed5 - 3.5.1+really3.5.1-2ubuntu0.1 nettle-dev - 3.5.1+really3.5.1-2ubuntu0.1 No subscription required Medium CVE-2021-20305 Ubuntu 20.04 LTS Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930) Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26931) It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348) Update Instructions: Run `sudo pro fix USN-4909-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1013-gkeop - 5.4.0-1013.14 No subscription required linux-image-5.4.0-1033-raspi - 5.4.0-1033.36 No subscription required linux-image-5.4.0-1037-kvm - 5.4.0-1037.38 No subscription required linux-image-5.4.0-1041-gcp - 5.4.0-1041.44 No subscription required linux-image-5.4.0-1042-oracle - 5.4.0-1042.45 No subscription required linux-image-5.4.0-1043-aws - 5.4.0-1043.45 No subscription required linux-image-5.4.0-1044-azure - 5.4.0-1044.46 No subscription required linux-image-5.4.0-71-generic - 5.4.0-71.79 linux-image-5.4.0-71-lowlatency - 5.4.0-71.79 linux-image-5.4.0-71-generic-lpae - 5.4.0-71.79 No subscription required linux-image-gkeop-5.4 - 5.4.0.1013.16 linux-image-gkeop - 5.4.0.1013.16 No subscription required linux-image-raspi - 5.4.0.1033.68 linux-image-raspi2 - 5.4.0.1033.68 linux-image-raspi-hwe-18.04-edge - 5.4.0.1033.68 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1033.68 linux-image-raspi-hwe-18.04 - 5.4.0.1033.68 linux-image-raspi2-hwe-18.04 - 5.4.0.1033.68 No subscription required linux-image-kvm - 5.4.0.1037.35 No subscription required linux-image-gcp - 5.4.0.1041.50 No subscription required linux-image-oracle - 5.4.0.1042.39 No subscription required linux-image-aws - 5.4.0.1043.44 No subscription required linux-image-azure - 5.4.0.1044.42 No subscription required linux-image-oem-osp1 - 5.4.0.71.74 linux-image-generic-hwe-18.04 - 5.4.0.71.74 linux-image-generic-lpae-hwe-18.04 - 5.4.0.71.74 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.71.74 linux-image-virtual - 5.4.0.71.74 linux-image-lowlatency-hwe-18.04 - 5.4.0.71.74 linux-image-generic - 5.4.0.71.74 linux-image-virtual-hwe-18.04 - 5.4.0.71.74 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.71.74 linux-image-oem - 5.4.0.71.74 linux-image-generic-hwe-18.04-edge - 5.4.0.71.74 linux-image-generic-lpae - 5.4.0.71.74 linux-image-lowlatency - 5.4.0.71.74 linux-image-virtual-hwe-18.04-edge - 5.4.0.71.74 No subscription required Medium CVE-2021-20194 CVE-2021-26930 CVE-2021-26931 CVE-2021-3348 Ubuntu 20.04 LTS Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. (CVE-2021-20239) It was discovered that the BPF verifier in the Linux kernel did not properly handle signed add32 and sub integer overflows. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-20268) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178) Update Instructions: Run `sudo pro fix USN-4910-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-49-lowlatency - 5.8.0-49.55~20.04.1 linux-image-5.8.0-49-generic - 5.8.0-49.55~20.04.1 linux-image-5.8.0-49-generic-lpae - 5.8.0-49.55~20.04.1 linux-image-5.8.0-49-generic-64k - 5.8.0-49.55~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-virtual-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-generic-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-generic-lpae-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-generic-64k-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-lowlatency-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.49.55~20.04.33 linux-image-generic-hwe-20.04 - 5.8.0.49.55~20.04.33 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.49.55~20.04.33 No subscription required Medium CVE-2021-20239 CVE-2021-20268 CVE-2021-3178 CVE-2021-3347 CVE-2021-3348 Ubuntu 20.04 LTS It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950) Update Instructions: Run `sudo pro fix USN-4911-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1021-oem - 5.10.0-1021.22 No subscription required linux-image-oem-20.04b - 5.10.0.1021.22 linux-image-oem-20.04-edge - 5.10.0.1021.22 No subscription required Medium CVE-2020-25639 CVE-2021-28038 CVE-2021-28375 CVE-2021-28950 Ubuntu 20.04 LTS Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154) It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423) It was discovered that the HID multitouch implementation within the Linux kernel did not properly validate input events in some situations. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0465) It was discovered that the eventpoll (aka epoll) implementation in the Linux kernel contained a logic error that could lead to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0466) It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351) It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390) It was discovered that a race condition existed in the hugetlb sysctl implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-25285) It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645) Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830) It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Adam Zabrocki discovered that the kprobes subsystem in the Linux kernel did not properly detect linker padding in some situations. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2021-3411) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178) Update Instructions: Run `sudo pro fix USN-4912-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1053-oem - 5.6.0-1053.57 No subscription required linux-image-oem-20.04 - 5.6.0.1053.49 No subscription required High CVE-2020-0423 CVE-2020-0465 CVE-2020-0466 CVE-2020-14351 CVE-2020-14390 CVE-2020-25285 CVE-2020-25645 CVE-2020-25669 CVE-2020-27830 CVE-2020-36158 CVE-2021-20194 CVE-2021-29154 CVE-2021-3178 CVE-2021-3411 Ubuntu 20.04 LTS It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code. Update Instructions: Run `sudo pro fix USN-4913-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjs-underscore - 1.9.1~dfsg-1ubuntu0.20.04.1 node-underscore - 1.9.1~dfsg-1ubuntu0.20.04.1 No subscription required Medium CVE-2021-23358 Ubuntu 20.04 LTS It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492) Update Instructions: Run `sudo pro fix USN-4915-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1054-oem - 5.6.0-1054.58 No subscription required linux-image-oem-20.04 - 5.6.0.1054.50 No subscription required High CVE-2021-3492 CVE-2021-3493 Ubuntu 20.04 LTS USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154) Update Instructions: Run `sudo pro fix USN-4916-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1055-oem - 5.6.0-1055.59 No subscription required linux-image-oem-20.04 - 5.6.0.1055.51 No subscription required None https://launchpad.net/bugs/1924611 Ubuntu 20.04 LTS It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154) Update Instructions: Run `sudo pro fix USN-4917-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1022-oem - 5.10.0-1022.23 No subscription required linux-image-oem-20.04b - 5.10.0.1022.23 linux-image-oem-20.04-edge - 5.10.0.1022.23 No subscription required linux-image-5.4.0-1014-gkeop - 5.4.0-1014.15 No subscription required linux-image-5.4.0-1034-raspi - 5.4.0-1034.37 No subscription required linux-image-5.4.0-1038-kvm - 5.4.0-1038.39 No subscription required linux-image-5.4.0-1042-gcp - 5.4.0-1042.45 No subscription required linux-image-5.4.0-1043-oracle - 5.4.0-1043.46 No subscription required linux-image-5.4.0-1045-aws - 5.4.0-1045.47 No subscription required linux-image-5.4.0-1046-azure - 5.4.0-1046.48 No subscription required linux-image-5.4.0-72-generic - 5.4.0-72.80 linux-image-5.4.0-72-generic-lpae - 5.4.0-72.80 linux-image-5.4.0-72-lowlatency - 5.4.0-72.80 No subscription required linux-image-gkeop-5.4 - 5.4.0.1014.17 linux-image-gkeop - 5.4.0.1014.17 No subscription required linux-image-raspi - 5.4.0.1034.69 linux-image-raspi2 - 5.4.0.1034.69 linux-image-raspi-hwe-18.04-edge - 5.4.0.1034.69 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1034.69 linux-image-raspi-hwe-18.04 - 5.4.0.1034.69 linux-image-raspi2-hwe-18.04 - 5.4.0.1034.69 No subscription required linux-image-kvm - 5.4.0.1038.36 No subscription required linux-image-gcp - 5.4.0.1042.51 No subscription required linux-image-oracle - 5.4.0.1043.40 No subscription required linux-image-aws - 5.4.0.1045.46 No subscription required linux-image-azure - 5.4.0.1046.44 No subscription required linux-image-oem-osp1 - 5.4.0.72.75 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.72.75 linux-image-generic-hwe-18.04 - 5.4.0.72.75 linux-image-generic-lpae-hwe-18.04 - 5.4.0.72.75 linux-image-virtual - 5.4.0.72.75 linux-image-lowlatency-hwe-18.04 - 5.4.0.72.75 linux-image-generic - 5.4.0.72.75 linux-image-virtual-hwe-18.04 - 5.4.0.72.75 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.72.75 linux-image-oem - 5.4.0.72.75 linux-image-generic-hwe-18.04-edge - 5.4.0.72.75 linux-image-generic-lpae - 5.4.0.72.75 linux-image-lowlatency - 5.4.0.72.75 linux-image-virtual-hwe-18.04-edge - 5.4.0.72.75 No subscription required linux-image-5.8.0-50-generic-64k - 5.8.0-50.56~20.04.1 linux-image-5.8.0-50-generic - 5.8.0-50.56~20.04.1 linux-image-5.8.0-50-generic-lpae - 5.8.0-50.56~20.04.1 linux-image-5.8.0-50-lowlatency - 5.8.0-50.56~20.04.1 No subscription required linux-image-generic-64k-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-generic-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-virtual-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-generic-lpae-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-virtual-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-generic-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-generic-64k-hwe-20.04 - 5.8.0.50.56~20.04.34 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.50.56~20.04.34 linux-image-lowlatency-hwe-20.04 - 5.8.0.50.56~20.04.34 No subscription required High CVE-2021-29154 CVE-2021-3492 CVE-2021-3493 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2021-1252) It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1404) It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1405) Update Instructions: Run `sudo pro fix USN-4918-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.2+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.2+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.2+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.2+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1252 CVE-2021-1404 CVE-2021-1405 Ubuntu 20.04 LTS USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2021-1252) It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1404) It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1405) Update Instructions: Run `sudo pro fix USN-4918-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-testfiles - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-base - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-daemon - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-milter - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-docs - 0.103.2+dfsg-0ubuntu0.20.04.2 clamav-freshclam - 0.103.2+dfsg-0ubuntu0.20.04.2 libclamav9 - 0.103.2+dfsg-0ubuntu0.20.04.2 clamdscan - 0.103.2+dfsg-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/1926300 Ubuntu 20.04 LTS It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code. (CVE-2019-13132) It was discovered that ZeroMQ mishandled certain network traffic. An unauthenticated attacker could use this vulnerability to cause a denial-of- service and prevent legitimate clients from communicating with ZeroMQ. (CVE-2020-15166) It was discovered that ZeroMQ did not properly manage memory under certain circumstances. If a user or automated system were tricked into connecting to one or multiple compromised servers, a remote attacker could use this issue to cause a denial of service. (CVE-2021-20234) It was discovered that ZeroMQ incorrectly handled memory when processing messages with arbitrarily large sizes under certain circumstances. A remote unauthenticated attacker could use this issue to cause a ZeroMQ server to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20235) It was discovered that ZeroMQ did not properly manage memory under certain circumstances. A remote unauthenticated attacker could use this issue to cause a ZeroMQ server to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20237) Update Instructions: Run `sudo pro fix USN-4920-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzmq5 - 4.3.2-2ubuntu1.20.04.1~esm2 libzmq3-dev - 4.3.2-2ubuntu1.20.04.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2019-13132 CVE-2020-15166 CVE-2021-20234 CVE-2021-20235 CVE-2021-20237 Ubuntu 20.04 LTS It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4921-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: caca-utils - 0.99.beta19-2.1ubuntu1.20.04.1 libcaca-dev - 0.99.beta19-2.1ubuntu1.20.04.1 libcaca0 - 0.99.beta19-2.1ubuntu1.20.04.1 No subscription required Medium CVE-2021-3410 Ubuntu 20.04 LTS Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Update Instructions: Run `sudo pro fix USN-4922-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.4 ruby2.7-doc - 2.7.0-5ubuntu1.4 libruby2.7 - 2.7.0-5ubuntu1.4 ruby2.7-dev - 2.7.0-5ubuntu1.4 No subscription required Medium CVE-2021-28965 Ubuntu 20.04 LTS Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. (CVE-2021-28210) Satoshi Tanda discovered that EDK II incorrectly handled decompressing certain images. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-28211) Update Instructions: Run `sudo pro fix USN-4923-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.2 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.2 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.2 ovmf - 0~20191122.bd85bf54-2ubuntu3.2 No subscription required Medium CVE-2021-28210 CVE-2021-28211 Ubuntu 20.04 LTS Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content. Update Instructions: Run `sudo pro fix USN-4925-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: shibboleth-sp2-common - 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp2-utils - 3.0.4+dfsg1-1ubuntu0.1 libapache2-mod-shib2 - 3.0.4+dfsg1-1ubuntu0.1 libshibsp-plugins - 3.0.4+dfsg1-1ubuntu0.1 libshibsp8 - 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp-utils - 3.0.4+dfsg1-1ubuntu0.1 libshibsp-doc - 3.0.4+dfsg1-1ubuntu0.1 libapache2-mod-shib - 3.0.4+dfsg1-1ubuntu0.1 libshibsp-dev - 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp-common - 3.0.4+dfsg1-1ubuntu0.1 No subscription required Medium CVE-2021-28963 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. (CVE-2021-23994, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946, CVE-2021-29947) A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-23995) It was discovered that Firefox mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. (CVE-2021-24002) Update Instructions: Run `sudo pro fix USN-4926-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 88.0+build2-0ubuntu0.20.04.1 firefox - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 88.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 88.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 88.0+build2-0ubuntu0.20.04.1 firefox-dev - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 88.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 88.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23994 CVE-2021-23995 CVE-2021-23996 CVE-2021-23997 CVE-2021-23998 CVE-2021-23999 CVE-2021-24000 CVE-2021-24001 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 CVE-2021-29947 Ubuntu 20.04 LTS It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4927-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: file-roller - 3.36.3-0ubuntu1.1 No subscription required Medium CVE-2020-36314 Ubuntu 20.04 LTS It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. (CVE-2021-3497) It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3498) Update Instructions: Run `sudo pro fix USN-4928-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.2-1ubuntu2.1 gstreamer1.0-pulseaudio - 1.16.2-1ubuntu2.1 gstreamer1.0-plugins-good-doc - 1.16.2-1ubuntu2.1 libgstreamer-plugins-good1.0-dev - 1.16.2-1ubuntu2.1 libgstreamer-plugins-good1.0-0 - 1.16.2-1ubuntu2.1 gstreamer1.0-plugins-good - 1.16.2-1ubuntu2.1 gstreamer1.0-qt5 - 1.16.2-1ubuntu2.1 No subscription required Medium CVE-2021-3497 CVE-2021-3498 Ubuntu 20.04 LTS Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2021-25214) Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2021-25215) It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-25216) Update Instructions: Run `sudo pro fix USN-4929-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.8 bind9-libs - 1:9.16.1-0ubuntu2.8 bind9utils - 1:9.16.1-0ubuntu2.8 bind9-doc - 1:9.16.1-0ubuntu2.8 bind9-utils - 1:9.16.1-0ubuntu2.8 bind9 - 1:9.16.1-0ubuntu2.8 bind9-dnsutils - 1:9.16.1-0ubuntu2.8 bind9-host - 1:9.16.1-0ubuntu2.8 No subscription required Medium CVE-2021-25214 CVE-2021-25215 CVE-2021-25216 Ubuntu 20.04 LTS Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour. Update Instructions: Run `sudo pro fix USN-4930-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.11.6+dfsg-0ubuntu1.8 samba - 2:4.11.6+dfsg-0ubuntu1.8 libnss-winbind - 2:4.11.6+dfsg-0ubuntu1.8 libpam-winbind - 2:4.11.6+dfsg-0ubuntu1.8 libsmbclient - 2:4.11.6+dfsg-0ubuntu1.8 smbclient - 2:4.11.6+dfsg-0ubuntu1.8 winbind - 2:4.11.6+dfsg-0ubuntu1.8 samba-testsuite - 2:4.11.6+dfsg-0ubuntu1.8 python3-samba - 2:4.11.6+dfsg-0ubuntu1.8 samba-common-bin - 2:4.11.6+dfsg-0ubuntu1.8 libwbclient0 - 2:4.11.6+dfsg-0ubuntu1.8 samba-dsdb-modules - 2:4.11.6+dfsg-0ubuntu1.8 samba-dev - 2:4.11.6+dfsg-0ubuntu1.8 libsmbclient-dev - 2:4.11.6+dfsg-0ubuntu1.8 samba-vfs-modules - 2:4.11.6+dfsg-0ubuntu1.8 samba-common - 2:4.11.6+dfsg-0ubuntu1.8 registry-tools - 2:4.11.6+dfsg-0ubuntu1.8 samba-libs - 2:4.11.6+dfsg-0ubuntu1.8 ctdb - 2:4.11.6+dfsg-0ubuntu1.8 No subscription required Medium CVE-2021-20254 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories. Update Instructions: Run `sudo pro fix USN-4932-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.6 python-django-doc - 2:2.2.12-1ubuntu0.6 No subscription required Medium CVE-2021-31542 Ubuntu 20.04 LTS It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11810) It was discovered that OpenVPN incorrectly handled deferred authentication. When a server is configured to use deferred authentication, a remote attacker could possibly use this issue to bypass authentication and access control channel data. (CVE-2020-15078) Update Instructions: Run `sudo pro fix USN-4933-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvpn - 2.4.7-1ubuntu2.20.04.2 No subscription required Medium CVE-2020-11810 CVE-2020-15078 Ubuntu 20.04 LTS It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges. Update Instructions: Run `sudo pro fix USN-4934-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.5 eximon4 - 4.93-13ubuntu1.5 exim4 - 4.93-13ubuntu1.5 exim4-daemon-light - 4.93-13ubuntu1.5 exim4-config - 4.93-13ubuntu1.5 exim4-daemon-heavy - 4.93-13ubuntu1.5 exim4-base - 4.93-13ubuntu1.5 No subscription required Medium CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28018 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2021-27216 Ubuntu 20.04 LTS It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. (CVE-2021-1076) It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed reference counting. A local attacker could use this issue to cause a denial of service. (CVE-2021-1077) Update Instructions: Run `sudo pro fix USN-4935-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.143-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.143-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.143-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.143-0ubuntu0.20.04.1 nvidia-utils-390 - 390.143-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.143-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.143-0ubuntu0.20.04.1 nvidia-driver-390 - 390.143-0ubuntu0.20.04.1 nvidia-384-dev - 390.143-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.143-0ubuntu0.20.04.1 libcuda1-384 - 390.143-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.143-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.143-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.143-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.143-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.143-0ubuntu0.20.04.1 nvidia-headless-390 - 390.143-0ubuntu0.20.04.1 libnvidia-common-390 - 390.143-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.143-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.143-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.143-0ubuntu0.20.04.1 nvidia-384 - 390.143-0ubuntu0.20.04.1 No subscription required xserver-xorg-video-nvidia-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-kernel-common-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-decode-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-ifr1-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-compute-utils-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-gl-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-fbc1-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-driver-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-utils-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-common-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-compute-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-headless-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-encode-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-kernel-source-418-server - 418.197.02-0ubuntu0.20.04.1 libnvidia-cfg1-418-server - 418.197.02-0ubuntu0.20.04.1 nvidia-dkms-418-server - 418.197.02-0ubuntu0.20.04.1 No subscription required libnvidia-compute-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-compute-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-common-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-driver-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-common-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-440 - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-kernel-source-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-ifr1-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-headless-440 - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-450 - 450.119.03-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.119.03-0ubuntu0.20.04.1 nvidia-utils-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.119.03-0ubuntu0.20.04.1 nvidia-dkms-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-fbc1-440 - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.119.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.119.03-0ubuntu0.20.04.1 libnvidia-compute-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-extra-450 - 450.119.03-0ubuntu0.20.04.1 libnvidia-gl-440 - 450.119.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-gl-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-utils-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-encode-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-fbc1-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-compute-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-gl-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-common-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-gl-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 460.73.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-cfg1-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-utils-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-decode-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-compute-460 - 460.73.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-driver-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-encode-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-common-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-dkms-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-extra-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-compute-utils-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-common-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-dkms-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-extra-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-driver-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-source-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-ifr1-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-decode-460 - 460.73.01-0ubuntu0.20.04.1 libnvidia-encode-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-utils-455 - 460.73.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 460.73.01-0ubuntu0.20.04.1 libnvidia-decode-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 460.73.01-0ubuntu0.20.04.1 nvidia-dkms-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-headless-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-extra-455 - 460.73.01-0ubuntu0.20.04.1 libnvidia-compute-455 - 460.73.01-0ubuntu0.20.04.1 nvidia-driver-460-server - 460.73.01-0ubuntu0.20.04.1 No subscription required High CVE-2021-1076 CVE-2021-1077 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978) It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. (CVE-2021-29950) Update Instructions: Run `sudo pro fix USN-4936-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:78.8.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:78.8.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:78.8.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:78.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:78.8.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978 CVE-2021-29950 Ubuntu 20.04 LTS Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4937-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.3 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.3 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.3 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.3 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.3 libgnome-autoar-doc - 0.2.3-2ubuntu0.3 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.3 No subscription required Medium CVE-2021-28650 Ubuntu 20.04 LTS USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem. Original advisory details: Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update Instructions: Run `sudo pro fix USN-4937-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgnome-autoar-0-dev - 0.2.3-2ubuntu0.4 libgnome-autoar-gtk-0-0 - 0.2.3-2ubuntu0.4 gir1.2-gnomeautoar-0.1 - 0.2.3-2ubuntu0.4 libgnome-autoar-gtk-0-dev - 0.2.3-2ubuntu0.4 gir1.2-gnomeautoargtk-0.1 - 0.2.3-2ubuntu0.4 libgnome-autoar-doc - 0.2.3-2ubuntu0.4 libgnome-autoar-0-0 - 0.2.3-2ubuntu0.4 No subscription required None https://launchpad.net/bugs/1929304 Ubuntu 20.04 LTS It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files. Update Instructions: Run `sudo pro fix USN-4938-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.2 python3-unbound - 1.9.4-2ubuntu1.2 libunbound8 - 1.9.4-2ubuntu1.2 python-unbound - 1.9.4-2ubuntu1.2 unbound-anchor - 1.9.4-2ubuntu1.2 unbound-host - 1.9.4-2ubuntu1.2 libunbound-dev - 1.9.4-2ubuntu1.2 No subscription required Medium CVE-2019-25031 CVE-2019-25032 CVE-2019-25033 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 CVE-2019-25041 CVE-2019-25042 CVE-2020-28935 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-4939-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.32.0-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.32.0-0ubuntu0.20.04.1 webkit2gtk-driver - 2.32.0-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.32.0-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.32.0-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.32.0-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.32.0-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1788 CVE-2021-1844 CVE-2021-1871 Ubuntu 20.04 LTS It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4940-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-yaml - 5.3.1-1ubuntu0.1 python3-yaml - 5.3.1-1ubuntu0.1 No subscription required Medium CVE-2020-14343 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-29457) It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-29458, CVE-2021-29470) It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-3482) Update Instructions: Run `sudo pro fix USN-4941-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.2 libexiv2-27 - 0.27.2-8ubuntu2.2 libexiv2-doc - 0.27.2-8ubuntu2.2 libexiv2-dev - 0.27.2-8ubuntu2.2 No subscription required Medium CVE-2021-29457 CVE-2021-29458 CVE-2021-29470 CVE-2021-3482 Ubuntu 20.04 LTS A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4942-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ne - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nb - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fa - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fi - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fy - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-or - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kab - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-oc - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cs - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ga - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gd - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pa - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cy - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pt - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-szl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hi - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-he - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hy - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-as - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ar - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ia - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-az - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-id - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mai - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-af - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-is - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-it - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-an - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bs - 88.0.1+build1-0ubuntu0.20.04.2 firefox - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ro - 88.0.1+build1-0ubuntu0.20.04.2 firefox-geckodriver - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ja - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ru - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-br - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hant - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hans - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-be - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bg - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sl - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-si - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sw - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sv - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sq - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ko - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-km - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ka - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-xh - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ca - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ku - 88.0.1+build1-0ubuntu0.20.04.2 firefox-mozsymbols - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lv - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lt - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-th - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hsb - 88.0.1+build1-0ubuntu0.20.04.2 firefox-dev - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-te - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cak - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ta - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lg - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-tr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nso - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-de - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-da - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ms - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mr - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-my - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uz - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ml - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mn - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mk - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ur - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-vi - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-et - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-es - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-csb - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-el - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eo - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-en - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zu - 88.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ast - 88.0.1+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-29952 Ubuntu 20.04 LTS Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. (CVE-2020-26217) It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. (CVE-2020-26258) It was discovered that XStream was vulnerable to arbitrary file deletion on the local host. A remote attacker could use this to delete arbitrary known files on the host as long as the executing process had sufficient rights only by manipulating the processed input stream. This issue only affected Ubuntu 20.10. (CVE-2020-26259) It was discovered that XStream was vulnerable to denial of service, arbitrary code execution, arbitrary file deletion and server-side forgery attacks. A remote attacker could cause any of those issues by manipulating the processed input stream. (CVE-2021-21341, CVE-2021-21342, CVE-2021-21343 CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351) Update Instructions: Run `sudo pro fix USN-4943-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxstream-java - 1.4.11.1-1ubuntu0.2 No subscription required Medium CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 CVE-2021-21341 CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351 Ubuntu 20.04 LTS This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10. Update Instructions: Run `sudo pro fix USN-4944-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.29-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.29-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.29-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.29-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.29-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.29-0ubuntu0.20.04.1 mariadb-client - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.29-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.29-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.29-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.29-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.29-0ubuntu0.20.04.1 mariadb-server - 1:10.3.29-0ubuntu0.20.04.1 mariadb-common - 1:10.3.29-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.29-0ubuntu0.20.04.1 mariadb-test - 1:10.3.29-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1926926 Ubuntu 20.04 LTS USN-4944-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. Original advisory details: Ubuntu 20.04 has been updated to MariaDB 10.3.30. Update Instructions: Run `sudo pro fix USN-4944-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.30-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.30-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.30-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.30-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.30-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.30-0ubuntu0.20.04.1 mariadb-client - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.30-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.30-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.30-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.30-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.30-0ubuntu0.20.04.1 mariadb-server - 1:10.3.30-0ubuntu0.20.04.1 mariadb-common - 1:10.3.30-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.30-0ubuntu0.20.04.1 mariadb-test - 1:10.3.30-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1913676 Ubuntu 20.04 LTS It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Update Instructions: Run `sudo pro fix USN-4945-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1015-gkeop - 5.4.0-1015.16 No subscription required linux-image-5.4.0-1039-kvm - 5.4.0-1039.40 No subscription required linux-image-5.4.0-1043-gke - 5.4.0-1043.45 No subscription required linux-image-5.4.0-1043-gcp - 5.4.0-1043.46 No subscription required linux-image-5.4.0-1045-oracle - 5.4.0-1045.49+1 No subscription required linux-image-5.4.0-1047-azure - 5.4.0-1047.49 No subscription required linux-image-5.4.0-1048-aws - 5.4.0-1048.50 No subscription required linux-image-5.4.0-73-lowlatency - 5.4.0-73.82 linux-image-5.4.0-73-generic-lpae - 5.4.0-73.82 linux-image-5.4.0-73-generic - 5.4.0-73.82 No subscription required linux-image-gkeop-5.4 - 5.4.0.1015.18 linux-image-gkeop - 5.4.0.1015.18 No subscription required linux-image-kvm - 5.4.0.1039.37 No subscription required linux-image-gke - 5.4.0.1043.52 linux-image-gke-5.4 - 5.4.0.1043.52 linux-image-gcp - 5.4.0.1043.52 No subscription required linux-image-oracle - 5.4.0.1045.44 No subscription required linux-image-azure - 5.4.0.1047.45 No subscription required linux-image-aws - 5.4.0.1048.49 No subscription required linux-image-oem-osp1 - 5.4.0.73.76 linux-image-generic-hwe-18.04 - 5.4.0.73.76 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.73.76 linux-image-generic-lpae-hwe-18.04 - 5.4.0.73.76 linux-image-virtual - 5.4.0.73.76 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.73.76 linux-image-lowlatency-hwe-18.04 - 5.4.0.73.76 linux-image-generic - 5.4.0.73.76 linux-image-virtual-hwe-18.04 - 5.4.0.73.76 linux-image-generic-hwe-18.04-edge - 5.4.0.73.76 linux-image-oem - 5.4.0.73.76 linux-image-generic-lpae - 5.4.0.73.76 linux-image-lowlatency - 5.4.0.73.76 linux-image-virtual-hwe-18.04-edge - 5.4.0.73.76 No subscription required Medium CVE-2020-25639 CVE-2021-28038 CVE-2021-28375 CVE-2021-28660 CVE-2021-29265 CVE-2021-29650 CVE-2021-30002 Ubuntu 20.04 LTS USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Update Instructions: Run `sudo pro fix USN-4945-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1035-raspi - 5.4.0-1035.38 No subscription required linux-image-raspi-hwe-18.04-edge - 5.4.0.1035.70 linux-image-raspi-hwe-18.04 - 5.4.0.1035.70 linux-image-raspi - 5.4.0.1035.70 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1035.70 linux-image-raspi2 - 5.4.0.1035.70 linux-image-raspi2-hwe-18.04 - 5.4.0.1035.70 No subscription required Medium CVE-2020-25639 CVE-2021-28038 CVE-2021-28375 CVE-2021-28660 CVE-2021-29265 CVE-2021-29650 CVE-2021-30002 Ubuntu 20.04 LTS Kiyin (尹亮) discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-35519) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Update Instructions: Run `sudo pro fix USN-4947-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.6.0-1056-oem - 5.6.0-1056.60 No subscription required linux-image-oem-20.04 - 5.6.0.1056.52 No subscription required Medium CVE-2020-35519 CVE-2021-28375 CVE-2021-29646 CVE-2021-29650 CVE-2021-30002 Ubuntu 20.04 LTS Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3489) Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3490) Billy Jheng Bing-Jhong discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition leading to a deadlock condition. A local attacker could use this to cause a denial of service. (CVE-2021-28951) John Stultz discovered that the audio driver for Qualcomm SDM845 systems in the Linux kernel did not properly validate port ID numbers. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28952) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the vDPA backend virtio driver in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) It was discovered that the BPF user mode driver implementation in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-29649) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Felix Wilhelm discovered that the KVM implementation in the Linux kernel for AMD processors contained race conditions on nested VMCB controls. A local attacker in a guest vm could possibly use this to gain elevated privileges. (CVE-2021-29657) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update Instructions: Run `sudo pro fix USN-4948-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1026-oem - 5.10.0-1026.27 No subscription required linux-image-oem-20.04b - 5.10.0.1026.27 linux-image-oem-20.04-edge - 5.10.0.1026.27 No subscription required High CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2021-28688 CVE-2021-28951 CVE-2021-28952 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29264 CVE-2021-29266 CVE-2021-29646 CVE-2021-29647 CVE-2021-29649 CVE-2021-29650 CVE-2021-29657 CVE-2021-31916 CVE-2021-3483 CVE-2021-3489 CVE-2021-3490 CVE-2021-3491 Ubuntu 20.04 LTS Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3489) Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3490) Billy Jheng Bing-Jhong discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930) Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26931) It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265) It was discovered that the vDPA backend virtio driver in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Update Instructions: Run `sudo pro fix USN-4949-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-53-lowlatency - 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-lpae - 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-64k - 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic - 5.8.0-53.60~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-generic-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-generic-lpae-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-generic-64k-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.53.60~20.04.37 linux-image-virtual-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-generic-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-lowlatency-hwe-20.04 - 5.8.0.53.60~20.04.37 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.53.60~20.04.37 No subscription required High CVE-2020-25639 CVE-2021-26930 CVE-2021-26931 CVE-2021-28375 CVE-2021-29264 CVE-2021-29265 CVE-2021-29266 CVE-2021-29646 CVE-2021-29650 CVE-2021-3489 CVE-2021-3490 CVE-2021-3491 Ubuntu 20.04 LTS Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement. Update Instructions: Run `sudo pro fix USN-4951-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflatpak0 - 1.6.5-0ubuntu0.3 libflatpak-dev - 1.6.5-0ubuntu0.3 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.3 libflatpak-doc - 1.6.5-0ubuntu0.3 flatpak - 1.6.5-0ubuntu0.3 flatpak-tests - 1.6.5-0ubuntu0.3 No subscription required Medium CVE-2021-21381 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-34.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-24.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-25.html https://www.oracle.com/security-alerts/cpuapr2021.html Update Instructions: Run `sudo pro fix USN-4952-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.25-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.25-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.25-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-router - 8.0.25-0ubuntu0.20.04.1 mysql-server - 8.0.25-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.25-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-testsuite - 8.0.25-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.25-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.25-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2146 CVE-2021-2154 CVE-2021-2162 CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 CVE-2021-2179 CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021-2201 CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 CVE-2021-2215 CVE-2021-2217 CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 CVE-2021-2278 CVE-2021-2293 CVE-2021-2298 CVE-2021-2299 CVE-2021-2300 CVE-2021-2301 CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 CVE-2021-2308 Ubuntu 20.04 LTS Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-29600) It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access sensitive information. (CVE-2020-35176) Update Instructions: Run `sudo pro fix USN-4953-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: awstats - 7.6+dfsg-2ubuntu0.20.04.1 No subscription required Medium CVE-2017-1000501 CVE-2020-29600 CVE-2020-35176 Ubuntu 20.04 LTS It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-4956-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-eventlet-doc - 0.25.1-2ubuntu1.1 python3-eventlet - 0.25.1-2ubuntu1.1 No subscription required Medium CVE-2021-21419 Ubuntu 20.04 LTS It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4957-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libdjvulibre21 - 3.5.27.1-14ubuntu0.1 libdjvulibre-text - 3.5.27.1-14ubuntu0.1 djvulibre-desktop - 3.5.27.1-14ubuntu0.1 djview3 - 3.5.27.1-14ubuntu0.1 djvuserve - 3.5.27.1-14ubuntu0.1 libdjvulibre-dev - 3.5.27.1-14ubuntu0.1 djview - 3.5.27.1-14ubuntu0.1 djvulibre-bin - 3.5.27.1-14ubuntu0.1 No subscription required Medium CVE-2021-32490 CVE-2021-32491 CVE-2021-32492 CVE-2021-32493 CVE-2021-3500 Ubuntu 20.04 LTS It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism. Update Instructions: Run `sudo pro fix USN-4958-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcaribou-gtk3-module - 0.4.21-7ubuntu0.20.04.1 libcaribou0 - 0.4.21-7ubuntu0.20.04.1 libcaribou-dev - 0.4.21-7ubuntu0.20.04.1 gir1.2-caribou-1.0 - 0.4.21-7ubuntu0.20.04.1 libcaribou-gtk-module - 0.4.21-7ubuntu0.20.04.1 caribou-antler - 0.4.21-7ubuntu0.20.04.1 libcaribou-common - 0.4.21-7ubuntu0.20.04.1 caribou - 0.4.21-7ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1912060 Ubuntu 20.04 LTS It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-4959-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-plugins-base - 1.16.2-4ubuntu0.1 libgstreamer-plugins-base1.0-0 - 1.16.2-4ubuntu0.1 gstreamer1.0-x - 1.16.2-4ubuntu0.1 gstreamer1.0-plugins-base-doc - 1.16.2-4ubuntu0.1 libgstreamer-gl1.0-0 - 1.16.2-4ubuntu0.1 gstreamer1.0-gl - 1.16.2-4ubuntu0.1 libgstreamer-plugins-base1.0-dev - 1.16.2-4ubuntu0.1 gir1.2-gst-plugins-base-1.0 - 1.16.2-4ubuntu0.1 gstreamer1.0-alsa - 1.16.2-4ubuntu0.1 gstreamer1.0-plugins-base-apps - 1.16.2-4ubuntu0.1 No subscription required Medium CVE-2021-3522 Ubuntu 20.04 LTS Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges. Update Instructions: Run `sudo pro fix USN-4960-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.0.0~rc93-0ubuntu1~20.04.2 runc - 1.0.0~rc93-0ubuntu1~20.04.2 No subscription required High CVE-2021-30465 Ubuntu 20.04 LTS It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. Update Instructions: Run `sudo pro fix USN-4961-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.5 python3-pip - 20.0.2-5ubuntu1.5 No subscription required None https://launchpad.net/bugs/1926957 Ubuntu 20.04 LTS It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4962-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-babel-localedata - 2.6.0+dfsg.1-1ubuntu2.2 python-babel-doc - 2.6.0+dfsg.1-1ubuntu2.2 python-babel - 2.6.0+dfsg.1-1ubuntu2.2 python3-babel - 2.6.0+dfsg.1-1ubuntu2.2 No subscription required None Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash or hand, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4963-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.4 python-pil-doc - 7.0.0-4ubuntu0.4 python3-pil - 7.0.0-4ubuntu0.4 No subscription required Medium CVE-2021-25287 CVE-2021-25288 CVE-2021-28675 CVE-2021-28676 CVE-2021-28677 CVE-2021-28678 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29463) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29464) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-29473, CVE-2021-32617) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29623) Update Instructions: Run `sudo pro fix USN-4964-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.4 libexiv2-27 - 0.27.2-8ubuntu2.4 libexiv2-doc - 0.27.2-8ubuntu2.4 libexiv2-dev - 0.27.2-8ubuntu2.4 No subscription required Medium CVE-2021-29463 CVE-2021-29464 CVE-2021-29473 CVE-2021-29623 CVE-2021-32617 Ubuntu 20.04 LTS Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-4965-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.18 apport-kde - 2.20.11-0ubuntu27.18 apport-retrace - 2.20.11-0ubuntu27.18 apport-valgrind - 2.20.11-0ubuntu27.18 python3-apport - 2.20.11-0ubuntu27.18 dh-apport - 2.20.11-0ubuntu27.18 apport-gtk - 2.20.11-0ubuntu27.18 apport - 2.20.11-0ubuntu27.18 apport-noui - 2.20.11-0ubuntu27.18 No subscription required Medium CVE-2021-32547 CVE-2021-32548 CVE-2021-32549 CVE-2021-32550 CVE-2021-32551 CVE-2021-32552 CVE-2021-32553 CVE-2021-32554 CVE-2021-32555 CVE-2021-32556 CVE-2021-32557 Ubuntu 20.04 LTS It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests. Update Instructions: Run `sudo pro fix USN-4966-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.2 libx11-data - 2:1.6.9-2ubuntu1.2 libx11-xcb-dev - 2:1.6.9-2ubuntu1.2 libx11-xcb1 - 2:1.6.9-2ubuntu1.2 libx11-doc - 2:1.6.9-2ubuntu1.2 libx11-6-udeb - 2:1.6.9-2ubuntu1.2 libx11-dev - 2:1.6.9-2ubuntu1.2 No subscription required Medium CVE-2021-31535 Ubuntu 20.04 LTS Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4967-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-stream - 1.18.0-0ubuntu1.2 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.2 nginx-doc - 1.18.0-0ubuntu1.2 libnginx-mod-mail - 1.18.0-0ubuntu1.2 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.2 libnginx-mod-http-echo - 1.18.0-0ubuntu1.2 libnginx-mod-rtmp - 1.18.0-0ubuntu1.2 libnginx-mod-nchan - 1.18.0-0ubuntu1.2 nginx-common - 1.18.0-0ubuntu1.2 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.2 libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.2 nginx-light - 1.18.0-0ubuntu1.2 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.2 nginx-extras - 1.18.0-0ubuntu1.2 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.2 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.2 libnginx-mod-http-lua - 1.18.0-0ubuntu1.2 libnginx-mod-http-perl - 1.18.0-0ubuntu1.2 nginx-core - 1.18.0-0ubuntu1.2 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.2 nginx - 1.18.0-0ubuntu1.2 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.2 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.2 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.2 nginx-full - 1.18.0-0ubuntu1.2 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.2 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.2 No subscription required Medium CVE-2021-23017 Ubuntu 20.04 LTS It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4968-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblz4-tool - 1.9.2-2ubuntu0.20.04.1 lz4 - 1.9.2-2ubuntu0.20.04.1 liblz4-dev - 1.9.2-2ubuntu0.20.04.1 liblz4-1 - 1.9.2-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-3520 Ubuntu 20.04 LTS Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-4969-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isc-dhcp-relay - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-client-ddns - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-dev - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-client - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-common - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-server - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-client-udeb - 4.4.1-2.1ubuntu5.20.04.2 isc-dhcp-server-ldap - 4.4.1-2.1ubuntu5.20.04.2 No subscription required Medium CVE-2021-25217 Ubuntu 20.04 LTS It was discovered that GUPnP incorrectly filtered local requests. If a user were tricked into visiting a malicious website, a remote attacker could possibly use this issue to perform actions against local UPnP services such as obtaining or altering sensitive information. Update Instructions: Run `sudo pro fix USN-4970-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gupnp-1.2 - 1.2.3-0ubuntu0.20.04.2 libgupnp-doc - 1.2.3-0ubuntu0.20.04.2 libgupnp-1.2-dev - 1.2.3-0ubuntu0.20.04.2 libgupnp-1.2-0 - 1.2.3-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-33516 Ubuntu 20.04 LTS It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4971-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: webp - 0.6.1-2ubuntu0.20.04.1 libwebp6 - 0.6.1-2ubuntu0.20.04.1 libwebpmux3 - 0.6.1-2ubuntu0.20.04.1 libwebp-dev - 0.6.1-2ubuntu0.20.04.1 libwebpdemux2 - 0.6.1-2ubuntu0.20.04.1 No subscription required Medium CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 Ubuntu 20.04 LTS Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. (CVE-2021-32027) Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... ON CONFLICT ... DO UPDATE commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. (CVE-2021-32028) Tom Lane discovered that PostgreSQL incorrect handled certain UPDATE ... RETURNING commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32029) Update Instructions: Run `sudo pro fix USN-4972-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.7-0ubuntu0.20.04.1 libecpg-dev - 12.7-0ubuntu0.20.04.1 libpq-dev - 12.7-0ubuntu0.20.04.1 libecpg6 - 12.7-0ubuntu0.20.04.1 libpq5 - 12.7-0ubuntu0.20.04.1 libpgtypes3 - 12.7-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.7-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.7-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.7-0ubuntu0.20.04.1 postgresql-doc-12 - 12.7-0ubuntu0.20.04.1 postgresql-12 - 12.7-0ubuntu0.20.04.1 postgresql-client-12 - 12.7-0ubuntu0.20.04.1 libecpg-compat3 - 12.7-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-32027 CVE-2021-32028 CVE-2021-32029 Ubuntu 20.04 LTS It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. Update Instructions: Run `sudo pro fix USN-4973-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.5-1~20.04.3 python3.8-examples - 3.8.5-1~20.04.3 python3.8-dev - 3.8.5-1~20.04.3 libpython3.8-minimal - 3.8.5-1~20.04.3 libpython3.8-dev - 3.8.5-1~20.04.3 python3.8-venv - 3.8.5-1~20.04.3 libpython3.8 - 3.8.5-1~20.04.3 idle-python3.8 - 3.8.5-1~20.04.3 libpython3.8-testsuite - 3.8.5-1~20.04.3 libpython3.8-stdlib - 3.8.5-1~20.04.3 python3.8 - 3.8.5-1~20.04.3 python3.8-doc - 3.8.5-1~20.04.3 No subscription required Medium CVE-2021-29921 Ubuntu 20.04 LTS USN-4973-1 fixed this vulnerability previously, but it was re-introduced in python3.8 in focal because of the SRU in LP: #1928057. This update fixes the problem. Original advisory details: It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. Update Instructions: Run `sudo pro fix USN-4973-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.1 python3.8-full - 3.8.10-0ubuntu1~20.04.1 python3.8-examples - 3.8.10-0ubuntu1~20.04.1 python3.8-dev - 3.8.10-0ubuntu1~20.04.1 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.1 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.1 python3.8-venv - 3.8.10-0ubuntu1~20.04.1 libpython3.8 - 3.8.10-0ubuntu1~20.04.1 idle-python3.8 - 3.8.10-0ubuntu1~20.04.1 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.1 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.1 python3.8 - 3.8.10-0ubuntu1~20.04.1 python3.8-doc - 3.8.10-0ubuntu1~20.04.1 No subscription required Medium CVE-2021-29921 https://launchpad.net/bugs/1945240 Ubuntu 20.04 LTS It was discovered that Lasso did not properly verify that all assertions in a SAML response were properly signed. An attacker could possibly use this to impersonate users or otherwise bypass access controls. Update Instructions: Run `sudo pro fix USN-4974-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblasso-perl - 2.6.0-7ubuntu1.2 liblasso3 - 2.6.0-7ubuntu1.2 python3-lasso - 2.6.0-7ubuntu1.2 liblasso3-dev - 2.6.0-7ubuntu1.2 No subscription required Medium CVE-2021-28091 Ubuntu 20.04 LTS It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32052) Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly use this issue to determine the existence of arbitrary files and in certain configurations obtain their contents. (CVE-2021-33203) It was discovered that Django incorrectly handled IPv4 addresses with leading zeros. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. (CVE-2021-33571) Update Instructions: Run `sudo pro fix USN-4975-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.7 python-django-doc - 2:2.2.12-1ubuntu0.7 No subscription required Medium CVE-2021-32052 CVE-2021-33203 CVE-2021-33571 Ubuntu 20.04 LTS Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in certain configurations. A remote attacker could possibly use this issue to facilitate DNS cache poisoning attacks. Update Instructions: Run `sudo pro fix USN-4976-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.4 dnsmasq-base-lua - 2.80-1.1ubuntu1.4 dnsmasq-utils - 2.80-1.1ubuntu1.4 dnsmasq-base - 2.80-1.1ubuntu1.4 No subscription required Low CVE-2021-3448 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute arbitrary code. (CVE-2021-29959, CVE-2021-29961, CVE-2021-29966, CVE-2021-29967) It was discovered that filenames printed from private browsing mode were incorrectly retained in preferences. A local attacker could potentially exploit this to obtain sensitive information. (CVE-2021-29960) Update Instructions: Run `sudo pro fix USN-4978-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-nn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ne - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-nb - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fa - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fi - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-fy - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-or - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-kab - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-oc - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-cs - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ga - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gd - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-gu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-pa - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-pl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-cy - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-pt - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-szl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hi - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-uk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-he - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hy - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-as - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ar - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ia - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-az - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-id - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mai - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-af - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-is - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-it - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-an - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-bs - 89.0+build2-0ubuntu0.20.04.2 firefox - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ro - 89.0+build2-0ubuntu0.20.04.2 firefox-geckodriver - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ja - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ru - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-br - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hant - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hans - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-bn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-be - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-bg - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sl - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-si - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sw - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sv - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-sq - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ko - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-kn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-km - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-kk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ka - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-xh - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ca - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ku - 89.0+build2-0ubuntu0.20.04.2 firefox-mozsymbols - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-lv - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-lt - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-th - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-hsb - 89.0+build2-0ubuntu0.20.04.2 firefox-dev - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-te - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-cak - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ta - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-lg - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-tr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-nso - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-de - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-da - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ms - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mr - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-my - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-uz - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ml - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mn - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-mk - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ur - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-vi - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-eu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-et - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-es - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-csb - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-el - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-eo - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-en - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-zu - 89.0+build2-0ubuntu0.20.04.2 firefox-locale-ast - 89.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-29959 CVE-2021-29960 CVE-2021-29961 CVE-2021-29966 CVE-2021-29967 Ubuntu 20.04 LTS Kevin Backhouse discovered that polkit incorrectly handled errors in the polkit_system_bus_name_get_creds_sync function. A local attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-4980-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: policykit-1-doc - 0.105-26ubuntu1.1 libpolkit-gobject-1-dev - 0.105-26ubuntu1.1 libpolkit-agent-1-0 - 0.105-26ubuntu1.1 libpolkit-agent-1-dev - 0.105-26ubuntu1.1 policykit-1 - 0.105-26ubuntu1.1 gir1.2-polkit-1.0 - 0.105-26ubuntu1.1 libpolkit-gobject-1-0 - 0.105-26ubuntu1.1 No subscription required High CVE-2021-3560 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. (CVE-2021-28651) Joshua Rogers discovered that Squid incorrectly handled requests to the Cache Manager API. A remote attacker with access privileges could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue was only addressed in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-28652) Joshua Rogers discovered that Squid incorrectly handled certain response headers. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue was only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-28662) Joshua Rogers discovered that Squid incorrectly handled range request processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2021-31806, CVE-2021-31807, CVE-2021-31808) Joshua Rogers discovered that Squid incorrectly handled certain HTTP responses. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2021-33620) Update Instructions: Run `sudo pro fix USN-4981-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.4 squidclient - 4.10-1ubuntu1.4 squid-purge - 4.10-1ubuntu1.4 squid - 4.10-1ubuntu1.4 squid-cgi - 4.10-1ubuntu1.4 No subscription required Medium CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 Ubuntu 20.04 LTS Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update Instructions: Run `sudo pro fix USN-4982-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1016-gkeop - 5.4.0-1016.17 No subscription required linux-image-5.4.0-1036-raspi - 5.4.0-1036.39 No subscription required linux-image-5.4.0-1040-kvm - 5.4.0-1040.41 No subscription required linux-image-5.4.0-1044-gke - 5.4.0-1044.46 No subscription required linux-image-5.4.0-1044-gcp - 5.4.0-1044.47 No subscription required linux-image-5.4.0-1046-oracle - 5.4.0-1046.50 No subscription required linux-image-5.4.0-1048-azure - 5.4.0-1048.50 No subscription required linux-image-5.4.0-1049-aws - 5.4.0-1049.51 No subscription required linux-image-5.4.0-74-lowlatency - 5.4.0-74.83 linux-image-5.4.0-74-generic-lpae - 5.4.0-74.83 linux-image-5.4.0-74-generic - 5.4.0-74.83 No subscription required linux-image-gkeop-5.4 - 5.4.0.1016.19 linux-image-gkeop - 5.4.0.1016.19 No subscription required linux-image-raspi - 5.4.0.1036.71 linux-image-raspi2 - 5.4.0.1036.71 linux-image-raspi-hwe-18.04-edge - 5.4.0.1036.71 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1036.71 linux-image-raspi-hwe-18.04 - 5.4.0.1036.71 linux-image-raspi2-hwe-18.04 - 5.4.0.1036.71 No subscription required linux-image-kvm - 5.4.0.1040.38 No subscription required linux-image-gke - 5.4.0.1044.53 linux-image-gke-5.4 - 5.4.0.1044.53 linux-image-gcp - 5.4.0.1044.53 No subscription required linux-image-oracle - 5.4.0.1046.45 No subscription required linux-image-azure - 5.4.0.1048.46 No subscription required linux-image-aws - 5.4.0.1049.50 No subscription required linux-image-oem-osp1 - 5.4.0.74.77 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.74.77 linux-image-generic-hwe-18.04 - 5.4.0.74.77 linux-image-generic-lpae-hwe-18.04 - 5.4.0.74.77 linux-image-virtual - 5.4.0.74.77 linux-image-lowlatency-hwe-18.04 - 5.4.0.74.77 linux-image-generic - 5.4.0.74.77 linux-image-virtual-hwe-18.04 - 5.4.0.74.77 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.74.77 linux-image-oem - 5.4.0.74.77 linux-image-generic-hwe-18.04-edge - 5.4.0.74.77 linux-image-generic-lpae - 5.4.0.74.77 linux-image-lowlatency - 5.4.0.74.77 linux-image-virtual-hwe-18.04-edge - 5.4.0.74.77 No subscription required Medium CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2021-28688 CVE-2021-28950 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29264 CVE-2021-29647 CVE-2021-31916 CVE-2021-3483 Ubuntu 20.04 LTS Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker could use this to expose sensitive information. (CVE-2021-29155) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) Reiji Watanabe discovered that the KVM VMX implementation in the Linux kernel did not properly prevent user space from tampering with an array index value, leading to a potential out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3501) Update Instructions: Run `sudo pro fix USN-4983-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1029-oem - 5.10.0-1029.30 No subscription required linux-image-oem-20.04b - 5.10.0.1029.30 linux-image-oem-20.04 - 5.10.0.1029.30 linux-image-oem-20.04-edge - 5.10.0.1029.30 No subscription required High CVE-2021-29155 CVE-2021-31829 CVE-2021-33200 CVE-2021-3501 Ubuntu 20.04 LTS Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038) It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950) John Stultz discovered that the audio driver for Qualcomm SDM845 systems in the Linux kernel did not properly validate port ID numbers. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28952) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) It was discovered that the CIPSO implementation in the Linux kernel did not properly perform reference counting in some situations, leading to use- after-free vulnerabilities. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33033) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update Instructions: Run `sudo pro fix USN-4984-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-55-generic - 5.8.0-55.62~20.04.1 linux-image-5.8.0-55-generic-64k - 5.8.0-55.62~20.04.1 linux-image-5.8.0-55-generic-lpae - 5.8.0-55.62~20.04.1 linux-image-5.8.0-55-lowlatency - 5.8.0-55.62~20.04.1 No subscription required linux-image-virtual-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-virtual-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-generic-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-generic-lpae-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-generic-lpae-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-generic-64k-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-generic-64k-hwe-20.04-edge - 5.8.0.55.62~20.04.39 linux-image-generic-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-lowlatency-hwe-20.04 - 5.8.0.55.62~20.04.39 linux-image-lowlatency-hwe-20.04-edge - 5.8.0.55.62~20.04.39 No subscription required Medium CVE-2021-28038 CVE-2021-28660 CVE-2021-28688 CVE-2021-28950 CVE-2021-28952 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29647 CVE-2021-30002 CVE-2021-31916 CVE-2021-33033 CVE-2021-3483 Ubuntu 20.04 LTS It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O (VT-d). This may allow a local user to perform a privilege escalation attack. (CVE-2020-24489) Joseph Nuzman discovered that some Intel processors may not properly apply EIBRS mitigations (originally developed for CVE-2017-5715) and hence may allow unauthorized memory reads via sidechannel attacks. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2020-24511) Travis Downs discovered that some Intel processors did not properly flush cache-lines for trivial-data values. This may allow an unauthorized user to infer the presence of these trivial-data-cache-lines via timing sidechannel attacks. A local attacker could use this to expose sensitive information. (CVE-2020-24512) It was discovered that certain Intel Atom processors could expose memory contents stored in microarchitectural buffers. A local attacker could use this to expose sensitive information. (CVE-2020-24513) Update Instructions: Run `sudo pro fix USN-4985-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20210608.0ubuntu0.20.04.1 No subscription required High CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2020-24489 Ubuntu 20.04 LTS It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-4987-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libimage-exiftool-perl - 11.88-1ubuntu0.1 No subscription required High CVE-2021-22204 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Update Instructions: Run `sudo pro fix USN-4988-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.4 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4 No subscription required Medium CVE-2017-14528 CVE-2020-19667 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-27750 CVE-2020-27751 CVE-2020-27753 CVE-2020-27754 CVE-2020-27755 CVE-2020-27756 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 CVE-2021-20176 Ubuntu 20.04 LTS It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to impersonate devices. (CVE-2020-26558) Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT events. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153) Ziming Zhang discovered that BlueZ incorrectly handled certain array indexes. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-3588) Update Instructions: Run `sudo pro fix USN-4989-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.2 bluez-tests - 5.53-0ubuntu3.2 bluez-obexd - 5.53-0ubuntu3.2 bluetooth - 5.53-0ubuntu3.2 bluez - 5.53-0ubuntu3.2 bluez-hcidump - 5.53-0ubuntu3.2 bluez-cups - 5.53-0ubuntu3.2 libbluetooth-dev - 5.53-0ubuntu3.2 No subscription required Medium CVE-2020-26558 CVE-2020-27153 CVE-2021-3588 Ubuntu 20.04 LTS It was discovered that Nettle incorrectly handled RSA decryption. A remote attacker could possibly use this issue to cause Nettle to crash, resulting in a denial of service. (CVE-2021-3580) It was discovered that Nettle incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16869) Update Instructions: Run `sudo pro fix USN-4990-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnettle7 - 3.5.1+really3.5.1-2ubuntu0.2 nettle-bin - 3.5.1+really3.5.1-2ubuntu0.2 libhogweed5 - 3.5.1+really3.5.1-2ubuntu0.2 nettle-dev - 3.5.1+really3.5.1-2ubuntu0.2 No subscription required Medium CVE-2018-16869 CVE-2021-3580 Ubuntu 20.04 LTS Yunho Kim discovered that libxml2 incorrectly handled certain error conditions. A remote attacker could exploit this with a crafted XML file to cause a denial of service, or possibly cause libxml2 to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2017-8872) Zhipeng Xie discovered that libxml2 incorrectly handled certain XML schemas. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-20388) It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A remote attacker could possibly exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-24977) It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A remote attacker could possibly exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3517) It was discovered that libxml2 did not properly handle certain crafted XML files. A local attacker could exploit this with a crafted input to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3516, CVE-2021-3518) It was discovered that libxml2 incorrectly handled error states. A remote attacker could exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3537) Sebastian Pipping discovered that libxml2 did not properly handle certain crafted XML files. A remote attacker could exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3541) Update Instructions: Run `sudo pro fix USN-4991-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.1 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.1 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.1 No subscription required Medium CVE-2017-8872 CVE-2019-20388 CVE-2020-24977 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541 Ubuntu 20.04 LTS Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-14372) Chris Coulson discovered that the rmmod command in GRUB 2 contained a use- after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-25632) Chris Coulson discovered that a buffer overflow existed in the command line parser in GRUB 2. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-27749) It was discovered that the cutmem command in GRUB 2 did not honor secure boot locking. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-27779) It was discovered that the option parser in GRUB 2 contained a heap overflow vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2021-20225) It was discovered that the menu rendering implementation in GRUB 2 did not properly calculate the amount of memory needed in some situations, leading to out-of-bounds writes. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2021-20233) Update Instructions: Run `sudo pro fix USN-4992-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-arm64-signed - 1.167.2+2.04-1ubuntu44.2 grub-efi-amd64-signed - 1.167.2+2.04-1ubuntu44.2 No subscription required grub-efi-arm64-bin - 2.04-1ubuntu44.2 grub-efi-amd64 - 2.04-1ubuntu44.2 grub-efi-amd64-bin - 2.04-1ubuntu44.2 grub-efi-arm64 - 2.04-1ubuntu44.2 No subscription required Medium CVE-2020-14372 CVE-2020-25632 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass2021 Ubuntu 20.04 LTS Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT tokens. A local attacker could possibly use this issue to validate tokens using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-29157) Fabian Ising and Damian Poddebniak discovered that Dovecot incorrectly handled STARTTLS when using the SMTP submission service. A remote attacker could possibly use this issue to inject plaintext commands before STARTTLS negotiation. (CVE-2021-33515) Update Instructions: Run `sudo pro fix USN-4993-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.4 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.4 dovecot-mysql - 1:2.3.7.2-1ubuntu3.4 dovecot-core - 1:2.3.7.2-1ubuntu3.4 dovecot-sieve - 1:2.3.7.2-1ubuntu3.4 dovecot-ldap - 1:2.3.7.2-1ubuntu3.4 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.4 dovecot-dev - 1:2.3.7.2-1ubuntu3.4 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.4 dovecot-imapd - 1:2.3.7.2-1ubuntu3.4 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.4 dovecot-lucene - 1:2.3.7.2-1ubuntu3.4 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.4 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.4 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.4 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.4 dovecot-solr - 1:2.3.7.2-1ubuntu3.4 No subscription required Medium CVE-2021-29157 CVE-2021-33515 Ubuntu 20.04 LTS Marc Stern discovered that the Apache mod_proxy_http module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2020-13950) Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. (CVE-2020-35452) Antonio Morales discovered that the Apache mod_session module incorrectly handled certain Cookie headers. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. (CVE-2021-26690) Christophe Jaillet discovered that the Apache mod_session module incorrectly handled certain SessionHeader values. A remote attacker could use this issue to cause Apache to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-26691) Christoph Anton Mitterer discovered that the new MergeSlashes configuration option resulted in unexpected behaviour in certain situations. (CVE-2021-30641) Update Instructions: Run `sudo pro fix USN-4994-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.3 libapache2-mod-md - 2.4.41-4ubuntu3.3 apache2-utils - 2.4.41-4ubuntu3.3 apache2-dev - 2.4.41-4ubuntu3.3 apache2-suexec-pristine - 2.4.41-4ubuntu3.3 apache2-suexec-custom - 2.4.41-4ubuntu3.3 apache2 - 2.4.41-4ubuntu3.3 apache2-doc - 2.4.41-4ubuntu3.3 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.3 apache2-ssl-dev - 2.4.41-4ubuntu3.3 apache2-bin - 2.4.41-4ubuntu3.3 No subscription required Medium CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. (CVE-2021-23961, CVE-2021-23981, CVE-2021-23982, CVE-2021-23987, CVE-2021-23994, CVE-2021-23998, CVE-2021-23999, CVE-2021-29945, CVE-2021-29946, CVE-2021-29967) It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. (CVE-2021-23984) Multiple security issues were discovered in Thunderbird's OpenPGP integration. If a user were tricked into importing a specially crafted key in some circumstances, an attacker could potentially exploit this to cause a denial of service (inability to send encrypted email) or confuse the user. (CVE-2021-23991, CVE-2021-23992, CVE-2021-23993) A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-23995) It was discovered that Thunderbird mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. (CVE-2021-24002) It was discovered that Thunderbird wrote signatures to disk and read them back during verification. A local attacker could potentially exploit this to replace the data with another signature file. (CVE-2021-29948) It was discovered that Thunderbird might load an alternative OTR library. If a user were tricked into copying a specially crafted library to one of Thunderbird's search paths, an attacker could potentially exploit this to execute arbitrary code. (CVE-2021-29949) It was discovered that secret keys imported into Thunderbird were stored unencrypted. A local attacker could potentially exploit this to obtain private keys. (CVE-2021-29956) It was discovered that Thunderbird did not indicate when an inline signed or encrypted message contained additional unprotected parts. (CVE-2021-29957) Update Instructions: Run `sudo pro fix USN-4995-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-br - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-be - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-si - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:78.11.0+build1-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-de - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-da - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-dev - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-el - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-et - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:78.11.0+build1-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fa - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:78.11.0+build1-0ubuntu0.20.04.2 xul-ext-lightning - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-th - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-it - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-he - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-af - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-is - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es - 1:78.11.0+build1-0ubuntu0.20.04.2 thunderbird-locale-id - 1:78.11.0+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-23961 CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-23991 CVE-2021-23992 CVE-2021-23993 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 CVE-2021-29948 CVE-2021-29949 CVE-2021-29956 CVE-2021-29957 CVE-2021-29967 Ubuntu 20.04 LTS It was discovered that in some situations Ceph logged passwords from the mgr module in clear text. An attacker could use this to expose sensitive information. (CVE-2020-25678) Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access. (CVE-2020-27781) It was discovered that the Ceph dashboard was susceptible to a cross-site scripting attack. An attacker could use this to expose sensitive information or gain unintended access. (CVE-2020-27839) It was discovered that Ceph contained an authentication flaw, leading to key reuse. An attacker could use this to cause a denial of service or possibly impersonate another user. (CVE-2021-20288) Sergey Bobrov discovered that the Ceph dashboard was susceptible to a cross-site scripting attack. An attacker could use this to expose sensitive information or gain unintended access. (CVE-2021-3509) Sergey Bobrov discovered that Ceph's RadosGW (Ceph Object Gateway) allowed the injection of HTTP headers in responses to CORS requests. An attacker could use this to violate system integrity. (CVE-2021-3524) It was discovered that Ceph's RadosGW (Ceph Object Gateway) did not properly handle GET requests for swift URLs in some situations, leading to an application crash. An attacker could use this to cause a denial of service. (CVE-2021-3531) Update Instructions: Run `sudo pro fix USN-4998-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rbd - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-modules-core - 15.2.12-0ubuntu0.20.04.1 ceph-mgr - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-cephadm - 15.2.12-0ubuntu0.20.04.1 ceph - 15.2.12-0ubuntu0.20.04.1 rbd-mirror - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-dashboard - 15.2.12-0ubuntu0.20.04.1 librbd-dev - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-rook - 15.2.12-0ubuntu0.20.04.1 rbd-fuse - 15.2.12-0ubuntu0.20.04.1 libradospp-dev - 15.2.12-0ubuntu0.20.04.1 librados-dev - 15.2.12-0ubuntu0.20.04.1 librbd1 - 15.2.12-0ubuntu0.20.04.1 python3-ceph - 15.2.12-0ubuntu0.20.04.1 cephadm - 15.2.12-0ubuntu0.20.04.1 libradosstriper-dev - 15.2.12-0ubuntu0.20.04.1 librados2 - 15.2.12-0ubuntu0.20.04.1 ceph-mon - 15.2.12-0ubuntu0.20.04.1 libcephfs2 - 15.2.12-0ubuntu0.20.04.1 ceph-immutable-object-cache - 15.2.12-0ubuntu0.20.04.1 librgw2 - 15.2.12-0ubuntu0.20.04.1 ceph-mds - 15.2.12-0ubuntu0.20.04.1 radosgw - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-diskprediction-local - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-diskprediction-cloud - 15.2.12-0ubuntu0.20.04.1 python3-rgw - 15.2.12-0ubuntu0.20.04.1 rbd-nbd - 15.2.12-0ubuntu0.20.04.1 libcephfs-dev - 15.2.12-0ubuntu0.20.04.1 rados-objclass-dev - 15.2.12-0ubuntu0.20.04.1 libradosstriper1 - 15.2.12-0ubuntu0.20.04.1 ceph-osd - 15.2.12-0ubuntu0.20.04.1 python3-ceph-argparse - 15.2.12-0ubuntu0.20.04.1 python3-ceph-common - 15.2.12-0ubuntu0.20.04.1 librgw-dev - 15.2.12-0ubuntu0.20.04.1 python3-rados - 15.2.12-0ubuntu0.20.04.1 ceph-base - 15.2.12-0ubuntu0.20.04.1 ceph-mgr-k8sevents - 15.2.12-0ubuntu0.20.04.1 python3-cephfs - 15.2.12-0ubuntu0.20.04.1 ceph-fuse - 15.2.12-0ubuntu0.20.04.1 cephfs-shell - 15.2.12-0ubuntu0.20.04.1 ceph-common - 15.2.12-0ubuntu0.20.04.1 libcephfs-java - 15.2.12-0ubuntu0.20.04.1 ceph-resource-agents - 15.2.12-0ubuntu0.20.04.1 libcephfs-jni - 15.2.12-0ubuntu0.20.04.1 No subscription required Medium CVE-2020-25678 CVE-2020-27781 CVE-2020-27839 CVE-2021-20288 CVE-2021-3509 CVE-2021-3524 CVE-2021-3531 Ubuntu 20.04 LTS Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker could use this to expose sensitive information. (CVE-2021-29155) Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) Update Instructions: Run `sudo pro fix USN-4999-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.8.0-1033-oracle - 5.8.0-1033.34~20.04.1 No subscription required linux-image-5.8.0-1035-gcp - 5.8.0-1035.37~20.04.1 No subscription required linux-image-5.8.0-1036-azure - 5.8.0-1036.38~20.04.1 No subscription required linux-image-5.8.0-1038-aws - 5.8.0-1038.40~20.04.1 No subscription required linux-image-5.8.0-59-lowlatency - 5.8.0-59.66~20.04.1 linux-image-5.8.0-59-generic - 5.8.0-59.66~20.04.1 linux-image-5.8.0-59-generic-64k - 5.8.0-59.66~20.04.1 linux-image-5.8.0-59-generic-lpae - 5.8.0-59.66~20.04.1 No subscription required linux-image-oracle-edge - 5.8.0.1033.34~20.04.9 linux-image-oracle - 5.8.0.1033.34~20.04.9 No subscription required linux-image-gcp - 5.8.0.1035.37~20.04.9 linux-image-gcp-edge - 5.8.0.1035.37~20.04.9 No subscription required linux-image-azure-edge - 5.8.0.1036.38~20.04.8 linux-image-azure - 5.8.0.1036.38~20.04.8 No subscription required linux-image-aws - 5.8.0.1038.40~20.04.11 No subscription required linux-image-virtual-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-generic-lpae-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-generic-64k-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-lowlatency-hwe-20.04 - 5.8.0.59.66~20.04.42 linux-image-generic-hwe-20.04 - 5.8.0.59.66~20.04.42 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-29155 CVE-2021-31440 CVE-2021-31829 CVE-2021-33200 CVE-2021-3609 Ubuntu 20.04 LTS Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update Instructions: Run `sudo pro fix USN-5000-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1018-gkeop - 5.4.0-1018.19 No subscription required linux-image-5.4.0-1038-raspi - 5.4.0-1038.41 No subscription required linux-image-5.4.0-1046-gke - 5.4.0-1046.48 No subscription required linux-image-5.4.0-1046-gcp - 5.4.0-1046.49 No subscription required linux-image-5.4.0-1048-oracle - 5.4.0-1048.52 No subscription required linux-image-5.4.0-1051-aws - 5.4.0-1051.53 linux-image-5.4.0-1051-azure - 5.4.0-1051.53 No subscription required linux-image-5.4.0-77-lowlatency - 5.4.0-77.86 linux-image-5.4.0-77-generic - 5.4.0-77.86 linux-image-5.4.0-77-generic-lpae - 5.4.0-77.86 No subscription required linux-image-gkeop-5.4 - 5.4.0.1018.21 linux-image-gkeop - 5.4.0.1018.21 No subscription required linux-image-raspi - 5.4.0.1038.73 linux-image-raspi2 - 5.4.0.1038.73 linux-image-raspi-hwe-18.04-edge - 5.4.0.1038.73 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1038.73 linux-image-raspi-hwe-18.04 - 5.4.0.1038.73 linux-image-raspi2-hwe-18.04 - 5.4.0.1038.73 No subscription required linux-image-gke - 5.4.0.1046.55 linux-image-gcp-lts-20.04 - 5.4.0.1046.55 linux-image-gke-5.4 - 5.4.0.1046.55 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1048.48 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1051.49 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1051.53 No subscription required linux-image-virtual-hwe-18.04-edge - 5.4.0.77.80 linux-image-oem-osp1 - 5.4.0.77.80 linux-image-generic-hwe-18.04 - 5.4.0.77.80 linux-image-generic-lpae-hwe-18.04 - 5.4.0.77.80 linux-image-virtual - 5.4.0.77.80 linux-image-lowlatency-hwe-18.04 - 5.4.0.77.80 linux-image-generic - 5.4.0.77.80 linux-image-virtual-hwe-18.04 - 5.4.0.77.80 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.77.80 linux-image-oem - 5.4.0.77.80 linux-image-generic-hwe-18.04-edge - 5.4.0.77.80 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.77.80 linux-image-generic-lpae - 5.4.0.77.80 linux-image-lowlatency - 5.4.0.77.80 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-23134 CVE-2021-31829 CVE-2021-32399 CVE-2021-33034 CVE-2021-33200 CVE-2021-3506 CVE-2021-3609 Ubuntu 20.04 LTS USN-5000-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and the Linux HWE kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 20.04 LTS. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update Instructions: Run `sudo pro fix USN-5000-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1041-kvm - 5.4.0-1041.42 linux-headers-5.4.0-1041-kvm - 5.4.0-1041.42 linux-kvm-headers-5.4.0-1041 - 5.4.0-1041.42 linux-buildinfo-5.4.0-1041-kvm - 5.4.0-1041.42 linux-kvm-tools-5.4.0-1041 - 5.4.0-1041.42 linux-image-unsigned-5.4.0-1041-kvm - 5.4.0-1041.42 linux-tools-5.4.0-1041-kvm - 5.4.0-1041.42 linux-modules-5.4.0-1041-kvm - 5.4.0-1041.42 No subscription required linux-tools-kvm - 5.4.0.1041.39 linux-kvm - 5.4.0.1041.39 linux-headers-kvm - 5.4.0.1041.39 linux-image-kvm - 5.4.0.1041.39 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-23134 CVE-2021-31829 CVE-2021-32399 CVE-2021-33034 CVE-2021-33200 CVE-2021-3506 CVE-2021-3609 Ubuntu 20.04 LTS Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147) Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Mathias Krause discovered that a null pointer dereference existed in the Nitro Enclaves kernel driver of the Linux kernel. A local attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3543) Update Instructions: Run `sudo pro fix USN-5001-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.10.0-1033-oem - 5.10.0-1033.34 No subscription required linux-image-oem-20.04b - 5.10.0.1033.34 linux-image-oem-20.04 - 5.10.0.1033.34 linux-image-oem-20.04-edge - 5.10.0.1033.34 No subscription required High CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2021-23133 CVE-2021-23134 CVE-2021-31440 CVE-2021-32399 CVE-2021-33034 CVE-2021-3506 CVE-2021-3543 CVE-2021-3609 Ubuntu 20.04 LTS It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11287) Jonathan Knudsen discovered RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-22116) Update Instructions: Run `sudo pro fix USN-5004-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.8.2-0ubuntu1.3 No subscription required Medium CVE-2019-11287 CVE-2021-22116 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-7068) It was discovered that PHP incorrectly handled parsing URLs with passwords. A remote attacker could possibly use this issue to cause PHP to mis-parse the URL and produce wrong data. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-7071) It was discovered that PHP incorrectly handled certain malformed XML data when being parsed by the SOAP extension. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-21702) It was discovered that PHP incorrectly handled the pdo_firebase module. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2021-21704) It was discovered that PHP incorrectly handled the FILTER_VALIDATE_URL check. A remote attacker could possibly use this issue to perform a server- side request forgery attack. (CVE-2021-21705) Update Instructions: Run `sudo pro fix USN-5006-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.5 php7.4-readline - 7.4.3-4ubuntu2.5 php7.4-dba - 7.4.3-4ubuntu2.5 php7.4-common - 7.4.3-4ubuntu2.5 php7.4-xmlrpc - 7.4.3-4ubuntu2.5 php7.4-intl - 7.4.3-4ubuntu2.5 php7.4-phpdbg - 7.4.3-4ubuntu2.5 php7.4-ldap - 7.4.3-4ubuntu2.5 php7.4-soap - 7.4.3-4ubuntu2.5 php7.4-xsl - 7.4.3-4ubuntu2.5 php7.4-pgsql - 7.4.3-4ubuntu2.5 php7.4-pspell - 7.4.3-4ubuntu2.5 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.5 php7.4-zip - 7.4.3-4ubuntu2.5 php7.4-curl - 7.4.3-4ubuntu2.5 php7.4-odbc - 7.4.3-4ubuntu2.5 php7.4-json - 7.4.3-4ubuntu2.5 php7.4-mbstring - 7.4.3-4ubuntu2.5 php7.4-imap - 7.4.3-4ubuntu2.5 php7.4-bz2 - 7.4.3-4ubuntu2.5 php7.4-cgi - 7.4.3-4ubuntu2.5 php7.4 - 7.4.3-4ubuntu2.5 php7.4-bcmath - 7.4.3-4ubuntu2.5 php7.4-dev - 7.4.3-4ubuntu2.5 php7.4-interbase - 7.4.3-4ubuntu2.5 php7.4-tidy - 7.4.3-4ubuntu2.5 php7.4-gmp - 7.4.3-4ubuntu2.5 php7.4-sqlite3 - 7.4.3-4ubuntu2.5 php7.4-fpm - 7.4.3-4ubuntu2.5 php7.4-sybase - 7.4.3-4ubuntu2.5 php7.4-cli - 7.4.3-4ubuntu2.5 libphp7.4-embed - 7.4.3-4ubuntu2.5 php7.4-enchant - 7.4.3-4ubuntu2.5 php7.4-mysql - 7.4.3-4ubuntu2.5 php7.4-snmp - 7.4.3-4ubuntu2.5 php7.4-xml - 7.4.3-4ubuntu2.5 php7.4-opcache - 7.4.3-4ubuntu2.5 No subscription required Medium CVE-2020-7068 CVE-2020-7071 CVE-2021-21702 CVE-2021-21704 CVE-2021-21705 Ubuntu 20.04 LTS Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash. Update Instructions: Run `sudo pro fix USN-5007-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1-dev - 1.34.2-1ubuntu1.3 libuv1 - 1.34.2-1ubuntu1.3 No subscription required Medium CVE-2021-22918 Ubuntu 20.04 LTS Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3468) It was discovered that Avahi incorrectly handled certain hostnames. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. (CVE-2021-3502) Update Instructions: Run `sudo pro fix USN-5008-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavahi-compat-libdnssd-dev - 0.7-4ubuntu7.1 libavahi-ui-gtk3-0 - 0.7-4ubuntu7.1 libavahi-core7-udeb - 0.7-4ubuntu7.1 libavahi-core7 - 0.7-4ubuntu7.1 libavahi-client3 - 0.7-4ubuntu7.1 libavahi-core-dev - 0.7-4ubuntu7.1 libavahi-client-dev - 0.7-4ubuntu7.1 avahi-ui-utils - 0.7-4ubuntu7.1 libavahi-gobject-dev - 0.7-4ubuntu7.1 avahi-dnsconfd - 0.7-4ubuntu7.1 libavahi-compat-libdnssd1 - 0.7-4ubuntu7.1 libavahi-common3 - 0.7-4ubuntu7.1 avahi-daemon - 0.7-4ubuntu7.1 avahi-discover - 0.7-4ubuntu7.1 libavahi-common-dev - 0.7-4ubuntu7.1 libavahi-common-data - 0.7-4ubuntu7.1 avahi-utils - 0.7-4ubuntu7.1 libavahi-common3-udeb - 0.7-4ubuntu7.1 libavahi-ui-gtk3-dev - 0.7-4ubuntu7.1 libavahi-glib-dev - 0.7-4ubuntu7.1 libavahi-gobject0 - 0.7-4ubuntu7.1 gir1.2-avahi-0.6 - 0.7-4ubuntu7.1 avahi-autoipd - 0.7-4ubuntu7.1 python-avahi - 0.7-4ubuntu7.1 libavahi-glib1 - 0.7-4ubuntu7.1 No subscription required Medium CVE-2021-3468 CVE-2021-3502 Ubuntu 20.04 LTS Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-29129, CVE-2020-29130) It was discovered that libslirp incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. (CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595) Update Instructions: Run `sudo pro fix USN-5009-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libslirp0 - 4.1.0-2ubuntu2.2 libslirp-dev - 4.1.0-2ubuntu2.2 No subscription required Medium CVE-2020-29129 CVE-2020-29130 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 Ubuntu 20.04 LTS Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-15469) Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.04. (CVE-2020-29443) Cheolwoo Myung discovered that QEMU incorrectly handled SCSI device emulation. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-35504, CVE-2020-35505, CVE-2021-3392) Alex Xu discovered that QEMU incorrectly handled the virtio-fs shared file system daemon. An attacker inside the guest could possibly use this issue to read and write to host devices. This issue only affected Ubuntu 20.10. (CVE-2020-35517) It was discovered that QEMU incorrectly handled ARM Generic Interrupt Controller emulation. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-20221) Alexander Bulekov, Cheolwoo Myung, Sergej Schumilo, Cornelius Aschermann, and Simon Werner discovered that QEMU incorrectly handled e1000 device emulation. An attacker inside the guest could possibly use this issue to cause QEMU to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-20257) It was discovered that QEMU incorrectly handled SDHCI controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, when QEMU is used in combination with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2021-3409) It was discovered that QEMU incorrectly handled certain NIC emulation devices. An attacker inside the guest could possibly use this issue to cause QEMU to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3416) Remy Noel discovered that QEMU incorrectly handled the USB redirector device. An attacker inside the guest could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. (CVE-2021-3527) It was discovered that QEMU incorrectly handled the virtio vhost-user GPU device. An attacker inside the guest could possibly use this issue to cause QEMU to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3544) It was discovered that QEMU incorrectly handled the virtio vhost-user GPU device. An attacker inside the guest could possibly use this issue to obtain sensitive host information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3545) It was discovered that QEMU incorrectly handled the virtio vhost-user GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, when QEMU is used in combination with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3546) It was discovered that QEMU incorrectly handled the PVRDMA device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, when QEMU is used in combination with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3582, CVE-2021-3607, CVE-2021-3608) It was discovered that QEMU SLiRP networking incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. (CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595) Update Instructions: Run `sudo pro fix USN-5010-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.17 qemu-system-common - 1:4.2-3ubuntu6.17 qemu-user-static - 1:4.2-3ubuntu6.17 qemu-system-misc - 1:4.2-3ubuntu6.17 qemu-block-extra - 1:4.2-3ubuntu6.17 qemu-system-s390x - 1:4.2-3ubuntu6.17 qemu-user - 1:4.2-3ubuntu6.17 qemu-system-sparc - 1:4.2-3ubuntu6.17 qemu-guest-agent - 1:4.2-3ubuntu6.17 qemu-system - 1:4.2-3ubuntu6.17 qemu-utils - 1:4.2-3ubuntu6.17 qemu-system-data - 1:4.2-3ubuntu6.17 qemu-kvm - 1:4.2-3ubuntu6.17 qemu-user-binfmt - 1:4.2-3ubuntu6.17 qemu-system-x86 - 1:4.2-3ubuntu6.17 qemu-system-arm - 1:4.2-3ubuntu6.17 qemu-system-gui - 1:4.2-3ubuntu6.17 qemu - 1:4.2-3ubuntu6.17 qemu-system-ppc - 1:4.2-3ubuntu6.17 qemu-system-mips - 1:4.2-3ubuntu6.17 qemu-system-x86-xen - 1:4.2-3ubuntu6.17 No subscription required Medium CVE-2020-15469 CVE-2020-29443 CVE-2020-35504 CVE-2020-35505 CVE-2020-35517 CVE-2021-20221 CVE-2021-20257 CVE-2021-3392 CVE-2021-3409 CVE-2021-3416 CVE-2021-3527 CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3582 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 CVE-2021-3607 CVE-2021-3608 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, overlay text over another domain, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5011-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 90.0+build1-0ubuntu0.20.04.1 firefox - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 90.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 90.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 90.0+build1-0ubuntu0.20.04.1 firefox-dev - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 90.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 90.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-29970 CVE-2021-29972 CVE-2021-29974 CVE-2021-29975 CVE-2021-29976 CVE-2021-29977 CVE-2021-30547 Ubuntu 20.04 LTS It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could change permissions on files on the host filesystem and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-5012-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.2-0ubuntu1~20.04.2 golang-github-docker-containerd-dev - 1.5.2-0ubuntu1~20.04.2 golang-github-containerd-containerd-dev - 1.5.2-0ubuntu1~20.04.2 No subscription required High CVE-2021-32760 Ubuntu 20.04 LTS It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. (CVE-2021-33910) Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW packets. A remote attacker could possibly use this issue to reconfigure servers. (CVE-2020-13529) Update Instructions: Run `sudo pro fix USN-5013-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: systemd-tests - 245.4-4ubuntu3.10 systemd-coredump - 245.4-4ubuntu3.10 systemd - 245.4-4ubuntu3.10 udev-udeb - 245.4-4ubuntu3.10 libsystemd0 - 245.4-4ubuntu3.10 systemd-container - 245.4-4ubuntu3.10 libnss-myhostname - 245.4-4ubuntu3.10 libudev1-udeb - 245.4-4ubuntu3.10 libudev1 - 245.4-4ubuntu3.10 systemd-timesyncd - 245.4-4ubuntu3.10 libsystemd-dev - 245.4-4ubuntu3.10 libnss-systemd - 245.4-4ubuntu3.10 systemd-journal-remote - 245.4-4ubuntu3.10 libpam-systemd - 245.4-4ubuntu3.10 libnss-mymachines - 245.4-4ubuntu3.10 libnss-resolve - 245.4-4ubuntu3.10 systemd-sysv - 245.4-4ubuntu3.10 udev - 245.4-4ubuntu3.10 libudev-dev - 245.4-4ubuntu3.10 No subscription required High CVE-2020-13529 CVE-2021-33910 Ubuntu 20.04 LTS It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update Instructions: Run `sudo pro fix USN-5015-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1038.40 linux-buildinfo-5.10.0-1038-oem - 5.10.0-1038.40 linux-modules-5.10.0-1038-oem - 5.10.0-1038.40 linux-tools-5.10.0-1038-oem - 5.10.0-1038.40 linux-image-unsigned-5.10.0-1038-oem - 5.10.0-1038.40 linux-headers-5.10.0-1038-oem - 5.10.0-1038.40 linux-oem-5.10-tools-5.10.0-1038 - 5.10.0-1038.40 linux-oem-5.10-headers-5.10.0-1038 - 5.10.0-1038.40 linux-image-5.10.0-1038-oem - 5.10.0-1038.40 No subscription required linux-oem-20.04 - 5.10.0.1038.40 linux-oem-20.04-edge - 5.10.0.1038.40 linux-headers-oem-20.04b - 5.10.0.1038.40 linux-image-oem-20.04b - 5.10.0.1038.40 linux-image-oem-20.04 - 5.10.0.1038.40 linux-tools-oem-20.04-edge - 5.10.0.1038.40 linux-headers-oem-20.04-edge - 5.10.0.1038.40 linux-headers-oem-20.04 - 5.10.0.1038.40 linux-tools-oem-20.04b - 5.10.0.1038.40 linux-tools-oem-20.04 - 5.10.0.1038.40 linux-image-oem-20.04-edge - 5.10.0.1038.40 linux-oem-20.04b - 5.10.0.1038.40 No subscription required High CVE-2021-28691 CVE-2021-33909 CVE-2021-3564 CVE-2021-3573 Ubuntu 20.04 LTS It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399) It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update Instructions: Run `sudo pro fix USN-5016-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-oracle-5.8-tools-5.8.0-1037 - 5.8.0-1037.38~20.04.1 linux-oracle-5.8-headers-5.8.0-1037 - 5.8.0-1037.38~20.04.1 linux-headers-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-buildinfo-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-modules-extra-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-image-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-image-unsigned-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 linux-tools-5.8.0-1037-oracle - 5.8.0-1037.38~20.04.1 No subscription required linux-image-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-tools-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-modules-extra-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-gcp-5.8-tools-5.8.0-1038 - 5.8.0-1038.40~20.04.1 linux-headers-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-buildinfo-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-modules-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-image-unsigned-5.8.0-1038-gcp - 5.8.0-1038.40~20.04.1 linux-gcp-5.8-headers-5.8.0-1038 - 5.8.0-1038.40~20.04.1 No subscription required linux-azure-5.8-cloud-tools-5.8.0-1039 - 5.8.0-1039.42~20.04.1 linux-modules-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-azure-5.8-headers-5.8.0-1039 - 5.8.0-1039.42~20.04.1 linux-cloud-tools-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-buildinfo-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-azure-5.8-tools-5.8.0-1039 - 5.8.0-1039.42~20.04.1 linux-image-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-image-unsigned-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-headers-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-modules-extra-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 linux-tools-5.8.0-1039-azure - 5.8.0-1039.42~20.04.1 No subscription required linux-headers-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-modules-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-tools-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-aws-5.8-cloud-tools-5.8.0-1041 - 5.8.0-1041.43~20.04.1 linux-aws-5.8-tools-5.8.0-1041 - 5.8.0-1041.43~20.04.1 linux-modules-extra-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-cloud-tools-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-buildinfo-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-image-5.8.0-1041-aws - 5.8.0-1041.43~20.04.1 linux-aws-5.8-headers-5.8.0-1041 - 5.8.0-1041.43~20.04.1 No subscription required kernel-signed-image-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 md-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 parport-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 nic-shared-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-image-unsigned-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 virtio-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 input-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 block-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 block-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 ppp-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-generic - 5.8.0-63.71~20.04.1 linux-hwe-5.8-cloud-tools-5.8.0-63 - 5.8.0-63.71~20.04.1 linux-hwe-5.8-source-5.8.0 - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 sata-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 nic-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 multipath-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 nfs-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nic-usb-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-tools-host - 5.8.0-63.71~20.04.1 pcmcia-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 input-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 vlan-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 message-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 vlan-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 floppy-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 vlan-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 multipath-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nic-usb-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 linux-cloud-tools-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 multipath-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-generic - 5.8.0-63.71~20.04.1 crypto-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 virtio-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 fs-core-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-image-unsigned-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 scsi-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-tools-common - 5.8.0-63.71~20.04.1 nic-pcmcia-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-generic - 5.8.0-63.71~20.04.1 ipmi-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-udebs-generic-lpae - 5.8.0-63.71~20.04.1 fat-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 fs-core-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 fs-core-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 ppp-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 crypto-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-cloud-tools-common - 5.8.0-63.71~20.04.1 parport-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fs-secondary-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 usb-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 fs-secondary-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 mouse-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 ppp-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fat-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 ipmi-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-headers-5.8.0-63 - 5.8.0-63.71~20.04.1 nic-shared-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 storage-core-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 plip-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 block-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 message-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-headers-5.8.0-63-generic - 5.8.0-63.71~20.04.1 pcmcia-storage-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-modules-extra-5.8.0-63-generic - 5.8.0-63.71~20.04.1 crypto-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nic-usb-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 usb-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-udebs-generic - 5.8.0-63.71~20.04.1 fat-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 ipmi-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 nic-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-hwe-5.8-tools-5.8.0-63 - 5.8.0-63.71~20.04.1 kernel-image-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 storage-core-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 plip-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 input-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 firewire-core-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-tools-5.8.0-63-lowlatency - 5.8.0-63.71~20.04.1 nfs-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic - 5.8.0-63.71~20.04.1 linux-hwe-5.8-udebs-generic-64k - 5.8.0-63.71~20.04.1 mouse-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-lpae - 5.8.0-63.71~20.04.1 parport-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 sata-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 nfs-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 nic-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fs-secondary-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 sata-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 scsi-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 linux-cloud-tools-5.8.0-63-generic - 5.8.0-63.71~20.04.1 nic-shared-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 linux-buildinfo-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 dasd-extra-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 dasd-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 scsi-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 md-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 plip-modules-5.8.0-63-generic-64k-di - 5.8.0-63.71~20.04.1 kernel-image-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 usb-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 pata-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 fb-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 mouse-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 storage-core-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 linux-image-unsigned-5.8.0-63-generic - 5.8.0-63.71~20.04.1 linux-modules-5.8.0-63-generic-64k - 5.8.0-63.71~20.04.1 serial-modules-5.8.0-63-generic-di - 5.8.0-63.71~20.04.1 md-modules-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 kernel-image-5.8.0-63-generic-lpae-di - 5.8.0-63.71~20.04.1 No subscription required linux-headers-oracle - 5.8.0.1037.38~20.04.13 linux-tools-oracle - 5.8.0.1037.38~20.04.13 linux-image-oracle - 5.8.0.1037.38~20.04.13 linux-oracle - 5.8.0.1037.38~20.04.13 No subscription required linux-gcp - 5.8.0.1038.40~20.04.13 linux-headers-gcp - 5.8.0.1038.40~20.04.13 linux-image-gcp - 5.8.0.1038.40~20.04.13 linux-modules-extra-gcp - 5.8.0.1038.40~20.04.13 linux-tools-gcp - 5.8.0.1038.40~20.04.13 No subscription required linux-cloud-tools-azure - 5.8.0.1039.42~20.04.11 linux-tools-azure - 5.8.0.1039.42~20.04.11 linux-azure - 5.8.0.1039.42~20.04.11 linux-modules-extra-azure - 5.8.0.1039.42~20.04.11 linux-image-azure - 5.8.0.1039.42~20.04.11 linux-headers-azure - 5.8.0.1039.42~20.04.11 No subscription required linux-headers-aws - 5.8.0.1041.43~20.04.13 linux-image-aws - 5.8.0.1041.43~20.04.13 linux-aws - 5.8.0.1041.43~20.04.13 linux-modules-extra-aws - 5.8.0.1041.43~20.04.13 linux-tools-aws - 5.8.0.1041.43~20.04.13 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-cloud-tools-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-extra-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-cloud-tools-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-generic-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-generic-lpae-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-tools-generic-64k-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-lowlatency-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-image-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 linux-headers-virtual-hwe-20.04 - 5.8.0.63.71~20.04.45 No subscription required High CVE-2021-23134 CVE-2021-32399 CVE-2021-33034 CVE-2021-33909 CVE-2021-3506 Ubuntu 20.04 LTS It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Update Instructions: Run `sudo pro fix USN-5017-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-tools-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-cloud-tools-5.4.0-1021 - 5.4.0-1021.22 linux-image-unsigned-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-source-5.4.0 - 5.4.0-1021.22 linux-headers-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-headers-5.4.0-1021 - 5.4.0-1021.22 linux-modules-extra-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-gkeop-tools-5.4.0-1021 - 5.4.0-1021.22 linux-image-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-buildinfo-5.4.0-1021-gkeop - 5.4.0-1021.22 linux-modules-5.4.0-1021-gkeop - 5.4.0-1021.22 No subscription required linux-buildinfo-5.4.0-1041-raspi - 5.4.0-1041.45 linux-modules-5.4.0-1041-raspi - 5.4.0-1041.45 linux-image-5.4.0-1041-raspi - 5.4.0-1041.45 linux-raspi-tools-5.4.0-1041 - 5.4.0-1041.45 linux-tools-5.4.0-1041-raspi - 5.4.0-1041.45 linux-headers-5.4.0-1041-raspi - 5.4.0-1041.45 linux-raspi-headers-5.4.0-1041 - 5.4.0-1041.45 No subscription required linux-image-unsigned-5.4.0-1044-kvm - 5.4.0-1044.46 linux-tools-5.4.0-1044-kvm - 5.4.0-1044.46 linux-kvm-tools-5.4.0-1044 - 5.4.0-1044.46 linux-headers-5.4.0-1044-kvm - 5.4.0-1044.46 linux-buildinfo-5.4.0-1044-kvm - 5.4.0-1044.46 linux-modules-5.4.0-1044-kvm - 5.4.0-1044.46 linux-image-5.4.0-1044-kvm - 5.4.0-1044.46 linux-kvm-headers-5.4.0-1044 - 5.4.0-1044.46 No subscription required linux-modules-5.4.0-1049-gke - 5.4.0-1049.52 linux-image-5.4.0-1049-gke - 5.4.0-1049.52 linux-buildinfo-5.4.0-1049-gke - 5.4.0-1049.52 linux-modules-extra-5.4.0-1049-gke - 5.4.0-1049.52 linux-gke-tools-5.4.0-1049 - 5.4.0-1049.52 linux-headers-5.4.0-1049-gke - 5.4.0-1049.52 linux-tools-5.4.0-1049-gke - 5.4.0-1049.52 linux-image-unsigned-5.4.0-1049-gke - 5.4.0-1049.52 linux-gke-headers-5.4.0-1049 - 5.4.0-1049.52 No subscription required linux-modules-5.4.0-1049-gcp - 5.4.0-1049.53 linux-gcp-headers-5.4.0-1049 - 5.4.0-1049.53 linux-image-unsigned-5.4.0-1049-gcp - 5.4.0-1049.53 linux-buildinfo-5.4.0-1049-gcp - 5.4.0-1049.53 linux-image-5.4.0-1049-gcp - 5.4.0-1049.53 linux-tools-5.4.0-1049-gcp - 5.4.0-1049.53 linux-modules-extra-5.4.0-1049-gcp - 5.4.0-1049.53 linux-headers-5.4.0-1049-gcp - 5.4.0-1049.53 linux-gcp-tools-5.4.0-1049 - 5.4.0-1049.53 No subscription required linux-image-5.4.0-1052-oracle - 5.4.0-1052.56 linux-buildinfo-5.4.0-1052-oracle - 5.4.0-1052.56 linux-oracle-headers-5.4.0-1052 - 5.4.0-1052.56 linux-modules-5.4.0-1052-oracle - 5.4.0-1052.56 linux-oracle-tools-5.4.0-1052 - 5.4.0-1052.56 linux-headers-5.4.0-1052-oracle - 5.4.0-1052.56 linux-image-unsigned-5.4.0-1052-oracle - 5.4.0-1052.56 linux-modules-extra-5.4.0-1052-oracle - 5.4.0-1052.56 linux-tools-5.4.0-1052-oracle - 5.4.0-1052.56 No subscription required linux-buildinfo-5.4.0-1054-aws - 5.4.0-1054.57 linux-image-5.4.0-1054-aws - 5.4.0-1054.57 linux-headers-5.4.0-1054-aws - 5.4.0-1054.57 linux-aws-headers-5.4.0-1054 - 5.4.0-1054.57 linux-cloud-tools-5.4.0-1054-aws - 5.4.0-1054.57 linux-tools-5.4.0-1054-aws - 5.4.0-1054.57 linux-aws-cloud-tools-5.4.0-1054 - 5.4.0-1054.57 linux-aws-tools-5.4.0-1054 - 5.4.0-1054.57 linux-modules-5.4.0-1054-aws - 5.4.0-1054.57 linux-modules-extra-5.4.0-1054-aws - 5.4.0-1054.57 No subscription required linux-headers-5.4.0-1055-azure - 5.4.0-1055.57 linux-modules-5.4.0-1055-azure - 5.4.0-1055.57 linux-azure-cloud-tools-5.4.0-1055 - 5.4.0-1055.57 linux-azure-tools-5.4.0-1055 - 5.4.0-1055.57 linux-modules-extra-5.4.0-1055-azure - 5.4.0-1055.57 linux-cloud-tools-5.4.0-1055-azure - 5.4.0-1055.57 linux-azure-headers-5.4.0-1055 - 5.4.0-1055.57 linux-tools-5.4.0-1055-azure - 5.4.0-1055.57 linux-image-unsigned-5.4.0-1055-azure - 5.4.0-1055.57 linux-image-5.4.0-1055-azure - 5.4.0-1055.57 linux-buildinfo-5.4.0-1055-azure - 5.4.0-1055.57 No subscription required parport-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-udebs-generic-lpae - 5.4.0-80.90 nic-modules-5.4.0-80-generic-di - 5.4.0-80.90 parport-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 storage-core-modules-5.4.0-80-generic-di - 5.4.0-80.90 mouse-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 crypto-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 linux-tools-5.4.0-80 - 5.4.0-80.90 linux-tools-host - 5.4.0-80.90 linux-image-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-tools-common - 5.4.0-80.90 pcmcia-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80 - 5.4.0-80.90 linux-doc - 5.4.0-80.90 scsi-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 fs-secondary-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 usb-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 input-modules-5.4.0-80-generic-di - 5.4.0-80.90 nic-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 linux-image-unsigned-5.4.0-80-lowlatency - 5.4.0-80.90 virtio-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-cloud-tools-5.4.0-80 - 5.4.0-80.90 linux-cloud-tools-5.4.0-80-generic - 5.4.0-80.90 fb-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-libc-dev - 5.4.0-80.90 linux-source-5.4.0 - 5.4.0-80.90 fat-modules-5.4.0-80-generic-di - 5.4.0-80.90 ipmi-modules-5.4.0-80-generic-di - 5.4.0-80.90 pata-modules-5.4.0-80-generic-di - 5.4.0-80.90 nfs-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 block-modules-5.4.0-80-generic-di - 5.4.0-80.90 vlan-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-tools-5.4.0-80-lowlatency - 5.4.0-80.90 linux-cloud-tools-5.4.0-80-lowlatency - 5.4.0-80.90 linux-modules-5.4.0-80-generic - 5.4.0-80.90 fat-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 fs-core-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 dasd-modules-5.4.0-80-generic-di - 5.4.0-80.90 usb-modules-5.4.0-80-generic-di - 5.4.0-80.90 nic-pcmcia-modules-5.4.0-80-generic-di - 5.4.0-80.90 kernel-image-5.4.0-80-generic-di - 5.4.0-80.90 kernel-image-5.4.0-80-generic-lpae-di - 5.4.0-80.90 serial-modules-5.4.0-80-generic-di - 5.4.0-80.90 firewire-core-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-buildinfo-5.4.0-80-generic - 5.4.0-80.90 ipmi-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nfs-modules-5.4.0-80-generic-di - 5.4.0-80.90 md-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nic-shared-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 message-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-image-5.4.0-80-generic - 5.4.0-80.90 multipath-modules-5.4.0-80-generic-di - 5.4.0-80.90 scsi-modules-5.4.0-80-generic-di - 5.4.0-80.90 floppy-modules-5.4.0-80-generic-di - 5.4.0-80.90 kernel-signed-image-5.4.0-80-generic-di - 5.4.0-80.90 mouse-modules-5.4.0-80-generic-di - 5.4.0-80.90 sata-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-modules-5.4.0-80-generic-lpae - 5.4.0-80.90 linux-modules-5.4.0-80-lowlatency - 5.4.0-80.90 linux-tools-5.4.0-80-generic-lpae - 5.4.0-80.90 dasd-extra-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-cloud-tools-common - 5.4.0-80.90 fs-core-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-image-5.4.0-80-lowlatency - 5.4.0-80.90 linux-udebs-generic - 5.4.0-80.90 linux-buildinfo-5.4.0-80-lowlatency - 5.4.0-80.90 linux-modules-extra-5.4.0-80-generic - 5.4.0-80.90 linux-buildinfo-5.4.0-80-generic-lpae - 5.4.0-80.90 crypto-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-tools-5.4.0-80-generic - 5.4.0-80.90 ppp-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nic-shared-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80-generic - 5.4.0-80.90 plip-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 sata-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 pcmcia-storage-modules-5.4.0-80-generic-di - 5.4.0-80.90 block-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 input-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 vlan-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 fs-secondary-modules-5.4.0-80-generic-di - 5.4.0-80.90 ppp-modules-5.4.0-80-generic-di - 5.4.0-80.90 plip-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-image-unsigned-5.4.0-80-generic - 5.4.0-80.90 nic-usb-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 multipath-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 nic-usb-modules-5.4.0-80-generic-di - 5.4.0-80.90 linux-headers-5.4.0-80-lowlatency - 5.4.0-80.90 md-modules-5.4.0-80-generic-di - 5.4.0-80.90 storage-core-modules-5.4.0-80-generic-lpae-di - 5.4.0-80.90 No subscription required linux-headers-gkeop - 5.4.0.1021.24 linux-cloud-tools-gkeop-5.4 - 5.4.0.1021.24 linux-image-gkeop - 5.4.0.1021.24 linux-image-gkeop-5.4 - 5.4.0.1021.24 linux-gkeop - 5.4.0.1021.24 linux-cloud-tools-gkeop - 5.4.0.1021.24 linux-modules-extra-gkeop-5.4 - 5.4.0.1021.24 linux-headers-gkeop-5.4 - 5.4.0.1021.24 linux-modules-extra-gkeop - 5.4.0.1021.24 linux-tools-gkeop - 5.4.0.1021.24 linux-gkeop-5.4 - 5.4.0.1021.24 linux-tools-gkeop-5.4 - 5.4.0.1021.24 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi2 - 5.4.0.1041.76 linux-headers-raspi2 - 5.4.0.1041.76 linux-image-raspi-hwe-18.04 - 5.4.0.1041.76 linux-image-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-tools-raspi - 5.4.0.1041.76 linux-headers-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-headers-raspi-hwe-18.04 - 5.4.0.1041.76 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-headers-raspi - 5.4.0.1041.76 linux-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi-hwe-18.04 - 5.4.0.1041.76 linux-tools-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-raspi2-hwe-18.04 - 5.4.0.1041.76 linux-image-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-image-raspi2 - 5.4.0.1041.76 linux-tools-raspi-hwe-18.04 - 5.4.0.1041.76 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-raspi-hwe-18.04-edge - 5.4.0.1041.76 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1041.76 linux-image-raspi - 5.4.0.1041.76 linux-tools-raspi2 - 5.4.0.1041.76 linux-raspi - 5.4.0.1041.76 No subscription required linux-tools-kvm - 5.4.0.1044.43 linux-headers-kvm - 5.4.0.1044.43 linux-kvm - 5.4.0.1044.43 linux-image-kvm - 5.4.0.1044.43 No subscription required linux-modules-extra-gke - 5.4.0.1049.59 linux-headers-gke - 5.4.0.1049.59 linux-headers-gke-5.4 - 5.4.0.1049.59 linux-modules-extra-gke-5.4 - 5.4.0.1049.59 linux-gcp-lts-20.04 - 5.4.0.1049.59 linux-gke-5.4 - 5.4.0.1049.59 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1049.59 linux-headers-gcp-lts-20.04 - 5.4.0.1049.59 linux-tools-gke - 5.4.0.1049.59 linux-tools-gcp-lts-20.04 - 5.4.0.1049.59 linux-image-gke - 5.4.0.1049.59 linux-image-gcp-lts-20.04 - 5.4.0.1049.59 linux-gke - 5.4.0.1049.59 linux-image-gke-5.4 - 5.4.0.1049.59 linux-tools-gke-5.4 - 5.4.0.1049.59 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1052.52 linux-oracle-lts-20.04 - 5.4.0.1052.52 linux-headers-oracle-lts-20.04 - 5.4.0.1052.52 linux-image-oracle-lts-20.04 - 5.4.0.1052.52 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1054.57 linux-image-aws-lts-20.04 - 5.4.0.1054.57 linux-tools-aws-lts-20.04 - 5.4.0.1054.57 linux-modules-extra-aws-lts-20.04 - 5.4.0.1054.57 linux-aws-lts-20.04 - 5.4.0.1054.57 No subscription required linux-azure-lts-20.04 - 5.4.0.1055.53 linux-image-azure-lts-20.04 - 5.4.0.1055.53 linux-modules-extra-azure-lts-20.04 - 5.4.0.1055.53 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1055.53 linux-tools-azure-lts-20.04 - 5.4.0.1055.53 linux-headers-azure-lts-20.04 - 5.4.0.1055.53 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-image-generic-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-headers-generic-lpae - 5.4.0.80.84 linux-generic-hwe-18.04-edge - 5.4.0.80.84 linux-image-virtual - 5.4.0.80.84 linux-cloud-tools-lowlatency - 5.4.0.80.84 linux-image-generic - 5.4.0.80.84 linux-tools-lowlatency - 5.4.0.80.84 linux-image-oem - 5.4.0.80.84 linux-image-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-headers-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-virtual - 5.4.0.80.84 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-image-oem-osp1 - 5.4.0.80.84 linux-headers-oem - 5.4.0.80.84 linux-image-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-crashdump - 5.4.0.80.84 linux-tools-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-headers-generic-hwe-18.04 - 5.4.0.80.84 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-headers-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-source - 5.4.0.80.84 linux-lowlatency - 5.4.0.80.84 linux-tools-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-tools-generic-lpae - 5.4.0.80.84 linux-virtual - 5.4.0.80.84 linux-headers-virtual-hwe-18.04 - 5.4.0.80.84 linux-generic - 5.4.0.80.84 linux-virtual-hwe-18.04 - 5.4.0.80.84 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-headers-virtual - 5.4.0.80.84 linux-cloud-tools-generic - 5.4.0.80.84 linux-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-generic-lpae - 5.4.0.80.84 linux-image-extra-virtual-hwe-18.04 - 5.4.0.80.84 linux-tools-oem-osp1 - 5.4.0.80.84 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.80.84 linux-tools-generic-hwe-18.04-edge - 5.4.0.80.84 linux-image-lowlatency - 5.4.0.80.84 linux-image-virtual-hwe-18.04 - 5.4.0.80.84 linux-oem-tools-host - 5.4.0.80.84 linux-headers-lowlatency - 5.4.0.80.84 linux-image-generic-hwe-18.04-edge - 5.4.0.80.84 linux-generic-hwe-18.04 - 5.4.0.80.84 linux-oem - 5.4.0.80.84 linux-tools-generic - 5.4.0.80.84 linux-image-extra-virtual - 5.4.0.80.84 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-oem-osp1-tools-host - 5.4.0.80.84 linux-tools-oem - 5.4.0.80.84 linux-headers-oem-osp1 - 5.4.0.80.84 linux-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.80.84 linux-headers-generic-hwe-18.04-edge - 5.4.0.80.84 linux-headers-generic - 5.4.0.80.84 linux-oem-osp1 - 5.4.0.80.84 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.80.84 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.80.84 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.80.84 linux-virtual-hwe-18.04-edge - 5.4.0.80.84 linux-tools-virtual-hwe-18.04 - 5.4.0.80.84 linux-lowlatency-hwe-18.04 - 5.4.0.80.84 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.80.84 linux-image-generic-lpae - 5.4.0.80.84 linux-tools-virtual - 5.4.0.80.84 linux-tools-generic-hwe-18.04 - 5.4.0.80.84 linux-image-virtual-hwe-18.04-edge - 5.4.0.80.84 No subscription required High CVE-2020-26558 CVE-2021-0129 CVE-2021-33909 Ubuntu 20.04 LTS It was discovered that an assert() could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. (CVE-2021-1093) It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1094) It was discovered that the NVIDIA graphics drivers contained a vulnerability in the kernel mode layer where they did not properly control calls with embedded parameters in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1095) Update Instructions: Run `sudo pro fix USN-5019-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.144-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.144-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.144-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.144-0ubuntu0.20.04.1 nvidia-utils-390 - 390.144-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.144-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.144-0ubuntu0.20.04.1 nvidia-driver-390 - 390.144-0ubuntu0.20.04.1 nvidia-384-dev - 390.144-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.144-0ubuntu0.20.04.1 nvidia-384 - 390.144-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.144-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.144-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.144-0ubuntu0.20.04.1 nvidia-headless-390 - 390.144-0ubuntu0.20.04.1 libnvidia-common-390 - 390.144-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.144-0ubuntu0.20.04.1 libcuda1-384 - 390.144-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.144-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.144-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.144-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.144-0ubuntu0.20.04.1 No subscription required xserver-xorg-video-nvidia-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-headless-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-kernel-common-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-gl-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-decode-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-ifr1-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-compute-utils-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-fbc1-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-driver-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-utils-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-common-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-compute-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-headless-no-dkms-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-encode-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-kernel-source-418-server - 418.211.00-0ubuntu0.20.04.1 libnvidia-cfg1-418-server - 418.211.00-0ubuntu0.20.04.1 nvidia-dkms-418-server - 418.211.00-0ubuntu0.20.04.1 No subscription required libnvidia-compute-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.142.00-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.142.00-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.142.00-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.142.00-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.142.00-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.142.00-0ubuntu0.20.04.1 No subscription required libnvidia-common-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-common-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-common-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-460 - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-common-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-source-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-460 - 460.91.03-0ubuntu0.20.04.1 libnvidia-encode-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-kernel-common-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-utils-455 - 460.91.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-gl-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 460.91.03-0ubuntu0.20.04.1 libnvidia-decode-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 460.91.03-0ubuntu0.20.04.1 nvidia-dkms-455 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-headless-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-450 - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-compute-455 - 460.91.03-0ubuntu0.20.04.1 libnvidia-extra-450 - 460.91.03-0ubuntu0.20.04.1 nvidia-driver-460-server - 460.91.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-cfg1-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-ifr1-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-gl-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-gl-465 - 470.57.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-cfg1-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-compute-utils-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-compute-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-common-465 - 470.57.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-utils-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-encode-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-compute-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-compute-utils-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-common-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-utils-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-source-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-encode-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-dkms-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-extra-465 - 470.57.02-0ubuntu0.20.04.1 nvidia-kernel-source-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-driver-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-dkms-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-fbc1-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-extra-470 - 470.57.02-0ubuntu0.20.04.1 nvidia-driver-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-decode-465 - 470.57.02-0ubuntu0.20.04.1 libnvidia-fbc1-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-common-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-decode-470 - 470.57.02-0ubuntu0.20.04.1 libnvidia-ifr1-465 - 470.57.02-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-1093 CVE-2021-1094 CVE-2021-1095 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-31799) It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810) It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to perform machine-in-the-middle attackers to bypass the TLS protection. (CVE-2021-32066) Update Instructions: Run `sudo pro fix USN-5020-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.5 ruby2.7-doc - 2.7.0-5ubuntu1.5 ruby2.7-dev - 2.7.0-5ubuntu1.5 libruby2.7 - 2.7.0-5ubuntu1.5 No subscription required Medium CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 Ubuntu 20.04 LTS Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. (CVE-2021-22898, CVE-2021-22925) Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. (CVE-2021-22924) Update Instructions: Run `sudo pro fix USN-5021-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.6 libcurl4-openssl-dev - 7.68.0-1ubuntu2.6 libcurl3-gnutls - 7.68.0-1ubuntu2.6 libcurl4-doc - 7.68.0-1ubuntu2.6 libcurl3-nss - 7.68.0-1ubuntu2.6 libcurl4-nss-dev - 7.68.0-1ubuntu2.6 libcurl4 - 7.68.0-1ubuntu2.6 curl - 7.68.0-1ubuntu2.6 No subscription required Medium CVE-2021-22898 CVE-2021-22924 CVE-2021-22925 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html https://www.oracle.com/security-alerts/cpujul2021.html Update Instructions: Run `sudo pro fix USN-5022-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.26-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.26-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.26-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-router - 8.0.26-0ubuntu0.20.04.2 mysql-server - 8.0.26-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.26-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-testsuite - 8.0.26-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.26-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.26-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-2339 CVE-2021-2340 CVE-2021-2342 CVE-2021-2352 CVE-2021-2354 CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021-2387 CVE-2021-2389 CVE-2021-2390 CVE-2021-2399 CVE-2021-2402 CVE-2021-2410 CVE-2021-2417 CVE-2021-2418 CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 CVE-2021-2426 CVE-2021-2427 CVE-2021-2429 CVE-2021-2437 CVE-2021-2440 CVE-2021-2441 Ubuntu 20.04 LTS USN-5022-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2021-2372 and CVE-2021-2389 in MariaDB 10.3 and 10.5. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://mariadb.com/kb/en/mariadb-10331-changelog/ https://mariadb.com/kb/en/mariadb-10512-changelog/ Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html https://www.oracle.com/security-alerts/cpujul2021.html Update Instructions: Run `sudo pro fix USN-5022-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.31-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.31-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.31-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.31-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.31-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.31-0ubuntu0.20.04.1 mariadb-client - 1:10.3.31-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.31-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.31-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.31-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.31-0ubuntu0.20.04.1 mariadb-server - 1:10.3.31-0ubuntu0.20.04.1 mariadb-common - 1:10.3.31-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.31-0ubuntu0.20.04.1 mariadb-test - 1:10.3.31-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2372 CVE-2021-2389 Ubuntu 20.04 LTS It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-5023-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaspell15 - 0.60.8-1ubuntu0.1 aspell-doc - 0.60.8-1ubuntu0.1 aspell - 0.60.8-1ubuntu0.1 libpspell-dev - 0.60.8-1ubuntu0.1 libaspell-dev - 0.60.8-1ubuntu0.1 No subscription required Medium CVE-2019-25051 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5024-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.32.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.32.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.32.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.32.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.32.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.32.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.32.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799 Ubuntu 20.04 LTS It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5025-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsndfile1 - 1.0.28-7ubuntu0.1 libsndfile1-dev - 1.0.28-7ubuntu0.1 sndfile-programs - 1.0.28-7ubuntu0.1 No subscription required Medium CVE-2021-3246 Ubuntu 20.04 LTS It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18020) It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36978) Update Instructions: Run `sudo pro fix USN-5026-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libqpdf-dev - 9.1.1-1ubuntu0.1 qpdf - 9.1.1-1ubuntu0.1 libqpdf26 - 9.1.1-1ubuntu0.1 No subscription required Medium CVE-2018-18020 CVE-2021-36978 Ubuntu 20.04 LTS It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5027-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-pear - 1:1.10.9+submodules+notgz-1ubuntu0.20.04.3 No subscription required Medium CVE-2021-32610 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5028-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.5 libexiv2-27 - 0.27.2-8ubuntu2.5 libexiv2-doc - 0.27.2-8ubuntu2.5 libexiv2-dev - 0.27.2-8ubuntu2.5 No subscription required None Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled sending certain extensions when being used as a client. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5029-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.6 libgnutls28-dev - 3.6.13-2ubuntu1.6 libgnutls-openssl27 - 3.6.13-2ubuntu1.6 libgnutls30 - 3.6.13-2ubuntu1.6 libgnutls-dane0 - 3.6.13-2ubuntu1.6 gnutls-bin - 3.6.13-2ubuntu1.6 guile-gnutls - 3.6.13-2ubuntu1.6 libgnutlsxx28 - 3.6.13-2ubuntu1.6 No subscription required Low CVE-2021-20231 CVE-2021-20232 Ubuntu 20.04 LTS It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2014-10402) It was discovered that the Perl DBI module incorrectly handled certain long strings. A local attacker could possibly use this issue to cause the DBI module to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-14393) Update Instructions: Run `sudo pro fix USN-5030-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libdbi-perl - 1.643-1ubuntu0.1 No subscription required Medium CVE-2014-10402 CVE-2020-14393 Ubuntu 20.04 LTS Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them. Update Instructions: Run `sudo pro fix USN-5032-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 20.10.7-0ubuntu1~20.04.1 docker.io - 20.10.7-0ubuntu1~20.04.1 golang-docker-dev - 20.10.7-0ubuntu1~20.04.1 vim-syntax-docker - 20.10.7-0ubuntu1~20.04.1 docker-doc - 20.10.7-0ubuntu1~20.04.1 No subscription required None https://launchpad.net/bugs/1938908 Ubuntu 20.04 LTS Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks. Update Instructions: Run `sudo pro fix USN-5034-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.1 libc-ares-dev - 1.15.0-1ubuntu0.1 No subscription required Medium CVE-2021-3672 Ubuntu 20.04 LTS It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. Update Instructions: Run `sudo pro fix USN-5035-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgps26 - 3.20-8ubuntu0.4 libqgpsmm-dev - 3.20-8ubuntu0.4 libgps-dev - 3.20-8ubuntu0.4 gpsd - 3.20-8ubuntu0.4 python3-gps - 3.20-8ubuntu0.4 gpsd-clients - 3.20-8ubuntu0.4 libqgpsmm26 - 3.20-8ubuntu0.4 No subscription required None https://launchpad.net/bugs/1938730 Ubuntu 20.04 LTS It was discovered that Tor incorrectly handled certain memory operations. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM. (CVE-2019-8955) It was discovered that Tor did not properly handle the input length to dump_desc() function. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-28089) It was discovered that Tor did not properly sanitize the relay nickname in dirvote_add_signatures_to_pending_consensus() function. An attacker could possibly use this issue to cause an assertion failure and then cause a denial of service. (CVE-2021-28090) It was discovered that Tor did not properly validate the layer hint on half-open streams. A remote attacker could possibly use this issue to bypass the access control, leading to remote code execution. This issue only affected Ubuntu 20.04 ESM. (CVE-2021-34548) It was discovered that Tor was using an insecure hash function. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-34549) It was discovered that Tor did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted request, a remote attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly reading sensitive data. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-34550) It was discovered that Tor mishandles the relationship between batch-signature verification and single-signature verification. An attacker could possibly use this issue to cause an assertion failure and then cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-38385) Update Instructions: Run `sudo pro fix USN-5036-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tor - 0.4.2.7-1ubuntu0.1~esm1 tor-geoipdb - 0.4.2.7-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-8955 CVE-2021-28089 CVE-2021-28090 CVE-2021-34548 CVE-2021-34549 CVE-2021-34550 CVE-2021-38385 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5037-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 91.0+build2-0ubuntu0.20.04.1 firefox - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 91.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 91.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 91.0+build2-0ubuntu0.20.04.1 firefox-dev - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 91.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 91.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-29980 CVE-2021-29981 CVE-2021-29982 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29987 CVE-2021-29988 CVE-2021-29989 CVE-2021-29990 Ubuntu 20.04 LTS USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a regression that caused Firefox to repeatedly prompt for a password. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5037-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 91.0.2+build1-0ubuntu0.20.04.1 firefox - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 91.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 91.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 91.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 91.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 91.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1941496 Ubuntu 20.04 LTS It was discovered that the PostgresQL planner could create incorrect plans in certain circumstances. A remote attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly obtain sensitive information from memory. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-3677) It was discovered that PostgreSQL incorrectly handled certain SSL renegotiation ClientHello messages from clients. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2021-3449) Update Instructions: Run `sudo pro fix USN-5038-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.8-0ubuntu0.20.04.1 libpq-dev - 12.8-0ubuntu0.20.04.1 libecpg6 - 12.8-0ubuntu0.20.04.1 libpq5 - 12.8-0ubuntu0.20.04.1 libpgtypes3 - 12.8-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.8-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.8-0ubuntu0.20.04.1 libecpg-dev - 12.8-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.8-0ubuntu0.20.04.1 postgresql-doc-12 - 12.8-0ubuntu0.20.04.1 postgresql-12 - 12.8-0ubuntu0.20.04.1 postgresql-client-12 - 12.8-0ubuntu0.20.04.1 libecpg-compat3 - 12.8-0ubuntu0.20.04.1 No subscription required High CVE-2021-3449 CVE-2021-3677 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled the HTTP/2 protocol. A remote attacker could possibly use this issue to bypass restrictions. Update Instructions: Run `sudo pro fix USN-5042-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.13-2ubuntu0.2 haproxy-doc - 2.0.13-2ubuntu0.2 vim-haproxy - 2.0.13-2ubuntu0.2 No subscription required None https://launchpad.net/bugs/1940314 Ubuntu 20.04 LTS It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622) It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618, CVE-2021-37619, CVE-2021-37621, CVE-2021-37623) Update Instructions: Run `sudo pro fix USN-5043-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.6 libexiv2-27 - 0.27.2-8ubuntu2.6 libexiv2-doc - 0.27.2-8ubuntu2.6 libexiv2-dev - 0.27.2-8ubuntu2.6 No subscription required Medium CVE-2021-32815 CVE-2021-34334 CVE-2021-34335 CVE-2021-37615 CVE-2021-37616 CVE-2021-37618 CVE-2021-37619 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622 CVE-2021-37623 Ubuntu 20.04 LTS USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-37620) Update Instructions: Run `sudo pro fix USN-5043-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exiv2 - 0.27.2-8ubuntu2.7 libexiv2-27 - 0.27.2-8ubuntu2.7 libexiv2-doc - 0.27.2-8ubuntu2.7 libexiv2-dev - 0.27.2-8ubuntu2.7 No subscription required Medium CVE-2021-37620 https://launchpad.net/bugs/1941752 Ubuntu 20.04 LTS Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-34693) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update Instructions: Run `sudo pro fix USN-5045-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-image-unsigned-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-tools-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-gkeop-source-5.4.0 - 5.4.0-1022.23 linux-headers-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-modules-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-image-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-buildinfo-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-cloud-tools-5.4.0-1022-gkeop - 5.4.0-1022.23 linux-gkeop-tools-5.4.0-1022 - 5.4.0-1022.23 linux-gkeop-headers-5.4.0-1022 - 5.4.0-1022.23 linux-gkeop-cloud-tools-5.4.0-1022 - 5.4.0-1022.23 No subscription required linux-tools-5.4.0-1042-raspi - 5.4.0-1042.46 linux-raspi-tools-5.4.0-1042 - 5.4.0-1042.46 linux-modules-5.4.0-1042-raspi - 5.4.0-1042.46 linux-headers-5.4.0-1042-raspi - 5.4.0-1042.46 linux-raspi-headers-5.4.0-1042 - 5.4.0-1042.46 linux-image-5.4.0-1042-raspi - 5.4.0-1042.46 linux-buildinfo-5.4.0-1042-raspi - 5.4.0-1042.46 No subscription required linux-image-5.4.0-1045-kvm - 5.4.0-1045.47 linux-tools-5.4.0-1045-kvm - 5.4.0-1045.47 linux-buildinfo-5.4.0-1045-kvm - 5.4.0-1045.47 linux-kvm-tools-5.4.0-1045 - 5.4.0-1045.47 linux-image-unsigned-5.4.0-1045-kvm - 5.4.0-1045.47 linux-kvm-headers-5.4.0-1045 - 5.4.0-1045.47 linux-modules-5.4.0-1045-kvm - 5.4.0-1045.47 linux-headers-5.4.0-1045-kvm - 5.4.0-1045.47 No subscription required linux-image-unsigned-5.4.0-1051-gke - 5.4.0-1051.54 linux-gke-headers-5.4.0-1051 - 5.4.0-1051.54 linux-modules-extra-5.4.0-1051-gke - 5.4.0-1051.54 linux-image-5.4.0-1051-gke - 5.4.0-1051.54 linux-tools-5.4.0-1051-gke - 5.4.0-1051.54 linux-gke-tools-5.4.0-1051 - 5.4.0-1051.54 linux-modules-5.4.0-1051-gke - 5.4.0-1051.54 linux-buildinfo-5.4.0-1051-gke - 5.4.0-1051.54 linux-headers-5.4.0-1051-gke - 5.4.0-1051.54 No subscription required linux-image-5.4.0-1051-gcp - 5.4.0-1051.55 linux-image-unsigned-5.4.0-1051-gcp - 5.4.0-1051.55 linux-tools-5.4.0-1051-gcp - 5.4.0-1051.55 linux-gcp-headers-5.4.0-1051 - 5.4.0-1051.55 linux-headers-5.4.0-1051-gcp - 5.4.0-1051.55 linux-modules-extra-5.4.0-1051-gcp - 5.4.0-1051.55 linux-buildinfo-5.4.0-1051-gcp - 5.4.0-1051.55 linux-gcp-tools-5.4.0-1051 - 5.4.0-1051.55 linux-modules-5.4.0-1051-gcp - 5.4.0-1051.55 No subscription required linux-tools-5.4.0-1053-oracle - 5.4.0-1053.57 linux-modules-5.4.0-1053-oracle - 5.4.0-1053.57 linux-oracle-headers-5.4.0-1053 - 5.4.0-1053.57 linux-image-unsigned-5.4.0-1053-oracle - 5.4.0-1053.57 linux-oracle-tools-5.4.0-1053 - 5.4.0-1053.57 linux-headers-5.4.0-1053-oracle - 5.4.0-1053.57 linux-image-5.4.0-1053-oracle - 5.4.0-1053.57 linux-modules-extra-5.4.0-1053-oracle - 5.4.0-1053.57 linux-buildinfo-5.4.0-1053-oracle - 5.4.0-1053.57 No subscription required linux-image-5.4.0-1055-aws - 5.4.0-1055.58 linux-aws-tools-5.4.0-1055 - 5.4.0-1055.58 linux-cloud-tools-5.4.0-1055-aws - 5.4.0-1055.58 linux-headers-5.4.0-1055-aws - 5.4.0-1055.58 linux-aws-headers-5.4.0-1055 - 5.4.0-1055.58 linux-modules-extra-5.4.0-1055-aws - 5.4.0-1055.58 linux-aws-cloud-tools-5.4.0-1055 - 5.4.0-1055.58 linux-modules-5.4.0-1055-aws - 5.4.0-1055.58 linux-tools-5.4.0-1055-aws - 5.4.0-1055.58 linux-buildinfo-5.4.0-1055-aws - 5.4.0-1055.58 No subscription required linux-azure-cloud-tools-5.4.0-1056 - 5.4.0-1056.58 linux-azure-tools-5.4.0-1056 - 5.4.0-1056.58 linux-cloud-tools-5.4.0-1056-azure - 5.4.0-1056.58 linux-modules-extra-5.4.0-1056-azure - 5.4.0-1056.58 linux-headers-5.4.0-1056-azure - 5.4.0-1056.58 linux-modules-5.4.0-1056-azure - 5.4.0-1056.58 linux-image-5.4.0-1056-azure - 5.4.0-1056.58 linux-buildinfo-5.4.0-1056-azure - 5.4.0-1056.58 linux-image-unsigned-5.4.0-1056-azure - 5.4.0-1056.58 linux-azure-headers-5.4.0-1056 - 5.4.0-1056.58 linux-tools-5.4.0-1056-azure - 5.4.0-1056.58 No subscription required linux-modules-extra-5.4.0-81-generic - 5.4.0-81.91 linux-tools-5.4.0-81 - 5.4.0-81.91 linux-image-5.4.0-81-generic - 5.4.0-81.91 linux-tools-host - 5.4.0-81.91 linux-headers-5.4.0-81-lowlatency - 5.4.0-81.91 linux-headers-5.4.0-81 - 5.4.0-81.91 linux-doc - 5.4.0-81.91 linux-tools-5.4.0-81-lowlatency - 5.4.0-81.91 linux-libc-dev - 5.4.0-81.91 linux-source-5.4.0 - 5.4.0-81.91 linux-modules-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-cloud-tools-5.4.0-81-generic - 5.4.0-81.91 linux-tools-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-image-unsigned-5.4.0-81-generic - 5.4.0-81.91 linux-headers-5.4.0-81-generic - 5.4.0-81.91 linux-buildinfo-5.4.0-81-lowlatency - 5.4.0-81.91 linux-headers-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-image-unsigned-5.4.0-81-lowlatency - 5.4.0-81.91 linux-cloud-tools-5.4.0-81-lowlatency - 5.4.0-81.91 linux-image-5.4.0-81-lowlatency - 5.4.0-81.91 linux-buildinfo-5.4.0-81-generic - 5.4.0-81.91 linux-cloud-tools-common - 5.4.0-81.91 linux-buildinfo-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-tools-common - 5.4.0-81.91 linux-modules-5.4.0-81-generic - 5.4.0-81.91 linux-image-5.4.0-81-generic-lpae - 5.4.0-81.91 linux-tools-5.4.0-81-generic - 5.4.0-81.91 linux-cloud-tools-5.4.0-81 - 5.4.0-81.91 linux-modules-5.4.0-81-lowlatency - 5.4.0-81.91 No subscription required linux-headers-gkeop - 5.4.0.1022.25 linux-cloud-tools-gkeop-5.4 - 5.4.0.1022.25 linux-image-gkeop - 5.4.0.1022.25 linux-modules-extra-gkeop-5.4 - 5.4.0.1022.25 linux-gkeop-5.4 - 5.4.0.1022.25 linux-image-gkeop-5.4 - 5.4.0.1022.25 linux-gkeop - 5.4.0.1022.25 linux-cloud-tools-gkeop - 5.4.0.1022.25 linux-tools-gkeop-5.4 - 5.4.0.1022.25 linux-headers-gkeop-5.4 - 5.4.0.1022.25 linux-modules-extra-gkeop - 5.4.0.1022.25 linux-tools-gkeop - 5.4.0.1022.25 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-raspi2 - 5.4.0.1042.77 linux-headers-raspi2 - 5.4.0.1042.77 linux-tools-raspi-hwe-18.04 - 5.4.0.1042.77 linux-image-raspi-hwe-18.04 - 5.4.0.1042.77 linux-image-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-tools-raspi - 5.4.0.1042.77 linux-headers-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-headers-raspi - 5.4.0.1042.77 linux-raspi-hwe-18.04 - 5.4.0.1042.77 linux-tools-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-raspi2-hwe-18.04 - 5.4.0.1042.77 linux-image-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-image-raspi2 - 5.4.0.1042.77 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-tools-raspi2 - 5.4.0.1042.77 linux-headers-raspi-hwe-18.04 - 5.4.0.1042.77 linux-raspi-hwe-18.04-edge - 5.4.0.1042.77 linux-raspi - 5.4.0.1042.77 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1042.77 linux-image-raspi - 5.4.0.1042.77 No subscription required linux-kvm - 5.4.0.1045.44 linux-headers-kvm - 5.4.0.1045.44 linux-image-kvm - 5.4.0.1045.44 linux-tools-kvm - 5.4.0.1045.44 No subscription required linux-modules-extra-gke - 5.4.0.1051.61 linux-headers-gke-5.4 - 5.4.0.1051.61 linux-modules-extra-gke-5.4 - 5.4.0.1051.61 linux-gcp-lts-20.04 - 5.4.0.1051.61 linux-gke-5.4 - 5.4.0.1051.61 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1051.61 linux-headers-gcp-lts-20.04 - 5.4.0.1051.61 linux-tools-gke - 5.4.0.1051.61 linux-image-gcp-lts-20.04 - 5.4.0.1051.61 linux-gke - 5.4.0.1051.61 linux-headers-gke - 5.4.0.1051.61 linux-image-gke - 5.4.0.1051.61 linux-tools-gcp-lts-20.04 - 5.4.0.1051.61 linux-image-gke-5.4 - 5.4.0.1051.61 linux-tools-gke-5.4 - 5.4.0.1051.61 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1053.53 linux-headers-oracle-lts-20.04 - 5.4.0.1053.53 linux-oracle-lts-20.04 - 5.4.0.1053.53 linux-image-oracle-lts-20.04 - 5.4.0.1053.53 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1055.58 linux-image-aws-lts-20.04 - 5.4.0.1055.58 linux-headers-aws-lts-20.04 - 5.4.0.1055.58 linux-tools-aws-lts-20.04 - 5.4.0.1055.58 linux-aws-lts-20.04 - 5.4.0.1055.58 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1056.54 linux-azure-lts-20.04 - 5.4.0.1056.54 linux-image-azure-lts-20.04 - 5.4.0.1056.54 linux-modules-extra-azure-lts-20.04 - 5.4.0.1056.54 linux-tools-azure-lts-20.04 - 5.4.0.1056.54 linux-headers-azure-lts-20.04 - 5.4.0.1056.54 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-cloud-tools-virtual - 5.4.0.81.85 linux-image-generic-hwe-18.04 - 5.4.0.81.85 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-headers-generic-lpae - 5.4.0.81.85 linux-image-virtual - 5.4.0.81.85 linux-oem-osp1-tools-host - 5.4.0.81.85 linux-image-generic - 5.4.0.81.85 linux-tools-lowlatency - 5.4.0.81.85 linux-image-oem - 5.4.0.81.85 linux-headers-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-image-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-crashdump - 5.4.0.81.85 linux-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-headers-generic-hwe-18.04 - 5.4.0.81.85 linux-headers-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-source - 5.4.0.81.85 linux-lowlatency - 5.4.0.81.85 linux-tools-generic-lpae - 5.4.0.81.85 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-cloud-tools-generic - 5.4.0.81.85 linux-oem - 5.4.0.81.85 linux-tools-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-virtual - 5.4.0.81.85 linux-headers-virtual-hwe-18.04 - 5.4.0.81.85 linux-virtual-hwe-18.04 - 5.4.0.81.85 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-virtual - 5.4.0.81.85 linux-tools-oem - 5.4.0.81.85 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-generic-lpae - 5.4.0.81.85 linux-headers-oem - 5.4.0.81.85 linux-image-extra-virtual-hwe-18.04 - 5.4.0.81.85 linux-generic - 5.4.0.81.85 linux-tools-oem-osp1 - 5.4.0.81.85 linux-image-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-image-virtual-hwe-18.04 - 5.4.0.81.85 linux-oem-tools-host - 5.4.0.81.85 linux-headers-lowlatency - 5.4.0.81.85 linux-image-generic-hwe-18.04-edge - 5.4.0.81.85 linux-image-oem-osp1 - 5.4.0.81.85 linux-generic-hwe-18.04-edge - 5.4.0.81.85 linux-tools-generic-hwe-18.04 - 5.4.0.81.85 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-tools-generic - 5.4.0.81.85 linux-image-extra-virtual - 5.4.0.81.85 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-cloud-tools-lowlatency - 5.4.0.81.85 linux-headers-oem-osp1 - 5.4.0.81.85 linux-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-headers-generic-hwe-18.04-edge - 5.4.0.81.85 linux-headers-generic - 5.4.0.81.85 linux-oem-osp1 - 5.4.0.81.85 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.81.85 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.81.85 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-image-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-virtual-hwe-18.04-edge - 5.4.0.81.85 linux-headers-virtual - 5.4.0.81.85 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.81.85 linux-tools-virtual-hwe-18.04 - 5.4.0.81.85 linux-lowlatency-hwe-18.04 - 5.4.0.81.85 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.81.85 linux-generic-hwe-18.04 - 5.4.0.81.85 linux-image-generic-lpae - 5.4.0.81.85 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.81.85 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.81.85 linux-tools-generic-hwe-18.04-edge - 5.4.0.81.85 linux-image-lowlatency - 5.4.0.81.85 No subscription required Medium CVE-2021-34693 CVE-2021-3564 CVE-2021-3573 Ubuntu 20.04 LTS It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update Instructions: Run `sudo pro fix USN-5046-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-image-unsigned-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-cloud-tools-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-27 - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-tools-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-modules-extra-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-27.29~20.04.1 linux-cloud-tools-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-image-unsigned-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-27.29~20.04.1 linux-hwe-5.11-headers-5.11.0-27 - 5.11.0-27.29~20.04.1 linux-hwe-5.11-tools-5.11.0-27 - 5.11.0-27.29~20.04.1 linux-modules-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-27.29~20.04.1 linux-headers-5.11.0-27-lowlatency - 5.11.0-27.29~20.04.1 linux-tools-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-tools-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-buildinfo-5.11.0-27-generic - 5.11.0-27.29~20.04.1 linux-image-unsigned-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic-lpae - 5.11.0-27.29~20.04.1 linux-image-5.11.0-27-generic-64k - 5.11.0-27.29~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-generic-64k-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-generic-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-image-extra-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-headers-virtual-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-image-lowlatency-hwe-20.04 - 5.11.0.27.29~20.04.11 linux-generic-lpae-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-virtual-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-lowlatency-hwe-20.04-edge - 5.11.0.27.29~20.04.11 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.27.29~20.04.11 No subscription required Medium CVE-2020-26558 CVE-2021-0129 CVE-2021-28691 CVE-2021-3564 CVE-2021-3573 Ubuntu 20.04 LTS It was discovered that Firefox could be made to incorrectly accept newlines in HTTP/3 response headers. If a user were tricked into opening a specially crafted website, an attacker could exploit this to conduct header splitting attacks. Update Instructions: Run `sudo pro fix USN-5047-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 91.0.1+build1-0ubuntu0.20.04.1 firefox - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 91.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 91.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 91.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 91.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 91.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-29991 Ubuntu 20.04 LTS It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes or urgent data. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5048-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inetutils-tools - 2:1.9.4-11ubuntu0.1 inetutils-ftpd - 2:1.9.4-11ubuntu0.1 inetutils-talkd - 2:1.9.4-11ubuntu0.1 inetutils-traceroute - 2:1.9.4-11ubuntu0.1 inetutils-talk - 2:1.9.4-11ubuntu0.1 inetutils-telnetd - 2:1.9.4-11ubuntu0.1 inetutils-inetd - 2:1.9.4-11ubuntu0.1 inetutils-ping - 2:1.9.4-11ubuntu0.1 inetutils-syslogd - 2:1.9.4-11ubuntu0.1 inetutils-ftp - 2:1.9.4-11ubuntu0.1 inetutils-telnet - 2:1.9.4-11ubuntu0.1 No subscription required Medium CVE-2020-10188 Ubuntu 20.04 LTS It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-38208) Update Instructions: Run `sudo pro fix USN-5050-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.8-headers-5.8.0-1038 - 5.8.0-1038.39~20.04.1 linux-oracle-5.8-tools-5.8.0-1038 - 5.8.0-1038.39~20.04.1 linux-image-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-modules-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-buildinfo-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-tools-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-image-unsigned-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-headers-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 linux-modules-extra-5.8.0-1038-oracle - 5.8.0-1038.39~20.04.1 No subscription required linux-gcp-5.8-tools-5.8.0-1039 - 5.8.0-1039.41 linux-image-5.8.0-1039-gcp - 5.8.0-1039.41 linux-headers-5.8.0-1039-gcp - 5.8.0-1039.41 linux-gcp-5.8-headers-5.8.0-1039 - 5.8.0-1039.41 linux-buildinfo-5.8.0-1039-gcp - 5.8.0-1039.41 linux-modules-extra-5.8.0-1039-gcp - 5.8.0-1039.41 linux-tools-5.8.0-1039-gcp - 5.8.0-1039.41 linux-modules-5.8.0-1039-gcp - 5.8.0-1039.41 linux-image-unsigned-5.8.0-1039-gcp - 5.8.0-1039.41 No subscription required linux-buildinfo-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-modules-extra-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-image-unsigned-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-azure-5.8-tools-5.8.0-1040 - 5.8.0-1040.43~20.04.1 linux-azure-5.8-headers-5.8.0-1040 - 5.8.0-1040.43~20.04.1 linux-cloud-tools-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-tools-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-headers-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-azure-5.8-cloud-tools-5.8.0-1040 - 5.8.0-1040.43~20.04.1 linux-modules-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 linux-image-5.8.0-1040-azure - 5.8.0-1040.43~20.04.1 No subscription required linux-tools-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-modules-extra-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-aws-5.8-cloud-tools-5.8.0-1042 - 5.8.0-1042.44~20.04.1 linux-buildinfo-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-cloud-tools-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-headers-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-aws-5.8-tools-5.8.0-1042 - 5.8.0-1042.44~20.04.1 linux-image-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-modules-5.8.0-1042-aws - 5.8.0-1042.44~20.04.1 linux-aws-5.8-headers-5.8.0-1042 - 5.8.0-1042.44~20.04.1 No subscription required linux-headers-oracle - 5.8.0.1038.39~20.04.14 linux-image-oracle - 5.8.0.1038.39~20.04.14 linux-tools-oracle - 5.8.0.1038.39~20.04.14 linux-oracle - 5.8.0.1038.39~20.04.14 No subscription required linux-tools-gcp - 5.8.0.1039.14 linux-gcp - 5.8.0.1039.14 linux-headers-gcp - 5.8.0.1039.14 linux-image-gcp - 5.8.0.1039.14 linux-modules-extra-gcp - 5.8.0.1039.14 No subscription required linux-azure - 5.8.0.1040.43~20.04.12 linux-image-azure - 5.8.0.1040.43~20.04.12 linux-cloud-tools-azure - 5.8.0.1040.43~20.04.12 linux-tools-azure - 5.8.0.1040.43~20.04.12 linux-modules-extra-azure - 5.8.0.1040.43~20.04.12 linux-headers-azure - 5.8.0.1040.43~20.04.12 No subscription required linux-modules-extra-aws - 5.8.0.1042.44~20.04.14 linux-tools-aws - 5.8.0.1042.44~20.04.14 linux-aws - 5.8.0.1042.44~20.04.14 linux-headers-aws - 5.8.0.1042.44~20.04.14 linux-image-aws - 5.8.0.1042.44~20.04.14 No subscription required Medium CVE-2020-26558 CVE-2021-0129 CVE-2021-28691 CVE-2021-3564 CVE-2021-3573 CVE-2021-38208 Ubuntu 20.04 LTS John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications using OpenSSL to crash, resulting in a denial of service, or possibly change application behaviour. (CVE-2021-3711) Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712) Update Instructions: Run `sudo pro fix USN-5051-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.8 libssl-dev - 1.1.1f-1ubuntu2.8 openssl - 1.1.1f-1ubuntu2.8 libssl-doc - 1.1.1f-1ubuntu2.8 No subscription required High CVE-2021-3711 CVE-2021-3712 Ubuntu 20.04 LTS MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges. Update Instructions: Run `sudo pro fix USN-5052-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mongodb-server - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 mongodb - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 mongodb-clients - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 mongodb-server-core - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 No subscription required Low CVE-2019-2386 Ubuntu 20.04 LTS It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5053-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.2 libssh-doc - 0.9.3-2ubuntu2.2 libssh-gcrypt-4 - 0.9.3-2ubuntu2.2 libssh-4 - 0.9.3-2ubuntu2.2 libssh-dev - 0.9.3-2ubuntu2.2 No subscription required Medium CVE-2021-3634 Ubuntu 20.04 LTS Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issue to MITM attacks. Update Instructions: Run `sudo pro fix USN-5055-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-grilo-0.3 - 0.3.12-1ubuntu0.1 libgrilo-0.3-bin - 0.3.12-1ubuntu0.1 libgrilo-0.3-0 - 0.3.12-1ubuntu0.1 libgrilo-0.3-dev - 0.3.12-1ubuntu0.1 libgrilo-0.3-doc - 0.3.12-1ubuntu0.1 No subscription required Medium CVE-2021-39365 Ubuntu 20.04 LTS Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update Instructions: Run `sudo pro fix USN-5057-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squashfs-tools - 1:4.4-1ubuntu0.1 No subscription required Medium CVE-2021-40153 Ubuntu 20.04 LTS It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. (CVE-2021-29969) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. (CVE-2021-29970, CVE-2021-29976, CVE-2021-29980, CVE-2021-29984, CVE-2021-29985, CVE-2021-29986, CVE-2021-29988, CVE-2021-29989, CVE-2021-30547) Update Instructions: Run `sudo pro fix USN-5058-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-br - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-be - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-si - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:78.13.0+build1-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-de - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-da - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-dev - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-el - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-et - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es - 1:78.13.0+build1-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fa - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:78.13.0+build1-0ubuntu0.20.04.2 xul-ext-lightning - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-th - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-it - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-he - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-af - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-is - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:78.13.0+build1-0ubuntu0.20.04.2 thunderbird-locale-id - 1:78.13.0+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-29969 CVE-2021-29970 CVE-2021-29976 CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 CVE-2021-30547 Ubuntu 20.04 LTS It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5060-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntfs-3g - 1:2017.3.23AR.3-3ubuntu1.1 libntfs-3g883 - 1:2017.3.23AR.3-3ubuntu1.1 ntfs-3g-dev - 1:2017.3.23AR.3-3ubuntu1.1 No subscription required None https://launchpad.net/bugs/1942235 Ubuntu 20.04 LTS Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks. Update Instructions: Run `sudo pro fix USN-5063-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.13-2ubuntu0.3 haproxy-doc - 2.0.13-2ubuntu0.3 vim-haproxy - 2.0.13-2ubuntu0.3 No subscription required Medium CVE-2021-40346 Ubuntu 20.04 LTS Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5064-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpio - 2.13+dfsg-2ubuntu0.3 cpio-win32 - 2.13+dfsg-2ubuntu0.3 No subscription required Medium CVE-2021-38185 Ubuntu 20.04 LTS It was discovered that Open vSwitch incorrectly handled decoding RAW_ENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5065-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.3-0ubuntu0.20.04.2 openvswitch-switch - 2.13.3-0ubuntu0.20.04.2 openvswitch-pki - 2.13.3-0ubuntu0.20.04.2 openvswitch-common - 2.13.3-0ubuntu0.20.04.2 openvswitch-testcontroller - 2.13.3-0ubuntu0.20.04.2 openvswitch-vtep - 2.13.3-0ubuntu0.20.04.2 openvswitch-source - 2.13.3-0ubuntu0.20.04.2 python3-openvswitch - 2.13.3-0ubuntu0.20.04.2 openvswitch-switch-dpdk - 2.13.3-0ubuntu0.20.04.2 openvswitch-test - 2.13.3-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-36980 Ubuntu 20.04 LTS Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents. Update Instructions: Run `sudo pro fix USN-5066-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pysaml2-doc - 4.9.0-0ubuntu3.1 python3-pysaml2 - 4.9.0-0ubuntu3.1 No subscription required Medium CVE-2021-21239 Ubuntu 20.04 LTS Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10852) It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16838) It was discovered that SSSD incorrectly handled users with no home directory set. When no home directory was set, SSSD would return the root directory instead of an empty string, possibly bypassing security measures. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3811) Cedric Buissart discovered that SSSD incorrectly handled the sssctl command. In certain environments, a local user could use this issue to execute arbitrary commands and possibly escalate privileges. (CVE-2021-3621) Update Instructions: Run `sudo pro fix USN-5067-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.7 libipa-hbac-dev - 2.2.3-3ubuntu0.7 sssd-ad - 2.2.3-3ubuntu0.7 libsss-sudo - 2.2.3-3ubuntu0.7 libsss-nss-idmap0 - 2.2.3-3ubuntu0.7 libnss-sss - 2.2.3-3ubuntu0.7 sssd-ipa - 2.2.3-3ubuntu0.7 libsss-simpleifp0 - 2.2.3-3ubuntu0.7 libsss-idmap-dev - 2.2.3-3ubuntu0.7 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.7 libsss-certmap0 - 2.2.3-3ubuntu0.7 python3-sss - 2.2.3-3ubuntu0.7 libpam-sss - 2.2.3-3ubuntu0.7 sssd - 2.2.3-3ubuntu0.7 libsss-idmap0 - 2.2.3-3ubuntu0.7 sssd-ldap - 2.2.3-3ubuntu0.7 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.7 libsss-simpleifp-dev - 2.2.3-3ubuntu0.7 sssd-kcm - 2.2.3-3ubuntu0.7 libwbclient-sssd - 2.2.3-3ubuntu0.7 libwbclient-sssd-dev - 2.2.3-3ubuntu0.7 sssd-common - 2.2.3-3ubuntu0.7 python3-libipa-hbac - 2.2.3-3ubuntu0.7 libipa-hbac0 - 2.2.3-3ubuntu0.7 sssd-tools - 2.2.3-3ubuntu0.7 sssd-ad-common - 2.2.3-3ubuntu0.7 sssd-krb5-common - 2.2.3-3ubuntu0.7 sssd-dbus - 2.2.3-3ubuntu0.7 sssd-krb5 - 2.2.3-3ubuntu0.7 sssd-proxy - 2.2.3-3ubuntu0.7 No subscription required Medium CVE-2018-10852 CVE-2018-16838 CVE-2019-3811 CVE-2021-3621 Ubuntu 20.04 LTS It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. (CVE-2017-6363) It was discovered that GD Graphics Library incorrectly handled certain TGA files. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2021-381) It was discovered that GD Graphics Library incorrectly handled certain files. An attacker could possibly use this issue to cause a crash. (CVE-2021-40145) Update Instructions: Run `sudo pro fix USN-5068-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgd3 - 2.2.5-5.2ubuntu2.1 libgd-tools - 2.2.5-5.2ubuntu2.1 libgd-dev - 2.2.5-5.2ubuntu2.1 No subscription required Medium CVE-2017-6363 CVE-2021-38115 CVE-2021-40145 Ubuntu 20.04 LTS It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack. Update Instructions: Run `sudo pro fix USN-5069-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-auth-mellon - 0.16.0-1ubuntu0.1 No subscription required Medium CVE-2021-3639 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-34693) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-38198) It was discovered that the perf subsystem in the Linux kernel for the PowerPC architecture contained a null pointer dereference in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-38200) Ben Greear discovered that the mac80211 subsystem in the Linux kernel contained a null pointer dereference in some situations. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38206) It was discovered that the Xilinx LL TEMAC device driver in the Linux kernel did not properly calculate the number of buffers to be used in certain situations. A remote attacker could use this to cause a denial of service (system crash). (CVE-2021-38207) Update Instructions: Run `sudo pro fix USN-5070-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-headers-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-azure-5.11-tools-5.11.0-1015 - 5.11.0-1015.16~20.04.1 linux-azure-5.11-headers-5.11.0-1015 - 5.11.0-1015.16~20.04.1 linux-buildinfo-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1015 - 5.11.0-1015.16~20.04.1 linux-modules-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-cloud-tools-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-image-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-image-unsigned-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 linux-tools-5.11.0-1015-azure - 5.11.0-1015.16~20.04.1 No subscription required linux-modules-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-tools-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-image-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-tools-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-modules-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-cloud-tools-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-image-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-headers-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-aws-5.11-headers-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-aws-5.11-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-buildinfo-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-oracle-5.11-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-modules-extra-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-image-unsigned-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-oracle-5.11-headers-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-modules-extra-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 linux-headers-5.11.0-1017-oracle - 5.11.0-1017.18~20.04.1 linux-buildinfo-5.11.0-1017-aws - 5.11.0-1017.18~20.04.1 No subscription required linux-hwe-5.11-headers-5.11.0-34 - 5.11.0-34.36~20.04.1 linux-hwe-5.11-tools-5.11.0-34 - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-image-unsigned-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-modules-extra-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-34.36~20.04.1 linux-image-unsigned-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-cloud-tools-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-image-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-buildinfo-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-cloud-tools-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-34.36~20.04.1 linux-headers-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-generic - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-generic-64k - 5.11.0-34.36~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-34.36~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-34 - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 linux-modules-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-tools-5.11.0-34-generic-lpae - 5.11.0-34.36~20.04.1 linux-image-unsigned-5.11.0-34-lowlatency - 5.11.0-34.36~20.04.1 No subscription required linux-tools-azure-edge - 5.11.0.1015.16~20.04.14 linux-image-azure-edge - 5.11.0.1015.16~20.04.14 linux-cloud-tools-azure-edge - 5.11.0.1015.16~20.04.14 linux-headers-azure-edge - 5.11.0.1015.16~20.04.14 linux-azure-edge - 5.11.0.1015.16~20.04.14 linux-modules-extra-azure-edge - 5.11.0.1015.16~20.04.14 No subscription required linux-headers-oracle - 5.11.0.1017.18~20.04.10 linux-tools-oracle - 5.11.0.1017.18~20.04.10 linux-tools-oracle-edge - 5.11.0.1017.18~20.04.10 linux-image-oracle-edge - 5.11.0.1017.18~20.04.10 linux-oracle-edge - 5.11.0.1017.18~20.04.10 linux-headers-oracle-edge - 5.11.0.1017.18~20.04.10 linux-image-oracle - 5.11.0.1017.18~20.04.10 linux-oracle - 5.11.0.1017.18~20.04.10 No subscription required linux-headers-aws - 5.11.0.1017.18~20.04.16 linux-image-aws - 5.11.0.1017.18~20.04.16 linux-modules-extra-aws-edge - 5.11.0.1017.18~20.04.16 linux-image-aws-edge - 5.11.0.1017.18~20.04.16 linux-aws-edge - 5.11.0.1017.18~20.04.16 linux-aws - 5.11.0.1017.18~20.04.16 linux-tools-aws - 5.11.0.1017.18~20.04.16 linux-headers-aws-edge - 5.11.0.1017.18~20.04.16 linux-modules-extra-aws - 5.11.0.1017.18~20.04.16 linux-tools-aws-edge - 5.11.0.1017.18~20.04.16 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-extra-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-tools-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-lpae-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-tools-generic-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-headers-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-lpae-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-lowlatency-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-tools-virtual-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-generic-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-image-generic-64k-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.34.36~20.04.13 linux-image-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 linux-headers-virtual-hwe-20.04 - 5.11.0.34.36~20.04.13 No subscription required High CVE-2020-26541 CVE-2021-22543 CVE-2021-34693 CVE-2021-3612 CVE-2021-3653 CVE-2021-3656 CVE-2021-38198 CVE-2021-38200 CVE-2021-38206 CVE-2021-38207 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) It was discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not ensure enough processing time was given to perform cleanups of large SEV VMs. A local attacker could use this to cause a denial of service (soft lockup). (CVE-2020-36311) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) Update Instructions: Run `sudo pro fix USN-5071-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-modules-extra-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-buildinfo-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-gkeop-headers-5.4.0-1023 - 5.4.0-1023.24 linux-gkeop-source-5.4.0 - 5.4.0-1023.24 linux-headers-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-image-unsigned-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-cloud-tools-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-tools-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-gkeop-tools-5.4.0-1023 - 5.4.0-1023.24 linux-modules-5.4.0-1023-gkeop - 5.4.0-1023.24 linux-gkeop-cloud-tools-5.4.0-1023 - 5.4.0-1023.24 No subscription required linux-tools-5.4.0-1046-kvm - 5.4.0-1046.48 linux-headers-5.4.0-1046-kvm - 5.4.0-1046.48 linux-image-5.4.0-1046-kvm - 5.4.0-1046.48 linux-modules-5.4.0-1046-kvm - 5.4.0-1046.48 linux-image-unsigned-5.4.0-1046-kvm - 5.4.0-1046.48 linux-kvm-tools-5.4.0-1046 - 5.4.0-1046.48 linux-kvm-headers-5.4.0-1046 - 5.4.0-1046.48 linux-buildinfo-5.4.0-1046-kvm - 5.4.0-1046.48 No subscription required linux-image-5.4.0-1052-gke - 5.4.0-1052.55 linux-buildinfo-5.4.0-1052-gke - 5.4.0-1052.55 linux-gke-headers-5.4.0-1052 - 5.4.0-1052.55 linux-modules-5.4.0-1052-gke - 5.4.0-1052.55 linux-gke-tools-5.4.0-1052 - 5.4.0-1052.55 linux-modules-extra-5.4.0-1052-gke - 5.4.0-1052.55 linux-image-unsigned-5.4.0-1052-gke - 5.4.0-1052.55 linux-tools-5.4.0-1052-gke - 5.4.0-1052.55 linux-headers-5.4.0-1052-gke - 5.4.0-1052.55 No subscription required linux-image-5.4.0-1052-gcp - 5.4.0-1052.56 linux-buildinfo-5.4.0-1052-gcp - 5.4.0-1052.56 linux-gcp-headers-5.4.0-1052 - 5.4.0-1052.56 linux-modules-extra-5.4.0-1052-gcp - 5.4.0-1052.56 linux-modules-5.4.0-1052-gcp - 5.4.0-1052.56 linux-headers-5.4.0-1052-gcp - 5.4.0-1052.56 linux-gcp-tools-5.4.0-1052 - 5.4.0-1052.56 linux-image-unsigned-5.4.0-1052-gcp - 5.4.0-1052.56 linux-tools-5.4.0-1052-gcp - 5.4.0-1052.56 No subscription required linux-headers-5.4.0-1054-oracle - 5.4.0-1054.58 linux-modules-extra-5.4.0-1054-oracle - 5.4.0-1054.58 linux-modules-5.4.0-1054-oracle - 5.4.0-1054.58 linux-buildinfo-5.4.0-1054-oracle - 5.4.0-1054.58 linux-oracle-headers-5.4.0-1054 - 5.4.0-1054.58 linux-image-5.4.0-1054-oracle - 5.4.0-1054.58 linux-tools-5.4.0-1054-oracle - 5.4.0-1054.58 linux-oracle-tools-5.4.0-1054 - 5.4.0-1054.58 linux-image-unsigned-5.4.0-1054-oracle - 5.4.0-1054.58 No subscription required linux-modules-extra-5.4.0-1056-aws - 5.4.0-1056.59 linux-buildinfo-5.4.0-1056-aws - 5.4.0-1056.59 linux-tools-5.4.0-1056-aws - 5.4.0-1056.59 linux-aws-tools-5.4.0-1056 - 5.4.0-1056.59 linux-aws-headers-5.4.0-1056 - 5.4.0-1056.59 linux-headers-5.4.0-1056-aws - 5.4.0-1056.59 linux-aws-cloud-tools-5.4.0-1056 - 5.4.0-1056.59 linux-image-5.4.0-1056-aws - 5.4.0-1056.59 linux-modules-5.4.0-1056-aws - 5.4.0-1056.59 linux-cloud-tools-5.4.0-1056-aws - 5.4.0-1056.59 No subscription required linux-azure-cloud-tools-5.4.0-1058 - 5.4.0-1058.60 linux-modules-extra-5.4.0-1058-azure - 5.4.0-1058.60 linux-azure-tools-5.4.0-1058 - 5.4.0-1058.60 linux-image-5.4.0-1058-azure - 5.4.0-1058.60 linux-buildinfo-5.4.0-1058-azure - 5.4.0-1058.60 linux-tools-5.4.0-1058-azure - 5.4.0-1058.60 linux-cloud-tools-5.4.0-1058-azure - 5.4.0-1058.60 linux-azure-headers-5.4.0-1058 - 5.4.0-1058.60 linux-modules-5.4.0-1058-azure - 5.4.0-1058.60 linux-headers-5.4.0-1058-azure - 5.4.0-1058.60 linux-image-unsigned-5.4.0-1058-azure - 5.4.0-1058.60 No subscription required linux-modules-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-image-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-tools-common - 5.4.0-84.94 linux-tools-5.4.0-84 - 5.4.0-84.94 linux-tools-host - 5.4.0-84.94 linux-doc - 5.4.0-84.94 linux-headers-5.4.0-84 - 5.4.0-84.94 linux-cloud-tools-5.4.0-84-lowlatency - 5.4.0-84.94 linux-image-5.4.0-84-generic - 5.4.0-84.94 linux-image-unsigned-5.4.0-84-lowlatency - 5.4.0-84.94 linux-cloud-tools-5.4.0-84-generic - 5.4.0-84.94 linux-tools-5.4.0-84-generic - 5.4.0-84.94 linux-libc-dev - 5.4.0-84.94 linux-source-5.4.0 - 5.4.0-84.94 linux-buildinfo-5.4.0-84-generic - 5.4.0-84.94 linux-modules-extra-5.4.0-84-generic - 5.4.0-84.94 linux-buildinfo-5.4.0-84-lowlatency - 5.4.0-84.94 linux-headers-5.4.0-84-generic - 5.4.0-84.94 linux-image-5.4.0-84-lowlatency - 5.4.0-84.94 linux-image-unsigned-5.4.0-84-generic - 5.4.0-84.94 linux-cloud-tools-common - 5.4.0-84.94 linux-headers-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-headers-5.4.0-84-lowlatency - 5.4.0-84.94 linux-modules-5.4.0-84-generic - 5.4.0-84.94 linux-tools-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-buildinfo-5.4.0-84-generic-lpae - 5.4.0-84.94 linux-cloud-tools-5.4.0-84 - 5.4.0-84.94 linux-tools-5.4.0-84-lowlatency - 5.4.0-84.94 linux-modules-5.4.0-84-lowlatency - 5.4.0-84.94 No subscription required linux-headers-gkeop - 5.4.0.1023.26 linux-cloud-tools-gkeop-5.4 - 5.4.0.1023.26 linux-image-gkeop - 5.4.0.1023.26 linux-modules-extra-gkeop-5.4 - 5.4.0.1023.26 linux-gkeop-5.4 - 5.4.0.1023.26 linux-headers-gkeop-5.4 - 5.4.0.1023.26 linux-image-gkeop-5.4 - 5.4.0.1023.26 linux-gkeop - 5.4.0.1023.26 linux-cloud-tools-gkeop - 5.4.0.1023.26 linux-modules-extra-gkeop - 5.4.0.1023.26 linux-tools-gkeop - 5.4.0.1023.26 linux-tools-gkeop-5.4 - 5.4.0.1023.26 No subscription required linux-kvm - 5.4.0.1046.45 linux-headers-kvm - 5.4.0.1046.45 linux-image-kvm - 5.4.0.1046.45 linux-tools-kvm - 5.4.0.1046.45 No subscription required linux-modules-extra-gke - 5.4.0.1052.62 linux-headers-gke-5.4 - 5.4.0.1052.62 linux-tools-gke-5.4 - 5.4.0.1052.62 linux-modules-extra-gke-5.4 - 5.4.0.1052.62 linux-gcp-lts-20.04 - 5.4.0.1052.62 linux-gke-5.4 - 5.4.0.1052.62 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1052.62 linux-headers-gcp-lts-20.04 - 5.4.0.1052.62 linux-tools-gke - 5.4.0.1052.62 linux-gke - 5.4.0.1052.62 linux-image-gcp-lts-20.04 - 5.4.0.1052.62 linux-headers-gke - 5.4.0.1052.62 linux-image-gke - 5.4.0.1052.62 linux-tools-gcp-lts-20.04 - 5.4.0.1052.62 linux-image-gke-5.4 - 5.4.0.1052.62 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1054.54 linux-oracle-lts-20.04 - 5.4.0.1054.54 linux-headers-oracle-lts-20.04 - 5.4.0.1054.54 linux-image-oracle-lts-20.04 - 5.4.0.1054.54 No subscription required linux-aws-lts-20.04 - 5.4.0.1056.59 linux-modules-extra-aws-lts-20.04 - 5.4.0.1056.59 linux-image-aws-lts-20.04 - 5.4.0.1056.59 linux-headers-aws-lts-20.04 - 5.4.0.1056.59 linux-tools-aws-lts-20.04 - 5.4.0.1056.59 No subscription required linux-azure-lts-20.04 - 5.4.0.1058.56 linux-image-azure-lts-20.04 - 5.4.0.1058.56 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1058.56 linux-modules-extra-azure-lts-20.04 - 5.4.0.1058.56 linux-tools-azure-lts-20.04 - 5.4.0.1058.56 linux-headers-azure-lts-20.04 - 5.4.0.1058.56 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-cloud-tools-virtual - 5.4.0.84.88 linux-headers-generic-hwe-18.04-edge - 5.4.0.84.88 linux-image-generic-hwe-18.04 - 5.4.0.84.88 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-headers-generic-lpae - 5.4.0.84.88 linux-image-virtual - 5.4.0.84.88 linux-oem-osp1-tools-host - 5.4.0.84.88 linux-cloud-tools-lowlatency - 5.4.0.84.88 linux-image-generic - 5.4.0.84.88 linux-tools-lowlatency - 5.4.0.84.88 linux-tools-virtual-hwe-18.04 - 5.4.0.84.88 linux-image-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-headers-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-image-extra-virtual-hwe-18.04 - 5.4.0.84.88 linux-image-oem-osp1 - 5.4.0.84.88 linux-image-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-crashdump - 5.4.0.84.88 linux-tools-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-headers-generic-hwe-18.04 - 5.4.0.84.88 linux-headers-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-lowlatency - 5.4.0.84.88 linux-tools-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-tools-generic-lpae - 5.4.0.84.88 linux-cloud-tools-generic - 5.4.0.84.88 linux-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-virtual - 5.4.0.84.88 linux-headers-virtual-hwe-18.04 - 5.4.0.84.88 linux-virtual-hwe-18.04 - 5.4.0.84.88 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-tools-virtual - 5.4.0.84.88 linux-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-generic-lpae - 5.4.0.84.88 linux-headers-oem - 5.4.0.84.88 linux-generic - 5.4.0.84.88 linux-tools-oem-osp1 - 5.4.0.84.88 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-image-virtual-hwe-18.04 - 5.4.0.84.88 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-headers-lowlatency - 5.4.0.84.88 linux-image-generic-hwe-18.04-edge - 5.4.0.84.88 linux-generic-hwe-18.04-edge - 5.4.0.84.88 linux-tools-generic-hwe-18.04-edge - 5.4.0.84.88 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.84.88 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-oem - 5.4.0.84.88 linux-tools-generic - 5.4.0.84.88 linux-source - 5.4.0.84.88 linux-image-extra-virtual - 5.4.0.84.88 linux-oem-tools-host - 5.4.0.84.88 linux-tools-oem - 5.4.0.84.88 linux-headers-oem-osp1 - 5.4.0.84.88 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.84.88 linux-headers-generic - 5.4.0.84.88 linux-oem-osp1 - 5.4.0.84.88 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.84.88 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.84.88 linux-virtual-hwe-18.04-edge - 5.4.0.84.88 linux-headers-virtual - 5.4.0.84.88 linux-image-oem - 5.4.0.84.88 linux-lowlatency-hwe-18.04 - 5.4.0.84.88 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.84.88 linux-generic-hwe-18.04 - 5.4.0.84.88 linux-image-generic-lpae - 5.4.0.84.88 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.84.88 linux-image-lowlatency - 5.4.0.84.88 linux-tools-generic-hwe-18.04 - 5.4.0.84.88 linux-image-virtual-hwe-18.04-edge - 5.4.0.84.88 No subscription required High CVE-2020-36311 CVE-2021-22543 CVE-2021-3612 CVE-2021-3653 CVE-2021-3656 Ubuntu 20.04 LTS It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) Update Instructions: Run `sudo pro fix USN-5071-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1043-raspi - 5.4.0-1043.47 linux-raspi-tools-5.4.0-1043 - 5.4.0-1043.47 linux-buildinfo-5.4.0-1043-raspi - 5.4.0-1043.47 linux-raspi-headers-5.4.0-1043 - 5.4.0-1043.47 linux-image-5.4.0-1043-raspi - 5.4.0-1043.47 linux-tools-5.4.0-1043-raspi - 5.4.0-1043.47 linux-modules-5.4.0-1043-raspi - 5.4.0-1043.47 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-raspi-hwe-18.04 - 5.4.0.1043.78 linux-tools-raspi - 5.4.0.1043.78 linux-image-raspi - 5.4.0.1043.78 linux-tools-raspi2-hwe-18.04 - 5.4.0.1043.78 linux-raspi2-hwe-18.04 - 5.4.0.1043.78 linux-raspi2 - 5.4.0.1043.78 linux-headers-raspi2 - 5.4.0.1043.78 linux-headers-raspi2-hwe-18.04 - 5.4.0.1043.78 linux-image-raspi2 - 5.4.0.1043.78 linux-image-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-tools-raspi-hwe-18.04 - 5.4.0.1043.78 linux-tools-raspi2 - 5.4.0.1043.78 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1043.78 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1043.78 linux-raspi - 5.4.0.1043.78 linux-headers-raspi - 5.4.0.1043.78 linux-headers-raspi-hwe-18.04 - 5.4.0.1043.78 linux-image-raspi-hwe-18.04 - 5.4.0.1043.78 linux-image-raspi2-hwe-18.04 - 5.4.0.1043.78 No subscription required Medium CVE-2021-22543 CVE-2021-3612 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Update Instructions: Run `sudo pro fix USN-5072-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1045.47 linux-oem-5.10-headers-5.10.0-1045 - 5.10.0-1045.47 linux-image-5.10.0-1045-oem - 5.10.0-1045.47 linux-headers-5.10.0-1045-oem - 5.10.0-1045.47 linux-modules-5.10.0-1045-oem - 5.10.0-1045.47 linux-tools-5.10.0-1045-oem - 5.10.0-1045.47 linux-image-unsigned-5.10.0-1045-oem - 5.10.0-1045.47 linux-oem-5.10-tools-5.10.0-1045 - 5.10.0-1045.47 linux-buildinfo-5.10.0-1045-oem - 5.10.0-1045.47 No subscription required linux-image-oem-20.04b - 5.10.0.1045.47 linux-headers-oem-20.04-edge - 5.10.0.1045.47 linux-headers-oem-20.04 - 5.10.0.1045.47 linux-image-oem-20.04-edge - 5.10.0.1045.47 linux-oem-20.04 - 5.10.0.1045.47 linux-image-oem-20.04 - 5.10.0.1045.47 linux-oem-20.04b - 5.10.0.1045.47 linux-oem-20.04-edge - 5.10.0.1045.47 linux-tools-oem-20.04b - 5.10.0.1045.47 linux-tools-oem-20.04-edge - 5.10.0.1045.47 linux-headers-oem-20.04b - 5.10.0.1045.47 linux-tools-oem-20.04 - 5.10.0.1045.47 No subscription required linux-modules-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-tools-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-azure-5.8-tools-5.8.0-1041 - 5.8.0-1041.44~20.04.1 linux-headers-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-azure-5.8-headers-5.8.0-1041 - 5.8.0-1041.44~20.04.1 linux-modules-extra-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-image-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-image-unsigned-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-cloud-tools-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 linux-azure-5.8-cloud-tools-5.8.0-1041 - 5.8.0-1041.44~20.04.1 linux-buildinfo-5.8.0-1041-azure - 5.8.0-1041.44~20.04.1 No subscription required linux-azure - 5.8.0.1041.44~20.04.13 linux-cloud-tools-azure - 5.8.0.1041.44~20.04.13 linux-tools-azure - 5.8.0.1041.44~20.04.13 linux-modules-extra-azure - 5.8.0.1041.44~20.04.13 linux-image-azure - 5.8.0.1041.44~20.04.13 linux-headers-azure - 5.8.0.1041.44~20.04.13 No subscription required High CVE-2021-3653 CVE-2021-3656 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass mixed content blocking, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5074-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 92.0+build3-0ubuntu0.20.04.1 firefox - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 92.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 92.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 92.0+build3-0ubuntu0.20.04.1 firefox-dev - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 92.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 92.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-38491 CVE-2021-38493 CVE-2021-38494 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Update Instructions: Run `sudo pro fix USN-5075-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.3 ghostscript-x - 9.50~dfsg-5ubuntu4.3 libgs-dev - 9.50~dfsg-5ubuntu4.3 ghostscript-doc - 9.50~dfsg-5ubuntu4.3 libgs9 - 9.50~dfsg-5ubuntu4.3 libgs9-common - 9.50~dfsg-5ubuntu4.3 No subscription required High CVE-2021-3781 Ubuntu 20.04 LTS It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests. Update Instructions: Run `sudo pro fix USN-5076-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.2 gitweb - 1:2.25.1-1ubuntu3.2 git-gui - 1:2.25.1-1ubuntu3.2 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.2 git-el - 1:2.25.1-1ubuntu3.2 gitk - 1:2.25.1-1ubuntu3.2 git-all - 1:2.25.1-1ubuntu3.2 git-mediawiki - 1:2.25.1-1ubuntu3.2 git-daemon-run - 1:2.25.1-1ubuntu3.2 git-man - 1:2.25.1-1ubuntu3.2 git-doc - 1:2.25.1-1ubuntu3.2 git-svn - 1:2.25.1-1ubuntu3.2 git-cvs - 1:2.25.1-1ubuntu3.2 git-email - 1:2.25.1-1ubuntu3.2 No subscription required Medium CVE-2021-40330 Ubuntu 20.04 LTS Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information. Update Instructions: Run `sudo pro fix USN-5077-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.20 apport-kde - 2.20.11-0ubuntu27.20 apport-retrace - 2.20.11-0ubuntu27.20 apport-valgrind - 2.20.11-0ubuntu27.20 python3-apport - 2.20.11-0ubuntu27.20 dh-apport - 2.20.11-0ubuntu27.20 apport-gtk - 2.20.11-0ubuntu27.20 apport - 2.20.11-0ubuntu27.20 apport-noui - 2.20.11-0ubuntu27.20 No subscription required Medium CVE-2021-3709 CVE-2021-3710 Ubuntu 20.04 LTS Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update Instructions: Run `sudo pro fix USN-5078-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squashfs-tools - 1:4.4-1ubuntu0.2 No subscription required Medium CVE-2021-41072 Ubuntu 20.04 LTS USN-5078-1 fixed a vulnerability in Squashfs-Tools. That update was incomplete and could still result in Squashfs-Tools mishandling certain malformed SQUASHFS files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update Instructions: Run `sudo pro fix USN-5078-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squashfs-tools - 1:4.4-1ubuntu0.3 No subscription required Medium CVE-2021-41072 Ubuntu 20.04 LTS It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-22945) Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. (CVE-2021-22946) Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. (CVE-2021-22947) Update Instructions: Run `sudo pro fix USN-5079-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.7 libcurl4-openssl-dev - 7.68.0-1ubuntu2.7 libcurl3-gnutls - 7.68.0-1ubuntu2.7 libcurl4-doc - 7.68.0-1ubuntu2.7 libcurl3-nss - 7.68.0-1ubuntu2.7 libcurl4-nss-dev - 7.68.0-1ubuntu2.7 libcurl4 - 7.68.0-1ubuntu2.7 curl - 7.68.0-1ubuntu2.7 No subscription required Medium CVE-2021-22945 CVE-2021-22946 CVE-2021-22947 Ubuntu 20.04 LTS It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-5080-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgcrypt20 - 1.8.5-5ubuntu1.1 libgcrypt-mingw-w64-dev - 1.8.5-5ubuntu1.1 libgcrypt20-doc - 1.8.5-5ubuntu1.1 libgcrypt20-dev - 1.8.5-5ubuntu1.1 No subscription required Medium CVE-2021-33560 CVE-2021-40528 Ubuntu 20.04 LTS Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Update Instructions: Run `sudo pro fix USN-5082-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.13.0-1012-oem - 5.13.0-1012.16 linux-image-5.13.0-1012-oem - 5.13.0-1012.16 linux-buildinfo-5.13.0-1012-oem - 5.13.0-1012.16 linux-oem-5.13-headers-5.13.0-1012 - 5.13.0-1012.16 linux-oem-5.13-tools-host - 5.13.0-1012.16 linux-oem-5.13-tools-5.13.0-1012 - 5.13.0-1012.16 linux-modules-5.13.0-1012-oem - 5.13.0-1012.16 linux-tools-5.13.0-1012-oem - 5.13.0-1012.16 linux-image-unsigned-5.13.0-1012-oem - 5.13.0-1012.16 No subscription required linux-image-oem-20.04c - 5.13.0.1012.16 linux-tools-oem-20.04c - 5.13.0.1012.16 linux-headers-oem-20.04c - 5.13.0.1012.16 linux-oem-20.04c - 5.13.0.1012.16 No subscription required High CVE-2021-3609 CVE-2021-3653 CVE-2021-3656 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-5084-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.2 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.2 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.2 No subscription required Medium CVE-2020-19143 Ubuntu 20.04 LTS Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5086-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-hwe-5.11-headers-5.11.0-36 - 5.11.0-36.40~20.04.1 linux-hwe-5.11-tools-5.11.0-36 - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-modules-extra-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-image-unsigned-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-headers-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-modules-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-image-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-36.40~20.04.1 linux-cloud-tools-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-cloud-tools-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-generic-lpae - 5.11.0-36.40~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-36.40~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-36 - 5.11.0-36.40~20.04.1 linux-tools-5.11.0-36-generic-64k - 5.11.0-36.40~20.04.1 linux-image-unsigned-5.11.0-36-generic - 5.11.0-36.40~20.04.1 linux-buildinfo-5.11.0-36-lowlatency - 5.11.0-36.40~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-extra-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-tools-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-generic-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-lpae-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-headers-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-tools-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-generic-lpae-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-lowlatency-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-tools-virtual-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-image-generic-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-image-generic-64k-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.36.40~20.04.15 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 linux-headers-virtual-hwe-20.04 - 5.11.0.36.40~20.04.15 No subscription required linux-image-unsigned-5.4.0-86-generic - 5.4.0-86.97 linux-tools-common - 5.4.0-86.97 linux-buildinfo-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-headers-5.4.0-86-generic - 5.4.0-86.97 linux-tools-5.4.0-86 - 5.4.0-86.97 linux-tools-host - 5.4.0-86.97 linux-image-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-doc - 5.4.0-86.97 linux-headers-5.4.0-86 - 5.4.0-86.97 linux-modules-extra-5.4.0-86-generic - 5.4.0-86.97 linux-tools-5.4.0-86-generic - 5.4.0-86.97 linux-modules-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-libc-dev - 5.4.0-86.97 linux-source-5.4.0 - 5.4.0-86.97 linux-buildinfo-5.4.0-86-lowlatency - 5.4.0-86.97 linux-image-unsigned-5.4.0-86-lowlatency - 5.4.0-86.97 linux-tools-5.4.0-86-lowlatency - 5.4.0-86.97 linux-cloud-tools-common - 5.4.0-86.97 linux-modules-5.4.0-86-lowlatency - 5.4.0-86.97 linux-buildinfo-5.4.0-86-generic - 5.4.0-86.97 linux-image-5.4.0-86-lowlatency - 5.4.0-86.97 linux-cloud-tools-5.4.0-86-lowlatency - 5.4.0-86.97 linux-headers-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-cloud-tools-5.4.0-86-generic - 5.4.0-86.97 linux-tools-5.4.0-86-generic-lpae - 5.4.0-86.97 linux-modules-5.4.0-86-generic - 5.4.0-86.97 linux-headers-5.4.0-86-lowlatency - 5.4.0-86.97 linux-cloud-tools-5.4.0-86 - 5.4.0-86.97 linux-image-5.4.0-86-generic - 5.4.0-86.97 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-virtual - 5.4.0.86.90 linux-image-generic-hwe-18.04 - 5.4.0.86.90 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-headers-generic-lpae - 5.4.0.86.90 linux-image-virtual - 5.4.0.86.90 linux-oem-osp1-tools-host - 5.4.0.86.90 linux-image-generic - 5.4.0.86.90 linux-image-oem - 5.4.0.86.90 linux-tools-virtual-hwe-18.04 - 5.4.0.86.90 linux-headers-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-image-extra-virtual-hwe-18.04 - 5.4.0.86.90 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-image-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-crashdump - 5.4.0.86.90 linux-generic-hwe-18.04-edge - 5.4.0.86.90 linux-tools-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-headers-generic-hwe-18.04 - 5.4.0.86.90 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-headers-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-source - 5.4.0.86.90 linux-lowlatency - 5.4.0.86.90 linux-tools-generic-lpae - 5.4.0.86.90 linux-cloud-tools-generic - 5.4.0.86.90 linux-virtual - 5.4.0.86.90 linux-headers-virtual-hwe-18.04 - 5.4.0.86.90 linux-virtual-hwe-18.04 - 5.4.0.86.90 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-tools-virtual - 5.4.0.86.90 linux-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-tools-oem-osp1 - 5.4.0.86.90 linux-generic-lpae - 5.4.0.86.90 linux-headers-oem - 5.4.0.86.90 linux-generic - 5.4.0.86.90 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-tools-generic-hwe-18.04-edge - 5.4.0.86.90 linux-image-virtual-hwe-18.04 - 5.4.0.86.90 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-oem-tools-host - 5.4.0.86.90 linux-headers-lowlatency - 5.4.0.86.90 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.86.90 linux-oem - 5.4.0.86.90 linux-tools-generic - 5.4.0.86.90 linux-image-extra-virtual - 5.4.0.86.90 linux-image-oem-osp1 - 5.4.0.86.90 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-lowlatency - 5.4.0.86.90 linux-tools-oem - 5.4.0.86.90 linux-headers-oem-osp1 - 5.4.0.86.90 linux-tools-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-tools-generic-hwe-18.04 - 5.4.0.86.90 linux-headers-generic-hwe-18.04-edge - 5.4.0.86.90 linux-headers-generic - 5.4.0.86.90 linux-oem-osp1 - 5.4.0.86.90 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.86.90 linux-tools-lowlatency - 5.4.0.86.90 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.86.90 linux-image-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.86.90 linux-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-headers-virtual - 5.4.0.86.90 linux-lowlatency-hwe-18.04 - 5.4.0.86.90 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.86.90 linux-generic-hwe-18.04 - 5.4.0.86.90 linux-image-generic-lpae - 5.4.0.86.90 linux-image-virtual-hwe-18.04-edge - 5.4.0.86.90 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.86.90 linux-image-generic-hwe-18.04-edge - 5.4.0.86.90 linux-image-lowlatency - 5.4.0.86.90 No subscription required None https://launchpad.net/bugs/1943960 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5087-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.32.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.32.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.32.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.32.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.32.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.32.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30858 Ubuntu 20.04 LTS It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. (CVE-2019-11098) Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. (CVE-2021-23840) Ingo Schwarze discovered that OpenSSL used in EDK II incorrectly handled certain ASN.1 strings. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712) It was discovered that EDK II incorrectly decoded certain strings. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-38575) Update Instructions: Run `sudo pro fix USN-5088-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.3 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.3 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.3 ovmf - 0~20191122.bd85bf54-2ubuntu3.3 No subscription required Medium CVE-2019-11098 CVE-2021-23840 CVE-2021-3712 CVE-2021-38575 Ubuntu 20.04 LTS The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Update Instructions: Run `sudo pro fix USN-5089-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20210119~20.04.2 No subscription required None https://launchpad.net/bugs/1944481 Ubuntu 20.04 LTS James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (CVE-2021-33193) It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-36160) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438) Update Instructions: Run `sudo pro fix USN-5090-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.5 libapache2-mod-md - 2.4.41-4ubuntu3.5 apache2-utils - 2.4.41-4ubuntu3.5 apache2-dev - 2.4.41-4ubuntu3.5 apache2-suexec-pristine - 2.4.41-4ubuntu3.5 apache2-suexec-custom - 2.4.41-4ubuntu3.5 apache2 - 2.4.41-4ubuntu3.5 apache2-doc - 2.4.41-4ubuntu3.5 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.5 apache2-ssl-dev - 2.4.41-4ubuntu3.5 apache2-bin - 2.4.41-4ubuntu3.5 No subscription required Medium CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 Ubuntu 20.04 LTS USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (CVE-2021-33193) It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-36160) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438) Update Instructions: Run `sudo pro fix USN-5090-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.6 libapache2-mod-md - 2.4.41-4ubuntu3.6 apache2-utils - 2.4.41-4ubuntu3.6 apache2-dev - 2.4.41-4ubuntu3.6 apache2-suexec-pristine - 2.4.41-4ubuntu3.6 apache2-suexec-custom - 2.4.41-4ubuntu3.6 apache2 - 2.4.41-4ubuntu3.6 apache2-doc - 2.4.41-4ubuntu3.6 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.6 apache2-ssl-dev - 2.4.41-4ubuntu3.6 apache2-bin - 2.4.41-4ubuntu3.6 No subscription required None https://launchpad.net/bugs/1945311 Ubuntu 20.04 LTS Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) Update Instructions: Run `sudo pro fix USN-5091-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-modules-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-headers-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-gkeop-source-5.4.0 - 5.4.0-1024.25 linux-gkeop-headers-5.4.0-1024 - 5.4.0-1024.25 linux-image-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-image-unsigned-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-modules-extra-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-buildinfo-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-gkeop-tools-5.4.0-1024 - 5.4.0-1024.25 linux-tools-5.4.0-1024-gkeop - 5.4.0-1024.25 linux-gkeop-cloud-tools-5.4.0-1024 - 5.4.0-1024.25 No subscription required linux-image-unsigned-5.4.0-1047-kvm - 5.4.0-1047.49 linux-buildinfo-5.4.0-1047-kvm - 5.4.0-1047.49 linux-tools-5.4.0-1047-kvm - 5.4.0-1047.49 linux-kvm-tools-5.4.0-1047 - 5.4.0-1047.49 linux-headers-5.4.0-1047-kvm - 5.4.0-1047.49 linux-image-5.4.0-1047-kvm - 5.4.0-1047.49 linux-modules-5.4.0-1047-kvm - 5.4.0-1047.49 linux-kvm-headers-5.4.0-1047 - 5.4.0-1047.49 No subscription required linux-buildinfo-5.4.0-1053-gke - 5.4.0-1053.56 linux-gke-headers-5.4.0-1053 - 5.4.0-1053.56 linux-modules-extra-5.4.0-1053-gke - 5.4.0-1053.56 linux-tools-5.4.0-1053-gke - 5.4.0-1053.56 linux-headers-5.4.0-1053-gke - 5.4.0-1053.56 linux-image-unsigned-5.4.0-1053-gke - 5.4.0-1053.56 linux-gke-tools-5.4.0-1053 - 5.4.0-1053.56 linux-modules-5.4.0-1053-gke - 5.4.0-1053.56 linux-image-5.4.0-1053-gke - 5.4.0-1053.56 No subscription required linux-modules-5.4.0-1053-gcp - 5.4.0-1053.57 linux-buildinfo-5.4.0-1053-gcp - 5.4.0-1053.57 linux-gcp-headers-5.4.0-1053 - 5.4.0-1053.57 linux-headers-5.4.0-1053-gcp - 5.4.0-1053.57 linux-tools-5.4.0-1053-gcp - 5.4.0-1053.57 linux-modules-extra-5.4.0-1053-gcp - 5.4.0-1053.57 linux-image-unsigned-5.4.0-1053-gcp - 5.4.0-1053.57 linux-gcp-tools-5.4.0-1053 - 5.4.0-1053.57 linux-image-5.4.0-1053-gcp - 5.4.0-1053.57 No subscription required linux-tools-5.4.0-1055-oracle - 5.4.0-1055.59 linux-modules-5.4.0-1055-oracle - 5.4.0-1055.59 linux-oracle-tools-5.4.0-1055 - 5.4.0-1055.59 linux-buildinfo-5.4.0-1055-oracle - 5.4.0-1055.59 linux-image-unsigned-5.4.0-1055-oracle - 5.4.0-1055.59 linux-oracle-headers-5.4.0-1055 - 5.4.0-1055.59 linux-image-5.4.0-1055-oracle - 5.4.0-1055.59 linux-headers-5.4.0-1055-oracle - 5.4.0-1055.59 linux-modules-extra-5.4.0-1055-oracle - 5.4.0-1055.59 No subscription required linux-aws-tools-5.4.0-1057 - 5.4.0-1057.60 linux-image-5.4.0-1057-aws - 5.4.0-1057.60 linux-modules-extra-5.4.0-1057-aws - 5.4.0-1057.60 linux-buildinfo-5.4.0-1057-aws - 5.4.0-1057.60 linux-tools-5.4.0-1057-aws - 5.4.0-1057.60 linux-aws-cloud-tools-5.4.0-1057 - 5.4.0-1057.60 linux-cloud-tools-5.4.0-1057-aws - 5.4.0-1057.60 linux-modules-5.4.0-1057-aws - 5.4.0-1057.60 linux-aws-headers-5.4.0-1057 - 5.4.0-1057.60 linux-headers-5.4.0-1057-aws - 5.4.0-1057.60 No subscription required linux-buildinfo-5.4.0-1059-azure - 5.4.0-1059.62 linux-azure-cloud-tools-5.4.0-1059 - 5.4.0-1059.62 linux-azure-tools-5.4.0-1059 - 5.4.0-1059.62 linux-image-unsigned-5.4.0-1059-azure - 5.4.0-1059.62 linux-modules-extra-5.4.0-1059-azure - 5.4.0-1059.62 linux-modules-5.4.0-1059-azure - 5.4.0-1059.62 linux-tools-5.4.0-1059-azure - 5.4.0-1059.62 linux-image-5.4.0-1059-azure - 5.4.0-1059.62 linux-azure-headers-5.4.0-1059 - 5.4.0-1059.62 linux-headers-5.4.0-1059-azure - 5.4.0-1059.62 linux-cloud-tools-5.4.0-1059-azure - 5.4.0-1059.62 No subscription required linux-image-5.4.0-88-lowlatency - 5.4.0-88.99 linux-tools-common - 5.4.0-88.99 linux-image-unsigned-5.4.0-88-lowlatency - 5.4.0-88.99 linux-tools-5.4.0-88 - 5.4.0-88.99 linux-headers-5.4.0-88 - 5.4.0-88.99 linux-image-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-doc - 5.4.0-88.99 linux-tools-5.4.0-88-lowlatency - 5.4.0-88.99 linux-modules-5.4.0-88-lowlatency - 5.4.0-88.99 linux-buildinfo-5.4.0-88-generic - 5.4.0-88.99 linux-libc-dev - 5.4.0-88.99 linux-source-5.4.0 - 5.4.0-88.99 linux-cloud-tools-5.4.0-88-generic - 5.4.0-88.99 linux-image-5.4.0-88-generic - 5.4.0-88.99 linux-modules-5.4.0-88-generic - 5.4.0-88.99 linux-buildinfo-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-tools-5.4.0-88-generic - 5.4.0-88.99 linux-modules-extra-5.4.0-88-generic - 5.4.0-88.99 linux-buildinfo-5.4.0-88-lowlatency - 5.4.0-88.99 linux-tools-host - 5.4.0-88.99 linux-cloud-tools-common - 5.4.0-88.99 linux-cloud-tools-5.4.0-88 - 5.4.0-88.99 linux-headers-5.4.0-88-generic - 5.4.0-88.99 linux-tools-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-cloud-tools-5.4.0-88-lowlatency - 5.4.0-88.99 linux-headers-5.4.0-88-lowlatency - 5.4.0-88.99 linux-modules-5.4.0-88-generic-lpae - 5.4.0-88.99 linux-image-unsigned-5.4.0-88-generic - 5.4.0-88.99 linux-headers-5.4.0-88-generic-lpae - 5.4.0-88.99 No subscription required linux-headers-gkeop - 5.4.0.1024.27 linux-cloud-tools-gkeop-5.4 - 5.4.0.1024.27 linux-image-gkeop - 5.4.0.1024.27 linux-modules-extra-gkeop-5.4 - 5.4.0.1024.27 linux-gkeop-5.4 - 5.4.0.1024.27 linux-headers-gkeop-5.4 - 5.4.0.1024.27 linux-image-gkeop-5.4 - 5.4.0.1024.27 linux-gkeop - 5.4.0.1024.27 linux-cloud-tools-gkeop - 5.4.0.1024.27 linux-modules-extra-gkeop - 5.4.0.1024.27 linux-tools-gkeop - 5.4.0.1024.27 linux-tools-gkeop-5.4 - 5.4.0.1024.27 No subscription required linux-kvm - 5.4.0.1047.46 linux-headers-kvm - 5.4.0.1047.46 linux-image-kvm - 5.4.0.1047.46 linux-tools-kvm - 5.4.0.1047.46 No subscription required linux-modules-extra-gke - 5.4.0.1053.63 linux-headers-gke-5.4 - 5.4.0.1053.63 linux-tools-gke-5.4 - 5.4.0.1053.63 linux-modules-extra-gke-5.4 - 5.4.0.1053.63 linux-gcp-lts-20.04 - 5.4.0.1053.63 linux-gke-5.4 - 5.4.0.1053.63 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1053.63 linux-headers-gcp-lts-20.04 - 5.4.0.1053.63 linux-tools-gke - 5.4.0.1053.63 linux-gke - 5.4.0.1053.63 linux-image-gcp-lts-20.04 - 5.4.0.1053.63 linux-headers-gke - 5.4.0.1053.63 linux-tools-gcp-lts-20.04 - 5.4.0.1053.63 linux-image-gke - 5.4.0.1053.63 linux-image-gke-5.4 - 5.4.0.1053.63 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1055.55 linux-headers-oracle-lts-20.04 - 5.4.0.1055.55 linux-oracle-lts-20.04 - 5.4.0.1055.55 linux-image-oracle-lts-20.04 - 5.4.0.1055.55 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1057.60 linux-image-aws-lts-20.04 - 5.4.0.1057.60 linux-headers-aws-lts-20.04 - 5.4.0.1057.60 linux-tools-aws-lts-20.04 - 5.4.0.1057.60 linux-aws-lts-20.04 - 5.4.0.1057.60 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1059.57 linux-azure-lts-20.04 - 5.4.0.1059.57 linux-image-azure-lts-20.04 - 5.4.0.1059.57 linux-modules-extra-azure-lts-20.04 - 5.4.0.1059.57 linux-tools-azure-lts-20.04 - 5.4.0.1059.57 linux-headers-azure-lts-20.04 - 5.4.0.1059.57 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-cloud-tools-virtual - 5.4.0.88.92 linux-image-generic-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-headers-generic-lpae - 5.4.0.88.92 linux-image-virtual - 5.4.0.88.92 linux-oem-osp1-tools-host - 5.4.0.88.92 linux-image-generic - 5.4.0.88.92 linux-tools-lowlatency - 5.4.0.88.92 linux-image-oem - 5.4.0.88.92 linux-tools-virtual-hwe-18.04 - 5.4.0.88.92 linux-headers-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-image-extra-virtual-hwe-18.04 - 5.4.0.88.92 linux-image-oem-osp1 - 5.4.0.88.92 linux-image-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-crashdump - 5.4.0.88.92 linux-tools-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-hwe-18.04 - 5.4.0.88.92 linux-headers-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-lowlatency - 5.4.0.88.92 linux-tools-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-tools-generic-lpae - 5.4.0.88.92 linux-cloud-tools-generic - 5.4.0.88.92 linux-virtual - 5.4.0.88.92 linux-headers-virtual-hwe-18.04 - 5.4.0.88.92 linux-virtual-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-headers-virtual - 5.4.0.88.92 linux-tools-virtual - 5.4.0.88.92 linux-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-generic-lpae - 5.4.0.88.92 linux-headers-oem - 5.4.0.88.92 linux-generic - 5.4.0.88.92 linux-tools-oem-osp1 - 5.4.0.88.92 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-tools-generic-hwe-18.04-edge - 5.4.0.88.92 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-cloud-tools-lowlatency - 5.4.0.88.92 linux-headers-lowlatency - 5.4.0.88.92 linux-image-generic-hwe-18.04-edge - 5.4.0.88.92 linux-generic-hwe-18.04-edge - 5.4.0.88.92 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.88.92 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-oem - 5.4.0.88.92 linux-tools-generic - 5.4.0.88.92 linux-source - 5.4.0.88.92 linux-image-extra-virtual - 5.4.0.88.92 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-oem-tools-host - 5.4.0.88.92 linux-tools-oem - 5.4.0.88.92 linux-headers-oem-osp1 - 5.4.0.88.92 linux-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-hwe-18.04-edge - 5.4.0.88.92 linux-headers-generic - 5.4.0.88.92 linux-oem-osp1 - 5.4.0.88.92 linux-image-virtual-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.88.92 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-image-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.88.92 linux-virtual-hwe-18.04-edge - 5.4.0.88.92 linux-lowlatency-hwe-18.04 - 5.4.0.88.92 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.88.92 linux-generic-hwe-18.04 - 5.4.0.88.92 linux-image-generic-lpae - 5.4.0.88.92 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.88.92 linux-image-lowlatency - 5.4.0.88.92 linux-tools-generic-hwe-18.04 - 5.4.0.88.92 linux-image-virtual-hwe-18.04-edge - 5.4.0.88.92 No subscription required Medium CVE-2021-33624 CVE-2021-3679 CVE-2021-37576 CVE-2021-38160 CVE-2021-38199 CVE-2021-38204 Ubuntu 20.04 LTS Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) Update Instructions: Run `sudo pro fix USN-5091-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1044-raspi - 5.4.0-1044.48 linux-raspi-tools-5.4.0-1044 - 5.4.0-1044.48 linux-tools-5.4.0-1044-raspi - 5.4.0-1044.48 linux-buildinfo-5.4.0-1044-raspi - 5.4.0-1044.48 linux-raspi-headers-5.4.0-1044 - 5.4.0-1044.48 linux-modules-5.4.0-1044-raspi - 5.4.0-1044.48 linux-image-5.4.0-1044-raspi - 5.4.0-1044.48 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-raspi-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi2 - 5.4.0.1044.79 linux-tools-raspi - 5.4.0.1044.79 linux-image-raspi - 5.4.0.1044.79 linux-tools-raspi2-hwe-18.04 - 5.4.0.1044.79 linux-raspi2-hwe-18.04 - 5.4.0.1044.79 linux-raspi2 - 5.4.0.1044.79 linux-headers-raspi2 - 5.4.0.1044.79 linux-tools-raspi2 - 5.4.0.1044.79 linux-headers-raspi2-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-tools-raspi-hwe-18.04 - 5.4.0.1044.79 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1044.79 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1044.79 linux-raspi - 5.4.0.1044.79 linux-headers-raspi - 5.4.0.1044.79 linux-headers-raspi-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi-hwe-18.04 - 5.4.0.1044.79 linux-image-raspi2-hwe-18.04 - 5.4.0.1044.79 No subscription required Medium CVE-2021-33624 CVE-2021-3679 CVE-2021-38160 CVE-2021-38199 CVE-2021-38204 Ubuntu 20.04 LTS USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) Update Instructions: Run `sudo pro fix USN-5091-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1061-azure - 5.4.0-1061.64 linux-azure-cloud-tools-5.4.0-1061 - 5.4.0-1061.64 linux-image-unsigned-5.4.0-1061-azure - 5.4.0-1061.64 linux-azure-headers-5.4.0-1061 - 5.4.0-1061.64 linux-azure-tools-5.4.0-1061 - 5.4.0-1061.64 linux-modules-extra-5.4.0-1061-azure - 5.4.0-1061.64 linux-image-5.4.0-1061-azure - 5.4.0-1061.64 linux-modules-5.4.0-1061-azure - 5.4.0-1061.64 linux-headers-5.4.0-1061-azure - 5.4.0-1061.64 linux-tools-5.4.0-1061-azure - 5.4.0-1061.64 linux-cloud-tools-5.4.0-1061-azure - 5.4.0-1061.64 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1061.59 linux-headers-azure-lts-20.04 - 5.4.0.1061.59 linux-tools-azure-lts-20.04 - 5.4.0.1061.59 linux-modules-extra-azure-lts-20.04 - 5.4.0.1061.59 linux-azure-lts-20.04 - 5.4.0.1061.59 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1061.59 No subscription required None https://launchpad.net/bugs/1940564 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update Instructions: Run `sudo pro fix USN-5092-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-modules-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-image-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-modules-extra-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-cloud-tools-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-tools-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-aws-5.11-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-headers-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1 linux-aws-5.11-headers-5.11.0-1019 - 5.11.0-1019.20~20.04.1 No subscription required linux-modules-extra-aws - 5.11.0.1019.20~20.04.18 linux-aws-edge - 5.11.0.1019.20~20.04.18 linux-modules-extra-aws-edge - 5.11.0.1019.20~20.04.18 linux-tools-aws-edge - 5.11.0.1019.20~20.04.18 linux-image-aws-edge - 5.11.0.1019.20~20.04.18 linux-headers-aws - 5.11.0.1019.20~20.04.18 linux-aws - 5.11.0.1019.20~20.04.18 linux-tools-aws - 5.11.0.1019.20~20.04.18 linux-headers-aws-edge - 5.11.0.1019.20~20.04.18 linux-image-aws - 5.11.0.1019.20~20.04.18 No subscription required High CVE-2021-33624 CVE-2021-34556 CVE-2021-35477 CVE-2021-3679 CVE-2021-37159 CVE-2021-37576 CVE-2021-38160 CVE-2021-38199 CVE-2021-38201 CVE-2021-38204 CVE-2021-38205 CVE-2021-41073 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update Instructions: Run `sudo pro fix USN-5092-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-tools-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-modules-extra-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-image-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-buildinfo-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-azure-5.11-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-azure-5.11-headers-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-cloud-tools-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1017 - 5.11.0-1017.18~20.04.1 linux-image-unsigned-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 linux-modules-5.11.0-1017-azure - 5.11.0-1017.18~20.04.1 No subscription required linux-modules-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-modules-extra-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-oracle-5.11-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-headers-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-buildinfo-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-image-unsigned-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-oracle-5.11-headers-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-image-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 linux-tools-5.11.0-1019-oracle - 5.11.0-1019.20~20.04.1 No subscription required linux-modules-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-hwe-5.11-tools-5.11.0-37 - 5.11.0-37.41~20.04.2 linux-hwe-5.11-headers-5.11.0-37 - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-image-unsigned-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-modules-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-modules-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-image-unsigned-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-modules-extra-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-hwe-5.11-source-5.11.0 - 5.11.0-37.41~20.04.2 linux-tools-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-image-unsigned-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-generic-lpae - 5.11.0-37.41~20.04.2 linux-cloud-tools-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-cloud-tools-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-modules-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-buildinfo-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-hwe-5.11-tools-host - 5.11.0-37.41~20.04.2 linux-hwe-5.11-cloud-tools-common - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-generic - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-headers-5.11.0-37-generic-64k - 5.11.0-37.41~20.04.2 linux-image-5.11.0-37-lowlatency - 5.11.0-37.41~20.04.2 linux-hwe-5.11-tools-common - 5.11.0-37.41~20.04.2 linux-hwe-5.11-cloud-tools-5.11.0-37 - 5.11.0-37.41~20.04.2 No subscription required linux-tools-azure-edge - 5.11.0.1017.18~20.04.16 linux-image-azure-edge - 5.11.0.1017.18~20.04.16 linux-cloud-tools-azure-edge - 5.11.0.1017.18~20.04.16 linux-headers-azure-edge - 5.11.0.1017.18~20.04.16 linux-azure-edge - 5.11.0.1017.18~20.04.16 linux-modules-extra-azure-edge - 5.11.0.1017.18~20.04.16 No subscription required linux-tools-oracle - 5.11.0.1019.20~20.04.12 linux-headers-oracle - 5.11.0.1019.20~20.04.12 linux-tools-oracle-edge - 5.11.0.1019.20~20.04.12 linux-oracle-edge - 5.11.0.1019.20~20.04.12 linux-image-oracle-edge - 5.11.0.1019.20~20.04.12 linux-headers-oracle-edge - 5.11.0.1019.20~20.04.12 linux-image-oracle - 5.11.0.1019.20~20.04.12 linux-oracle - 5.11.0.1019.20~20.04.12 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-extra-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-tools-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-generic-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-headers-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-lpae-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-tools-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-generic-lpae-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-lowlatency-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-tools-virtual-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-image-generic-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-image-generic-64k-hwe-20.04 - 5.11.0.37.41~20.04.16 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.37.41~20.04.16 linux-headers-virtual-hwe-20.04 - 5.11.0.37.41~20.04.16 No subscription required High CVE-2021-33624 CVE-2021-34556 CVE-2021-35477 CVE-2021-3679 CVE-2021-37159 CVE-2021-37576 CVE-2021-38160 CVE-2021-38199 CVE-2021-38201 CVE-2021-38204 CVE-2021-38205 CVE-2021-41073 Ubuntu 20.04 LTS USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update Instructions: Run `sudo pro fix USN-5092-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-tools-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-buildinfo-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-azure-5.11-headers-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-cloud-tools-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-azure-5.11-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-image-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-modules-extra-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1019 - 5.11.0-1019.20~20.04.1 linux-modules-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 linux-headers-5.11.0-1019-azure - 5.11.0-1019.20~20.04.1 No subscription required linux-image-azure-edge - 5.11.0.1019.20~20.04.18 linux-modules-extra-azure-edge - 5.11.0.1019.20~20.04.18 linux-azure-edge - 5.11.0.1019.20~20.04.18 linux-tools-azure-edge - 5.11.0.1019.20~20.04.18 linux-cloud-tools-azure-edge - 5.11.0.1019.20~20.04.18 linux-headers-azure-edge - 5.11.0.1019.20~20.04.18 No subscription required None https://launchpad.net/bugs/1940564 https://ubuntu.com/security/notices/USN-5092-2 Ubuntu 20.04 LTS Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-3770) Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2021-3778) Dhiraj Mishra discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2021-3796) Update Instructions: Run `sudo pro fix USN-5093-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.3 vim-athena - 2:8.1.2269-1ubuntu5.3 xxd - 2:8.1.2269-1ubuntu5.3 vim-gtk - 2:8.1.2269-1ubuntu5.3 vim-gui-common - 2:8.1.2269-1ubuntu5.3 vim - 2:8.1.2269-1ubuntu5.3 vim-doc - 2:8.1.2269-1ubuntu5.3 vim-tiny - 2:8.1.2269-1ubuntu5.3 vim-runtime - 2:8.1.2269-1ubuntu5.3 vim-gtk3 - 2:8.1.2269-1ubuntu5.3 vim-nox - 2:8.1.2269-1ubuntu5.3 No subscription required Medium CVE-2021-3770 CVE-2021-3778 CVE-2021-3796 Ubuntu 20.04 LTS It was discovered that Apache Commons IO incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5095-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcommons-io-java-doc - 2.6-2ubuntu0.20.04.1 libcommons-io-java - 2.6-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-29425 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds read when the trace even framework is being used for nfsd. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38202) Naohiro Aota discovered that the btrfs file system in the Linux kernel contained a race condition in situations that triggered allocations of new system chunks. A local attacker could possibly use this to cause a denial of service (deadlock). (CVE-2021-38203) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) Update Instructions: Run `sudo pro fix USN-5096-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.13.0-1014-oem - 5.13.0-1014.18 linux-headers-5.13.0-1014-oem - 5.13.0-1014.18 linux-oem-5.13-headers-5.13.0-1014 - 5.13.0-1014.18 linux-modules-5.13.0-1014-oem - 5.13.0-1014.18 linux-oem-5.13-tools-host - 5.13.0-1014.18 linux-buildinfo-5.13.0-1014-oem - 5.13.0-1014.18 linux-oem-5.13-tools-5.13.0-1014 - 5.13.0-1014.18 linux-tools-5.13.0-1014-oem - 5.13.0-1014.18 linux-image-unsigned-5.13.0-1014-oem - 5.13.0-1014.18 No subscription required linux-tools-oem-20.04c - 5.13.0.1014.18 linux-headers-oem-20.04c - 5.13.0.1014.18 linux-image-oem-20.04c - 5.13.0.1014.18 linux-oem-20.04c - 5.13.0.1014.18 No subscription required High CVE-2021-34556 CVE-2021-35477 CVE-2021-3612 CVE-2021-3679 CVE-2021-37159 CVE-2021-3732 CVE-2021-38160 CVE-2021-38166 CVE-2021-38199 CVE-2021-38201 CVE-2021-38202 CVE-2021-38203 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 CVE-2021-41073 Ubuntu 20.04 LTS It was discovered that LedgerSMB incorrectly handled certain inputs. An attacker could use this to leak sensitive information, cause a DoS, or execute arbitrary code. (CVE-2021-3693, CVE-2021-3694, CVE-2021-3731) Update Instructions: Run `sudo pro fix USN-5097-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ledgersmb - 1.6.9+ds-1ubuntu0.1 No subscription required Medium CVE-2021-3693 CVE-2021-3694 CVE-2021-3731 Ubuntu 20.04 LTS It was discovered that Imlib2 incorrectly handled certain ICO images. An attacker could use this issue to cause a denial of service and possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5099-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libimlib2-dev - 1.6.1-1ubuntu0.1 libimlib2 - 1.6.1-1ubuntu0.1 No subscription required Medium CVE-2020-12761 Ubuntu 20.04 LTS It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute programs on the host filesystem, possibly leading to privilege escalation. Update Instructions: Run `sudo pro fix USN-5100-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.2-0ubuntu1~20.04.3 golang-github-docker-containerd-dev - 1.5.2-0ubuntu1~20.04.3 golang-github-containerd-containerd-dev - 1.5.2-0ubuntu1~20.04.3 No subscription required High CVE-2021-41103 Ubuntu 20.04 LTS It was discovered that MongoDB incorrectly handled certain wire protocol messages. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5101-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mongodb-server - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 mongodb - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 mongodb-clients - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 mongodb-server-core - 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 No subscription required Medium CVE-2019-20925 Ubuntu 20.04 LTS Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in Docker incorrectly allowed the docker cp command to make permissions changes in the host filesystem in some situations. A local attacker could possibly use to this to expose sensitive information or gain administrative privileges. Update Instructions: Run `sudo pro fix USN-5103-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 20.10.7-0ubuntu1~20.04.2 docker.io - 20.10.7-0ubuntu1~20.04.2 golang-docker-dev - 20.10.7-0ubuntu1~20.04.2 vim-syntax-docker - 20.10.7-0ubuntu1~20.04.2 docker-doc - 20.10.7-0ubuntu1~20.04.2 No subscription required Medium CVE-2021-41089 Ubuntu 20.04 LTS Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5104-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.5 squidclient - 4.10-1ubuntu1.5 squid-purge - 4.10-1ubuntu1.5 squid - 4.10-1ubuntu1.5 squid-cgi - 4.10-1ubuntu1.5 No subscription required Medium CVE-2021-28116 Ubuntu 20.04 LTS It was discovered that Bottle incorrectly handled certain inputs. An attacker could possibly use this issue to cache malicious requests. Update Instructions: Run `sudo pro fix USN-5105-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-bottle - 0.12.15-2.1ubuntu0.1 python-bottle-doc - 0.12.15-2.1ubuntu0.1 No subscription required Medium CVE-2020-28473 Ubuntu 20.04 LTS Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) Update Instructions: Run `sudo pro fix USN-5106-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1049.51 linux-headers-5.10.0-1049-oem - 5.10.0-1049.51 linux-tools-5.10.0-1049-oem - 5.10.0-1049.51 linux-image-unsigned-5.10.0-1049-oem - 5.10.0-1049.51 linux-image-5.10.0-1049-oem - 5.10.0-1049.51 linux-buildinfo-5.10.0-1049-oem - 5.10.0-1049.51 linux-oem-5.10-headers-5.10.0-1049 - 5.10.0-1049.51 linux-modules-5.10.0-1049-oem - 5.10.0-1049.51 linux-oem-5.10-tools-5.10.0-1049 - 5.10.0-1049.51 No subscription required linux-oem-20.04 - 5.10.0.1049.51 linux-oem-20.04-edge - 5.10.0.1049.51 linux-image-oem-20.04b - 5.10.0.1049.51 linux-image-oem-20.04 - 5.10.0.1049.51 linux-tools-oem-20.04-edge - 5.10.0.1049.51 linux-image-oem-20.04-edge - 5.10.0.1049.51 linux-headers-oem-20.04-edge - 5.10.0.1049.51 linux-headers-oem-20.04b - 5.10.0.1049.51 linux-tools-oem-20.04 - 5.10.0.1049.51 linux-tools-oem-20.04b - 5.10.0.1049.51 linux-headers-oem-20.04 - 5.10.0.1049.51 linux-oem-20.04b - 5.10.0.1049.51 No subscription required High CVE-2020-26541 CVE-2021-22543 CVE-2021-3612 CVE-2021-38160 CVE-2021-38199 CVE-2021-41073 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5107-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 93.0+build1-0ubuntu0.20.04.1 firefox - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 93.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 93.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 93.0+build1-0ubuntu0.20.04.1 firefox-dev - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 93.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 93.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38499 CVE-2021-38500 CVE-2021-38501 Ubuntu 20.04 LTS It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of service or another unspecified impact. Update Instructions: Run `sudo pro fix USN-5108-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libntlm0 - 1.5-2ubuntu0.1 libntlm0-dev - 1.5-2ubuntu0.1 No subscription required Medium CVE-2019-17455 Ubuntu 20.04 LTS It was discovered that Ardour incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5110-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ardour-video-timeline - 1:5.12.0-3ubuntu4.1 ardour - 1:5.12.0-3ubuntu4.1 ardour-data - 1:5.12.0-3ubuntu4.1 No subscription required Medium CVE-2020-22617 Ubuntu 20.04 LTS It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. (CVE-2021-41990) It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-41991) Update Instructions: Run `sudo pro fix USN-5111-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.3 strongswan-scepclient - 5.8.2-1ubuntu3.3 libcharon-extra-plugins - 5.8.2-1ubuntu3.3 libcharon-standard-plugins - 5.8.2-1ubuntu3.3 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.3 strongswan-charon - 5.8.2-1ubuntu3.3 libstrongswan - 5.8.2-1ubuntu3.3 strongswan-swanctl - 5.8.2-1ubuntu3.3 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.3 strongswan-starter - 5.8.2-1ubuntu3.3 libcharon-extauth-plugins - 5.8.2-1ubuntu3.3 charon-systemd - 5.8.2-1ubuntu3.3 strongswan - 5.8.2-1ubuntu3.3 strongswan-tnc-server - 5.8.2-1ubuntu3.3 strongswan-tnc-client - 5.8.2-1ubuntu3.3 strongswan-tnc-base - 5.8.2-1ubuntu3.3 charon-cmd - 5.8.2-1ubuntu3.3 strongswan-libcharon - 5.8.2-1ubuntu3.3 strongswan-pki - 5.8.2-1ubuntu3.3 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.3 strongswan-tnc-pdp - 5.8.2-1ubuntu3.3 No subscription required Medium CVE-2021-41990 CVE-2021-41991 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5113-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-modules-extra-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-image-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-azure-5.11-headers-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-oracle-5.11-headers-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-oracle-5.11-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-image-unsigned-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-cloud-tools-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-modules-extra-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-headers-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-buildinfo-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-modules-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-tools-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-buildinfo-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-image-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-image-unsigned-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-modules-5.11.0-1020-oracle - 5.11.0-1020.21~20.04.1 linux-azure-5.11-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.1 linux-headers-5.11.0-1020-azure - 5.11.0-1020.21~20.04.1 No subscription required linux-modules-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-cloud-tools-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-modules-extra-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-aws-5.11-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.2 linux-tools-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-image-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-aws-5.11-cloud-tools-5.11.0-1020 - 5.11.0-1020.21~20.04.2 linux-aws-5.11-headers-5.11.0-1020 - 5.11.0-1020.21~20.04.2 linux-headers-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 linux-buildinfo-5.11.0-1020-aws - 5.11.0-1020.21~20.04.2 No subscription required linux-modules-extra-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-gcp-5.11-tools-5.11.0-1021 - 5.11.0-1021.23~20.04.1 linux-gcp-5.11-headers-5.11.0-1021 - 5.11.0-1021.23~20.04.1 linux-tools-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-buildinfo-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-modules-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-image-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-image-unsigned-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 linux-headers-5.11.0-1021-gcp - 5.11.0-1021.23~20.04.1 No subscription required linux-cloud-tools-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-hwe-5.11-headers-5.11.0-38 - 5.11.0-38.42~20.04.1 linux-hwe-5.11-tools-5.11.0-38 - 5.11.0-38.42~20.04.1 linux-image-unsigned-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-unsigned-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-unsigned-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-modules-extra-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-headers-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-38.42~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-tools-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-generic-lpae - 5.11.0-38.42~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-38 - 5.11.0-38.42~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-38.42~20.04.1 linux-modules-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 linux-cloud-tools-5.11.0-38-generic - 5.11.0-38.42~20.04.1 linux-image-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-generic-64k - 5.11.0-38.42~20.04.1 linux-buildinfo-5.11.0-38-lowlatency - 5.11.0-38.42~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1020.21~20.04.13 linux-image-oracle - 5.11.0.1020.21~20.04.13 linux-tools-oracle-edge - 5.11.0.1020.21~20.04.13 linux-image-oracle-edge - 5.11.0.1020.21~20.04.13 linux-oracle-edge - 5.11.0.1020.21~20.04.13 linux-headers-oracle-edge - 5.11.0.1020.21~20.04.13 linux-tools-oracle - 5.11.0.1020.21~20.04.13 linux-oracle - 5.11.0.1020.21~20.04.13 No subscription required linux-tools-azure-edge - 5.11.0.1020.21~20.04.19 linux-image-azure-edge - 5.11.0.1020.21~20.04.19 linux-headers-aws - 5.11.0.1020.21~20.04.19 linux-image-aws - 5.11.0.1020.21~20.04.19 linux-image-aws-edge - 5.11.0.1020.21~20.04.19 linux-cloud-tools-azure-edge - 5.11.0.1020.21~20.04.19 linux-aws-edge - 5.11.0.1020.21~20.04.19 linux-aws - 5.11.0.1020.21~20.04.19 linux-modules-extra-aws-edge - 5.11.0.1020.21~20.04.19 linux-headers-aws-edge - 5.11.0.1020.21~20.04.19 linux-headers-azure-edge - 5.11.0.1020.21~20.04.19 linux-azure-edge - 5.11.0.1020.21~20.04.19 linux-modules-extra-azure-edge - 5.11.0.1020.21~20.04.19 linux-modules-extra-aws - 5.11.0.1020.21~20.04.19 linux-tools-aws - 5.11.0.1020.21~20.04.19 linux-tools-aws-edge - 5.11.0.1020.21~20.04.19 No subscription required linux-headers-gcp-edge - 5.11.0.1021.23~20.04.20 linux-image-gcp-edge - 5.11.0.1021.23~20.04.20 linux-tools-gcp - 5.11.0.1021.23~20.04.20 linux-modules-extra-gcp-edge - 5.11.0.1021.23~20.04.20 linux-gcp - 5.11.0.1021.23~20.04.20 linux-headers-gcp - 5.11.0.1021.23~20.04.20 linux-image-gcp - 5.11.0.1021.23~20.04.20 linux-modules-extra-gcp - 5.11.0.1021.23~20.04.20 linux-tools-gcp-edge - 5.11.0.1021.23~20.04.20 linux-gcp-edge - 5.11.0.1021.23~20.04.20 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-headers-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-cloud-tools-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-extra-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-cloud-tools-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-headers-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-extra-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-tools-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-generic-lpae-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-tools-generic-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-headers-generic-64k-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-tools-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-generic-lpae-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-lowlatency-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-tools-virtual-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-image-generic-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-image-generic-64k-hwe-20.04 - 5.11.0.38.42~20.04.17 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.11.0.38.42~20.04.17 linux-headers-virtual-hwe-20.04 - 5.11.0.38.42~20.04.17 No subscription required Medium CVE-2020-3702 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-38166 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5115-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1050.52 linux-oem-5.10-headers-5.10.0-1050 - 5.10.0-1050.52 linux-image-5.10.0-1050-oem - 5.10.0-1050.52 linux-image-unsigned-5.10.0-1050-oem - 5.10.0-1050.52 linux-oem-5.10-tools-5.10.0-1050 - 5.10.0-1050.52 linux-headers-5.10.0-1050-oem - 5.10.0-1050.52 linux-modules-5.10.0-1050-oem - 5.10.0-1050.52 linux-buildinfo-5.10.0-1050-oem - 5.10.0-1050.52 linux-tools-5.10.0-1050-oem - 5.10.0-1050.52 No subscription required linux-oem-20.04 - 5.10.0.1050.52 linux-oem-20.04-edge - 5.10.0.1050.52 linux-tools-oem-20.04-edge - 5.10.0.1050.52 linux-headers-oem-20.04b - 5.10.0.1050.52 linux-image-oem-20.04b - 5.10.0.1050.52 linux-headers-oem-20.04-edge - 5.10.0.1050.52 linux-headers-oem-20.04 - 5.10.0.1050.52 linux-tools-oem-20.04 - 5.10.0.1050.52 linux-image-oem-20.04-edge - 5.10.0.1050.52 linux-tools-oem-20.04b - 5.10.0.1050.52 linux-image-oem-20.04 - 5.10.0.1050.52 linux-oem-20.04b - 5.10.0.1050.52 No subscription required Medium CVE-2020-3702 CVE-2021-33624 CVE-2021-34556 CVE-2021-35477 CVE-2021-3679 CVE-2021-37159 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-38166 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-38198) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5116-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-bluefield-headers-5.4.0-1020 - 5.4.0-1020.23 linux-bluefield-tools-5.4.0-1020 - 5.4.0-1020.23 linux-image-unsigned-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-tools-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-headers-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-modules-5.4.0-1020-bluefield - 5.4.0-1020.23 linux-buildinfo-5.4.0-1020-bluefield - 5.4.0-1020.23 No subscription required linux-tools-5.4.0-1048-kvm - 5.4.0-1048.50 linux-image-unsigned-5.4.0-1048-kvm - 5.4.0-1048.50 linux-kvm-tools-5.4.0-1048 - 5.4.0-1048.50 linux-headers-5.4.0-1048-kvm - 5.4.0-1048.50 linux-image-5.4.0-1048-kvm - 5.4.0-1048.50 linux-modules-5.4.0-1048-kvm - 5.4.0-1048.50 linux-buildinfo-5.4.0-1048-kvm - 5.4.0-1048.50 linux-kvm-headers-5.4.0-1048 - 5.4.0-1048.50 No subscription required linux-tools-common - 5.4.0-89.100 linux-headers-5.4.0-89-generic - 5.4.0-89.100 linux-tools-5.4.0-89 - 5.4.0-89.100 linux-tools-host - 5.4.0-89.100 linux-image-5.4.0-89-generic - 5.4.0-89.100 linux-buildinfo-5.4.0-89-lowlatency - 5.4.0-89.100 linux-doc - 5.4.0-89.100 linux-image-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-headers-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-libc-dev - 5.4.0-89.100 linux-source-5.4.0 - 5.4.0-89.100 linux-image-unsigned-5.4.0-89-generic - 5.4.0-89.100 linux-modules-extra-5.4.0-89-generic - 5.4.0-89.100 linux-cloud-tools-5.4.0-89-generic - 5.4.0-89.100 linux-tools-5.4.0-89-generic - 5.4.0-89.100 linux-buildinfo-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-headers-5.4.0-89-lowlatency - 5.4.0-89.100 linux-buildinfo-5.4.0-89-generic - 5.4.0-89.100 linux-image-5.4.0-89-lowlatency - 5.4.0-89.100 linux-cloud-tools-common - 5.4.0-89.100 linux-modules-5.4.0-89-generic - 5.4.0-89.100 linux-image-unsigned-5.4.0-89-lowlatency - 5.4.0-89.100 linux-cloud-tools-5.4.0-89-lowlatency - 5.4.0-89.100 linux-tools-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-tools-5.4.0-89-lowlatency - 5.4.0-89.100 linux-headers-5.4.0-89 - 5.4.0-89.100 linux-cloud-tools-5.4.0-89 - 5.4.0-89.100 linux-modules-5.4.0-89-generic-lpae - 5.4.0-89.100 linux-modules-5.4.0-89-lowlatency - 5.4.0-89.100 No subscription required linux-image-bluefield - 5.4.0.1020.21 linux-bluefield - 5.4.0.1020.21 linux-headers-bluefield - 5.4.0.1020.21 linux-tools-bluefield - 5.4.0.1020.21 No subscription required linux-kvm - 5.4.0.1048.47 linux-headers-kvm - 5.4.0.1048.47 linux-image-kvm - 5.4.0.1048.47 linux-tools-kvm - 5.4.0.1048.47 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-cloud-tools-virtual - 5.4.0.89.93 linux-image-generic-hwe-18.04 - 5.4.0.89.93 linux-tools-oem - 5.4.0.89.93 linux-headers-generic-lpae - 5.4.0.89.93 linux-image-virtual - 5.4.0.89.93 linux-oem-osp1-tools-host - 5.4.0.89.93 linux-image-generic - 5.4.0.89.93 linux-tools-lowlatency - 5.4.0.89.93 linux-image-oem - 5.4.0.89.93 linux-tools-virtual-hwe-18.04 - 5.4.0.89.93 linux-headers-generic-hwe-18.04 - 5.4.0.89.93 linux-headers-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-image-extra-virtual-hwe-18.04 - 5.4.0.89.93 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.89.93 linux-image-oem-osp1 - 5.4.0.89.93 linux-image-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-crashdump - 5.4.0.89.93 linux-tools-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-headers-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-source - 5.4.0.89.93 linux-lowlatency - 5.4.0.89.93 linux-tools-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-tools-generic-lpae - 5.4.0.89.93 linux-cloud-tools-generic - 5.4.0.89.93 linux-virtual - 5.4.0.89.93 linux-headers-virtual-hwe-18.04 - 5.4.0.89.93 linux-virtual-hwe-18.04 - 5.4.0.89.93 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-tools-virtual - 5.4.0.89.93 linux-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-generic-lpae - 5.4.0.89.93 linux-headers-oem - 5.4.0.89.93 linux-generic - 5.4.0.89.93 linux-tools-oem-osp1 - 5.4.0.89.93 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-tools-generic-hwe-18.04-edge - 5.4.0.89.93 linux-image-virtual-hwe-18.04 - 5.4.0.89.93 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-oem-tools-host - 5.4.0.89.93 linux-headers-lowlatency - 5.4.0.89.93 linux-image-generic-hwe-18.04-edge - 5.4.0.89.93 linux-generic-hwe-18.04-edge - 5.4.0.89.93 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.89.93 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-oem - 5.4.0.89.93 linux-tools-generic - 5.4.0.89.93 linux-image-extra-virtual - 5.4.0.89.93 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-cloud-tools-lowlatency - 5.4.0.89.93 linux-headers-oem-osp1 - 5.4.0.89.93 linux-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-tools-generic-hwe-18.04 - 5.4.0.89.93 linux-headers-generic-hwe-18.04-edge - 5.4.0.89.93 linux-headers-generic - 5.4.0.89.93 linux-oem-osp1 - 5.4.0.89.93 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-image-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.89.93 linux-virtual-hwe-18.04-edge - 5.4.0.89.93 linux-headers-virtual - 5.4.0.89.93 linux-lowlatency-hwe-18.04 - 5.4.0.89.93 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.89.93 linux-generic-hwe-18.04 - 5.4.0.89.93 linux-image-generic-lpae - 5.4.0.89.93 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.89.93 linux-image-lowlatency - 5.4.0.89.93 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.89.93 linux-image-virtual-hwe-18.04-edge - 5.4.0.89.93 No subscription required Medium CVE-2020-3702 CVE-2021-3732 CVE-2021-38198 CVE-2021-38205 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-38198) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update Instructions: Run `sudo pro fix USN-5116-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1006-ibm - 5.4.0-1006.7 linux-ibm-headers-5.4.0-1006 - 5.4.0-1006.7 linux-buildinfo-5.4.0-1006-ibm - 5.4.0-1006.7 linux-image-5.4.0-1006-ibm - 5.4.0-1006.7 linux-ibm-tools-common - 5.4.0-1006.7 linux-ibm-tools-5.4.0-1006 - 5.4.0-1006.7 linux-image-unsigned-5.4.0-1006-ibm - 5.4.0-1006.7 linux-tools-5.4.0-1006-ibm - 5.4.0-1006.7 linux-ibm-source-5.4.0 - 5.4.0-1006.7 linux-ibm-cloud-tools-common - 5.4.0-1006.7 linux-modules-extra-5.4.0-1006-ibm - 5.4.0-1006.7 linux-modules-5.4.0-1006-ibm - 5.4.0-1006.7 No subscription required linux-modules-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-buildinfo-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-gkeop-source-5.4.0 - 5.4.0-1025.26 linux-tools-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-image-unsigned-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-modules-extra-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-cloud-tools-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-headers-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-image-5.4.0-1025-gkeop - 5.4.0-1025.26 linux-gkeop-headers-5.4.0-1025 - 5.4.0-1025.26 linux-gkeop-tools-5.4.0-1025 - 5.4.0-1025.26 linux-gkeop-cloud-tools-5.4.0-1025 - 5.4.0-1025.26 No subscription required linux-buildinfo-5.4.0-1045-raspi - 5.4.0-1045.49 linux-modules-5.4.0-1045-raspi - 5.4.0-1045.49 linux-raspi-tools-5.4.0-1045 - 5.4.0-1045.49 linux-image-5.4.0-1045-raspi - 5.4.0-1045.49 linux-tools-5.4.0-1045-raspi - 5.4.0-1045.49 linux-raspi-headers-5.4.0-1045 - 5.4.0-1045.49 linux-headers-5.4.0-1045-raspi - 5.4.0-1045.49 No subscription required linux-modules-extra-5.4.0-1054-gke - 5.4.0-1054.57 linux-image-unsigned-5.4.0-1054-gke - 5.4.0-1054.57 linux-gke-headers-5.4.0-1054 - 5.4.0-1054.57 linux-gke-tools-5.4.0-1054 - 5.4.0-1054.57 linux-modules-5.4.0-1054-gke - 5.4.0-1054.57 linux-buildinfo-5.4.0-1054-gke - 5.4.0-1054.57 linux-image-5.4.0-1054-gke - 5.4.0-1054.57 linux-headers-5.4.0-1054-gke - 5.4.0-1054.57 linux-tools-5.4.0-1054-gke - 5.4.0-1054.57 No subscription required linux-headers-5.4.0-1056-gcp - 5.4.0-1056.60 linux-buildinfo-5.4.0-1056-oracle - 5.4.0-1056.60 linux-image-unsigned-5.4.0-1056-gcp - 5.4.0-1056.60 linux-oracle-headers-5.4.0-1056 - 5.4.0-1056.60 linux-gcp-headers-5.4.0-1056 - 5.4.0-1056.60 linux-image-5.4.0-1056-gcp - 5.4.0-1056.60 linux-oracle-tools-5.4.0-1056 - 5.4.0-1056.60 linux-image-5.4.0-1056-oracle - 5.4.0-1056.60 linux-buildinfo-5.4.0-1056-gcp - 5.4.0-1056.60 linux-image-unsigned-5.4.0-1056-oracle - 5.4.0-1056.60 linux-tools-5.4.0-1056-oracle - 5.4.0-1056.60 linux-modules-5.4.0-1056-gcp - 5.4.0-1056.60 linux-modules-extra-5.4.0-1056-oracle - 5.4.0-1056.60 linux-gcp-tools-5.4.0-1056 - 5.4.0-1056.60 linux-tools-5.4.0-1056-gcp - 5.4.0-1056.60 linux-headers-5.4.0-1056-oracle - 5.4.0-1056.60 linux-modules-5.4.0-1056-oracle - 5.4.0-1056.60 linux-modules-extra-5.4.0-1056-gcp - 5.4.0-1056.60 No subscription required linux-image-5.4.0-1058-aws - 5.4.0-1058.61 linux-aws-tools-5.4.0-1058 - 5.4.0-1058.61 linux-buildinfo-5.4.0-1058-aws - 5.4.0-1058.61 linux-aws-headers-5.4.0-1058 - 5.4.0-1058.61 linux-modules-extra-5.4.0-1058-aws - 5.4.0-1058.61 linux-aws-cloud-tools-5.4.0-1058 - 5.4.0-1058.61 linux-cloud-tools-5.4.0-1058-aws - 5.4.0-1058.61 linux-tools-5.4.0-1058-aws - 5.4.0-1058.61 linux-headers-5.4.0-1058-aws - 5.4.0-1058.61 linux-modules-5.4.0-1058-aws - 5.4.0-1058.61 No subscription required linux-tools-5.4.0-1062-azure - 5.4.0-1062.65 linux-azure-headers-5.4.0-1062 - 5.4.0-1062.65 linux-image-5.4.0-1062-azure - 5.4.0-1062.65 linux-buildinfo-5.4.0-1062-azure - 5.4.0-1062.65 linux-cloud-tools-5.4.0-1062-azure - 5.4.0-1062.65 linux-modules-5.4.0-1062-azure - 5.4.0-1062.65 linux-azure-cloud-tools-5.4.0-1062 - 5.4.0-1062.65 linux-modules-extra-5.4.0-1062-azure - 5.4.0-1062.65 linux-image-unsigned-5.4.0-1062-azure - 5.4.0-1062.65 linux-azure-tools-5.4.0-1062 - 5.4.0-1062.65 linux-headers-5.4.0-1062-azure - 5.4.0-1062.65 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1006.7 linux-image-ibm - 5.4.0.1006.7 linux-headers-ibm-lts-20.04 - 5.4.0.1006.7 linux-tools-ibm - 5.4.0.1006.7 linux-modules-extra-ibm - 5.4.0.1006.7 linux-image-ibm-lts-20.04 - 5.4.0.1006.7 linux-ibm-lts-20.04 - 5.4.0.1006.7 linux-ibm - 5.4.0.1006.7 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1006.7 linux-headers-ibm - 5.4.0.1006.7 No subscription required linux-headers-gkeop - 5.4.0.1025.28 linux-cloud-tools-gkeop-5.4 - 5.4.0.1025.28 linux-image-gkeop - 5.4.0.1025.28 linux-modules-extra-gkeop-5.4 - 5.4.0.1025.28 linux-gkeop-5.4 - 5.4.0.1025.28 linux-image-gkeop-5.4 - 5.4.0.1025.28 linux-gkeop - 5.4.0.1025.28 linux-cloud-tools-gkeop - 5.4.0.1025.28 linux-headers-gkeop-5.4 - 5.4.0.1025.28 linux-modules-extra-gkeop - 5.4.0.1025.28 linux-tools-gkeop - 5.4.0.1025.28 linux-tools-gkeop-5.4 - 5.4.0.1025.28 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-raspi2 - 5.4.0.1045.80 linux-headers-raspi2 - 5.4.0.1045.80 linux-image-raspi-hwe-18.04 - 5.4.0.1045.80 linux-image-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-tools-raspi - 5.4.0.1045.80 linux-headers-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-headers-raspi-hwe-18.04 - 5.4.0.1045.80 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-headers-raspi - 5.4.0.1045.80 linux-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-raspi-hwe-18.04 - 5.4.0.1045.80 linux-tools-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-raspi2-hwe-18.04 - 5.4.0.1045.80 linux-image-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-image-raspi2 - 5.4.0.1045.80 linux-tools-raspi-hwe-18.04 - 5.4.0.1045.80 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-raspi-hwe-18.04-edge - 5.4.0.1045.80 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1045.80 linux-image-raspi - 5.4.0.1045.80 linux-tools-raspi2 - 5.4.0.1045.80 linux-raspi - 5.4.0.1045.80 No subscription required linux-modules-extra-gke - 5.4.0.1054.64 linux-headers-gke-5.4 - 5.4.0.1054.64 linux-modules-extra-gke-5.4 - 5.4.0.1054.64 linux-gke-5.4 - 5.4.0.1054.64 linux-tools-gke - 5.4.0.1054.64 linux-gke - 5.4.0.1054.64 linux-image-gke - 5.4.0.1054.64 linux-headers-gke - 5.4.0.1054.64 linux-image-gke-5.4 - 5.4.0.1054.64 linux-tools-gke-5.4 - 5.4.0.1054.64 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1056.56 linux-headers-oracle-lts-20.04 - 5.4.0.1056.56 linux-oracle-lts-20.04 - 5.4.0.1056.56 linux-image-oracle-lts-20.04 - 5.4.0.1056.56 No subscription required linux-gcp-lts-20.04 - 5.4.0.1056.66 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1056.66 linux-headers-gcp-lts-20.04 - 5.4.0.1056.66 linux-image-gcp-lts-20.04 - 5.4.0.1056.66 linux-tools-gcp-lts-20.04 - 5.4.0.1056.66 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1058.61 linux-image-aws-lts-20.04 - 5.4.0.1058.61 linux-headers-aws-lts-20.04 - 5.4.0.1058.61 linux-tools-aws-lts-20.04 - 5.4.0.1058.61 linux-aws-lts-20.04 - 5.4.0.1058.61 No subscription required linux-azure-lts-20.04 - 5.4.0.1062.60 linux-image-azure-lts-20.04 - 5.4.0.1062.60 linux-modules-extra-azure-lts-20.04 - 5.4.0.1062.60 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1062.60 linux-tools-azure-lts-20.04 - 5.4.0.1062.60 linux-headers-azure-lts-20.04 - 5.4.0.1062.60 No subscription required Medium CVE-2020-3702 CVE-2021-3732 CVE-2021-38198 CVE-2021-38205 CVE-2021-40490 CVE-2021-42008 Ubuntu 20.04 LTS It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Update Instructions: Run `sudo pro fix USN-5117-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.13.0-1017-oem - 5.13.0-1017.21 linux-tools-5.13.0-1017-oem - 5.13.0-1017.21 linux-image-5.13.0-1017-oem - 5.13.0-1017.21 linux-oem-5.13-headers-5.13.0-1017 - 5.13.0-1017.21 linux-buildinfo-5.13.0-1017-oem - 5.13.0-1017.21 linux-oem-5.13-tools-host - 5.13.0-1017.21 linux-headers-5.13.0-1017-oem - 5.13.0-1017.21 linux-modules-5.13.0-1017-oem - 5.13.0-1017.21 linux-oem-5.13-tools-5.13.0-1017 - 5.13.0-1017.21 No subscription required linux-image-oem-20.04c - 5.13.0.1017.21 linux-headers-oem-20.04c - 5.13.0.1017.21 linux-tools-oem-20.04c - 5.13.0.1017.21 linux-oem-20.04c - 5.13.0.1017.21 No subscription required Medium CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 Ubuntu 20.04 LTS It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a crash. (CVE-2021-30498, CVE-2021-30499) Update Instructions: Run `sudo pro fix USN-5119-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: caca-utils - 0.99.beta19-2.1ubuntu1.20.04.2 libcaca-dev - 0.99.beta19-2.1ubuntu1.20.04.2 libcaca0 - 0.99.beta19-2.1ubuntu1.20.04.2 No subscription required Medium CVE-2021-30498 CVE-2021-30499 Ubuntu 20.04 LTS It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not ensure enough processing time was given to perform cleanups of large SEV VMs. A local attacker could use this to cause a denial of service (soft lockup). (CVE-2020-36311) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Xilinx LL TEMAC device driver in the Linux kernel did not properly calculate the number of buffers to be used in certain situations. A remote attacker could use this to cause a denial of service (system crash). (CVE-2021-38207) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) Update Instructions: Run `sudo pro fix USN-5120-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-headers-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-cloud-tools-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-azure-5.8-cloud-tools-5.8.0-1043 - 5.8.0-1043.46~20.04.1 linux-modules-extra-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-tools-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-image-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-azure-5.8-tools-5.8.0-1043 - 5.8.0-1043.46~20.04.1 linux-image-unsigned-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-buildinfo-5.8.0-1043-azure - 5.8.0-1043.46~20.04.1 linux-azure-5.8-headers-5.8.0-1043 - 5.8.0-1043.46~20.04.1 No subscription required linux-headers-azure - 5.8.0.1043.46~20.04.15 linux-modules-extra-azure - 5.8.0.1043.46~20.04.15 linux-cloud-tools-azure - 5.8.0.1043.46~20.04.15 linux-azure - 5.8.0.1043.46~20.04.15 linux-tools-azure - 5.8.0.1043.46~20.04.15 linux-image-azure - 5.8.0.1043.46~20.04.15 No subscription required Medium CVE-2019-19449 CVE-2020-26541 CVE-2020-36311 CVE-2021-22543 CVE-2021-3612 CVE-2021-3759 CVE-2021-38199 CVE-2021-38207 CVE-2021-40490 Ubuntu 20.04 LTS USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. (CVE-2020-12108, CVE-2020-15011) It was discovered that Mailman improperly sanitize the MIME content. An attacker could obtain sensitive information by sending a special type of attachment. (CVE-2020-12137) Original advisory details: Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery (CSRF) tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. (CVE-2021-42097) Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman’s cross-site request forgery (CSRF) tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. (CVE-2021-42096) Update Instructions: Run `sudo pro fix USN-5121-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mailman - 1:2.1.29-1ubuntu3.1 No subscription required High CVE-2020-12108 CVE-2020-12137 CVE-2020-15011 CVE-2021-42096 CVE-2021-42097 Ubuntu 20.04 LTS It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory. Update Instructions: Run `sudo pro fix USN-5122-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.21 apport-kde - 2.20.11-0ubuntu27.21 apport-retrace - 2.20.11-0ubuntu27.21 apport-valgrind - 2.20.11-0ubuntu27.21 python3-apport - 2.20.11-0ubuntu27.21 dh-apport - 2.20.11-0ubuntu27.21 apport-gtk - 2.20.11-0ubuntu27.21 apport - 2.20.11-0ubuntu27.21 apport-noui - 2.20.11-0ubuntu27.21 No subscription required None https://launchpad.net/bugs/1948657 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-36.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-27.html https://www.oracle.com/security-alerts/cpuoct2021.html Update Instructions: Run `sudo pro fix USN-5123-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.27-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.27-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.27-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-router - 8.0.27-0ubuntu0.20.04.1 mysql-server - 8.0.27-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.27-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-testsuite - 8.0.27-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.27-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.27-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-2478 CVE-2021-2479 CVE-2021-2481 CVE-2021-35546 CVE-2021-35575 CVE-2021-35577 CVE-2021-35584 CVE-2021-35591 CVE-2021-35596 CVE-2021-35597 CVE-2021-35602 CVE-2021-35604 CVE-2021-35607 CVE-2021-35608 CVE-2021-35610 CVE-2021-35612 CVE-2021-35613 CVE-2021-35622 CVE-2021-35623 CVE-2021-35624 CVE-2021-35625 CVE-2021-35626 CVE-2021-35627 CVE-2021-35628 CVE-2021-35630 CVE-2021-35631 CVE-2021-35632 CVE-2021-35633 CVE-2021-35634 CVE-2021-35635 CVE-2021-35636 CVE-2021-35637 CVE-2021-35638 CVE-2021-35639 CVE-2021-35640 CVE-2021-35641 CVE-2021-35642 CVE-2021-35643 CVE-2021-35644 CVE-2021-35645 CVE-2021-35646 CVE-2021-35647 CVE-2021-35648 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-16592) It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug sections. An attacker could possibly use this issue to cause GNU binutils to consume memory, resulting in a denial of service. (CVE-2021-3487) Update Instructions: Run `sudo pro fix USN-5124-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.3 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.3 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.3 binutils-ia64-linux-gnu - 2.34-6ubuntu1.3 binutils-multiarch - 2.34-6ubuntu1.3 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.3 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.3 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.3 binutils-m68k-linux-gnu - 2.34-6ubuntu1.3 binutils-for-build - 2.34-6ubuntu1.3 binutils-s390x-linux-gnu - 2.34-6ubuntu1.3 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.3 binutils-multiarch-dev - 2.34-6ubuntu1.3 binutils-for-host - 2.34-6ubuntu1.3 libctf-nobfd0 - 2.34-6ubuntu1.3 binutils-i686-gnu - 2.34-6ubuntu1.3 binutils-doc - 2.34-6ubuntu1.3 libctf0 - 2.34-6ubuntu1.3 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.3 binutils-source - 2.34-6ubuntu1.3 binutils-i686-linux-gnu - 2.34-6ubuntu1.3 binutils-common - 2.34-6ubuntu1.3 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.3 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.3 binutils-sh4-linux-gnu - 2.34-6ubuntu1.3 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.3 binutils-hppa-linux-gnu - 2.34-6ubuntu1.3 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.3 libbinutils - 2.34-6ubuntu1.3 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.3 binutils-alpha-linux-gnu - 2.34-6ubuntu1.3 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.3 binutils - 2.34-6ubuntu1.3 No subscription required Low CVE-2020-16592 Ubuntu 20.04 LTS It was discovered that PHP-FPM in PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5125-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.7 php7.4-readline - 7.4.3-4ubuntu2.7 php7.4-dba - 7.4.3-4ubuntu2.7 php7.4-common - 7.4.3-4ubuntu2.7 php7.4-xmlrpc - 7.4.3-4ubuntu2.7 php7.4-intl - 7.4.3-4ubuntu2.7 php7.4-phpdbg - 7.4.3-4ubuntu2.7 php7.4-ldap - 7.4.3-4ubuntu2.7 php7.4-soap - 7.4.3-4ubuntu2.7 php7.4-xsl - 7.4.3-4ubuntu2.7 php7.4-pgsql - 7.4.3-4ubuntu2.7 php7.4-pspell - 7.4.3-4ubuntu2.7 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.7 php7.4-zip - 7.4.3-4ubuntu2.7 php7.4-curl - 7.4.3-4ubuntu2.7 php7.4-odbc - 7.4.3-4ubuntu2.7 php7.4-json - 7.4.3-4ubuntu2.7 php7.4-mbstring - 7.4.3-4ubuntu2.7 php7.4-imap - 7.4.3-4ubuntu2.7 php7.4-bz2 - 7.4.3-4ubuntu2.7 php7.4-cgi - 7.4.3-4ubuntu2.7 php7.4 - 7.4.3-4ubuntu2.7 php7.4-bcmath - 7.4.3-4ubuntu2.7 php7.4-dev - 7.4.3-4ubuntu2.7 php7.4-interbase - 7.4.3-4ubuntu2.7 php7.4-tidy - 7.4.3-4ubuntu2.7 php7.4-gmp - 7.4.3-4ubuntu2.7 php7.4-sqlite3 - 7.4.3-4ubuntu2.7 php7.4-fpm - 7.4.3-4ubuntu2.7 php7.4-sybase - 7.4.3-4ubuntu2.7 php7.4-cli - 7.4.3-4ubuntu2.7 libphp7.4-embed - 7.4.3-4ubuntu2.7 php7.4-enchant - 7.4.3-4ubuntu2.7 php7.4-mysql - 7.4.3-4ubuntu2.7 php7.4-snmp - 7.4.3-4ubuntu2.7 php7.4-xml - 7.4.3-4ubuntu2.7 php7.4-opcache - 7.4.3-4ubuntu2.7 No subscription required High CVE-2021-21703 Ubuntu 20.04 LTS Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5126-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.9 bind9-libs - 1:9.16.1-0ubuntu2.9 bind9utils - 1:9.16.1-0ubuntu2.9 bind9-doc - 1:9.16.1-0ubuntu2.9 bind9-utils - 1:9.16.1-0ubuntu2.9 bind9 - 1:9.16.1-0ubuntu2.9 bind9-dnsutils - 1:9.16.1-0ubuntu2.9 bind9-host - 1:9.16.1-0ubuntu2.9 No subscription required Medium CVE-2021-25219 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5127-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.1-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.1-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.1-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.1-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.1-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.1-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30846 CVE-2021-30851 CVE-2021-42762 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execute arbitrary code. (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509) It was discovered that the 'Copy Image Link' context menu action would copy the final image URL after redirects. If a user were tricked into copying and pasting a link for an embedded image that triggered authentication flows back to the page, an attacker could potentially exploit this to steal authentication tokens. Update Instructions: Run `sudo pro fix USN-5131-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 94.0+build3-0ubuntu0.20.04.1 firefox - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 94.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 94.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 94.0+build3-0ubuntu0.20.04.1 firefox-dev - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 94.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 94.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Ubuntu 20.04 LTS An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry. Update Instructions: Run `sudo pro fix USN-5134-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-docker-dev - 20.10.7-0ubuntu5~20.04.2 docker.io - 20.10.7-0ubuntu5~20.04.2 golang-docker-dev - 20.10.7-0ubuntu5~20.04.2 vim-syntax-docker - 20.10.7-0ubuntu5~20.04.2 docker-doc - 20.10.7-0ubuntu5~20.04.2 No subscription required Medium CVE-2021-41092 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). Update Instructions: Run `sudo pro fix USN-5135-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-image-unsigned-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-tools-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-image-unsigned-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-tools-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-azure-5.11-headers-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-oracle-5.11-headers-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-oracle-5.11-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-buildinfo-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-modules-extra-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-image-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-buildinfo-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-headers-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-headers-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-image-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-cloud-tools-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 linux-modules-5.11.0-1021-oracle - 5.11.0-1021.22~20.04.1 linux-azure-5.11-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.1 linux-modules-5.11.0-1021-azure - 5.11.0-1021.22~20.04.1 No subscription required linux-image-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-modules-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-buildinfo-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-tools-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-aws-5.11-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.2 linux-headers-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-modules-extra-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 linux-aws-5.11-cloud-tools-5.11.0-1021 - 5.11.0-1021.22~20.04.2 linux-aws-5.11-headers-5.11.0-1021 - 5.11.0-1021.22~20.04.2 linux-cloud-tools-5.11.0-1021-aws - 5.11.0-1021.22~20.04.2 No subscription required linux-modules-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-gcp-5.11-tools-5.11.0-1022 - 5.11.0-1022.24~20.04.1 linux-gcp-5.11-headers-5.11.0-1022 - 5.11.0-1022.24~20.04.1 linux-modules-extra-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-buildinfo-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-tools-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-image-unsigned-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-headers-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 linux-image-5.11.0-1022-gcp - 5.11.0-1022.24~20.04.1 No subscription required linux-image-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-image-unsigned-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-image-unsigned-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-image-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-cloud-tools-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-cloud-tools-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-hwe-5.11-cloud-tools-5.11.0-40 - 5.11.0-40.44~20.04.2 linux-hwe-5.11-source-5.11.0 - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-modules-extra-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-image-unsigned-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-buildinfo-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-hwe-5.11-tools-host - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-lowlatency - 5.11.0-40.44~20.04.2 linux-hwe-5.11-tools-5.11.0-40 - 5.11.0-40.44~20.04.2 linux-hwe-5.11-cloud-tools-common - 5.11.0-40.44~20.04.2 linux-image-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-headers-5.11.0-40-generic-64k - 5.11.0-40.44~20.04.2 linux-tools-5.11.0-40-generic - 5.11.0-40.44~20.04.2 linux-modules-5.11.0-40-generic-lpae - 5.11.0-40.44~20.04.2 linux-hwe-5.11-tools-common - 5.11.0-40.44~20.04.2 linux-hwe-5.11-headers-5.11.0-40 - 5.11.0-40.44~20.04.2 linux-image-5.11.0-40-generic - 5.11.0-40.44~20.04.2 No subscription required linux-headers-oracle - 5.11.0.1021.22~20.04.14 linux-tools-oracle-edge - 5.11.0.1021.22~20.04.14 linux-oracle-edge - 5.11.0.1021.22~20.04.14 linux-image-oracle-edge - 5.11.0.1021.22~20.04.14 linux-headers-oracle-edge - 5.11.0.1021.22~20.04.14 linux-image-oracle - 5.11.0.1021.22~20.04.14 linux-tools-oracle - 5.11.0.1021.22~20.04.14 linux-oracle - 5.11.0.1021.22~20.04.14 No subscription required linux-headers-aws - 5.11.0.1021.22~20.04.20 linux-image-aws - 5.11.0.1021.22~20.04.20 linux-modules-extra-aws-edge - 5.11.0.1021.22~20.04.20 linux-image-aws-edge - 5.11.0.1021.22~20.04.20 linux-aws-edge - 5.11.0.1021.22~20.04.20 linux-aws - 5.11.0.1021.22~20.04.20 linux-headers-aws-edge - 5.11.0.1021.22~20.04.20 linux-modules-extra-aws - 5.11.0.1021.22~20.04.20 linux-tools-aws - 5.11.0.1021.22~20.04.20 linux-tools-aws-edge - 5.11.0.1021.22~20.04.20 No subscription required linux-tools-azure-edge - 5.11.0.1021.22~20.04.21 linux-cloud-tools-azure - 5.11.0.1021.22~20.04.21 linux-tools-azure - 5.11.0.1021.22~20.04.21 linux-image-azure-edge - 5.11.0.1021.22~20.04.21 linux-cloud-tools-azure-edge - 5.11.0.1021.22~20.04.21 linux-modules-extra-azure - 5.11.0.1021.22~20.04.21 linux-azure - 5.11.0.1021.22~20.04.21 linux-image-azure - 5.11.0.1021.22~20.04.21 linux-headers-azure-edge - 5.11.0.1021.22~20.04.21 linux-modules-extra-azure-edge - 5.11.0.1021.22~20.04.21 linux-headers-azure - 5.11.0.1021.22~20.04.21 linux-azure-edge - 5.11.0.1021.22~20.04.21 No subscription required linux-image-gcp-edge - 5.11.0.1022.24~20.04.21 linux-tools-gcp-edge - 5.11.0.1022.24~20.04.21 linux-headers-gcp-edge - 5.11.0.1022.24~20.04.21 linux-tools-gcp - 5.11.0.1022.24~20.04.21 linux-modules-extra-gcp-edge - 5.11.0.1022.24~20.04.21 linux-gcp - 5.11.0.1022.24~20.04.21 linux-headers-gcp - 5.11.0.1022.24~20.04.21 linux-image-gcp - 5.11.0.1022.24~20.04.21 linux-modules-extra-gcp - 5.11.0.1022.24~20.04.21 linux-gcp-edge - 5.11.0.1022.24~20.04.21 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-extra-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-generic-lpae-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-generic-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-tools-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-lowlatency-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-image-generic-64k-hwe-20.04 - 5.11.0.40.44~20.04.18 linux-headers-virtual-hwe-20.04 - 5.11.0.40.44~20.04.18 No subscription required linux-oem-5.13-tools-host - 5.13.0-1019.23 linux-tools-5.13.0-1019-oem - 5.13.0-1019.23 linux-oem-5.13-tools-5.13.0-1019 - 5.13.0-1019.23 linux-image-unsigned-5.13.0-1019-oem - 5.13.0-1019.23 linux-image-5.13.0-1019-oem - 5.13.0-1019.23 linux-headers-5.13.0-1019-oem - 5.13.0-1019.23 linux-buildinfo-5.13.0-1019-oem - 5.13.0-1019.23 linux-oem-5.13-headers-5.13.0-1019 - 5.13.0-1019.23 linux-modules-5.13.0-1019-oem - 5.13.0-1019.23 No subscription required linux-tools-oem-20.04c - 5.13.0.1019.23 linux-image-oem-20.04c - 5.13.0.1019.23 linux-oem-20.04c - 5.13.0.1019.23 linux-headers-oem-20.04c - 5.13.0.1019.23 No subscription required Medium CVE-2021-3759 Ubuntu 20.04 LTS It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possible execute arbitrary code. (CVE-2020-36385) Wolfgang Frisch discovered that the ext4 file system implementation in the Linux kernel contained an integer overflow when handling metadata inode extents. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2021-3428) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252) Update Instructions: Run `sudo pro fix USN-5137-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1007-ibm - 5.4.0-1007.8 linux-buildinfo-5.4.0-1007-ibm - 5.4.0-1007.8 linux-modules-5.4.0-1007-ibm - 5.4.0-1007.8 linux-ibm-headers-5.4.0-1007 - 5.4.0-1007.8 linux-ibm-tools-common - 5.4.0-1007.8 linux-ibm-tools-5.4.0-1007 - 5.4.0-1007.8 linux-image-5.4.0-1007-ibm - 5.4.0-1007.8 linux-image-unsigned-5.4.0-1007-ibm - 5.4.0-1007.8 linux-ibm-source-5.4.0 - 5.4.0-1007.8 linux-ibm-cloud-tools-common - 5.4.0-1007.8 linux-headers-5.4.0-1007-ibm - 5.4.0-1007.8 linux-tools-5.4.0-1007-ibm - 5.4.0-1007.8 No subscription required linux-gkeop-headers-5.4.0-1026 - 5.4.0-1026.27 linux-image-unsigned-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-headers-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-gkeop-source-5.4.0 - 5.4.0-1026.27 linux-tools-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-modules-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-image-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-modules-extra-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-buildinfo-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-gkeop-tools-5.4.0-1026 - 5.4.0-1026.27 linux-cloud-tools-5.4.0-1026-gkeop - 5.4.0-1026.27 linux-gkeop-cloud-tools-5.4.0-1026 - 5.4.0-1026.27 No subscription required linux-tools-5.4.0-1049-kvm - 5.4.0-1049.51 linux-image-unsigned-5.4.0-1049-kvm - 5.4.0-1049.51 linux-kvm-tools-5.4.0-1049 - 5.4.0-1049.51 linux-modules-5.4.0-1049-kvm - 5.4.0-1049.51 linux-image-5.4.0-1049-kvm - 5.4.0-1049.51 linux-headers-5.4.0-1049-kvm - 5.4.0-1049.51 linux-kvm-headers-5.4.0-1049 - 5.4.0-1049.51 linux-buildinfo-5.4.0-1049-kvm - 5.4.0-1049.51 No subscription required linux-image-unsigned-5.4.0-1055-gke - 5.4.0-1055.58 linux-modules-extra-5.4.0-1055-gke - 5.4.0-1055.58 linux-gke-headers-5.4.0-1055 - 5.4.0-1055.58 linux-buildinfo-5.4.0-1055-gke - 5.4.0-1055.58 linux-image-5.4.0-1055-gke - 5.4.0-1055.58 linux-gke-tools-5.4.0-1055 - 5.4.0-1055.58 linux-tools-5.4.0-1055-gke - 5.4.0-1055.58 linux-headers-5.4.0-1055-gke - 5.4.0-1055.58 linux-modules-5.4.0-1055-gke - 5.4.0-1055.58 No subscription required linux-gcp-headers-5.4.0-1057 - 5.4.0-1057.61 linux-buildinfo-5.4.0-1057-gcp - 5.4.0-1057.61 linux-image-unsigned-5.4.0-1057-gcp - 5.4.0-1057.61 linux-headers-5.4.0-1057-gcp - 5.4.0-1057.61 linux-gcp-tools-5.4.0-1057 - 5.4.0-1057.61 linux-modules-5.4.0-1057-gcp - 5.4.0-1057.61 linux-image-5.4.0-1057-gcp - 5.4.0-1057.61 linux-modules-extra-5.4.0-1057-gcp - 5.4.0-1057.61 linux-tools-5.4.0-1057-gcp - 5.4.0-1057.61 No subscription required linux-modules-5.4.0-1059-aws - 5.4.0-1059.62 linux-cloud-tools-5.4.0-1059-aws - 5.4.0-1059.62 linux-aws-cloud-tools-5.4.0-1059 - 5.4.0-1059.62 linux-tools-5.4.0-1059-aws - 5.4.0-1059.62 linux-image-5.4.0-1059-aws - 5.4.0-1059.62 linux-aws-tools-5.4.0-1059 - 5.4.0-1059.62 linux-aws-headers-5.4.0-1059 - 5.4.0-1059.62 linux-modules-extra-5.4.0-1059-aws - 5.4.0-1059.62 linux-buildinfo-5.4.0-1059-aws - 5.4.0-1059.62 linux-headers-5.4.0-1059-aws - 5.4.0-1059.62 No subscription required linux-image-5.4.0-1063-azure - 5.4.0-1063.66 linux-cloud-tools-5.4.0-1063-azure - 5.4.0-1063.66 linux-azure-headers-5.4.0-1063 - 5.4.0-1063.66 linux-image-unsigned-5.4.0-1063-azure - 5.4.0-1063.66 linux-buildinfo-5.4.0-1063-azure - 5.4.0-1063.66 linux-tools-5.4.0-1063-azure - 5.4.0-1063.66 linux-azure-cloud-tools-5.4.0-1063 - 5.4.0-1063.66 linux-azure-tools-5.4.0-1063 - 5.4.0-1063.66 linux-headers-5.4.0-1063-azure - 5.4.0-1063.66 linux-modules-5.4.0-1063-azure - 5.4.0-1063.66 linux-modules-extra-5.4.0-1063-azure - 5.4.0-1063.66 No subscription required linux-buildinfo-5.4.0-90-lowlatency - 5.4.0-90.101 linux-tools-common - 5.4.0-90.101 linux-tools-host - 5.4.0-90.101 linux-cloud-tools-5.4.0-90-lowlatency - 5.4.0-90.101 linux-headers-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-headers-5.4.0-90-lowlatency - 5.4.0-90.101 linux-doc - 5.4.0-90.101 linux-headers-5.4.0-90 - 5.4.0-90.101 linux-tools-5.4.0-90-generic - 5.4.0-90.101 linux-image-5.4.0-90-generic - 5.4.0-90.101 linux-image-unsigned-5.4.0-90-lowlatency - 5.4.0-90.101 linux-modules-5.4.0-90-generic - 5.4.0-90.101 linux-image-5.4.0-90-lowlatency - 5.4.0-90.101 linux-libc-dev - 5.4.0-90.101 linux-cloud-tools-common - 5.4.0-90.101 linux-cloud-tools-5.4.0-90-generic - 5.4.0-90.101 linux-modules-extra-5.4.0-90-generic - 5.4.0-90.101 linux-buildinfo-5.4.0-90-generic - 5.4.0-90.101 linux-tools-5.4.0-90 - 5.4.0-90.101 linux-tools-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-image-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-modules-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-image-unsigned-5.4.0-90-generic - 5.4.0-90.101 linux-headers-5.4.0-90-generic - 5.4.0-90.101 linux-tools-5.4.0-90-lowlatency - 5.4.0-90.101 linux-source-5.4.0 - 5.4.0-90.101 linux-cloud-tools-5.4.0-90 - 5.4.0-90.101 linux-buildinfo-5.4.0-90-generic-lpae - 5.4.0-90.101 linux-modules-5.4.0-90-lowlatency - 5.4.0-90.101 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1007.8 linux-image-ibm - 5.4.0.1007.8 linux-headers-ibm-lts-20.04 - 5.4.0.1007.8 linux-tools-ibm - 5.4.0.1007.8 linux-modules-extra-ibm - 5.4.0.1007.8 linux-headers-ibm - 5.4.0.1007.8 linux-ibm-lts-20.04 - 5.4.0.1007.8 linux-image-ibm-lts-20.04 - 5.4.0.1007.8 linux-ibm - 5.4.0.1007.8 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1007.8 No subscription required linux-headers-gkeop - 5.4.0.1026.29 linux-cloud-tools-gkeop-5.4 - 5.4.0.1026.29 linux-image-gkeop - 5.4.0.1026.29 linux-modules-extra-gkeop-5.4 - 5.4.0.1026.29 linux-gkeop-5.4 - 5.4.0.1026.29 linux-image-gkeop-5.4 - 5.4.0.1026.29 linux-gkeop - 5.4.0.1026.29 linux-cloud-tools-gkeop - 5.4.0.1026.29 linux-headers-gkeop-5.4 - 5.4.0.1026.29 linux-modules-extra-gkeop - 5.4.0.1026.29 linux-tools-gkeop - 5.4.0.1026.29 linux-tools-gkeop-5.4 - 5.4.0.1026.29 No subscription required linux-kvm - 5.4.0.1049.48 linux-headers-kvm - 5.4.0.1049.48 linux-image-kvm - 5.4.0.1049.48 linux-tools-kvm - 5.4.0.1049.48 No subscription required linux-modules-extra-gke - 5.4.0.1055.65 linux-headers-gke-5.4 - 5.4.0.1055.65 linux-tools-gke-5.4 - 5.4.0.1055.65 linux-modules-extra-gke-5.4 - 5.4.0.1055.65 linux-gke-5.4 - 5.4.0.1055.65 linux-tools-gke - 5.4.0.1055.65 linux-gke - 5.4.0.1055.65 linux-headers-gke - 5.4.0.1055.65 linux-image-gke - 5.4.0.1055.65 linux-image-gke-5.4 - 5.4.0.1055.65 No subscription required linux-gcp-lts-20.04 - 5.4.0.1057.67 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1057.67 linux-headers-gcp-lts-20.04 - 5.4.0.1057.67 linux-image-gcp-lts-20.04 - 5.4.0.1057.67 linux-tools-gcp-lts-20.04 - 5.4.0.1057.67 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1059.62 linux-image-aws-lts-20.04 - 5.4.0.1059.62 linux-headers-aws-lts-20.04 - 5.4.0.1059.62 linux-tools-aws-lts-20.04 - 5.4.0.1059.62 linux-aws-lts-20.04 - 5.4.0.1059.62 No subscription required linux-azure-lts-20.04 - 5.4.0.1063.61 linux-modules-extra-azure-lts-20.04 - 5.4.0.1063.61 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1063.61 linux-image-azure-lts-20.04 - 5.4.0.1063.61 linux-tools-azure-lts-20.04 - 5.4.0.1063.61 linux-headers-azure-lts-20.04 - 5.4.0.1063.61 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-image-generic-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-headers-generic-lpae - 5.4.0.90.94 linux-generic-hwe-18.04-edge - 5.4.0.90.94 linux-oem-osp1-tools-host - 5.4.0.90.94 linux-image-generic - 5.4.0.90.94 linux-tools-lowlatency - 5.4.0.90.94 linux-image-oem - 5.4.0.90.94 linux-headers-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-virtual - 5.4.0.90.94 linux-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-image-extra-virtual-hwe-18.04 - 5.4.0.90.94 linux-oem - 5.4.0.90.94 linux-image-oem-osp1 - 5.4.0.90.94 linux-image-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-crashdump - 5.4.0.90.94 linux-tools-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-headers-generic-hwe-18.04 - 5.4.0.90.94 linux-headers-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-source - 5.4.0.90.94 linux-lowlatency - 5.4.0.90.94 linux-tools-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-tools-generic-lpae - 5.4.0.90.94 linux-cloud-tools-generic - 5.4.0.90.94 linux-virtual - 5.4.0.90.94 linux-headers-virtual-hwe-18.04 - 5.4.0.90.94 linux-headers-oem-osp1 - 5.4.0.90.94 linux-tools-generic - 5.4.0.90.94 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-tools-virtual - 5.4.0.90.94 linux-image-extra-virtual - 5.4.0.90.94 linux-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-generic-lpae - 5.4.0.90.94 linux-headers-oem - 5.4.0.90.94 linux-generic - 5.4.0.90.94 linux-tools-oem-osp1 - 5.4.0.90.94 linux-image-virtual - 5.4.0.90.94 linux-tools-generic-hwe-18.04-edge - 5.4.0.90.94 linux-image-virtual-hwe-18.04 - 5.4.0.90.94 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-lowlatency - 5.4.0.90.94 linux-headers-lowlatency - 5.4.0.90.94 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-tools-oem - 5.4.0.90.94 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.90.94 linux-headers-generic-hwe-18.04-edge - 5.4.0.90.94 linux-headers-generic - 5.4.0.90.94 linux-oem-osp1 - 5.4.0.90.94 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.90.94 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-image-lowlatency-hwe-18.04 - 5.4.0.90.94 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.90.94 linux-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-headers-virtual - 5.4.0.90.94 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.90.94 linux-virtual-hwe-18.04 - 5.4.0.90.94 linux-tools-virtual-hwe-18.04 - 5.4.0.90.94 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.90.94 linux-generic-hwe-18.04 - 5.4.0.90.94 linux-image-generic-lpae - 5.4.0.90.94 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.90.94 linux-image-lowlatency - 5.4.0.90.94 linux-tools-generic-hwe-18.04 - 5.4.0.90.94 linux-image-generic-hwe-18.04-edge - 5.4.0.90.94 linux-image-virtual-hwe-18.04-edge - 5.4.0.90.94 linux-oem-tools-host - 5.4.0.90.94 No subscription required Medium CVE-2019-19449 CVE-2020-36385 CVE-2021-3428 CVE-2021-34556 CVE-2021-35477 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-42252 Ubuntu 20.04 LTS It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possible execute arbitrary code. (CVE-2020-36385) Wolfgang Frisch discovered that the ext4 file system implementation in the Linux kernel contained an integer overflow when handling metadata inode extents. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2021-3428) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Update Instructions: Run `sudo pro fix USN-5137-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-tools-5.4.0-1021 - 5.4.0-1021.24 linux-tools-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-modules-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-buildinfo-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-image-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-headers-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-image-unsigned-5.4.0-1021-bluefield - 5.4.0-1021.24 linux-bluefield-headers-5.4.0-1021 - 5.4.0-1021.24 No subscription required linux-modules-5.4.0-1046-raspi - 5.4.0-1046.50 linux-raspi-tools-5.4.0-1046 - 5.4.0-1046.50 linux-headers-5.4.0-1046-raspi - 5.4.0-1046.50 linux-tools-5.4.0-1046-raspi - 5.4.0-1046.50 linux-raspi-headers-5.4.0-1046 - 5.4.0-1046.50 linux-image-5.4.0-1046-raspi - 5.4.0-1046.50 linux-buildinfo-5.4.0-1046-raspi - 5.4.0-1046.50 No subscription required linux-oracle-headers-5.4.0-1057 - 5.4.0-1057.61 linux-tools-5.4.0-1057-oracle - 5.4.0-1057.61 linux-oracle-tools-5.4.0-1057 - 5.4.0-1057.61 linux-modules-extra-5.4.0-1057-oracle - 5.4.0-1057.61 linux-image-unsigned-5.4.0-1057-oracle - 5.4.0-1057.61 linux-buildinfo-5.4.0-1057-oracle - 5.4.0-1057.61 linux-image-5.4.0-1057-oracle - 5.4.0-1057.61 linux-modules-5.4.0-1057-oracle - 5.4.0-1057.61 linux-headers-5.4.0-1057-oracle - 5.4.0-1057.61 No subscription required linux-image-bluefield - 5.4.0.1021.22 linux-headers-bluefield - 5.4.0.1021.22 linux-tools-bluefield - 5.4.0.1021.22 linux-bluefield - 5.4.0.1021.22 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-raspi - 5.4.0.1046.81 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-raspi-hwe-18.04 - 5.4.0.1046.81 linux-tools-raspi - 5.4.0.1046.81 linux-image-raspi - 5.4.0.1046.81 linux-raspi2-hwe-18.04 - 5.4.0.1046.81 linux-raspi2 - 5.4.0.1046.81 linux-headers-raspi2 - 5.4.0.1046.81 linux-headers-raspi2-hwe-18.04 - 5.4.0.1046.81 linux-image-raspi2 - 5.4.0.1046.81 linux-image-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-tools-raspi-hwe-18.04 - 5.4.0.1046.81 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-tools-raspi2 - 5.4.0.1046.81 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1046.81 linux-tools-raspi2-hwe-18.04 - 5.4.0.1046.81 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1046.81 linux-headers-raspi - 5.4.0.1046.81 linux-image-raspi-hwe-18.04 - 5.4.0.1046.81 linux-headers-raspi-hwe-18.04 - 5.4.0.1046.81 linux-image-raspi2-hwe-18.04 - 5.4.0.1046.81 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1057.57 linux-image-oracle-lts-20.04 - 5.4.0.1057.57 linux-oracle-lts-20.04 - 5.4.0.1057.57 linux-tools-oracle-lts-20.04 - 5.4.0.1057.57 No subscription required Medium CVE-2019-19449 CVE-2020-36385 CVE-2021-3428 CVE-2021-34556 CVE-2021-35477 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 Ubuntu 20.04 LTS The py.path.svnwc component of py (aka python-py) through v1.9.0 contains a regular expression with an ambiguous subpattern that is susceptible to catastrophic backtracing. This could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. Update Instructions: Run `sudo pro fix USN-5138-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy-py - 1.8.1-1ubuntu0.1 python3-py - 1.8.1-1ubuntu0.1 python-py - 1.8.1-1ubuntu0.1 No subscription required Medium CVE-2020-29651 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5139-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1051.53 linux-tools-5.10.0-1051-oem - 5.10.0-1051.53 linux-image-5.10.0-1051-oem - 5.10.0-1051.53 linux-oem-5.10-headers-5.10.0-1051 - 5.10.0-1051.53 linux-headers-5.10.0-1051-oem - 5.10.0-1051.53 linux-modules-5.10.0-1051-oem - 5.10.0-1051.53 linux-image-unsigned-5.10.0-1051-oem - 5.10.0-1051.53 linux-buildinfo-5.10.0-1051-oem - 5.10.0-1051.53 linux-oem-5.10-tools-5.10.0-1051 - 5.10.0-1051.53 No subscription required linux-oem-20.04 - 5.10.0.1051.53 linux-oem-20.04-edge - 5.10.0.1051.53 linux-headers-oem-20.04 - 5.10.0.1051.53 linux-headers-oem-20.04b - 5.10.0.1051.53 linux-image-oem-20.04b - 5.10.0.1051.53 linux-image-oem-20.04 - 5.10.0.1051.53 linux-tools-oem-20.04-edge - 5.10.0.1051.53 linux-image-oem-20.04-edge - 5.10.0.1051.53 linux-headers-oem-20.04-edge - 5.10.0.1051.53 linux-tools-oem-20.04b - 5.10.0.1051.53 linux-tools-oem-20.04 - 5.10.0.1051.53 linux-oem-20.04b - 5.10.0.1051.53 No subscription required Medium CVE-2021-3655 CVE-2021-3744 CVE-2021-3760 CVE-2021-3764 CVE-2021-41864 CVE-2021-43056 CVE-2021-43389 Ubuntu 20.04 LTS It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) Update Instructions: Run `sudo pro fix USN-5140-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1007-oem - 5.14.0-1007.7 linux-headers-5.14.0-1007-oem - 5.14.0-1007.7 linux-tools-5.14.0-1007-oem - 5.14.0-1007.7 linux-oem-5.14-headers-5.14.0-1007 - 5.14.0-1007.7 linux-oem-5.14-tools-5.14.0-1007 - 5.14.0-1007.7 linux-image-5.14.0-1007-oem - 5.14.0-1007.7 linux-modules-5.14.0-1007-oem - 5.14.0-1007.7 linux-oem-5.14-tools-host - 5.14.0-1007.7 linux-image-unsigned-5.14.0-1007-oem - 5.14.0-1007.7 No subscription required linux-image-oem-20.04d - 5.14.0.1007.7 linux-headers-oem-20.04d - 5.14.0.1007.7 linux-tools-oem-20.04d - 5.14.0.1007.7 linux-oem-20.04d - 5.14.0.1007.7 No subscription required Medium CVE-2021-3744 CVE-2021-3764 CVE-2021-41864 Ubuntu 20.04 LTS Roman Fiedler discovered that a race condition existed in Firejail when using OverlayFS to prevent writes to the underlying file system. A local attacker could use this to gain administrative privileges. Note: this update disables support for OverlayFS in Firejail. Update Instructions: Run `sudo pro fix USN-5141-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firejail - 0.9.62-3ubuntu0.1 firejail-profiles - 0.9.62-3ubuntu0.1 No subscription required Medium CVE-2021-26910 Ubuntu 20.04 LTS Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html Update Instructions: Run `sudo pro fix USN-5142-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-testsuite - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba - 2:4.13.14+dfsg-0ubuntu0.20.04.1 registry-tools - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libpam-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.1 winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.1 smbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libwbclient0 - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libwbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-common-bin - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libsmbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-dsdb-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.1 libsmbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-vfs-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-common - 2:4.13.14+dfsg-0ubuntu0.20.04.1 ctdb - 2:4.13.14+dfsg-0ubuntu0.20.04.1 samba-libs - 2:4.13.14+dfsg-0ubuntu0.20.04.1 python3-samba - 2:4.13.14+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2016-2124 CVE-2020-25717 CVE-2020-25718 CVE-2020-25719 CVE-2020-25721 CVE-2020-25722 CVE-2021-23192 CVE-2021-3738 CVE-2021-3671 Ubuntu 20.04 LTS USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced regressions in name mapping and backups. Please see the following upstream bugs for more information: https://bugzilla.samba.org/show_bug.cgi?id=14901 https://bugzilla.samba.org/show_bug.cgi?id=14918 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html Update Instructions: Run `sudo pro fix USN-5142-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: samba-testsuite - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libnss-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libpam-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.3 winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.3 smbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libwbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libsmbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.3 python3-samba - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-common-bin - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libwbclient0 - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-dsdb-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.3 libsmbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-vfs-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-common - 2:4.13.14+dfsg-0ubuntu0.20.04.3 ctdb - 2:4.13.14+dfsg-0ubuntu0.20.04.3 samba-libs - 2:4.13.14+dfsg-0ubuntu0.20.04.3 registry-tools - 2:4.13.14+dfsg-0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1950363 https://launchpad.net/bugs/1952187 Ubuntu 20.04 LTS USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. (CVE-2020-25718) Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets. Delegated administrators could possibly use this issue to impersonate accounts, leading to total domain compromise. (CVE-2020-25719) Andrew Bartlett discovered that Samba did not provide stable AD identifiers to Kerberos acceptors. (CVE-2020-25721) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Stefan Metzmacher discovered that Samba incorrectly handled certain large DCE/RPC requests. A remote attacker could possibly use this issue to bypass signature requirements. (CVE-2021-23192) William Ross discovered that Samba incorrectly handled memory. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly escalate privileges. (CVE-2021-3738) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html Update Instructions: Run `sudo pro fix USN-5142-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: samba-testsuite - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libnss-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libpam-winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.4 winbind - 2:4.13.14+dfsg-0ubuntu0.20.04.4 smbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libwbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libsmbclient - 2:4.13.14+dfsg-0ubuntu0.20.04.4 python3-samba - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-common-bin - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libwbclient0 - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-dsdb-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.4 libsmbclient-dev - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-vfs-modules - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-common - 2:4.13.14+dfsg-0ubuntu0.20.04.4 ctdb - 2:4.13.14+dfsg-0ubuntu0.20.04.4 samba-libs - 2:4.13.14+dfsg-0ubuntu0.20.04.4 registry-tools - 2:4.13.14+dfsg-0ubuntu0.20.04.4 No subscription required None https://launchpad.net/bugs/1950363 Ubuntu 20.04 LTS Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. Update Instructions: Run `sudo pro fix USN-5145-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.9-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.9-0ubuntu0.20.04.1 libecpg6 - 12.9-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.9-0ubuntu0.20.04.1 libpgtypes3 - 12.9-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.9-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.9-0ubuntu0.20.04.1 libecpg-dev - 12.9-0ubuntu0.20.04.1 libpq-dev - 12.9-0ubuntu0.20.04.1 postgresql-doc-12 - 12.9-0ubuntu0.20.04.1 postgresql-12 - 12.9-0ubuntu0.20.04.1 postgresql-client-12 - 12.9-0ubuntu0.20.04.1 libecpg-compat3 - 12.9-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-23214 CVE-2021-23222 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5146-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:78.14.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:78.14.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:78.14.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:78.14.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:78.14.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-38493 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 ESM. (CVE-2017-17087) It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. This issue only affected Ubuntu 14.04 ESM. (CVE-2019-20807) Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04 and Ubuntu 21.10. (CVE-2021-3872) It was discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. (CVE-2021-3903) It was discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. (CVE-2021-3927) It was discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. (CVE-2021-3928) Update Instructions: Run `sudo pro fix USN-5147-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.4 vim-athena - 2:8.1.2269-1ubuntu5.4 xxd - 2:8.1.2269-1ubuntu5.4 vim-gtk - 2:8.1.2269-1ubuntu5.4 vim-gui-common - 2:8.1.2269-1ubuntu5.4 vim - 2:8.1.2269-1ubuntu5.4 vim-doc - 2:8.1.2269-1ubuntu5.4 vim-tiny - 2:8.1.2269-1ubuntu5.4 vim-runtime - 2:8.1.2269-1ubuntu5.4 vim-gtk3 - 2:8.1.2269-1ubuntu5.4 vim-nox - 2:8.1.2269-1ubuntu5.4 No subscription required Medium CVE-2017-17087 CVE-2019-20807 CVE-2021-3872 CVE-2021-3903 CVE-2021-3927 CVE-2021-3928 Ubuntu 20.04 LTS It was discovered that hivex incorrectly handled certain input. An attacker could use this vulnerability to cause a crash or obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5148-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhivex-bin - 1.3.18-2ubuntu0.1 libhivex-ocaml-dev - 1.3.18-2ubuntu0.1 libhivex-dev - 1.3.18-2ubuntu0.1 libhivex0 - 1.3.18-2ubuntu0.1 python3-hivex - 1.3.18-2ubuntu0.1 libwin-hivex-perl - 1.3.18-2ubuntu0.1 libhivex-ocaml - 1.3.18-2ubuntu0.1 ruby-hivex - 1.3.18-2ubuntu0.1 No subscription required Medium CVE-2021-3504 Ubuntu 20.04 LTS Kevin Backhouse discovered that AccountsService incorrectly handled memory when performing certain language setting operations. A local attacker could use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-5149-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.5 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.5 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.5 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.5 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.5 No subscription required High CVE-2021-3939 Ubuntu 20.04 LTS USN-5151-1 fixed several vulnerabilities in Mailman. This update provides the corresponding update for Ubuntu 20.04 ESM. Original advisory details: It was discovered that Mailman incorrectly handled certain URL. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-43331) It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2021-43332) Update Instructions: Run `sudo pro fix USN-5151-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mailman - 1:2.1.29-1ubuntu3.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-43331 CVE-2021-43332 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations. Update Instructions: Run `sudo pro fix USN-5153-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.2 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.2 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.2 python3-uno - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.2 libreoffice - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.2 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.2 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.2 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.2 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.2 libridl-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.2 python3-access2base - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.2 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.2 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.2 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.2 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.2 libunoil-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.2 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.2 libjurt-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.2 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.2 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.2 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.2 ure - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.2 libjuh-java - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.2 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.2 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-25633 CVE-2021-25634 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-41159) It was discovered that FreeRDP incorrectly handled certain connections. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-41160) Update Instructions: Run `sudo pro fix USN-5154-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.2 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.2 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.2 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.2 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.2 No subscription required Medium CVE-2021-41159 CVE-2021-41160 Ubuntu 20.04 LTS It was discovered that BlueZ incorrectly handled the Discoverable status when a device is powered down. This could result in devices being powered up discoverable, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. (CVE-2021-3658) It was discovered that BlueZ incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause BlueZ to consume resources, leading to a denial of service. (CVE-2021-41229) It was discovered that the BlueZ gatt server incorrectly handled disconnects. A remote attacker could possibly use this issue to cause BlueZ to crash, leading to a denial of service. (CVE-2021-43400) Update Instructions: Run `sudo pro fix USN-5155-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.4 bluez-tests - 5.53-0ubuntu3.4 bluez-obexd - 5.53-0ubuntu3.4 bluetooth - 5.53-0ubuntu3.4 bluez - 5.53-0ubuntu3.4 bluez-hcidump - 5.53-0ubuntu3.4 bluez-cups - 5.53-0ubuntu3.4 libbluetooth-dev - 5.53-0ubuntu3.4 No subscription required Medium CVE-2021-3658 CVE-2021-41229 CVE-2021-43400 Ubuntu 20.04 LTS It was discovered that ICU contains a double free issue. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5156-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: icu-devtools - 66.1-2ubuntu2.1 libicu66 - 66.1-2ubuntu2.1 libicu-dev - 66.1-2ubuntu2.1 icu-doc - 66.1-2ubuntu2.1 No subscription required Medium CVE-2021-30535 Ubuntu 20.04 LTS It was discovered that Postorius mishandled specially crafted input. An attacker could use this vulnerability that obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5157-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django-postorius - 1.2.4-1ubuntu0.1 No subscription required Medium CVE-2021-40347 Ubuntu 20.04 LTS It was discovered that Midnight Commander would not check server fingerprints when establishing an SFTP connection. If a remote attacker were able to intercept communications this flaw could be exploited to impersonate the SFTP server. Update Instructions: Run `sudo pro fix USN-5160-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mc-data - 3:4.8.24-2ubuntu1+esm1 mc - 3:4.8.24-2ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-36370 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252) Update Instructions: Run `sudo pro fix USN-5161-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-headers-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-image-unsigned-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-modules-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-modules-extra-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-cloud-tools-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-azure-5.11-headers-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-oracle-5.11-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-image-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-image-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-modules-extra-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-buildinfo-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-tools-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-tools-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-buildinfo-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-aws-5.11-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-modules-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-image-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-headers-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-cloud-tools-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-azure-5.11-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-oracle-5.11-headers-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-tools-5.11.0-1022-aws - 5.11.0-1022.23~20.04.1 linux-headers-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-modules-extra-5.11.0-1022-azure - 5.11.0-1022.23~20.04.1 linux-modules-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-aws-5.11-headers-5.11.0-1022 - 5.11.0-1022.23~20.04.1 linux-buildinfo-5.11.0-1022-oracle - 5.11.0-1022.23~20.04.1 No subscription required linux-gcp-5.11-headers-5.11.0-1023 - 5.11.0-1023.25~20.04.1 linux-modules-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-gcp-5.11-tools-5.11.0-1023 - 5.11.0-1023.25~20.04.1 linux-headers-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-image-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-image-unsigned-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-buildinfo-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-tools-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 linux-modules-extra-5.11.0-1023-gcp - 5.11.0-1023.25~20.04.1 No subscription required linux-tools-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-tools-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-image-unsigned-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-cloud-tools-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-41 - 5.11.0-41.45~20.04.1 linux-image-unsigned-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-41.45~20.04.1 linux-image-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-tools-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-41.45~20.04.1 linux-hwe-5.11-tools-5.11.0-41 - 5.11.0-41.45~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-41.45~20.04.1 linux-modules-extra-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-cloud-tools-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-41.45~20.04.1 linux-modules-5.11.0-41-generic-lpae - 5.11.0-41.45~20.04.1 linux-image-unsigned-5.11.0-41-lowlatency - 5.11.0-41.45~20.04.1 linux-hwe-5.11-headers-5.11.0-41 - 5.11.0-41.45~20.04.1 linux-headers-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-generic-64k - 5.11.0-41.45~20.04.1 linux-tools-5.11.0-41-generic - 5.11.0-41.45~20.04.1 linux-buildinfo-5.11.0-41-generic - 5.11.0-41.45~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1022.23~20.04.15 linux-tools-oracle - 5.11.0.1022.23~20.04.15 linux-oracle - 5.11.0.1022.23~20.04.15 linux-tools-oracle-edge - 5.11.0.1022.23~20.04.15 linux-oracle-edge - 5.11.0.1022.23~20.04.15 linux-image-oracle-edge - 5.11.0.1022.23~20.04.15 linux-headers-oracle-edge - 5.11.0.1022.23~20.04.15 linux-image-oracle - 5.11.0.1022.23~20.04.15 No subscription required linux-headers-aws - 5.11.0.1022.23~20.04.21 linux-image-aws - 5.11.0.1022.23~20.04.21 linux-modules-extra-aws-edge - 5.11.0.1022.23~20.04.21 linux-image-aws-edge - 5.11.0.1022.23~20.04.21 linux-aws-edge - 5.11.0.1022.23~20.04.21 linux-aws - 5.11.0.1022.23~20.04.21 linux-headers-aws-edge - 5.11.0.1022.23~20.04.21 linux-modules-extra-aws - 5.11.0.1022.23~20.04.21 linux-tools-aws - 5.11.0.1022.23~20.04.21 linux-tools-aws-edge - 5.11.0.1022.23~20.04.21 No subscription required linux-tools-azure-edge - 5.11.0.1022.23~20.04.22 linux-cloud-tools-azure - 5.11.0.1022.23~20.04.22 linux-tools-azure - 5.11.0.1022.23~20.04.22 linux-image-azure-edge - 5.11.0.1022.23~20.04.22 linux-cloud-tools-azure-edge - 5.11.0.1022.23~20.04.22 linux-modules-extra-azure - 5.11.0.1022.23~20.04.22 linux-azure - 5.11.0.1022.23~20.04.22 linux-image-azure - 5.11.0.1022.23~20.04.22 linux-headers-azure-edge - 5.11.0.1022.23~20.04.22 linux-azure-edge - 5.11.0.1022.23~20.04.22 linux-modules-extra-azure-edge - 5.11.0.1022.23~20.04.22 linux-headers-azure - 5.11.0.1022.23~20.04.22 No subscription required linux-image-gcp-edge - 5.11.0.1023.25~20.04.22 linux-tools-gcp-edge - 5.11.0.1023.25~20.04.22 linux-headers-gcp-edge - 5.11.0.1023.25~20.04.22 linux-tools-gcp - 5.11.0.1023.25~20.04.22 linux-modules-extra-gcp-edge - 5.11.0.1023.25~20.04.22 linux-gcp - 5.11.0.1023.25~20.04.22 linux-headers-gcp - 5.11.0.1023.25~20.04.22 linux-image-gcp - 5.11.0.1023.25~20.04.22 linux-modules-extra-gcp - 5.11.0.1023.25~20.04.22 linux-gcp-edge - 5.11.0.1023.25~20.04.22 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-extra-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-generic-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-tools-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-lowlatency-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-generic-64k-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-headers-virtual-hwe-20.04 - 5.11.0.41.45~20.04.19 linux-image-generic-lpae-hwe-20.04 - 5.11.0.41.45~20.04.19 No subscription required Medium CVE-2021-3655 CVE-2021-3744 CVE-2021-3764 CVE-2021-42252 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252) Jann Horn discovered that the SELinux subsystem in the Linux kernel did not properly handle subjective credentials for tasks in some situations. On systems where SELinux has been enabled, a local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-43057) Update Instructions: Run `sudo pro fix USN-5162-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.13.0-1020-oem - 5.13.0-1020.24 linux-oem-5.13-tools-5.13.0-1020 - 5.13.0-1020.24 linux-oem-5.13-tools-host - 5.13.0-1020.24 linux-headers-5.13.0-1020-oem - 5.13.0-1020.24 linux-image-5.13.0-1020-oem - 5.13.0-1020.24 linux-image-unsigned-5.13.0-1020-oem - 5.13.0-1020.24 linux-oem-5.13-headers-5.13.0-1020 - 5.13.0-1020.24 linux-tools-5.13.0-1020-oem - 5.13.0-1020.24 linux-modules-5.13.0-1020-oem - 5.13.0-1020.24 No subscription required linux-headers-oem-20.04c - 5.13.0.1020.24 linux-image-oem-20.04c - 5.13.0.1020.24 linux-tools-oem-20.04c - 5.13.0.1020.24 linux-oem-20.04c - 5.13.0.1020.24 No subscription required Medium CVE-2021-3655 CVE-2021-3744 CVE-2021-3764 CVE-2021-42252 CVE-2021-43057 Ubuntu 20.04 LTS Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764) Update Instructions: Run `sudo pro fix USN-5163-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1008-ibm - 5.4.0-1008.9 linux-ibm-cloud-tools-common - 5.4.0-1008.9 linux-ibm-headers-5.4.0-1008 - 5.4.0-1008.9 linux-headers-5.4.0-1008-ibm - 5.4.0-1008.9 linux-ibm-tools-5.4.0-1008 - 5.4.0-1008.9 linux-ibm-source-5.4.0 - 5.4.0-1008.9 linux-ibm-tools-common - 5.4.0-1008.9 linux-buildinfo-5.4.0-1008-ibm - 5.4.0-1008.9 linux-image-unsigned-5.4.0-1008-ibm - 5.4.0-1008.9 linux-image-5.4.0-1008-ibm - 5.4.0-1008.9 linux-tools-5.4.0-1008-ibm - 5.4.0-1008.9 linux-modules-5.4.0-1008-ibm - 5.4.0-1008.9 No subscription required linux-tools-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-bluefield-tools-5.4.0-1022 - 5.4.0-1022.25 linux-image-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-bluefield-headers-5.4.0-1022 - 5.4.0-1022.25 linux-headers-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-modules-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-image-unsigned-5.4.0-1022-bluefield - 5.4.0-1022.25 linux-buildinfo-5.4.0-1022-bluefield - 5.4.0-1022.25 No subscription required linux-modules-extra-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-cloud-tools-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-buildinfo-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-tools-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-headers-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-gkeop-source-5.4.0 - 5.4.0-1027.28 linux-modules-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-image-unsigned-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-image-5.4.0-1027-gkeop - 5.4.0-1027.28 linux-gkeop-headers-5.4.0-1027 - 5.4.0-1027.28 linux-gkeop-tools-5.4.0-1027 - 5.4.0-1027.28 linux-gkeop-cloud-tools-5.4.0-1027 - 5.4.0-1027.28 No subscription required linux-headers-5.4.0-1047-raspi - 5.4.0-1047.52 linux-raspi-tools-5.4.0-1047 - 5.4.0-1047.52 linux-tools-5.4.0-1047-raspi - 5.4.0-1047.52 linux-image-5.4.0-1047-raspi - 5.4.0-1047.52 linux-raspi-headers-5.4.0-1047 - 5.4.0-1047.52 linux-buildinfo-5.4.0-1047-raspi - 5.4.0-1047.52 linux-modules-5.4.0-1047-raspi - 5.4.0-1047.52 No subscription required linux-tools-5.4.0-1050-kvm - 5.4.0-1050.52 linux-modules-5.4.0-1050-kvm - 5.4.0-1050.52 linux-kvm-tools-5.4.0-1050 - 5.4.0-1050.52 linux-image-5.4.0-1050-kvm - 5.4.0-1050.52 linux-headers-5.4.0-1050-kvm - 5.4.0-1050.52 linux-image-unsigned-5.4.0-1050-kvm - 5.4.0-1050.52 linux-buildinfo-5.4.0-1050-kvm - 5.4.0-1050.52 linux-kvm-headers-5.4.0-1050 - 5.4.0-1050.52 No subscription required linux-image-unsigned-5.4.0-1056-gke - 5.4.0-1056.59 linux-headers-5.4.0-1056-gke - 5.4.0-1056.59 linux-modules-extra-5.4.0-1056-gke - 5.4.0-1056.59 linux-gke-headers-5.4.0-1056 - 5.4.0-1056.59 linux-tools-5.4.0-1056-gke - 5.4.0-1056.59 linux-image-5.4.0-1056-gke - 5.4.0-1056.59 linux-modules-5.4.0-1056-gke - 5.4.0-1056.59 linux-buildinfo-5.4.0-1056-gke - 5.4.0-1056.59 linux-gke-tools-5.4.0-1056 - 5.4.0-1056.59 No subscription required linux-tools-5.4.0-1058-gcp - 5.4.0-1058.62 linux-modules-extra-5.4.0-1058-gcp - 5.4.0-1058.62 linux-image-5.4.0-1058-oracle - 5.4.0-1058.62 linux-image-unsigned-5.4.0-1058-gcp - 5.4.0-1058.62 linux-oracle-tools-5.4.0-1058 - 5.4.0-1058.62 linux-buildinfo-5.4.0-1058-oracle - 5.4.0-1058.62 linux-modules-5.4.0-1058-gcp - 5.4.0-1058.62 linux-modules-5.4.0-1058-oracle - 5.4.0-1058.62 linux-oracle-headers-5.4.0-1058 - 5.4.0-1058.62 linux-image-5.4.0-1058-gcp - 5.4.0-1058.62 linux-gcp-headers-5.4.0-1058 - 5.4.0-1058.62 linux-gcp-tools-5.4.0-1058 - 5.4.0-1058.62 linux-headers-5.4.0-1058-gcp - 5.4.0-1058.62 linux-headers-5.4.0-1058-oracle - 5.4.0-1058.62 linux-buildinfo-5.4.0-1058-gcp - 5.4.0-1058.62 linux-tools-5.4.0-1058-oracle - 5.4.0-1058.62 linux-image-unsigned-5.4.0-1058-oracle - 5.4.0-1058.62 linux-modules-extra-5.4.0-1058-oracle - 5.4.0-1058.62 No subscription required linux-modules-5.4.0-1060-aws - 5.4.0-1060.63 linux-image-5.4.0-1060-aws - 5.4.0-1060.63 linux-modules-extra-5.4.0-1060-aws - 5.4.0-1060.63 linux-aws-tools-5.4.0-1060 - 5.4.0-1060.63 linux-tools-5.4.0-1060-aws - 5.4.0-1060.63 linux-buildinfo-5.4.0-1060-aws - 5.4.0-1060.63 linux-aws-cloud-tools-5.4.0-1060 - 5.4.0-1060.63 linux-headers-5.4.0-1060-aws - 5.4.0-1060.63 linux-aws-headers-5.4.0-1060 - 5.4.0-1060.63 linux-cloud-tools-5.4.0-1060-aws - 5.4.0-1060.63 No subscription required linux-tools-5.4.0-1064-azure - 5.4.0-1064.67 linux-modules-5.4.0-1064-azure - 5.4.0-1064.67 linux-cloud-tools-5.4.0-1064-azure - 5.4.0-1064.67 linux-buildinfo-5.4.0-1064-azure - 5.4.0-1064.67 linux-image-unsigned-5.4.0-1064-azure - 5.4.0-1064.67 linux-headers-5.4.0-1064-azure - 5.4.0-1064.67 linux-modules-extra-5.4.0-1064-azure - 5.4.0-1064.67 linux-azure-cloud-tools-5.4.0-1064 - 5.4.0-1064.67 linux-azure-tools-5.4.0-1064 - 5.4.0-1064.67 linux-azure-headers-5.4.0-1064 - 5.4.0-1064.67 linux-image-5.4.0-1064-azure - 5.4.0-1064.67 No subscription required linux-tools-5.4.0-91-lowlatency - 5.4.0-91.102 linux-tools-host - 5.4.0-91.102 linux-tools-common - 5.4.0-91.102 linux-modules-5.4.0-91-lowlatency - 5.4.0-91.102 linux-doc - 5.4.0-91.102 linux-headers-5.4.0-91 - 5.4.0-91.102 linux-buildinfo-5.4.0-91-generic - 5.4.0-91.102 linux-libc-dev - 5.4.0-91.102 linux-source-5.4.0 - 5.4.0-91.102 linux-image-unsigned-5.4.0-91-lowlatency - 5.4.0-91.102 linux-headers-5.4.0-91-lowlatency - 5.4.0-91.102 linux-cloud-tools-common - 5.4.0-91.102 linux-tools-5.4.0-91-generic - 5.4.0-91.102 linux-modules-5.4.0-91-generic - 5.4.0-91.102 linux-cloud-tools-5.4.0-91-lowlatency - 5.4.0-91.102 linux-image-5.4.0-91-lowlatency - 5.4.0-91.102 linux-image-5.4.0-91-generic - 5.4.0-91.102 linux-buildinfo-5.4.0-91-lowlatency - 5.4.0-91.102 linux-modules-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-tools-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-cloud-tools-5.4.0-91 - 5.4.0-91.102 linux-headers-5.4.0-91-generic - 5.4.0-91.102 linux-modules-extra-5.4.0-91-generic - 5.4.0-91.102 linux-headers-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-tools-5.4.0-91 - 5.4.0-91.102 linux-image-unsigned-5.4.0-91-generic - 5.4.0-91.102 linux-image-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-buildinfo-5.4.0-91-generic-lpae - 5.4.0-91.102 linux-cloud-tools-5.4.0-91-generic - 5.4.0-91.102 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1008.9 linux-modules-extra-ibm - 5.4.0.1008.9 linux-image-ibm - 5.4.0.1008.9 linux-headers-ibm-lts-20.04 - 5.4.0.1008.9 linux-tools-ibm - 5.4.0.1008.9 linux-image-ibm-lts-20.04 - 5.4.0.1008.9 linux-ibm-lts-20.04 - 5.4.0.1008.9 linux-ibm - 5.4.0.1008.9 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1008.9 linux-headers-ibm - 5.4.0.1008.9 No subscription required linux-bluefield - 5.4.0.1022.23 linux-image-bluefield - 5.4.0.1022.23 linux-headers-bluefield - 5.4.0.1022.23 linux-tools-bluefield - 5.4.0.1022.23 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1027.30 linux-image-gkeop - 5.4.0.1027.30 linux-gkeop-5.4 - 5.4.0.1027.30 linux-headers-gkeop-5.4 - 5.4.0.1027.30 linux-headers-gkeop - 5.4.0.1027.30 linux-image-gkeop-5.4 - 5.4.0.1027.30 linux-gkeop - 5.4.0.1027.30 linux-cloud-tools-gkeop - 5.4.0.1027.30 linux-modules-extra-gkeop-5.4 - 5.4.0.1027.30 linux-modules-extra-gkeop - 5.4.0.1027.30 linux-tools-gkeop - 5.4.0.1027.30 linux-tools-gkeop-5.4 - 5.4.0.1027.30 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi2 - 5.4.0.1047.82 linux-image-raspi-hwe-18.04 - 5.4.0.1047.82 linux-image-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-tools-raspi - 5.4.0.1047.82 linux-headers-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-headers-raspi-hwe-18.04 - 5.4.0.1047.82 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi-hwe-18.04 - 5.4.0.1047.82 linux-tools-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-raspi2-hwe-18.04 - 5.4.0.1047.82 linux-image-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-image-raspi2 - 5.4.0.1047.82 linux-tools-raspi-hwe-18.04 - 5.4.0.1047.82 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-raspi-hwe-18.04-edge - 5.4.0.1047.82 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1047.82 linux-headers-raspi - 5.4.0.1047.82 linux-image-raspi - 5.4.0.1047.82 linux-tools-raspi2 - 5.4.0.1047.82 linux-raspi - 5.4.0.1047.82 linux-headers-raspi2 - 5.4.0.1047.82 No subscription required linux-kvm - 5.4.0.1050.49 linux-headers-kvm - 5.4.0.1050.49 linux-image-kvm - 5.4.0.1050.49 linux-tools-kvm - 5.4.0.1050.49 No subscription required linux-modules-extra-gke - 5.4.0.1056.66 linux-headers-gke - 5.4.0.1056.66 linux-tools-gke-5.4 - 5.4.0.1056.66 linux-modules-extra-gke-5.4 - 5.4.0.1056.66 linux-gke-5.4 - 5.4.0.1056.66 linux-image-gke-5.4 - 5.4.0.1056.66 linux-tools-gke - 5.4.0.1056.66 linux-gke - 5.4.0.1056.66 linux-image-gke - 5.4.0.1056.66 linux-headers-gke-5.4 - 5.4.0.1056.66 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1058.58 linux-oracle-lts-20.04 - 5.4.0.1058.58 linux-image-oracle-lts-20.04 - 5.4.0.1058.58 linux-headers-oracle-lts-20.04 - 5.4.0.1058.58 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1058.68 linux-gcp-lts-20.04 - 5.4.0.1058.68 linux-headers-gcp-lts-20.04 - 5.4.0.1058.68 linux-image-gcp-lts-20.04 - 5.4.0.1058.68 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1058.68 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1060.63 linux-headers-aws-lts-20.04 - 5.4.0.1060.63 linux-tools-aws-lts-20.04 - 5.4.0.1060.63 linux-aws-lts-20.04 - 5.4.0.1060.63 linux-image-aws-lts-20.04 - 5.4.0.1060.63 No subscription required linux-azure-lts-20.04 - 5.4.0.1064.62 linux-image-azure-lts-20.04 - 5.4.0.1064.62 linux-headers-azure-lts-20.04 - 5.4.0.1064.62 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1064.62 linux-modules-extra-azure-lts-20.04 - 5.4.0.1064.62 linux-tools-azure-lts-20.04 - 5.4.0.1064.62 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-cloud-tools-virtual - 5.4.0.91.95 linux-headers-virtual-hwe-18.04 - 5.4.0.91.95 linux-image-generic-hwe-18.04 - 5.4.0.91.95 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-headers-generic-lpae - 5.4.0.91.95 linux-image-virtual - 5.4.0.91.95 linux-oem-osp1-tools-host - 5.4.0.91.95 linux-cloud-tools-lowlatency - 5.4.0.91.95 linux-image-generic - 5.4.0.91.95 linux-tools-lowlatency - 5.4.0.91.95 linux-image-oem - 5.4.0.91.95 linux-headers-generic-hwe-18.04 - 5.4.0.91.95 linux-oem-osp1 - 5.4.0.91.95 linux-headers-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-image-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-crashdump - 5.4.0.91.95 linux-tools-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-headers-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-source - 5.4.0.91.95 linux-lowlatency - 5.4.0.91.95 linux-tools-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-virtual - 5.4.0.91.95 linux-virtual-hwe-18.04 - 5.4.0.91.95 linux-tools-generic-lpae - 5.4.0.91.95 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-tools-virtual - 5.4.0.91.95 linux-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-generic-lpae - 5.4.0.91.95 linux-headers-oem - 5.4.0.91.95 linux-image-extra-virtual-hwe-18.04 - 5.4.0.91.95 linux-generic - 5.4.0.91.95 linux-tools-oem-osp1 - 5.4.0.91.95 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-tools-generic-hwe-18.04-edge - 5.4.0.91.95 linux-image-lowlatency - 5.4.0.91.95 linux-image-virtual-hwe-18.04 - 5.4.0.91.95 linux-headers-lowlatency - 5.4.0.91.95 linux-image-generic-hwe-18.04-edge - 5.4.0.91.95 linux-generic-hwe-18.04-edge - 5.4.0.91.95 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.91.95 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-oem - 5.4.0.91.95 linux-tools-generic - 5.4.0.91.95 linux-image-extra-virtual - 5.4.0.91.95 linux-cloud-tools-generic - 5.4.0.91.95 linux-image-oem-osp1 - 5.4.0.91.95 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-oem-tools-host - 5.4.0.91.95 linux-tools-oem - 5.4.0.91.95 linux-headers-oem-osp1 - 5.4.0.91.95 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.91.95 linux-headers-generic-hwe-18.04-edge - 5.4.0.91.95 linux-headers-generic - 5.4.0.91.95 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.91.95 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-image-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.91.95 linux-virtual-hwe-18.04-edge - 5.4.0.91.95 linux-headers-virtual - 5.4.0.91.95 linux-lowlatency-hwe-18.04 - 5.4.0.91.95 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.91.95 linux-generic-hwe-18.04 - 5.4.0.91.95 linux-image-generic-lpae - 5.4.0.91.95 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.91.95 linux-tools-generic-hwe-18.04 - 5.4.0.91.95 linux-tools-virtual-hwe-18.04 - 5.4.0.91.95 linux-image-virtual-hwe-18.04-edge - 5.4.0.91.95 No subscription required Medium CVE-2021-3655 CVE-2021-37159 CVE-2021-3744 CVE-2021-3764 Ubuntu 20.04 LTS It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5165-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.14.0-1008-oem - 5.14.0-1008.8 linux-buildinfo-5.14.0-1008-oem - 5.14.0-1008.8 linux-tools-5.14.0-1008-oem - 5.14.0-1008.8 linux-image-unsigned-5.14.0-1008-oem - 5.14.0-1008.8 linux-modules-5.14.0-1008-oem - 5.14.0-1008.8 linux-image-5.14.0-1008-oem - 5.14.0-1008.8 linux-oem-5.14-tools-5.14.0-1008 - 5.14.0-1008.8 linux-oem-5.14-tools-host - 5.14.0-1008.8 linux-oem-5.14-headers-5.14.0-1008 - 5.14.0-1008.8 No subscription required linux-tools-oem-20.04d - 5.14.0.1008.8 linux-headers-oem-20.04d - 5.14.0.1008.8 linux-image-oem-20.04d - 5.14.0.1008.8 linux-oem-20.04d - 5.14.0.1008.8 No subscription required Medium CVE-2021-3760 CVE-2021-3772 CVE-2021-42327 CVE-2021-42739 CVE-2021-43056 CVE-2021-43267 CVE-2021-43389 Ubuntu 20.04 LTS Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5168-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.6 libnss3 - 2:3.49.1-1ubuntu1.6 libnss3-tools - 2:3.49.1-1ubuntu1.6 No subscription required High CVE-2021-43527 Ubuntu 20.04 LTS Tavis Ormandy discovered that NSS, included with Thunderbird, incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause Thunderbird to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5168-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-br - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-be - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bg - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ja - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-si - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-gnome-support - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sq - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hsb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cy - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cs - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ca - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-br - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ka - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ko - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-kab - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-tw - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn-no - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb-no - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-bn-bd - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-lt - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-gb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uz - 1:78.14.0+build1-0ubuntu0.20.04.2 xul-ext-calendar-timezones - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-de - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-da - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-uk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-dev - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-el - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-en-us - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-rm - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ms - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ro - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-eu - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-et - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hant - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-hans - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ru - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es - 1:78.14.0+build1-0ubuntu0.20.04.2 xul-ext-gdata-provider - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-es-es - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta-lk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fa - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fi - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ast - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nn - 1:78.14.0+build1-0ubuntu0.20.04.2 xul-ext-lightning - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga-ie - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-fy-nl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-nb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-mozsymbols - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-zh-cn - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gl - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ga - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-tr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-gd - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-th - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ta - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-dsb - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-vi - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hy - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-sv-se - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hr - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-hu - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pa-in - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-he - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-ar - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-af - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-pt-pt - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-cak - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-is - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-it - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-mk - 1:78.14.0+build1-0ubuntu0.20.04.2 thunderbird-locale-id - 1:78.14.0+build1-0ubuntu0.20.04.2 No subscription required High CVE-2021-43527 Ubuntu 20.04 LTS Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem. Update Instructions: Run `sudo pro fix USN-5169-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: oddjob - 0.34.4-1ubuntu0.1~esm1 oddjob-mkhomedir - 0.34.4-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-10737 Ubuntu 20.04 LTS A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in Ubuntu 21.04 and Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-5170-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.32-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.32-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.32-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.32-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.32-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.32-0ubuntu0.20.04.1 mariadb-client - 1:10.3.32-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.32-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.32-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.32-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.32-0ubuntu0.20.04.1 mariadb-server - 1:10.3.32-0ubuntu0.20.04.1 mariadb-common - 1:10.3.32-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.32-0ubuntu0.20.04.1 mariadb-test - 1:10.3.32-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-35604 Ubuntu 20.04 LTS It was discovered that ntpd incorrectly handled memory when CMAC keys were used. A remote attacker could possibly use this issue to cause ntpd to crash resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5175-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 sntp - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 ntp-doc - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 ntpdate - 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-15025 Ubuntu 20.04 LTS It was discovered that Inetutils did not properly check the response of ftp requests. A remote attacker could use this vulnerability to cause a crash or run programs in the user machine. Update Instructions: Run `sudo pro fix USN-5177-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inetutils-tools - 2:1.9.4-11ubuntu0.1+esm1 inetutils-ftpd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-talkd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-traceroute - 2:1.9.4-11ubuntu0.1+esm1 inetutils-talk - 2:1.9.4-11ubuntu0.1+esm1 inetutils-telnetd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-inetd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-ping - 2:1.9.4-11ubuntu0.1+esm1 inetutils-syslogd - 2:1.9.4-11ubuntu0.1+esm1 inetutils-ftp - 2:1.9.4-11ubuntu0.1+esm1 inetutils-telnet - 2:1.9.4-11ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-40491 Ubuntu 20.04 LTS Sjoerd Job Postmus and TengMA discovered that Django incorrectly handled URLs with trailing newlines. A remote attacker could possibly use this issue to bypass certain access controls. Update Instructions: Run `sudo pro fix USN-5178-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.8 python-django-doc - 2:2.2.12-1ubuntu0.8 No subscription required Low CVE-2021-44420 Ubuntu 20.04 LTS It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-28831) It was discovered that BusyBox incorrectly handled certain malformed LZMA archives. If a user or automated system were tricked into processing a specially crafted LZMA archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly leak sensitive information. (CVE-2021-42374) Vera Mens, Uri Katz, Tal Keren, Sharon Brizinov, and Shachar Menashe discovered that BusyBox incorrectly handled certain awk patterns. If a user or automated system were tricked into processing a specially crafted awk pattern, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386) Update Instructions: Run `sudo pro fix USN-5179-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: busybox - 1:1.30.1-4ubuntu6.4 busybox-syslogd - 1:1.30.1-4ubuntu6.4 udhcpd - 1:1.30.1-4ubuntu6.4 busybox-initramfs - 1:1.30.1-4ubuntu6.4 udhcpc - 1:1.30.1-4ubuntu6.4 busybox-static - 1:1.30.1-4ubuntu6.4 No subscription required Medium CVE-2021-28831 CVE-2021-42374 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 Ubuntu 20.04 LTS It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. (CVE-2021-41184) It was discovered that jQuery UI checkboxradio widget did not properly decode certain values from HTML entities. An attacker could possibly use this issue to generate a cross-site scripting(XSS) attack, resulting in a crash or possibly execute arbitrary code. (CVE-2022-31160) Update Instructions: Run `sudo pro fix USN-5181-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 libjs-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 libjs-jquery-ui-docs - 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-41184 CVE-2022-31160 Ubuntu 20.04 LTS It was discovered that Roundcube Webmail allowed JavaScript code to be present in the CDATA of an HTML message. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12625) It was discovered that Roundcube Webmail incorrectly processed login and logout POST requests. An attacker could possibly use this issue to launch a cross-site request forgery (CSRF) attack and force an authenticated user to be logged out. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12626) It was discovered that Roundcube Webmail incorrectly processed new plugin names in rcube_plugin_api.php. An attacker could possibly use this issue to obtain sensitive information from local files or to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12640) It was discovered that Roundcube Webmail did not sanitize shell metacharacters recovered from variables in its configuration settings. An attacker could possibly use this issue to execute arbitrary code in the server. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12641) It was discovered that Roundcube Webmail incorrectly sanitized characters in the username template object. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13964) It was discovered that Roundcube Webmail allowed preview of text/html content. A remote attacker could possibly use this issue to send a malicious XML attachment via an email message and execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13965) Andrea Cardaci discovered that Roundcube Webmail did not properly sanitize HTML special characters when dealing with HTML messages that contained an SVG element in the XML namespace. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-15562) Lukasz Pilorz discovered that Roundcube Webmail did not properly sanitize HTML special characters when dealing with HTML messages that contained SVG documents. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-16145) Alex Birnberg discovered that Roundcube Webmail incorrectly sanitized characters in plain text e-mail messages that included link reference elements. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-35730) It was discovered that Roundcube Webmail did not properly sanitize HTML special characters in warning messages that contained an attachment's filename extension. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-44025) It was discovered that Roundcube Webmail incorrectly managed session variables related to search functionalities. A remote attacker could possibly use this issue to execute a SQL injection attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-44026) It was discovered that Roundcube Webmail did not properly sanitize HTML special characters when dealing with HTML messages that contained CSS content. A remote attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-46144) Update Instructions: Run `sudo pro fix USN-5182-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: roundcube-pgsql - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-mysql - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-plugins - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-core - 1.4.3+dfsg.1-1ubuntu0.1~esm2 roundcube-sqlite3 - 1.4.3+dfsg.1-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2020-12625 CVE-2020-12626 CVE-2020-12640 CVE-2020-12641 CVE-2020-13964 CVE-2020-13965 CVE-2020-15562 CVE-2020-16145 CVE-2020-35730 CVE-2021-44025 CVE-2021-44026 CVE-2021-46144 Ubuntu 20.04 LTS It was discovered that libmysofa mishandled certain input. An attacker could use this vulnerability to cause a denial of service (crash). Update Instructions: Run `sudo pro fix USN-5184-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysofa-utils - 1.0~dfsg0-1ubuntu0.1~esm1 libmysofa-dev - 1.0~dfsg0-1ubuntu0.1~esm1 libmysofa1 - 1.0~dfsg0-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-3756 Ubuntu 20.04 LTS It was discovered that MATIO incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5185-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmatio-doc - 1.5.17-3ubuntu0.1~esm1 libmatio9 - 1.5.17-3ubuntu0.1~esm1 libmatio-dev - 1.5.17-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-17533 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546) A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. (CVE-2021-43540) Update Instructions: Run `sudo pro fix USN-5186-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 95.0+build1-0ubuntu0.20.04.1 firefox - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 95.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 95.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 95.0+build1-0ubuntu0.20.04.1 firefox-dev - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 95.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 95.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43540 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 Ubuntu 20.04 LTS USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546) A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. (CVE-2021-43540) Update Instructions: Run `sudo pro fix USN-5186-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 95.0.1+build2-0ubuntu0.20.04.1 firefox - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 95.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 95.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 95.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 95.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 95.0.1+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1955433 Ubuntu 20.04 LTS It was discovered that Glances incorrectly parsed untrusted XML data due to usage of xmlrpclib. An attacker could possibly use this to perform an External Entity (XXE) Injection and cause the host system to crash. Update Instructions: Run `sudo pro fix USN-5187-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glances - 3.1.3-1ubuntu0.1~esm1 glances-doc - 3.1.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-23418 Ubuntu 20.04 LTS It was discovered that Keepalived incorrectly handled certain messages. An attacker could possibly use this issue to access-control bypass. Update Instructions: Run `sudo pro fix USN-5188-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: keepalived - 1:2.0.19-2ubuntu0.1 No subscription required Medium CVE-2021-44225 Ubuntu 20.04 LTS It was discovered that GraphicsMagick allowed reading arbitrary files via specially crafted images. An attacker could use this issue to expose sensitive information. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2019-12921) It was discovered that GraphicsMagick did not correctly handle memory allocations for error messages. An attacker could use this issue to corrupt memory or possibly execute arbitrary code. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2019-19950) It was discovered that GraphicsMagick did not correctly handle type limits. An attacker could use these issues to cause heap-based buffer overflows, leading to a denial of service (application crash) or possibly execute arbitrary code. These issues only affect Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2019-19951, CVE-2019-19953) It was discovered that GraphicsMagick did not correctly handle the signed integer limit in 32-bit applications. An attacker could use this issue to cause a heap-based buffer overflow, leading to a denial of service (application crash) or possibly execute arbitrary code. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. (CVE-2020-10938) It was discovered that GraphicsMagick did not properly magnify certain images. An attacker could use this issue to cause a heap-based buffer overflow, leading to a denial of service (application crash) or possibly execute arbitrary code. (CVE-2020-12672) Update Instructions: Run `sudo pro fix USN-5190-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgraphics-magick-perl - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick-q16-3 - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick1-dev - 1.4+really1.3.35-1ubuntu0.1~esm1 graphicsmagick - 1.4+really1.3.35-1ubuntu0.1~esm1 graphicsmagick-imagemagick-compat - 1.4+really1.3.35-1ubuntu0.1~esm1 graphicsmagick-libmagick-dev-compat - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick++1-dev - 1.4+really1.3.35-1ubuntu0.1~esm1 libgraphicsmagick++-q16-12 - 1.4+really1.3.35-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-12921 CVE-2019-19950 CVE-2019-19951 CVE-2019-19953 CVE-2020-10938 CVE-2020-12672 Ubuntu 20.04 LTS It was discovered that Flatpak incorrectly handled certain AF_UNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement. Update Instructions: Run `sudo pro fix USN-5191-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflatpak0 - 1.6.5-0ubuntu0.4 libflatpak-dev - 1.6.5-0ubuntu0.4 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.4 libflatpak-doc - 1.6.5-0ubuntu0.4 flatpak - 1.6.5-0ubuntu0.4 flatpak-tests - 1.6.5-0ubuntu0.4 No subscription required Medium CVE-2021-41133 Ubuntu 20.04 LTS Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Please see the following link for more information: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell Update Instructions: Run `sudo pro fix USN-5192-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.15.0-0.20.04.1 liblog4j2-java-doc - 2.15.0-0.20.04.1 No subscription required High CVE-2021-44228 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. Update Instructions: Run `sudo pro fix USN-5193-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.2 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.2 xwayland - 2:1.20.13-1ubuntu1~20.04.2 xdmx - 2:1.20.13-1ubuntu1~20.04.2 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.2 xvfb - 2:1.20.13-1ubuntu1~20.04.2 xnest - 2:1.20.13-1ubuntu1~20.04.2 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.2 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.2 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.2 xserver-common - 2:1.20.13-1ubuntu1~20.04.2 No subscription required Medium CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 Ubuntu 20.04 LTS Denis Kasak discovered that Olm was not verifying the length of input being processed by the olm_pk_decrypt module, which introduced a stack-based buffer overflow vulnerability to the library. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5194-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libolm-dev - 3.1.3+dfsg-2ubuntu0.1~esm1 python3-olm - 3.1.3+dfsg-2ubuntu0.1~esm1 libolm3 - 3.1.3+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-34813 Ubuntu 20.04 LTS It was discovered that the Mumble client supported websites for public servers with arbitrary URL schemes. If a user were tricked into visiting a malicious website from the public server list, a remote attacker could possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5195-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mumble - 1.3.0+dfsg-1ubuntu0.1 mumble-server - 1.3.0+dfsg-1ubuntu0.1 No subscription required Medium CVE-2021-27229 Ubuntu 20.04 LTS It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. An attacker could use this vulnerability to cause a denial of service. Please see the following link for more information: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell Update Instructions: Run `sudo pro fix USN-5197-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.16.0-0.20.04.1 liblog4j2-java-doc - 2.16.0-0.20.04.1 No subscription required High CVE-2021-45046 CVE-2021-44228 Ubuntu 20.04 LTS It was discovered that HTMLDOC improperly handled malformed URIs from an input html file. An attacker could use this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5198-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: htmldoc - 1.9.7-1ubuntu0.2 htmldoc-common - 1.9.7-1ubuntu0.2 No subscription required Medium CVE-2021-23180 Ubuntu 20.04 LTS It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses (100 Continue response). Specially crafted traffic from a malicious HTTP server could cause a denial of service (Dos) condition for a client. Update Instructions: Run `sudo pro fix USN-5201-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-full - 3.8.10-0ubuntu1~20.04.2 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.2 python3.8-venv - 3.8.10-0ubuntu1~20.04.2 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.2 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.2 idle-python3.8 - 3.8.10-0ubuntu1~20.04.2 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.2 python3.8 - 3.8.10-0ubuntu1~20.04.2 python3.8-doc - 3.8.10-0ubuntu1~20.04.2 python3.8-minimal - 3.8.10-0ubuntu1~20.04.2 python3.8-examples - 3.8.10-0ubuntu1~20.04.2 python3.8-dev - 3.8.10-0ubuntu1~20.04.2 libpython3.8 - 3.8.10-0ubuntu1~20.04.2 No subscription required python3.9-venv - 3.9.5-3ubuntu0~20.04.1 python3.9-doc - 3.9.5-3ubuntu0~20.04.1 idle-python3.9 - 3.9.5-3ubuntu0~20.04.1 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1 python3.9-full - 3.9.5-3ubuntu0~20.04.1 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1 python3.9 - 3.9.5-3ubuntu0~20.04.1 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1 python3.9-dev - 3.9.5-3ubuntu0~20.04.1 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1 python3.9-examples - 3.9.5-3ubuntu0~20.04.1 libpython3.9 - 3.9.5-3ubuntu0~20.04.1 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1 No subscription required Medium CVE-2021-3737 Ubuntu 20.04 LTS Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information (rudimentary port scans). This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2341) Markus Loewe discovered that OpenJDK did not properly handle JAR files containing multiple manifest files. An attacker could possibly use this to bypass JAR signature verification. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2369) Huixin Ma discovered that the Hotspot VM in OpenJDK did not properly perform range check elimination in some situations. An attacker could possibly use this to construct a Java class that could bypass Java sandbox restrictions. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2388) Asaf Greenholts discovered that OpenJDK preferred certain weak ciphers by default. An attacker could possibly use this to expose sensitive information. (CVE-2021-35550) It was discovered that the Rich Text Format (RTF) Parser in OpenJDK did not properly restrict the amount of memory allocated in some situations. An attacker could use this to specially craft an RTF file that caused a denial of service. (CVE-2021-35556) It was discovered that the Rich Text Format (RTF) Reader in OpenJDK did not properly restrict the amount of memory allocated in some situations. An attacker could use this to specially craft an RTF file that caused a denial of service. (CVE-2021-35559) Markus Loewe discovered that the HashMap and HashSet implementations in OpenJDK did not properly validate load factors during deserialization. An attacker could use this to cause a denial of service (excessive memory consumption). (CVE-2021-35561) It was discovered that the Keytool component in OpenJDK did not properly handle certificates with validity ending dates in the far future. An attacker could use this to specially craft a certificate that when imported could corrupt a keystore. (CVE-2021-35564) Tristen Hayfield discovered that the HTTP server implementation in OpenJDK did not properly handle TLS session close in some situations. A remote attacker could possibly use this to cause a denial of service (application infinite loop). (CVE-2021-35565) Chuck Hunley discovered that the Kerberos implementation in OpenJDK did not correctly report subject principals when using Kerberos Constrained Delegation. An attacker could possibly use this to cause incorrect Kerberos tickets to be used. (CVE-2021-35567) it was discovered that the TLS implementation in OpenJDK did not properly handle TLS handshakes in certain situations where a Java application is acting as a TLS server. A remote attacker could possibly use this to cause a denial of service (application crash). (CVE-2021-35578) it was discovered that OpenJDK did not properly restrict the amount of memory allocated when processing BMP images. An attacker could use this to specially craft a BMP image file that could cause a denial of service. (CVE-2021-35586) It was discovered that the HotSpot VM in OpenJDK 8 did not properly perform validation of inner class index values in some situations. An attacker could use this to specially craft a class file that when loaded could cause a denial of service (Java VM crash). (CVE-2021-35588) Artem Smotrakov discovered that the TLS implementation in OpenJDK used non- constant time comparisons during TLS handshakes. A remote attacker could use this to expose sensitive information. (CVE-2021-35603) Update Instructions: Run `sudo pro fix USN-5202-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.13+8-0ubuntu1~20.04 openjdk-11-source - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jdk - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.13+8-0ubuntu1~20.04 openjdk-11-jre - 11.0.13+8-0ubuntu1~20.04 openjdk-11-demo - 11.0.13+8-0ubuntu1~20.04 No subscription required openjdk-8-source - 8u312-b07-0ubuntu1~20.04 openjdk-8-doc - 8u312-b07-0ubuntu1~20.04 openjdk-8-jdk - 8u312-b07-0ubuntu1~20.04 openjdk-8-jre-headless - 8u312-b07-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u312-b07-0ubuntu1~20.04 openjdk-8-jre - 8u312-b07-0ubuntu1~20.04 openjdk-8-jre-zero - 8u312-b07-0ubuntu1~20.04 openjdk-8-demo - 8u312-b07-0ubuntu1~20.04 No subscription required Medium CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 Ubuntu 20.04 LTS Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. Please see the following link for more information: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell Update Instructions: Run `sudo pro fix USN-5203-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.17.0-0.20.04.1 liblog4j2-java-doc - 2.17.0-0.20.04.1 No subscription required Medium CVE-2021-45105 Ubuntu 20.04 LTS Chris Bailey discovered that Django incorrectly handled evaluating submitted passwords. A remote attacker could possibly use this issue to consume resources, resulting in a denial of service. (CVE-2021-45115) Dennis Brinkrolf discovered that Django incorrectly handled the dictsort template filter. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-45116) Dennis Brinkrolf discovered that Django incorrectly handled certain file names. A remote attacker could possibly use this issue to save files to arbitrary filesystem locations. (CVE-2021-45452) Update Instructions: Run `sudo pro fix USN-5204-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.9 python-django-doc - 2:2.2.12-1ubuntu0.9 No subscription required Medium CVE-2021-45115 CVE-2021-45116 CVE-2021-45452 Ubuntu 20.04 LTS It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcpprep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM. (CVE-2018-13112) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-17580, CVE-2018-17582) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-17974, CVE-2018-18407) It was discovered that a use-after-free existed in Tcpreplay in the tcpbridge binary. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-18408) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2018-20552, CVE-2018-20553) It was discovered that a heap-based buffer over-read that existed in Tcpreplay caused an application crash when tcprewrite or tcpreplay-edit received specially crafted packet capture input. An attacker could possibly use this to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12740) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcpprep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-24265, CVE-2020-24266) It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcprewrite. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 ESM. (CVE-2022-27416) It was discovered that Tcpreplay did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted packet capture file, a remote attacker could possibly use this issue to cause Tcpreplay crash, resulting in a denial of service, or possibly read sensitive data. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2022-28487) Update Instructions: Run `sudo pro fix USN-5205-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcpreplay - 4.3.2-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-13112 CVE-2018-17974 CVE-2018-18407 CVE-2018-18408 CVE-2018-17580 CVE-2018-17582 CVE-2018-20552 CVE-2018-20553 CVE-2020-12740 CVE-2020-24265 CVE-2020-24266 CVE-2022-27416 CVE-2022-28487 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. Update Instructions: Run `sudo pro fix USN-5206-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1013-oem - 5.14.0-1013.13 linux-tools-5.14.0-1013-oem - 5.14.0-1013.13 linux-headers-5.14.0-1013-oem - 5.14.0-1013.13 linux-image-5.14.0-1013-oem - 5.14.0-1013.13 linux-oem-5.14-tools-5.14.0-1013 - 5.14.0-1013.13 linux-oem-5.14-headers-5.14.0-1013 - 5.14.0-1013.13 linux-image-unsigned-5.14.0-1013-oem - 5.14.0-1013.13 linux-modules-5.14.0-1013-oem - 5.14.0-1013.13 linux-oem-5.14-tools-host - 5.14.0-1013.13 No subscription required linux-headers-oem-20.04d - 5.14.0.1013.13 linux-image-oem-20.04d - 5.14.0.1013.13 linux-tools-oem-20.04d - 5.14.0.1013.13 linux-oem-20.04d - 5.14.0.1013.13 No subscription required High CVE-2021-4002 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) Update Instructions: Run `sudo pro fix USN-5207-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.10-tools-host - 5.10.0-1053.55 linux-oem-5.10-headers-5.10.0-1053 - 5.10.0-1053.55 linux-oem-5.10-tools-5.10.0-1053 - 5.10.0-1053.55 linux-tools-5.10.0-1053-oem - 5.10.0-1053.55 linux-headers-5.10.0-1053-oem - 5.10.0-1053.55 linux-image-5.10.0-1053-oem - 5.10.0-1053.55 linux-buildinfo-5.10.0-1053-oem - 5.10.0-1053.55 linux-image-unsigned-5.10.0-1053-oem - 5.10.0-1053.55 linux-modules-5.10.0-1053-oem - 5.10.0-1053.55 No subscription required linux-oem-20.04 - 5.10.0.1053.55 linux-oem-20.04-edge - 5.10.0.1053.55 linux-headers-oem-20.04b - 5.10.0.1053.55 linux-image-oem-20.04b - 5.10.0.1053.55 linux-image-oem-20.04 - 5.10.0.1053.55 linux-tools-oem-20.04-edge - 5.10.0.1053.55 linux-headers-oem-20.04-edge - 5.10.0.1053.55 linux-headers-oem-20.04 - 5.10.0.1053.55 linux-tools-oem-20.04 - 5.10.0.1053.55 linux-tools-oem-20.04b - 5.10.0.1053.55 linux-image-oem-20.04-edge - 5.10.0.1053.55 linux-oem-20.04b - 5.10.0.1053.55 No subscription required High CVE-2021-4001 CVE-2021-4002 CVE-2021-42739 CVE-2021-43267 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5208-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-buildinfo-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-image-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-image-unsigned-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-extra-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-headers-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-headers-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-azure-5.11-headers-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-oracle-5.11-headers-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-image-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-oracle-5.11-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-image-unsigned-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-modules-extra-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-cloud-tools-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-image-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-aws-5.11-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-cloud-tools-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-tools-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-buildinfo-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-modules-extra-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-headers-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-tools-5.11.0-1023-aws - 5.11.0-1023.24~20.04.1 linux-aws-5.11-headers-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 linux-modules-5.11.0-1023-azure - 5.11.0-1023.24~20.04.1 linux-tools-5.11.0-1023-oracle - 5.11.0-1023.24~20.04.1 linux-azure-5.11-tools-5.11.0-1023 - 5.11.0-1023.24~20.04.1 No subscription required linux-buildinfo-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-image-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-gcp-5.11-headers-5.11.0-1024 - 5.11.0-1024.26~20.04.1 linux-headers-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-gcp-5.11-tools-5.11.0-1024 - 5.11.0-1024.26~20.04.1 linux-image-unsigned-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-modules-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-modules-extra-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 linux-tools-5.11.0-1024-gcp - 5.11.0-1024.26~20.04.1 No subscription required linux-tools-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-modules-extra-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-tools-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-tools-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-image-unsigned-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-tools-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-hwe-5.11-source-5.11.0 - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-image-unsigned-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-headers-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 linux-cloud-tools-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-image-unsigned-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-hwe-5.11-tools-host - 5.11.0-44.48~20.04.2 linux-hwe-5.11-tools-5.11.0-44 - 5.11.0-44.48~20.04.2 linux-hwe-5.11-cloud-tools-common - 5.11.0-44.48~20.04.2 linux-image-5.11.0-44-lowlatency - 5.11.0-44.48~20.04.2 linux-hwe-5.11-tools-common - 5.11.0-44.48~20.04.2 linux-cloud-tools-5.11.0-44-generic - 5.11.0-44.48~20.04.2 linux-hwe-5.11-cloud-tools-5.11.0-44 - 5.11.0-44.48~20.04.2 linux-hwe-5.11-headers-5.11.0-44 - 5.11.0-44.48~20.04.2 linux-modules-5.11.0-44-generic-lpae - 5.11.0-44.48~20.04.2 linux-buildinfo-5.11.0-44-generic-64k - 5.11.0-44.48~20.04.2 No subscription required linux-headers-oracle - 5.11.0.1023.24~20.04.16 linux-tools-oracle - 5.11.0.1023.24~20.04.16 linux-tools-oracle-edge - 5.11.0.1023.24~20.04.16 linux-oracle-edge - 5.11.0.1023.24~20.04.16 linux-image-oracle-edge - 5.11.0.1023.24~20.04.16 linux-headers-oracle-edge - 5.11.0.1023.24~20.04.16 linux-image-oracle - 5.11.0.1023.24~20.04.16 linux-oracle - 5.11.0.1023.24~20.04.16 No subscription required linux-cloud-tools-azure - 5.11.0.1023.24~20.04.23 linux-tools-azure - 5.11.0.1023.24~20.04.23 linux-headers-aws - 5.11.0.1023.24~20.04.23 linux-image-aws - 5.11.0.1023.24~20.04.23 linux-modules-extra-azure - 5.11.0.1023.24~20.04.23 linux-aws - 5.11.0.1023.24~20.04.23 linux-image-azure - 5.11.0.1023.24~20.04.23 linux-tools-aws - 5.11.0.1023.24~20.04.23 linux-modules-extra-aws - 5.11.0.1023.24~20.04.23 linux-azure - 5.11.0.1023.24~20.04.23 linux-headers-azure - 5.11.0.1023.24~20.04.23 No subscription required linux-modules-extra-gcp - 5.11.0.1024.26~20.04.24 linux-tools-gcp - 5.11.0.1024.26~20.04.24 linux-gcp - 5.11.0.1024.26~20.04.24 linux-headers-gcp - 5.11.0.1024.26~20.04.24 linux-image-gcp - 5.11.0.1024.26~20.04.24 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-extra-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-generic-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-generic-lpae-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-tools-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-lowlatency-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-image-generic-64k-hwe-20.04 - 5.11.0.44.48~20.04.22 linux-headers-virtual-hwe-20.04 - 5.11.0.44.48~20.04.22 No subscription required High CVE-2021-20321 CVE-2021-3760 CVE-2021-4002 CVE-2021-41864 CVE-2021-43056 CVE-2021-43267 CVE-2021-43389 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5210-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1010-ibm - 5.4.0-1010.11 linux-headers-5.4.0-1010-ibm - 5.4.0-1010.11 linux-modules-extra-5.4.0-1010-ibm - 5.4.0-1010.11 linux-modules-5.4.0-1010-ibm - 5.4.0-1010.11 linux-ibm-tools-5.4.0-1010 - 5.4.0-1010.11 linux-buildinfo-5.4.0-1010-ibm - 5.4.0-1010.11 linux-ibm-headers-5.4.0-1010 - 5.4.0-1010.11 linux-ibm-source-5.4.0 - 5.4.0-1010.11 linux-ibm-tools-common - 5.4.0-1010.11 linux-tools-5.4.0-1010-ibm - 5.4.0-1010.11 linux-ibm-cloud-tools-common - 5.4.0-1010.11 linux-image-unsigned-5.4.0-1010-ibm - 5.4.0-1010.11 No subscription required linux-buildinfo-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-image-unsigned-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-modules-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-bluefield-headers-5.4.0-1023 - 5.4.0-1023.26 linux-bluefield-tools-5.4.0-1023 - 5.4.0-1023.26 linux-tools-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-headers-5.4.0-1023-bluefield - 5.4.0-1023.26 linux-image-5.4.0-1023-bluefield - 5.4.0-1023.26 No subscription required linux-cloud-tools-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-modules-extra-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-headers-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-gkeop-source-5.4.0 - 5.4.0-1029.30 linux-gkeop-headers-5.4.0-1029 - 5.4.0-1029.30 linux-image-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-tools-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-modules-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-buildinfo-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-gkeop-tools-5.4.0-1029 - 5.4.0-1029.30 linux-image-unsigned-5.4.0-1029-gkeop - 5.4.0-1029.30 linux-gkeop-cloud-tools-5.4.0-1029 - 5.4.0-1029.30 No subscription required linux-headers-5.4.0-1048-raspi - 5.4.0-1048.53 linux-image-5.4.0-1048-raspi - 5.4.0-1048.53 linux-tools-5.4.0-1048-raspi - 5.4.0-1048.53 linux-raspi-tools-5.4.0-1048 - 5.4.0-1048.53 linux-raspi-headers-5.4.0-1048 - 5.4.0-1048.53 linux-modules-5.4.0-1048-raspi - 5.4.0-1048.53 linux-buildinfo-5.4.0-1048-raspi - 5.4.0-1048.53 No subscription required linux-kvm-tools-5.4.0-1051 - 5.4.0-1051.53 linux-headers-5.4.0-1051-kvm - 5.4.0-1051.53 linux-image-unsigned-5.4.0-1051-kvm - 5.4.0-1051.53 linux-modules-5.4.0-1051-kvm - 5.4.0-1051.53 linux-tools-5.4.0-1051-kvm - 5.4.0-1051.53 linux-image-5.4.0-1051-kvm - 5.4.0-1051.53 linux-buildinfo-5.4.0-1051-kvm - 5.4.0-1051.53 linux-kvm-headers-5.4.0-1051 - 5.4.0-1051.53 No subscription required linux-modules-extra-5.4.0-1057-gke - 5.4.0-1057.60 linux-buildinfo-5.4.0-1057-gke - 5.4.0-1057.60 linux-gke-headers-5.4.0-1057 - 5.4.0-1057.60 linux-modules-5.4.0-1057-gke - 5.4.0-1057.60 linux-image-unsigned-5.4.0-1057-gke - 5.4.0-1057.60 linux-headers-5.4.0-1057-gke - 5.4.0-1057.60 linux-gke-tools-5.4.0-1057 - 5.4.0-1057.60 linux-image-5.4.0-1057-gke - 5.4.0-1057.60 linux-tools-5.4.0-1057-gke - 5.4.0-1057.60 No subscription required linux-modules-5.4.0-1059-oracle - 5.4.0-1059.63 linux-tools-5.4.0-1059-oracle - 5.4.0-1059.63 linux-gcp-tools-5.4.0-1059 - 5.4.0-1059.63 linux-image-5.4.0-1059-gcp - 5.4.0-1059.63 linux-oracle-headers-5.4.0-1059 - 5.4.0-1059.63 linux-buildinfo-5.4.0-1059-gcp - 5.4.0-1059.63 linux-modules-extra-5.4.0-1059-oracle - 5.4.0-1059.63 linux-image-5.4.0-1059-oracle - 5.4.0-1059.63 linux-headers-5.4.0-1059-oracle - 5.4.0-1059.63 linux-image-unsigned-5.4.0-1059-gcp - 5.4.0-1059.63 linux-oracle-tools-5.4.0-1059 - 5.4.0-1059.63 linux-tools-5.4.0-1059-gcp - 5.4.0-1059.63 linux-image-unsigned-5.4.0-1059-oracle - 5.4.0-1059.63 linux-gcp-headers-5.4.0-1059 - 5.4.0-1059.63 linux-headers-5.4.0-1059-gcp - 5.4.0-1059.63 linux-buildinfo-5.4.0-1059-oracle - 5.4.0-1059.63 linux-modules-5.4.0-1059-gcp - 5.4.0-1059.63 linux-modules-extra-5.4.0-1059-gcp - 5.4.0-1059.63 No subscription required linux-cloud-tools-5.4.0-1061-aws - 5.4.0-1061.64 linux-aws-headers-5.4.0-1061 - 5.4.0-1061.64 linux-modules-5.4.0-1061-aws - 5.4.0-1061.64 linux-buildinfo-5.4.0-1061-aws - 5.4.0-1061.64 linux-aws-tools-5.4.0-1061 - 5.4.0-1061.64 linux-image-unsigned-5.4.0-1061-aws - 5.4.0-1061.64 linux-headers-5.4.0-1061-aws - 5.4.0-1061.64 linux-modules-extra-5.4.0-1061-aws - 5.4.0-1061.64 linux-aws-cloud-tools-5.4.0-1061 - 5.4.0-1061.64 linux-tools-5.4.0-1061-aws - 5.4.0-1061.64 No subscription required linux-buildinfo-5.4.0-1065-azure - 5.4.0-1065.68 linux-azure-headers-5.4.0-1065 - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-azure - 5.4.0-1065.68 linux-modules-5.4.0-1065-azure - 5.4.0-1065.68 linux-azure-cloud-tools-5.4.0-1065 - 5.4.0-1065.68 linux-image-5.4.0-1065-azure - 5.4.0-1065.68 linux-azure-tools-5.4.0-1065 - 5.4.0-1065.68 linux-tools-5.4.0-1065-azure - 5.4.0-1065.68 linux-cloud-tools-5.4.0-1065-azure - 5.4.0-1065.68 linux-modules-extra-5.4.0-1065-azure - 5.4.0-1065.68 linux-headers-5.4.0-1065-azure - 5.4.0-1065.68 No subscription required linux-headers-5.4.0-92-generic - 5.4.0-92.103 linux-tools-common - 5.4.0-92.103 linux-modules-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-modules-5.4.0-92-lowlatency - 5.4.0-92.103 linux-buildinfo-5.4.0-92-generic - 5.4.0-92.103 linux-tools-host - 5.4.0-92.103 linux-modules-extra-5.4.0-92-generic - 5.4.0-92.103 linux-doc - 5.4.0-92.103 linux-headers-5.4.0-92 - 5.4.0-92.103 linux-tools-5.4.0-92-generic - 5.4.0-92.103 linux-headers-5.4.0-92-lowlatency - 5.4.0-92.103 linux-modules-5.4.0-92-generic - 5.4.0-92.103 linux-libc-dev - 5.4.0-92.103 linux-tools-5.4.0-92-lowlatency - 5.4.0-92.103 linux-buildinfo-5.4.0-92-lowlatency - 5.4.0-92.103 linux-image-5.4.0-92-generic - 5.4.0-92.103 linux-buildinfo-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-tools-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-source-5.4.0 - 5.4.0-92.103 linux-cloud-tools-5.4.0-92-lowlatency - 5.4.0-92.103 linux-image-5.4.0-92-lowlatency - 5.4.0-92.103 linux-cloud-tools-5.4.0-92-generic - 5.4.0-92.103 linux-cloud-tools-common - 5.4.0-92.103 linux-cloud-tools-5.4.0-92 - 5.4.0-92.103 linux-image-unsigned-5.4.0-92-generic - 5.4.0-92.103 linux-headers-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-image-5.4.0-92-generic-lpae - 5.4.0-92.103 linux-image-unsigned-5.4.0-92-lowlatency - 5.4.0-92.103 linux-tools-5.4.0-92 - 5.4.0-92.103 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1010.11 linux-modules-extra-ibm - 5.4.0.1010.11 linux-headers-ibm-lts-20.04 - 5.4.0.1010.11 linux-image-ibm-lts-20.04 - 5.4.0.1010.11 linux-image-ibm - 5.4.0.1010.11 linux-ibm-lts-20.04 - 5.4.0.1010.11 linux-ibm - 5.4.0.1010.11 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1010.11 linux-headers-ibm - 5.4.0.1010.11 linux-tools-ibm - 5.4.0.1010.11 No subscription required linux-image-bluefield - 5.4.0.1023.24 linux-headers-bluefield - 5.4.0.1023.24 linux-tools-bluefield - 5.4.0.1023.24 linux-bluefield - 5.4.0.1023.24 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1029.32 linux-image-gkeop - 5.4.0.1029.32 linux-gkeop-5.4 - 5.4.0.1029.32 linux-headers-gkeop - 5.4.0.1029.32 linux-image-gkeop-5.4 - 5.4.0.1029.32 linux-gkeop - 5.4.0.1029.32 linux-cloud-tools-gkeop - 5.4.0.1029.32 linux-headers-gkeop-5.4 - 5.4.0.1029.32 linux-modules-extra-gkeop-5.4 - 5.4.0.1029.32 linux-modules-extra-gkeop - 5.4.0.1029.32 linux-tools-gkeop - 5.4.0.1029.32 linux-tools-gkeop-5.4 - 5.4.0.1029.32 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-raspi2 - 5.4.0.1048.83 linux-image-raspi-hwe-18.04 - 5.4.0.1048.83 linux-image-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-tools-raspi - 5.4.0.1048.83 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-headers-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-headers-raspi - 5.4.0.1048.83 linux-raspi2-hwe-18.04-edge - 5.4.0.1048.83 linux-raspi-hwe-18.04 - 5.4.0.1048.83 linux-tools-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-raspi2-hwe-18.04 - 5.4.0.1048.83 linux-image-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-image-raspi2 - 5.4.0.1048.83 linux-tools-raspi-hwe-18.04 - 5.4.0.1048.83 linux-headers-raspi-hwe-18.04 - 5.4.0.1048.83 linux-raspi-hwe-18.04-edge - 5.4.0.1048.83 linux-raspi - 5.4.0.1048.83 linux-image-raspi - 5.4.0.1048.83 linux-tools-raspi2 - 5.4.0.1048.83 linux-headers-raspi2 - 5.4.0.1048.83 No subscription required linux-kvm - 5.4.0.1051.50 linux-headers-kvm - 5.4.0.1051.50 linux-image-kvm - 5.4.0.1051.50 linux-tools-kvm - 5.4.0.1051.50 No subscription required linux-modules-extra-gke - 5.4.0.1057.67 linux-tools-gke-5.4 - 5.4.0.1057.67 linux-modules-extra-gke-5.4 - 5.4.0.1057.67 linux-gke-5.4 - 5.4.0.1057.67 linux-tools-gke - 5.4.0.1057.67 linux-gke - 5.4.0.1057.67 linux-headers-gke - 5.4.0.1057.67 linux-image-gke - 5.4.0.1057.67 linux-headers-gke-5.4 - 5.4.0.1057.67 linux-image-gke-5.4 - 5.4.0.1057.67 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1059.59 linux-headers-oracle-lts-20.04 - 5.4.0.1059.59 linux-oracle-lts-20.04 - 5.4.0.1059.59 linux-image-oracle-lts-20.04 - 5.4.0.1059.59 No subscription required linux-gcp-lts-20.04 - 5.4.0.1059.69 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1059.69 linux-headers-gcp-lts-20.04 - 5.4.0.1059.69 linux-tools-gcp-lts-20.04 - 5.4.0.1059.69 linux-image-gcp-lts-20.04 - 5.4.0.1059.69 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1061.64 linux-tools-aws-lts-20.04 - 5.4.0.1061.64 linux-image-aws-lts-20.04 - 5.4.0.1061.64 linux-headers-aws-lts-20.04 - 5.4.0.1061.64 linux-aws-lts-20.04 - 5.4.0.1061.64 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1065.63 linux-azure-lts-20.04 - 5.4.0.1065.63 linux-image-azure-lts-20.04 - 5.4.0.1065.63 linux-modules-extra-azure-lts-20.04 - 5.4.0.1065.63 linux-tools-azure-lts-20.04 - 5.4.0.1065.63 linux-headers-azure-lts-20.04 - 5.4.0.1065.63 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-cloud-tools-virtual - 5.4.0.92.96 linux-image-generic-hwe-18.04 - 5.4.0.92.96 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-image-virtual - 5.4.0.92.96 linux-cloud-tools-lowlatency - 5.4.0.92.96 linux-image-generic - 5.4.0.92.96 linux-tools-lowlatency - 5.4.0.92.96 linux-image-oem - 5.4.0.92.96 linux-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-image-extra-virtual-hwe-18.04 - 5.4.0.92.96 linux-headers-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.92.96 linux-image-oem-osp1 - 5.4.0.92.96 linux-image-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-crashdump - 5.4.0.92.96 linux-tools-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-headers-generic-hwe-18.04 - 5.4.0.92.96 linux-headers-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-source - 5.4.0.92.96 linux-lowlatency - 5.4.0.92.96 linux-tools-generic-lpae - 5.4.0.92.96 linux-cloud-tools-generic - 5.4.0.92.96 linux-oem - 5.4.0.92.96 linux-tools-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-virtual - 5.4.0.92.96 linux-headers-virtual-hwe-18.04 - 5.4.0.92.96 linux-virtual-hwe-18.04 - 5.4.0.92.96 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-tools-virtual - 5.4.0.92.96 linux-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-generic-lpae - 5.4.0.92.96 linux-headers-oem - 5.4.0.92.96 linux-generic - 5.4.0.92.96 linux-tools-oem-osp1 - 5.4.0.92.96 linux-tools-generic-hwe-18.04-edge - 5.4.0.92.96 linux-image-virtual-hwe-18.04 - 5.4.0.92.96 linux-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-headers-lowlatency - 5.4.0.92.96 linux-image-generic-hwe-18.04-edge - 5.4.0.92.96 linux-generic-hwe-18.04-edge - 5.4.0.92.96 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-tools-generic - 5.4.0.92.96 linux-image-extra-virtual - 5.4.0.92.96 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.92.96 linux-oem-tools-host - 5.4.0.92.96 linux-tools-oem - 5.4.0.92.96 linux-headers-oem-osp1 - 5.4.0.92.96 linux-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.92.96 linux-headers-generic-hwe-18.04-edge - 5.4.0.92.96 linux-headers-generic - 5.4.0.92.96 linux-oem-osp1-tools-host - 5.4.0.92.96 linux-headers-generic-lpae - 5.4.0.92.96 linux-oem-osp1 - 5.4.0.92.96 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-image-lowlatency-hwe-18.04 - 5.4.0.92.96 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.92.96 linux-headers-virtual - 5.4.0.92.96 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.92.96 linux-tools-virtual-hwe-18.04 - 5.4.0.92.96 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.92.96 linux-generic-hwe-18.04 - 5.4.0.92.96 linux-image-generic-lpae - 5.4.0.92.96 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.92.96 linux-image-lowlatency - 5.4.0.92.96 linux-tools-generic-hwe-18.04 - 5.4.0.92.96 linux-image-virtual-hwe-18.04-edge - 5.4.0.92.96 No subscription required High CVE-2020-26541 CVE-2021-20321 CVE-2021-3760 CVE-2021-4002 CVE-2021-41864 CVE-2021-43056 CVE-2021-43389 Ubuntu 20.04 LTS USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization (SEV) enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5210-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1060-gcp - 5.4.0-1060.64 linux-gcp-tools-5.4.0-1060 - 5.4.0-1060.64 linux-headers-5.4.0-1060-gcp - 5.4.0-1060.64 linux-image-unsigned-5.4.0-1060-gcp - 5.4.0-1060.64 linux-modules-extra-5.4.0-1060-gcp - 5.4.0-1060.64 linux-modules-5.4.0-1060-gcp - 5.4.0-1060.64 linux-buildinfo-5.4.0-1060-gcp - 5.4.0-1060.64 linux-gcp-headers-5.4.0-1060 - 5.4.0-1060.64 linux-image-5.4.0-1060-gcp - 5.4.0-1060.64 No subscription required linux-tools-common - 5.4.0-94.106 linux-image-unsigned-5.4.0-94-lowlatency - 5.4.0-94.106 linux-tools-host - 5.4.0-94.106 linux-doc - 5.4.0-94.106 linux-headers-5.4.0-94 - 5.4.0-94.106 linux-image-5.4.0-94-lowlatency - 5.4.0-94.106 linux-tools-5.4.0-94-generic - 5.4.0-94.106 linux-image-5.4.0-94-generic - 5.4.0-94.106 linux-buildinfo-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-buildinfo-5.4.0-94-lowlatency - 5.4.0-94.106 linux-image-unsigned-5.4.0-94-generic - 5.4.0-94.106 linux-source-5.4.0 - 5.4.0-94.106 linux-headers-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-cloud-tools-5.4.0-94-lowlatency - 5.4.0-94.106 linux-modules-5.4.0-94-generic - 5.4.0-94.106 linux-modules-5.4.0-94-lowlatency - 5.4.0-94.106 linux-buildinfo-5.4.0-94-generic - 5.4.0-94.106 linux-cloud-tools-5.4.0-94-generic - 5.4.0-94.106 linux-headers-5.4.0-94-generic - 5.4.0-94.106 linux-cloud-tools-common - 5.4.0-94.106 linux-tools-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-libc-dev - 5.4.0-94.106 linux-cloud-tools-5.4.0-94 - 5.4.0-94.106 linux-modules-5.4.0-94-generic-lpae - 5.4.0-94.106 linux-tools-5.4.0-94-lowlatency - 5.4.0-94.106 linux-headers-5.4.0-94-lowlatency - 5.4.0-94.106 linux-tools-5.4.0-94 - 5.4.0-94.106 linux-modules-extra-5.4.0-94-generic - 5.4.0-94.106 linux-image-5.4.0-94-generic-lpae - 5.4.0-94.106 No subscription required linux-gcp-lts-20.04 - 5.4.0.1060.70 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1060.70 linux-headers-gcp-lts-20.04 - 5.4.0.1060.70 linux-image-gcp-lts-20.04 - 5.4.0.1060.70 linux-tools-gcp-lts-20.04 - 5.4.0.1060.70 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-cloud-tools-virtual - 5.4.0.94.98 linux-image-generic-hwe-18.04 - 5.4.0.94.98 linux-tools-oem - 5.4.0.94.98 linux-headers-generic-lpae - 5.4.0.94.98 linux-image-virtual - 5.4.0.94.98 linux-oem-osp1-tools-host - 5.4.0.94.98 linux-image-generic - 5.4.0.94.98 linux-tools-lowlatency - 5.4.0.94.98 linux-image-oem - 5.4.0.94.98 linux-tools-virtual-hwe-18.04 - 5.4.0.94.98 linux-headers-generic-hwe-18.04 - 5.4.0.94.98 linux-headers-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-image-extra-virtual-hwe-18.04 - 5.4.0.94.98 linux-image-oem-osp1 - 5.4.0.94.98 linux-image-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-crashdump - 5.4.0.94.98 linux-tools-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-headers-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-source - 5.4.0.94.98 linux-lowlatency - 5.4.0.94.98 linux-tools-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-tools-generic-lpae - 5.4.0.94.98 linux-cloud-tools-generic - 5.4.0.94.98 linux-virtual - 5.4.0.94.98 linux-headers-virtual-hwe-18.04 - 5.4.0.94.98 linux-virtual-hwe-18.04 - 5.4.0.94.98 linux-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-tools-virtual - 5.4.0.94.98 linux-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-generic-lpae - 5.4.0.94.98 linux-headers-oem - 5.4.0.94.98 linux-generic - 5.4.0.94.98 linux-tools-oem-osp1 - 5.4.0.94.98 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-tools-generic-hwe-18.04-edge - 5.4.0.94.98 linux-image-virtual-hwe-18.04 - 5.4.0.94.98 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-oem-tools-host - 5.4.0.94.98 linux-headers-lowlatency - 5.4.0.94.98 linux-generic-hwe-18.04-edge - 5.4.0.94.98 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.94.98 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-oem - 5.4.0.94.98 linux-tools-generic - 5.4.0.94.98 linux-image-extra-virtual - 5.4.0.94.98 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.94.98 linux-cloud-tools-lowlatency - 5.4.0.94.98 linux-headers-oem-osp1 - 5.4.0.94.98 linux-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-tools-generic-hwe-18.04 - 5.4.0.94.98 linux-headers-generic-hwe-18.04-edge - 5.4.0.94.98 linux-headers-generic - 5.4.0.94.98 linux-oem-osp1 - 5.4.0.94.98 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.94.98 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-image-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.94.98 linux-headers-virtual - 5.4.0.94.98 linux-lowlatency-hwe-18.04 - 5.4.0.94.98 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.94.98 linux-generic-hwe-18.04 - 5.4.0.94.98 linux-image-generic-lpae - 5.4.0.94.98 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.94.98 linux-image-lowlatency - 5.4.0.94.98 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.94.98 linux-image-generic-hwe-18.04-edge - 5.4.0.94.98 linux-image-virtual-hwe-18.04-edge - 5.4.0.94.98 No subscription required None https://launchpad.net/bugs/1956575 Ubuntu 20.04 LTS It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly perform a Server Side Request Forgery attack. (CVE-2021-44224) It was discovered that the Apache HTTP Server Lua module incorrectly handled memory in the multipart parser. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-44790) Update Instructions: Run `sudo pro fix USN-5212-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.9 libapache2-mod-md - 2.4.41-4ubuntu3.9 apache2-utils - 2.4.41-4ubuntu3.9 apache2-dev - 2.4.41-4ubuntu3.9 apache2-suexec-pristine - 2.4.41-4ubuntu3.9 apache2-suexec-custom - 2.4.41-4ubuntu3.9 apache2 - 2.4.41-4ubuntu3.9 apache2-doc - 2.4.41-4ubuntu3.9 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.9 apache2-ssl-dev - 2.4.41-4ubuntu3.9 apache2-bin - 2.4.41-4ubuntu3.9 No subscription required Medium CVE-2021-44224 CVE-2021-44790 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5213-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30887 CVE-2021-30890 Ubuntu 20.04 LTS It was discovered that Cacti was incorrectly validating permissions for user accounts that had been recently disabled. An authenticated attacker could possibly use this to obtain unauthorized access to application and system data. (CVE-2020-13230) It was discovered that Cacti was incorrectly performing authorization checks in auth_profile.php. A remote unauthenticated attacker could use this to perform a CSRF attack and set a new admin email or make other changes. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13231) It was discovered that Cacti incorrectly handled user provided input sent through request parameters to the color.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-14295) It was discovered that Cacti did not properly escape file input fields when performing template import operations for various themes. An authenticated attacker could use this to perform XSS attacks. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-14424) It was discovered that Cacti incorrectly handled user provided input sent through request parameters to the data_debug.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-35701) Update Instructions: Run `sudo pro fix USN-5214-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cacti - 1.2.10+ds1-1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13230 CVE-2020-13231 CVE-2020-14295 CVE-2020-14424 CVE-2020-35701 Ubuntu 20.04 LTS Srikantha Prathi discovered that NLTK incorrectly handled specially crafted input. An attacker could use this vulnerability to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5215-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-nltk - 3.4.5-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-3828 Ubuntu 20.04 LTS It was discovered that hosted-git-info incorrectly handled certain inputs. A remote attacker could use this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5216-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-hosted-git-info - 2.8.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-23362 Ubuntu 20.04 LTS It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4204) Update Instructions: Run `sudo pro fix USN-5217-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.14.0-1018-oem - 5.14.0-1018.19 linux-modules-5.14.0-1018-oem - 5.14.0-1018.19 linux-image-5.14.0-1018-oem - 5.14.0-1018.19 linux-headers-5.14.0-1018-oem - 5.14.0-1018.19 linux-buildinfo-5.14.0-1018-oem - 5.14.0-1018.19 linux-tools-5.14.0-1018-oem - 5.14.0-1018.19 linux-oem-5.14-tools-host - 5.14.0-1018.19 linux-oem-5.14-headers-5.14.0-1018 - 5.14.0-1018.19 linux-oem-5.14-tools-5.14.0-1018 - 5.14.0-1018.19 No subscription required linux-headers-oem-20.04d - 5.14.0.1018.16 linux-image-oem-20.04d - 5.14.0.1018.16 linux-tools-oem-20.04d - 5.14.0.1018.16 linux-oem-20.04d - 5.14.0.1018.16 No subscription required High CVE-2021-4090 CVE-2021-4204 https://launchpad.net/bugs/1956585 Ubuntu 20.04 LTS Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4204) It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-20321) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) It was discovered that an integer overflow could be triggered in the eBPF implementation in the Linux kernel when preallocating objects for stack maps. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-41864) It was discovered that the KVM implementation for POWER8 processors in the Linux kernel did not properly keep track if a wakeup event could be resolved by a guest. An attacker in a guest VM could possibly use this to cause a denial of service (host OS crash). (CVE-2021-43056) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) It was discovered that the ISDN CAPI implementation in the Linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug. A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2021-43389) Update Instructions: Run `sudo pro fix USN-5218-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.13.0-1026-oem - 5.13.0-1026.32 linux-oem-5.13-tools-host - 5.13.0-1026.32 linux-buildinfo-5.13.0-1026-oem - 5.13.0-1026.32 linux-image-unsigned-5.13.0-1026-oem - 5.13.0-1026.32 linux-oem-5.13-tools-5.13.0-1026 - 5.13.0-1026.32 linux-oem-5.13-headers-5.13.0-1026 - 5.13.0-1026.32 linux-tools-5.13.0-1026-oem - 5.13.0-1026.32 linux-headers-5.13.0-1026-oem - 5.13.0-1026.32 linux-image-5.13.0-1026-oem - 5.13.0-1026.32 No subscription required linux-image-oem-20.04c - 5.13.0.1026.29 linux-tools-oem-20.04c - 5.13.0.1026.29 linux-headers-oem-20.04c - 5.13.0.1026.29 linux-oem-20.04c - 5.13.0.1026.29 No subscription required High CVE-2021-20321 CVE-2021-3760 CVE-2021-4002 CVE-2021-41864 CVE-2021-43056 CVE-2021-43267 CVE-2021-43389 CVE-2021-4204 https://launchpad.net/bugs/1956585 Ubuntu 20.04 LTS It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5219-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.10.0-1055-oem - 5.10.0-1055.58 linux-image-unsigned-5.10.0-1055-oem - 5.10.0-1055.58 linux-image-5.10.0-1055-oem - 5.10.0-1055.58 linux-modules-5.10.0-1055-oem - 5.10.0-1055.58 linux-oem-5.10-tools-5.10.0-1055 - 5.10.0-1055.58 linux-tools-5.10.0-1055-oem - 5.10.0-1055.58 linux-oem-5.10-tools-host - 5.10.0-1055.58 linux-oem-5.10-headers-5.10.0-1055 - 5.10.0-1055.58 linux-headers-5.10.0-1055-oem - 5.10.0-1055.58 No subscription required linux-headers-oem-20.04 - 5.10.0.1055.56 linux-tools-oem-20.04b - 5.10.0.1055.56 linux-image-oem-20.04b - 5.10.0.1055.56 linux-tools-oem-20.04 - 5.10.0.1055.56 linux-oem-20.04-edge - 5.10.0.1055.56 linux-image-oem-20.04-edge - 5.10.0.1055.56 linux-oem-20.04 - 5.10.0.1055.56 linux-image-oem-20.04 - 5.10.0.1055.56 linux-oem-20.04b - 5.10.0.1055.56 linux-tools-oem-20.04-edge - 5.10.0.1055.56 linux-headers-oem-20.04-edge - 5.10.0.1055.56 linux-headers-oem-20.04b - 5.10.0.1055.56 No subscription required linux-azure-5.11-cloud-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-buildinfo-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-headers-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-extra-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-cloud-tools-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-image-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-tools-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-azure-5.11-headers-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-oracle-5.11-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-image-unsigned-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-headers-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-image-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-aws-5.11-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-buildinfo-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-modules-extra-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-modules-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-modules-extra-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-oracle-5.11-headers-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-headers-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-image-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-tools-5.11.0-1025-azure - 5.11.0-1025.27~20.04.1 linux-image-unsigned-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-aws-5.11-headers-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-tools-5.11.0-1025-oracle - 5.11.0-1025.27~20.04.1 linux-cloud-tools-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 linux-azure-5.11-tools-5.11.0-1025 - 5.11.0-1025.27~20.04.1 linux-buildinfo-5.11.0-1025-aws - 5.11.0-1025.27~20.04.1 No subscription required linux-modules-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-tools-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-headers-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-buildinfo-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-image-unsigned-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-image-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 linux-gcp-5.11-headers-5.11.0-1026 - 5.11.0-1026.29~20.04.1 linux-gcp-5.11-tools-5.11.0-1026 - 5.11.0-1026.29~20.04.1 linux-modules-extra-5.11.0-1026-gcp - 5.11.0-1026.29~20.04.1 No subscription required linux-headers-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-image-unsigned-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-headers-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-image-unsigned-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-modules-extra-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-hwe-5.11-cloud-tools-5.11.0-46 - 5.11.0-46.51~20.04.1 linux-hwe-5.11-source-5.11.0 - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-hwe-5.11-tools-host - 5.11.0-46.51~20.04.1 linux-image-unsigned-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-hwe-5.11-headers-5.11.0-46 - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-hwe-5.11-tools-5.11.0-46 - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-hwe-5.11-cloud-tools-common - 5.11.0-46.51~20.04.1 linux-buildinfo-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-image-5.11.0-46-generic-64k - 5.11.0-46.51~20.04.1 linux-modules-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-hwe-5.11-tools-common - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-headers-5.11.0-46-generic-lpae - 5.11.0-46.51~20.04.1 linux-cloud-tools-5.11.0-46-generic - 5.11.0-46.51~20.04.1 linux-headers-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-cloud-tools-5.11.0-46-lowlatency - 5.11.0-46.51~20.04.1 linux-tools-5.11.0-46-generic - 5.11.0-46.51~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1025.27~20.04.18 linux-image-oracle - 5.11.0.1025.27~20.04.18 linux-tools-oracle - 5.11.0.1025.27~20.04.18 linux-oracle - 5.11.0.1025.27~20.04.18 No subscription required linux-cloud-tools-azure - 5.11.0.1025.27~20.04.24 linux-tools-azure - 5.11.0.1025.27~20.04.24 linux-headers-aws - 5.11.0.1025.27~20.04.24 linux-image-aws - 5.11.0.1025.27~20.04.24 linux-azure - 5.11.0.1025.27~20.04.24 linux-modules-extra-azure - 5.11.0.1025.27~20.04.24 linux-aws - 5.11.0.1025.27~20.04.24 linux-modules-extra-aws - 5.11.0.1025.27~20.04.24 linux-tools-aws - 5.11.0.1025.27~20.04.24 linux-image-azure - 5.11.0.1025.27~20.04.24 linux-headers-azure - 5.11.0.1025.27~20.04.24 No subscription required linux-tools-gcp - 5.11.0.1026.29~20.04.25 linux-gcp - 5.11.0.1026.29~20.04.25 linux-headers-gcp - 5.11.0.1026.29~20.04.25 linux-image-gcp - 5.11.0.1026.29~20.04.25 linux-modules-extra-gcp - 5.11.0.1026.29~20.04.25 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-cloud-tools-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-extra-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-headers-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-cloud-tools-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-generic-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-generic-lpae-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-tools-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-lowlatency-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-generic-64k-hwe-20.04 - 5.11.0.46.51~20.04.23 linux-image-virtual-hwe-20.04 - 5.11.0.46.51~20.04.23 No subscription required High CVE-2021-4204 https://launchpad.net/bugs/1956585 Ubuntu 20.04 LTS It was discovered that Composer did not properly sanitize URLs for Mercurial repositories in the root composer.json and package source download URLs. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5220-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: composer - 1.10.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-29472 Ubuntu 20.04 LTS It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-32626) It was discovered that Redis incorrectly handled some malformed requests when using Redis Lua Debugger. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-32672) It was discovered that Redis incorrectly handled certain Redis Standard Protocol (RESP) requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32675) It was discovered that Redis incorrectly handled some configuration parameters with specially crafted network payloads. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Vulnerabilities CVE-2021-32627 and CVE-2021-41099 only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-32627, CVE-2021-32628, CVE-2021-32687, CVE-2021-41099). It was discovered that Redis incorrectly handled memory when processing certain input in 32-bit systems. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. One vulnerability (CVE-2021-32761) only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM and another vulnerability (CVE-2021-21309) only affected Ubuntu 18.04 ESM. (CVE-2021-32761, CVE-2021-21309). Update Instructions: Run `sudo pro fix USN-5221-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis-sentinel - 5:5.0.7-2ubuntu0.1+esm1 redis-server - 5:5.0.7-2ubuntu0.1+esm1 redis - 5:5.0.7-2ubuntu0.1+esm1 redis-tools - 5:5.0.7-2ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-32626 CVE-2021-32627 CVE-2021-32628 CVE-2021-32672 CVE-2021-32675 CVE-2021-32687 CVE-2021-41099 CVE-2021-32761 CVE-2021-21309 Ubuntu 20.04 LTS It was discovered that Apache Log4j 2 was vulnerable to remote code execution (RCE) attack when configured to use a JDBC Appender with a JNDI LDAP data source URI. A remote attacker could possibly use this issue to cause a crash, leading to a denial of service. (CVE-2021-44832) Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-45105) Update Instructions: Run `sudo pro fix USN-5222-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j2-java - 2.17.1-0.20.04.1 liblog4j2-java-doc - 2.17.1-0.20.04.1 No subscription required Medium CVE-2021-44832 CVE-2021-45105 Ubuntu 20.04 LTS It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5223-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j1.2-java-doc - 1.2.17-9ubuntu0.1 liblog4j1.2-java - 1.2.17-9ubuntu0.1 No subscription required Medium CVE-2021-4104 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5224-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.5 ghostscript-x - 9.50~dfsg-5ubuntu4.5 libgs-dev - 9.50~dfsg-5ubuntu4.5 ghostscript-doc - 9.50~dfsg-5ubuntu4.5 libgs9 - 9.50~dfsg-5ubuntu4.5 libgs9-common - 9.50~dfsg-5ubuntu4.5 No subscription required Medium CVE-2021-45944 CVE-2021-45949 Ubuntu 20.04 LTS It was discovered that lxml incorrectly handled certain XML and HTML files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5225-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-lxml - 4.5.0-1ubuntu0.5 python-lxml - 4.5.0-1ubuntu0.5 python-lxml-doc - 4.5.0-1ubuntu0.5 No subscription required Medium CVE-2021-43818 Ubuntu 20.04 LTS It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts. Update Instructions: Run `sudo pro fix USN-5226-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: systemd-tests - 245.4-4ubuntu3.15 systemd-coredump - 245.4-4ubuntu3.15 systemd - 245.4-4ubuntu3.15 libsystemd0 - 245.4-4ubuntu3.15 systemd-container - 245.4-4ubuntu3.15 libnss-myhostname - 245.4-4ubuntu3.15 libudev1 - 245.4-4ubuntu3.15 systemd-timesyncd - 245.4-4ubuntu3.15 libsystemd-dev - 245.4-4ubuntu3.15 libnss-systemd - 245.4-4ubuntu3.15 systemd-journal-remote - 245.4-4ubuntu3.15 libpam-systemd - 245.4-4ubuntu3.15 libnss-mymachines - 245.4-4ubuntu3.15 libnss-resolve - 245.4-4ubuntu3.15 systemd-sysv - 245.4-4ubuntu3.15 udev - 245.4-4ubuntu3.15 libudev-dev - 245.4-4ubuntu3.15 No subscription required Medium CVE-2021-3997 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. (CVE-2021-23437) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-34552) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22815) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. (CVE-2022-22816) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22817) Update Instructions: Run `sudo pro fix USN-5227-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.5 python-pil-doc - 7.0.0-4ubuntu0.5 python3-pil - 7.0.0-4ubuntu0.5 No subscription required Medium CVE-2021-23437 CVE-2021-34552 CVE-2022-22815 CVE-2022-22816 CVE-2022-22817 Ubuntu 20.04 LTS USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. (CVE-2021-23437) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-34552) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22815) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. (CVE-2022-22816) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22817) Update Instructions: Run `sudo pro fix USN-5227-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.6 python-pil-doc - 7.0.0-4ubuntu0.6 python3-pil - 7.0.0-4ubuntu0.6 No subscription required Medium CVE-2022-22817 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information across domains, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5229-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 96.0+build2-0ubuntu0.20.04.1 firefox - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 96.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 96.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 96.0+build2-0ubuntu0.20.04.1 firefox-dev - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 96.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 96.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 CVE-2022-22752 Ubuntu 20.04 LTS It was discovered that App::cpanminus did not properly verify CHECKSUMS files. An attacker could possibly use this issue to bypass signature verification, gaining access to sensitive data or possibly executing unauthorized code. Update Instructions: Run `sudo pro fix USN-5230-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpanminus - 1.7044-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-16154 Ubuntu 20.04 LTS It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to discover if a certain LDAP DN existed or not. A remote unauthenticated attacker could possibly use this to check the existence of an entry in a LDAP database and expose sensitive information. This issue affected only Ubuntu 20.04 ESM. (CVE-2020-35518) It was discovered that 389 Directory Server was incorrectly validating data used to access memory addresses. An authenticated attacker using a Syncrepl client could use this issue with a specially crafted query to cause 389 Directory Server to crash, resulting in a denial of service. (CVE-2021-3514) Update Instructions: Run `sudo pro fix USN-5231-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: 389-ds-base - 1.4.3.6-2ubuntu0.1~esm1 cockpit-389-ds - 1.4.3.6-2ubuntu0.1~esm1 389-ds-base-libs - 1.4.3.6-2ubuntu0.1~esm1 python3-lib389 - 1.4.3.6-2ubuntu0.1~esm1 389-ds-base-dev - 1.4.3.6-2ubuntu0.1~esm1 389-ds - 1.4.3.6-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-35518 CVE-2021-3514 Ubuntu 20.04 LTS Jakub Żoczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain mail actions like 'mail-whois' on a target system, a remote attacker who was able to control whois responses to this target system could possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5232-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fail2ban - 0.11.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-32749 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5233-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.5+dfsg-1~20.04.1 clamav-testfiles - 0.103.5+dfsg-1~20.04.1 clamav-base - 0.103.5+dfsg-1~20.04.1 clamav - 0.103.5+dfsg-1~20.04.1 clamav-daemon - 0.103.5+dfsg-1~20.04.1 clamav-milter - 0.103.5+dfsg-1~20.04.1 clamav-docs - 0.103.5+dfsg-1~20.04.1 clamav-freshclam - 0.103.5+dfsg-1~20.04.1 libclamav9 - 0.103.5+dfsg-1~20.04.1 clamdscan - 0.103.5+dfsg-1~20.04.1 No subscription required Medium CVE-2022-20698 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. (CVE-2021-41816) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service. (CVE-2021-41817) It was discovered that Ruby incorrectly handled certain cookie names. An attacker could possibly use this issue to access or expose sensitive information. (CVE-2021-41819) Update Instructions: Run `sudo pro fix USN-5235-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.6 ruby2.7-doc - 2.7.0-5ubuntu1.6 libruby2.7 - 2.7.0-5ubuntu1.6 ruby2.7-dev - 2.7.0-5ubuntu1.6 No subscription required Medium CVE-2021-41816 CVE-2021-41817 CVE-2021-41819 Ubuntu 20.04 LTS It was discovered that MediaInfoLib incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-26797) It was discovered that MediaInfoLib incorrectly handled certain specially crafted MpegPs files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-15395) Update Instructions: Run `sudo pro fix USN-5237-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmediainfo-dev - 19.09+dfsg-2ubuntu0.1~esm1 python3-mediainfodll - 19.09+dfsg-2ubuntu0.1~esm1 libmediainfo0v5 - 19.09+dfsg-2ubuntu0.1~esm1 libmediainfo-doc - 19.09+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-15395 CVE-2020-26797 Ubuntu 20.04 LTS It was discovered that PostgreSQL JDBC Driver incorrectly handled certain requests from external entities. A remote attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5238-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpostgresql-jdbc-java - 42.2.10-1ubuntu0.1~esm1 libpostgresql-jdbc-java-doc - 42.2.10-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13692 Ubuntu 20.04 LTS It was discovered that HttpClient mishandled certain input. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5239-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhttpmime-java - 4.5.11-1ubuntu0.1~esm1 libhttpclient-java - 4.5.11-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13956 Ubuntu 20.04 LTS William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5240-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.10.0-1057-oem - 5.10.0-1057.61 linux-tools-5.10.0-1057-oem - 5.10.0-1057.61 linux-modules-5.10.0-1057-oem - 5.10.0-1057.61 linux-image-5.10.0-1057-oem - 5.10.0-1057.61 linux-image-unsigned-5.10.0-1057-oem - 5.10.0-1057.61 linux-oem-5.10-headers-5.10.0-1057 - 5.10.0-1057.61 linux-oem-5.10-tools-5.10.0-1057 - 5.10.0-1057.61 linux-headers-5.10.0-1057-oem - 5.10.0-1057.61 linux-oem-5.10-tools-host - 5.10.0-1057.61 No subscription required linux-headers-oem-20.04 - 5.10.0.1057.57 linux-oem-20.04-edge - 5.10.0.1057.57 linux-oem-20.04 - 5.10.0.1057.57 linux-tools-oem-20.04b - 5.10.0.1057.57 linux-image-oem-20.04b - 5.10.0.1057.57 linux-tools-oem-20.04-edge - 5.10.0.1057.57 linux-oem-20.04b - 5.10.0.1057.57 linux-tools-oem-20.04 - 5.10.0.1057.57 linux-headers-oem-20.04b - 5.10.0.1057.57 linux-image-oem-20.04-edge - 5.10.0.1057.57 linux-image-oem-20.04 - 5.10.0.1057.57 linux-headers-oem-20.04-edge - 5.10.0.1057.57 No subscription required linux-image-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-modules-extra-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-tools-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-aws-5.11-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-headers-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-cloud-tools-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-modules-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-image-unsigned-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-headers-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-aws-5.11-headers-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-azure-5.11-cloud-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-tools-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-image-unsigned-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-buildinfo-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-modules-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-modules-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-buildinfo-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-tools-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-image-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-headers-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-modules-extra-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-azure-5.11-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-cloud-tools-5.11.0-1027-aws - 5.11.0-1027.30~20.04.1 linux-modules-extra-5.11.0-1027-oracle - 5.11.0-1027.30~20.04.1 linux-azure-5.11-headers-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-oracle-5.11-headers-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-image-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-buildinfo-5.11.0-1027-azure - 5.11.0-1027.30~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 linux-oracle-5.11-tools-5.11.0-1027 - 5.11.0-1027.30~20.04.1 No subscription required linux-gcp-5.11-headers-5.11.0-1028 - 5.11.0-1028.32~20.04.1 linux-image-unsigned-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-headers-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-buildinfo-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-image-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-modules-extra-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-modules-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 linux-gcp-5.11-tools-5.11.0-1028 - 5.11.0-1028.32~20.04.1 linux-tools-5.11.0-1028-gcp - 5.11.0-1028.32~20.04.1 No subscription required linux-headers-oracle - 5.11.0.1027.30~20.04.19 linux-tools-oracle - 5.11.0.1027.30~20.04.19 linux-image-oracle - 5.11.0.1027.30~20.04.19 linux-oracle - 5.11.0.1027.30~20.04.19 No subscription required linux-cloud-tools-azure - 5.11.0.1027.30~20.04.25 linux-image-aws - 5.11.0.1027.30~20.04.25 linux-azure - 5.11.0.1027.30~20.04.25 linux-image-azure - 5.11.0.1027.30~20.04.25 linux-headers-azure - 5.11.0.1027.30~20.04.25 linux-headers-aws - 5.11.0.1027.30~20.04.25 linux-tools-aws - 5.11.0.1027.30~20.04.25 linux-modules-extra-aws - 5.11.0.1027.30~20.04.25 linux-tools-azure - 5.11.0.1027.30~20.04.25 linux-modules-extra-azure - 5.11.0.1027.30~20.04.25 linux-aws - 5.11.0.1027.30~20.04.25 No subscription required linux-modules-extra-gcp - 5.11.0.1028.32~20.04.26 linux-gcp - 5.11.0.1028.32~20.04.26 linux-image-gcp - 5.11.0.1028.32~20.04.26 linux-tools-gcp - 5.11.0.1028.32~20.04.26 linux-headers-gcp - 5.11.0.1028.32~20.04.26 No subscription required linux-oem-5.13-headers-5.13.0-1028 - 5.13.0-1028.35 linux-oem-5.13-tools-5.13.0-1028 - 5.13.0-1028.35 linux-image-unsigned-5.13.0-1028-oem - 5.13.0-1028.35 linux-buildinfo-5.13.0-1028-oem - 5.13.0-1028.35 linux-modules-5.13.0-1028-oem - 5.13.0-1028.35 linux-oem-5.13-tools-host - 5.13.0-1028.35 linux-headers-5.13.0-1028-oem - 5.13.0-1028.35 linux-tools-5.13.0-1028-oem - 5.13.0-1028.35 linux-image-5.13.0-1028-oem - 5.13.0-1028.35 No subscription required linux-tools-oem-20.04c - 5.13.0.1028.30 linux-image-oem-20.04c - 5.13.0.1028.30 linux-oem-20.04c - 5.13.0.1028.30 linux-headers-oem-20.04c - 5.13.0.1028.30 No subscription required linux-headers-5.14.0-1020-oem - 5.14.0-1020.22 linux-modules-5.14.0-1020-oem - 5.14.0-1020.22 linux-image-5.14.0-1020-oem - 5.14.0-1020.22 linux-oem-5.14-tools-host - 5.14.0-1020.22 linux-oem-5.14-headers-5.14.0-1020 - 5.14.0-1020.22 linux-oem-5.14-tools-5.14.0-1020 - 5.14.0-1020.22 linux-tools-5.14.0-1020-oem - 5.14.0-1020.22 linux-buildinfo-5.14.0-1020-oem - 5.14.0-1020.22 linux-image-unsigned-5.14.0-1020-oem - 5.14.0-1020.22 No subscription required linux-tools-oem-20.04d - 5.14.0.1020.17 linux-image-oem-20.04d - 5.14.0.1020.17 linux-oem-20.04d - 5.14.0.1020.17 linux-headers-oem-20.04d - 5.14.0.1020.17 No subscription required linux-ibm-tools-5.4.0-1012 - 5.4.0-1012.13 linux-ibm-headers-5.4.0-1012 - 5.4.0-1012.13 linux-headers-5.4.0-1012-ibm - 5.4.0-1012.13 linux-ibm-cloud-tools-common - 5.4.0-1012.13 linux-ibm-tools-common - 5.4.0-1012.13 linux-ibm-source-5.4.0 - 5.4.0-1012.13 linux-modules-5.4.0-1012-ibm - 5.4.0-1012.13 linux-buildinfo-5.4.0-1012-ibm - 5.4.0-1012.13 linux-modules-extra-5.4.0-1012-ibm - 5.4.0-1012.13 linux-tools-5.4.0-1012-ibm - 5.4.0-1012.13 linux-image-5.4.0-1012-ibm - 5.4.0-1012.13 linux-image-unsigned-5.4.0-1012-ibm - 5.4.0-1012.13 No subscription required linux-bluefield-headers-5.4.0-1025 - 5.4.0-1025.28 linux-image-unsigned-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-headers-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-modules-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-bluefield-tools-5.4.0-1025 - 5.4.0-1025.28 linux-image-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-buildinfo-5.4.0-1025-bluefield - 5.4.0-1025.28 linux-tools-5.4.0-1025-bluefield - 5.4.0-1025.28 No subscription required linux-gkeop-headers-5.4.0-1031 - 5.4.0-1031.32 linux-headers-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-image-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-buildinfo-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-image-unsigned-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-gkeop-tools-5.4.0-1031 - 5.4.0-1031.32 linux-tools-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-modules-extra-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-gkeop-cloud-tools-5.4.0-1031 - 5.4.0-1031.32 linux-modules-5.4.0-1031-gkeop - 5.4.0-1031.32 linux-gkeop-source-5.4.0 - 5.4.0-1031.32 linux-cloud-tools-5.4.0-1031-gkeop - 5.4.0-1031.32 No subscription required linux-headers-5.4.0-1050-raspi - 5.4.0-1050.56 linux-image-5.4.0-1050-raspi - 5.4.0-1050.56 linux-raspi-tools-5.4.0-1050 - 5.4.0-1050.56 linux-raspi-headers-5.4.0-1050 - 5.4.0-1050.56 linux-modules-5.4.0-1050-raspi - 5.4.0-1050.56 linux-tools-5.4.0-1050-raspi - 5.4.0-1050.56 linux-buildinfo-5.4.0-1050-raspi - 5.4.0-1050.56 No subscription required linux-image-5.4.0-1053-kvm - 5.4.0-1053.55 linux-headers-5.4.0-1053-kvm - 5.4.0-1053.55 linux-tools-5.4.0-1053-kvm - 5.4.0-1053.55 linux-image-unsigned-5.4.0-1053-kvm - 5.4.0-1053.55 linux-buildinfo-5.4.0-1053-kvm - 5.4.0-1053.55 linux-kvm-tools-5.4.0-1053 - 5.4.0-1053.55 linux-modules-5.4.0-1053-kvm - 5.4.0-1053.55 linux-kvm-headers-5.4.0-1053 - 5.4.0-1053.55 No subscription required linux-image-5.4.0-1059-gke - 5.4.0-1059.62 linux-modules-extra-5.4.0-1059-gke - 5.4.0-1059.62 linux-headers-5.4.0-1059-gke - 5.4.0-1059.62 linux-buildinfo-5.4.0-1059-gke - 5.4.0-1059.62 linux-image-unsigned-5.4.0-1059-gke - 5.4.0-1059.62 linux-tools-5.4.0-1059-gke - 5.4.0-1059.62 linux-modules-5.4.0-1059-gke - 5.4.0-1059.62 linux-gke-headers-5.4.0-1059 - 5.4.0-1059.62 linux-gke-tools-5.4.0-1059 - 5.4.0-1059.62 No subscription required linux-buildinfo-5.4.0-1061-oracle - 5.4.0-1061.65 linux-image-unsigned-5.4.0-1061-oracle - 5.4.0-1061.65 linux-modules-5.4.0-1061-oracle - 5.4.0-1061.65 linux-image-5.4.0-1061-oracle - 5.4.0-1061.65 linux-modules-extra-5.4.0-1061-oracle - 5.4.0-1061.65 linux-tools-5.4.0-1061-oracle - 5.4.0-1061.65 linux-oracle-tools-5.4.0-1061 - 5.4.0-1061.65 linux-headers-5.4.0-1061-oracle - 5.4.0-1061.65 linux-oracle-headers-5.4.0-1061 - 5.4.0-1061.65 No subscription required linux-headers-5.4.0-1062-gcp - 5.4.0-1062.66 linux-buildinfo-5.4.0-1062-gcp - 5.4.0-1062.66 linux-image-unsigned-5.4.0-1062-gcp - 5.4.0-1062.66 linux-image-5.4.0-1062-gcp - 5.4.0-1062.66 linux-tools-5.4.0-1062-gcp - 5.4.0-1062.66 linux-gcp-headers-5.4.0-1062 - 5.4.0-1062.66 linux-modules-5.4.0-1062-gcp - 5.4.0-1062.66 linux-gcp-tools-5.4.0-1062 - 5.4.0-1062.66 linux-modules-extra-5.4.0-1062-gcp - 5.4.0-1062.66 No subscription required linux-buildinfo-5.4.0-1063-aws - 5.4.0-1063.66 linux-aws-tools-5.4.0-1063 - 5.4.0-1063.66 linux-cloud-tools-5.4.0-1063-aws - 5.4.0-1063.66 linux-image-unsigned-5.4.0-1063-aws - 5.4.0-1063.66 linux-modules-extra-5.4.0-1063-aws - 5.4.0-1063.66 linux-aws-headers-5.4.0-1063 - 5.4.0-1063.66 linux-modules-5.4.0-1063-aws - 5.4.0-1063.66 linux-tools-5.4.0-1063-aws - 5.4.0-1063.66 linux-aws-cloud-tools-5.4.0-1063 - 5.4.0-1063.66 linux-headers-5.4.0-1063-aws - 5.4.0-1063.66 No subscription required linux-headers-5.4.0-1067-azure - 5.4.0-1067.70 linux-azure-headers-5.4.0-1067 - 5.4.0-1067.70 linux-azure-cloud-tools-5.4.0-1067 - 5.4.0-1067.70 linux-modules-5.4.0-1067-azure - 5.4.0-1067.70 linux-image-unsigned-5.4.0-1067-azure - 5.4.0-1067.70 linux-azure-tools-5.4.0-1067 - 5.4.0-1067.70 linux-modules-extra-5.4.0-1067-azure - 5.4.0-1067.70 linux-image-5.4.0-1067-azure - 5.4.0-1067.70 linux-tools-5.4.0-1067-azure - 5.4.0-1067.70 linux-buildinfo-5.4.0-1067-azure - 5.4.0-1067.70 linux-cloud-tools-5.4.0-1067-azure - 5.4.0-1067.70 No subscription required linux-modules-5.4.0-96-lowlatency - 5.4.0-96.109 linux-tools-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-headers-5.4.0-96-lowlatency - 5.4.0-96.109 linux-cloud-tools-5.4.0-96-lowlatency - 5.4.0-96.109 linux-source-5.4.0 - 5.4.0-96.109 linux-headers-5.4.0-96-generic - 5.4.0-96.109 linux-headers-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-cloud-tools-common - 5.4.0-96.109 linux-image-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-tools-5.4.0-96-lowlatency - 5.4.0-96.109 linux-buildinfo-5.4.0-96-lowlatency - 5.4.0-96.109 linux-cloud-tools-5.4.0-96-generic - 5.4.0-96.109 linux-modules-5.4.0-96-generic - 5.4.0-96.109 linux-modules-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-buildinfo-5.4.0-96-generic - 5.4.0-96.109 linux-image-unsigned-5.4.0-96-lowlatency - 5.4.0-96.109 linux-libc-dev - 5.4.0-96.109 linux-tools-5.4.0-96 - 5.4.0-96.109 linux-modules-extra-5.4.0-96-generic - 5.4.0-96.109 linux-buildinfo-5.4.0-96-generic-lpae - 5.4.0-96.109 linux-image-5.4.0-96-lowlatency - 5.4.0-96.109 linux-tools-host - 5.4.0-96.109 linux-headers-5.4.0-96 - 5.4.0-96.109 linux-tools-common - 5.4.0-96.109 linux-doc - 5.4.0-96.109 linux-image-5.4.0-96-generic - 5.4.0-96.109 linux-tools-5.4.0-96-generic - 5.4.0-96.109 linux-cloud-tools-5.4.0-96 - 5.4.0-96.109 linux-image-unsigned-5.4.0-96-generic - 5.4.0-96.109 No subscription required linux-tools-ibm - 5.4.0.1012.13 linux-image-ibm-lts-20.04 - 5.4.0.1012.13 linux-tools-ibm-lts-20.04 - 5.4.0.1012.13 linux-ibm-lts-20.04 - 5.4.0.1012.13 linux-image-ibm - 5.4.0.1012.13 linux-ibm - 5.4.0.1012.13 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1012.13 linux-headers-ibm - 5.4.0.1012.13 linux-headers-ibm-lts-20.04 - 5.4.0.1012.13 linux-modules-extra-ibm - 5.4.0.1012.13 No subscription required linux-headers-bluefield - 5.4.0.1025.26 linux-bluefield - 5.4.0.1025.26 linux-image-bluefield - 5.4.0.1025.26 linux-tools-bluefield - 5.4.0.1025.26 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1031.34 linux-image-gkeop - 5.4.0.1031.34 linux-headers-gkeop-5.4 - 5.4.0.1031.34 linux-image-gkeop-5.4 - 5.4.0.1031.34 linux-modules-extra-gkeop - 5.4.0.1031.34 linux-tools-gkeop-5.4 - 5.4.0.1031.34 linux-headers-gkeop - 5.4.0.1031.34 linux-tools-gkeop - 5.4.0.1031.34 linux-gkeop-5.4 - 5.4.0.1031.34 linux-cloud-tools-gkeop - 5.4.0.1031.34 linux-modules-extra-gkeop-5.4 - 5.4.0.1031.34 linux-gkeop - 5.4.0.1031.34 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-image-raspi-hwe-18.04 - 5.4.0.1050.84 linux-headers-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-headers-raspi - 5.4.0.1050.84 linux-tools-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-image-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-headers-raspi2 - 5.4.0.1050.84 linux-raspi-hwe-18.04 - 5.4.0.1050.84 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-raspi-hwe-18.04-edge - 5.4.0.1050.84 linux-tools-raspi2 - 5.4.0.1050.84 linux-raspi2 - 5.4.0.1050.84 linux-image-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi - 5.4.0.1050.84 linux-raspi2-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi-hwe-18.04 - 5.4.0.1050.84 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-image-raspi - 5.4.0.1050.84 linux-raspi - 5.4.0.1050.84 linux-headers-raspi-hwe-18.04 - 5.4.0.1050.84 linux-raspi2-hwe-18.04-edge - 5.4.0.1050.84 linux-image-raspi2 - 5.4.0.1050.84 No subscription required linux-kvm - 5.4.0.1053.52 linux-image-kvm - 5.4.0.1053.52 linux-tools-kvm - 5.4.0.1053.52 linux-headers-kvm - 5.4.0.1053.52 No subscription required linux-tools-gke-5.4 - 5.4.0.1059.69 linux-tools-gke - 5.4.0.1059.69 linux-headers-gke-5.4 - 5.4.0.1059.69 linux-modules-extra-gke-5.4 - 5.4.0.1059.69 linux-image-gke-5.4 - 5.4.0.1059.69 linux-gke - 5.4.0.1059.69 linux-gke-5.4 - 5.4.0.1059.69 linux-image-gke - 5.4.0.1059.69 linux-headers-gke - 5.4.0.1059.69 linux-modules-extra-gke - 5.4.0.1059.69 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1061.61 linux-headers-oracle-lts-20.04 - 5.4.0.1061.61 linux-tools-oracle-lts-20.04 - 5.4.0.1061.61 linux-oracle-lts-20.04 - 5.4.0.1061.61 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1062.72 linux-gcp-lts-20.04 - 5.4.0.1062.72 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1062.72 linux-headers-gcp-lts-20.04 - 5.4.0.1062.72 linux-image-gcp-lts-20.04 - 5.4.0.1062.72 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1063.65 linux-aws-lts-20.04 - 5.4.0.1063.65 linux-modules-extra-aws-lts-20.04 - 5.4.0.1063.65 linux-tools-aws-lts-20.04 - 5.4.0.1063.65 linux-image-aws-lts-20.04 - 5.4.0.1063.65 No subscription required linux-azure-lts-20.04 - 5.4.0.1067.65 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1067.65 linux-tools-azure-lts-20.04 - 5.4.0.1067.65 linux-headers-azure-lts-20.04 - 5.4.0.1067.65 linux-image-azure-lts-20.04 - 5.4.0.1067.65 linux-modules-extra-azure-lts-20.04 - 5.4.0.1067.65 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-image-virtual - 5.4.0.96.100 linux-tools-lowlatency - 5.4.0.96.100 linux-tools-virtual-hwe-18.04 - 5.4.0.96.100 linux-headers-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-headers-generic-hwe-18.04 - 5.4.0.96.100 linux-source - 5.4.0.96.100 linux-cloud-tools-generic - 5.4.0.96.100 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-generic - 5.4.0.96.100 linux-generic-hwe-18.04-edge - 5.4.0.96.100 linux-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-headers-generic-hwe-18.04-edge - 5.4.0.96.100 linux-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-image-lowlatency - 5.4.0.96.100 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.96.100 linux-image-oem-osp1 - 5.4.0.96.100 linux-crashdump - 5.4.0.96.100 linux-headers-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-headers-virtual-hwe-18.04 - 5.4.0.96.100 linux-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-generic-lpae - 5.4.0.96.100 linux-tools-oem-osp1 - 5.4.0.96.100 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-hwe-18.04-edge - 5.4.0.96.100 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-oem - 5.4.0.96.100 linux-image-extra-virtual - 5.4.0.96.100 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-headers-virtual - 5.4.0.96.100 linux-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-lpae - 5.4.0.96.100 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.96.100 linux-image-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-image-generic-hwe-18.04 - 5.4.0.96.100 linux-image-oem - 5.4.0.96.100 linux-tools-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-lowlatency - 5.4.0.96.100 linux-tools-virtual - 5.4.0.96.100 linux-virtual - 5.4.0.96.100 linux-tools-generic - 5.4.0.96.100 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.96.100 linux-headers-oem - 5.4.0.96.100 linux-tools-generic-hwe-18.04-edge - 5.4.0.96.100 linux-image-virtual-hwe-18.04 - 5.4.0.96.100 linux-oem-tools-host - 5.4.0.96.100 linux-headers-lowlatency - 5.4.0.96.100 linux-tools-virtual-hwe-18.04-edge - 5.4.0.96.100 linux-oem-osp1 - 5.4.0.96.100 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-image-lowlatency-hwe-18.04 - 5.4.0.96.100 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-cloud-tools-virtual - 5.4.0.96.100 linux-headers-generic-lpae - 5.4.0.96.100 linux-oem-osp1-tools-host - 5.4.0.96.100 linux-image-generic - 5.4.0.96.100 linux-image-extra-virtual-hwe-18.04 - 5.4.0.96.100 linux-tools-generic-lpae - 5.4.0.96.100 linux-virtual-hwe-18.04 - 5.4.0.96.100 linux-tools-oem - 5.4.0.96.100 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.96.100 linux-cloud-tools-lowlatency - 5.4.0.96.100 linux-headers-oem-osp1 - 5.4.0.96.100 linux-headers-generic - 5.4.0.96.100 linux-generic-hwe-18.04 - 5.4.0.96.100 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.96.100 linux-tools-generic-hwe-18.04 - 5.4.0.96.100 No subscription required High CVE-2022-0185 Ubuntu 20.04 LTS David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5243-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aide-dynamic - 0.16.1-1ubuntu0.1 aide-common - 0.16.1-1ubuntu0.1 aide-xen - 0.16.1-1ubuntu0.1 aide - 0.16.1-1ubuntu0.1 No subscription required Medium CVE-2021-45417 Ubuntu 20.04 LTS USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5244-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dbus-1-doc - 1.12.16-2ubuntu2.2 dbus - 1.12.16-2ubuntu2.2 libdbus-1-dev - 1.12.16-2ubuntu2.2 dbus-user-session - 1.12.16-2ubuntu2.2 dbus-x11 - 1.12.16-2ubuntu2.2 dbus-tests - 1.12.16-2ubuntu2.2 libdbus-1-3 - 1.12.16-2ubuntu2.2 No subscription required Low CVE-2020-35512 Ubuntu 20.04 LTS It was discovered that Apache Maven followed repositories that are defined in a dependency's Project Object Model (pom) even if the repositories weren't encrypted (http protocol). An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service. Update Instructions: Run `sudo pro fix USN-5245-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: maven - 3.6.3-1ubuntu0.1~esm1 libmaven3-core-java - 3.6.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-26291 Ubuntu 20.04 LTS It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-3973) It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-3974) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-3984) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-4019) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.(CVE-2021-4069) Update Instructions: Run `sudo pro fix USN-5247-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.6 vim-athena - 2:8.1.2269-1ubuntu5.6 xxd - 2:8.1.2269-1ubuntu5.6 vim-gtk - 2:8.1.2269-1ubuntu5.6 vim-gui-common - 2:8.1.2269-1ubuntu5.6 vim - 2:8.1.2269-1ubuntu5.6 vim-doc - 2:8.1.2269-1ubuntu5.6 vim-tiny - 2:8.1.2269-1ubuntu5.6 vim-runtime - 2:8.1.2269-1ubuntu5.6 vim-gtk3 - 2:8.1.2269-1ubuntu5.6 vim-nox - 2:8.1.2269-1ubuntu5.6 No subscription required Medium CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code. (CVE-2021-4129, CVE-2021-4140, CVE-2021-29981, CVE-2021-29982, CVE-2021-29987, CVE-2021-29991, CVE-2021-38495, CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-38500, CVE-2021-38501, CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, CVE-2021-43534, CVE-2021-43535, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43656, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751) It was discovered that Thunderbird ignored the configuration to require STARTTLS for an SMTP connection. A person-in-the-middle could potentially exploit this to perform a downgrade attack in order to intercept messages or take control of a session. (CVE-2021-38502) It was discovered that JavaScript was unexpectedly enabled in the composition area. An attacker could potentially exploit this in combination with another vulnerability, with unspecified impacts. (CVE-2021-43528) A buffer overflow was discovered in the Matrix chat library bundled with Thunderbird. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-44538) It was discovered that Thunderbird's OpenPGP integration only considered the inner signed message when checking signature validity in a message that contains an additional outer MIME layer. An attacker could potentially exploit this to trick the user into thinking that a message has a valid signature. (CVE-2021-4126) Update Instructions: Run `sudo pro fix USN-5248-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.5.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.5.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.5.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.5.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-4126 CVE-2021-4129 CVE-2021-4140 CVE-2021-29981 CVE-2021-29982 CVE-2021-29987 CVE-2021-29991 CVE-2021-38495 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 CVE-2021-38502 CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-43528 CVE-2021-43534 CVE-2021-43535 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 CVE-2021-44538 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751 Ubuntu 20.04 LTS It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service. Update Instructions: Run `sudo pro fix USN-5249-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: usbview - 2.0-21-g6fe2f4f-2ubuntu0.20.04.1 No subscription required High CVE-2022-23220 Ubuntu 20.04 LTS Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication. Update Instructions: Run `sudo pro fix USN-5250-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.4 strongswan-scepclient - 5.8.2-1ubuntu3.4 libcharon-extra-plugins - 5.8.2-1ubuntu3.4 libcharon-standard-plugins - 5.8.2-1ubuntu3.4 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.4 strongswan-charon - 5.8.2-1ubuntu3.4 libstrongswan - 5.8.2-1ubuntu3.4 strongswan-swanctl - 5.8.2-1ubuntu3.4 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.4 strongswan-starter - 5.8.2-1ubuntu3.4 libcharon-extauth-plugins - 5.8.2-1ubuntu3.4 charon-systemd - 5.8.2-1ubuntu3.4 strongswan - 5.8.2-1ubuntu3.4 strongswan-tnc-server - 5.8.2-1ubuntu3.4 strongswan-tnc-client - 5.8.2-1ubuntu3.4 strongswan-tnc-base - 5.8.2-1ubuntu3.4 charon-cmd - 5.8.2-1ubuntu3.4 strongswan-libcharon - 5.8.2-1ubuntu3.4 strongswan-pki - 5.8.2-1ubuntu3.4 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.4 strongswan-tnc-pdp - 5.8.2-1ubuntu3.4 No subscription required High CVE-2021-45079 Ubuntu 20.04 LTS It was discovered that GEGL incorrectly filtered and escaped file path input data when using the C system() function for execution of the ImageMagick convert command. An attacker could possibly use this to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5251-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgegl-dev - 0.4.22-3ubuntu0.1~esm1 gir1.2-gegl-0.4 - 0.4.22-3ubuntu0.1~esm1 gegl - 0.4.22-3ubuntu0.1~esm1 libgegl-doc - 0.4.22-3ubuntu0.1~esm1 libgegl-common - 0.4.22-3ubuntu0.1~esm1 libgegl-0.4-0 - 0.4.22-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-45463 Ubuntu 20.04 LTS It was discovered that the PolicyKit pkexec tool incorrectly handled command-line arguments. A local attacker could use this issue to escalate privileges to an administrator. Update Instructions: Run `sudo pro fix USN-5252-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: policykit-1-doc - 0.105-26ubuntu1.2 libpolkit-gobject-1-dev - 0.105-26ubuntu1.2 libpolkit-agent-1-0 - 0.105-26ubuntu1.2 libpolkit-agent-1-dev - 0.105-26ubuntu1.2 policykit-1 - 0.105-26ubuntu1.2 gir1.2-polkit-1.0 - 0.105-26ubuntu1.2 libpolkit-gobject-1-0 - 0.105-26ubuntu1.2 No subscription required High CVE-2021-4034 Ubuntu 20.04 LTS It was discovered that Rack insecurely handled session ids. An unauthenticated remote attacker could possibly use this issue to perform a timing attack and hijack sessions. (CVE-2019-16782) It was discovered that Rack was incorrectly handling cookies during parsing, not validating them or performing the necessary integrity checks. An attacker could possibly use this issue to overwrite existing cookie data and gain control over a remote system's behaviour. This issue only affected Ubuntu 14.04 ESM. (CVE-2020-8184) It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2022-30122) It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application. This issue was only fixed in Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2022-30123) Update Instructions: Run `sudo pro fix USN-5253-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-16782 CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5255-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984 Ubuntu 20.04 LTS USN-5256-1 fixed several vulnerabilities in uriparser. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. Original advisory details: It was discovered that uriparser incorrectly handled certain memory operations. An attacker could use this to cause a denial of service. (CVE-2021-46141, CVE-2021-46142) Update Instructions: Run `sudo pro fix USN-5256-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liburiparser-doc - 0.9.3-2ubuntu0.1~esm2 liburiparser-dev - 0.9.3-2ubuntu0.1~esm2 liburiparser1 - 0.9.3-2ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-46141 CVE-2021-46142 Ubuntu 20.04 LTS USN-5257-1 fixed several vulnerabilities in ldns. This update provides the corresponding update for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. Original advisory details: It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-19860, CVE-2020-19861) Update Instructions: Run `sudo pro fix USN-5257-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldns-dev - 1.7.0-4.1ubuntu1+esm1 libldns2 - 1.7.0-4.1ubuntu1+esm1 python3-ldns - 1.7.0-4.1ubuntu1+esm1 ldnsutils - 1.7.0-4.1ubuntu1+esm1 python-ldns - 1.7.0-4.1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-19860 CVE-2020-19861 Ubuntu 20.04 LTS Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. (CVE-2021-40516) Stuart Nevans Locke discovered that WeeChat insecurely handled certain IRC messages. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-9760) Stuart Nevans Locke discovered that WeeChat insecurely handled certain IRC messages. A remote unauthenticated attacker could possibly use these issues to cause denial of service in a client. These issues only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-9759, CVE-2020-8955) Joseph Bisch discovered that WeeChat's logger incorrectly handled certain memory operations when handling log file names. A remote attacker could possibly use this issue to cause denial of service in a client. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-14727) Update Instructions: Run `sudo pro fix USN-5258-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: weechat-python - 2.8-1ubuntu0.1~esm1 weechat-dev - 2.8-1ubuntu0.1~esm1 weechat-plugins - 2.8-1ubuntu0.1~esm1 weechat-guile - 2.8-1ubuntu0.1~esm1 weechat-core - 2.8-1ubuntu0.1~esm1 weechat-tcl - 2.8-1ubuntu0.1~esm1 weechat-ruby - 2.8-1ubuntu0.1~esm1 weechat-curses - 2.8-1ubuntu0.1~esm1 weechat-doc - 2.8-1ubuntu0.1~esm1 weechat-php - 2.8-1ubuntu0.1~esm1 weechat-perl - 2.8-1ubuntu0.1~esm1 weechat - 2.8-1ubuntu0.1~esm1 weechat-lua - 2.8-1ubuntu0.1~esm1 weechat-headless - 2.8-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2017-14727 CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516 Ubuntu 20.04 LTS Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. (CVE-2021-44142) Michael Hanselmann discovered that Samba incorrectly created directories. In certain configurations, a remote attacker could possibly create a directory on the server outside of the shared directory. (CVE-2021-43566) Kees van Vloten discovered that Samba incorrectly handled certain aliased SPN checks. A remote attacker could possibly use this issue to impersonate services. (CVE-2022-0336) Update Instructions: Run `sudo pro fix USN-5260-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-winbind - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-testsuite - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba - 2:4.13.17~dfsg-0ubuntu0.21.04.1 registry-tools - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libpam-winbind - 2:4.13.17~dfsg-0ubuntu0.21.04.1 winbind - 2:4.13.17~dfsg-0ubuntu0.21.04.1 smbclient - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libwbclient0 - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-common-bin - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libsmbclient - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-dev - 2:4.13.17~dfsg-0ubuntu0.21.04.1 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-common - 2:4.13.17~dfsg-0ubuntu0.21.04.1 ctdb - 2:4.13.17~dfsg-0ubuntu0.21.04.1 samba-libs - 2:4.13.17~dfsg-0ubuntu0.21.04.1 python3-samba - 2:4.13.17~dfsg-0ubuntu0.21.04.1 No subscription required High CVE-2021-43566 CVE-2021-44142 CVE-2022-0336 Ubuntu 20.04 LTS Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-27820) It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) Felix Wilhelm discovered that the KVM implementation in the Linux kernel did not properly handle exit events from AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES) guest VMs. An attacker in a guest VM could use this to cause a denial of service (host kernel crash) or possibly execute arbitrary code in the host kernel. (CVE-2021-4093) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5265-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-image-unsigned-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-modules-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-headers-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-buildinfo-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-modules-extra-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-oracle-5.11-headers-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-oracle-5.11-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-image-unsigned-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-cloud-tools-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-buildinfo-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-aws-5.11-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-image-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-tools-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-modules-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-tools-5.11.0-1028-oracle - 5.11.0-1028.31~20.04.1 linux-headers-5.11.0-1028-aws - 5.11.0-1028.31~20.04.1 linux-aws-5.11-cloud-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.1 linux-aws-5.11-headers-5.11.0-1028 - 5.11.0-1028.31~20.04.1 No subscription required linux-headers-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-azure-5.11-cloud-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.2 linux-buildinfo-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-azure-5.11-headers-5.11.0-1028 - 5.11.0-1028.31~20.04.2 linux-image-unsigned-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-modules-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-modules-extra-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-tools-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-image-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 linux-azure-5.11-tools-5.11.0-1028 - 5.11.0-1028.31~20.04.2 linux-cloud-tools-5.11.0-1028-azure - 5.11.0-1028.31~20.04.2 No subscription required linux-image-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-image-unsigned-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-gcp-5.11-headers-5.11.0-1029 - 5.11.0-1029.33~20.04.3 linux-tools-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-gcp-5.11-tools-5.11.0-1029 - 5.11.0-1029.33~20.04.3 linux-modules-extra-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-modules-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-buildinfo-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 linux-headers-5.11.0-1029-gcp - 5.11.0-1029.33~20.04.3 No subscription required linux-headers-oracle - 5.11.0.1028.31~20.04.20 linux-tools-oracle - 5.11.0.1028.31~20.04.20 linux-image-oracle - 5.11.0.1028.31~20.04.20 linux-oracle - 5.11.0.1028.31~20.04.20 No subscription required linux-cloud-tools-azure - 5.11.0.1028.31~20.04.26 linux-tools-azure - 5.11.0.1028.31~20.04.26 linux-headers-aws - 5.11.0.1028.31~20.04.26 linux-image-aws - 5.11.0.1028.31~20.04.26 linux-modules-extra-azure - 5.11.0.1028.31~20.04.26 linux-aws - 5.11.0.1028.31~20.04.26 linux-modules-extra-aws - 5.11.0.1028.31~20.04.26 linux-image-azure - 5.11.0.1028.31~20.04.26 linux-tools-aws - 5.11.0.1028.31~20.04.26 linux-azure - 5.11.0.1028.31~20.04.26 linux-headers-azure - 5.11.0.1028.31~20.04.26 No subscription required linux-tools-gcp - 5.11.0.1029.33~20.04.27 linux-gcp - 5.11.0.1029.33~20.04.27 linux-headers-gcp - 5.11.0.1029.33~20.04.27 linux-image-gcp - 5.11.0.1029.33~20.04.27 linux-modules-extra-gcp - 5.11.0.1029.33~20.04.27 No subscription required linux-headers-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-image-unsigned-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-cloud-tools-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-tools-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-aws-5.13-tools-5.13.0-1012 - 5.13.0-1012.13~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1012 - 5.13.0-1012.13~20.04.1 linux-aws-5.13-headers-5.13.0-1012 - 5.13.0-1012.13~20.04.1 linux-modules-extra-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-modules-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 linux-buildinfo-5.13.0-1012-aws - 5.13.0-1012.13~20.04.1 No subscription required linux-image-5.13.0-1029-oem - 5.13.0-1029.36 linux-oem-5.13-headers-5.13.0-1029 - 5.13.0-1029.36 linux-modules-5.13.0-1029-oem - 5.13.0-1029.36 linux-oem-5.13-tools-host - 5.13.0-1029.36 linux-image-unsigned-5.13.0-1029-oem - 5.13.0-1029.36 linux-buildinfo-5.13.0-1029-oem - 5.13.0-1029.36 linux-tools-5.13.0-1029-oem - 5.13.0-1029.36 linux-oem-5.13-tools-5.13.0-1029 - 5.13.0-1029.36 linux-headers-5.13.0-1029-oem - 5.13.0-1029.36 No subscription required linux-cloud-tools-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-28.31~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-cloud-tools-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-hwe-5.13-tools-5.13.0-28 - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-image-unsigned-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-hwe-5.13-headers-5.13.0-28 - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-image-unsigned-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-image-unsigned-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-28 - 5.13.0-28.31~20.04.1 linux-modules-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 linux-buildinfo-5.13.0-28-lowlatency - 5.13.0-28.31~20.04.1 linux-tools-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-image-5.13.0-28-generic-lpae - 5.13.0-28.31~20.04.1 linux-modules-extra-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-generic - 5.13.0-28.31~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-28.31~20.04.1 linux-headers-5.13.0-28-generic-64k - 5.13.0-28.31~20.04.1 No subscription required linux-modules-extra-aws-edge - 5.13.0.1012.13~20.04.4 linux-image-aws-edge - 5.13.0.1012.13~20.04.4 linux-aws-edge - 5.13.0.1012.13~20.04.4 linux-headers-aws-edge - 5.13.0.1012.13~20.04.4 linux-tools-aws-edge - 5.13.0.1012.13~20.04.4 No subscription required linux-tools-oem-20.04c - 5.13.0.1029.31 linux-image-oem-20.04c - 5.13.0.1029.31 linux-oem-20.04c - 5.13.0.1029.31 linux-headers-oem-20.04c - 5.13.0.1029.31 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-extra-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-headers-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-generic-lpae-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-virtual-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-generic-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-tools-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-lowlatency-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 linux-image-generic-64k-hwe-20.04 - 5.13.0.28.31~20.04.15 No subscription required Medium CVE-2020-27820 CVE-2021-3640 CVE-2021-3752 CVE-2021-3772 CVE-2021-4001 CVE-2021-4090 CVE-2021-4093 CVE-2021-4202 CVE-2021-42327 CVE-2021-42739 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5266-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1061-gke - 5.4.0-1061.64 linux-gke-tools-5.4.0-1061 - 5.4.0-1061.64 linux-gke-headers-5.4.0-1061 - 5.4.0-1061.64 linux-modules-5.4.0-1061-gke - 5.4.0-1061.64 linux-buildinfo-5.4.0-1061-gke - 5.4.0-1061.64 linux-headers-5.4.0-1061-gke - 5.4.0-1061.64 linux-modules-extra-5.4.0-1061-gke - 5.4.0-1061.64 linux-image-5.4.0-1061-gke - 5.4.0-1061.64 linux-tools-5.4.0-1061-gke - 5.4.0-1061.64 No subscription required linux-modules-extra-gke - 5.4.0.1061.71 linux-image-gke - 5.4.0.1061.71 linux-gke-5.4 - 5.4.0.1061.71 linux-headers-gke - 5.4.0.1061.71 linux-headers-gke-5.4 - 5.4.0.1061.71 linux-image-gke-5.4 - 5.4.0.1061.71 linux-tools-gke-5.4 - 5.4.0.1061.71 linux-modules-extra-gke-5.4 - 5.4.0.1061.71 linux-gke - 5.4.0.1061.71 linux-tools-gke - 5.4.0.1061.71 No subscription required High CVE-2021-22600 CVE-2021-42739 Ubuntu 20.04 LTS It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5267-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1013-ibm - 5.4.0-1013.14 linux-ibm-tools-5.4.0-1013 - 5.4.0-1013.14 linux-modules-5.4.0-1013-ibm - 5.4.0-1013.14 linux-image-5.4.0-1013-ibm - 5.4.0-1013.14 linux-ibm-headers-5.4.0-1013 - 5.4.0-1013.14 linux-ibm-source-5.4.0 - 5.4.0-1013.14 linux-ibm-tools-common - 5.4.0-1013.14 linux-image-unsigned-5.4.0-1013-ibm - 5.4.0-1013.14 linux-ibm-cloud-tools-common - 5.4.0-1013.14 linux-headers-5.4.0-1013-ibm - 5.4.0-1013.14 linux-tools-5.4.0-1013-ibm - 5.4.0-1013.14 linux-buildinfo-5.4.0-1013-ibm - 5.4.0-1013.14 No subscription required linux-bluefield-headers-5.4.0-1026 - 5.4.0-1026.29 linux-bluefield-tools-5.4.0-1026 - 5.4.0-1026.29 linux-modules-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-image-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-buildinfo-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-headers-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-image-unsigned-5.4.0-1026-bluefield - 5.4.0-1026.29 linux-tools-5.4.0-1026-bluefield - 5.4.0-1026.29 No subscription required linux-gkeop-tools-5.4.0-1032 - 5.4.0-1032.33 linux-gkeop-headers-5.4.0-1032 - 5.4.0-1032.33 linux-headers-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-buildinfo-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-cloud-tools-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-gkeop-source-5.4.0 - 5.4.0-1032.33 linux-image-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-modules-extra-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-image-unsigned-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-gkeop-cloud-tools-5.4.0-1032 - 5.4.0-1032.33 linux-modules-5.4.0-1032-gkeop - 5.4.0-1032.33 linux-tools-5.4.0-1032-gkeop - 5.4.0-1032.33 No subscription required linux-headers-5.4.0-1054-kvm - 5.4.0-1054.56 linux-image-unsigned-5.4.0-1054-kvm - 5.4.0-1054.56 linux-kvm-tools-5.4.0-1054 - 5.4.0-1054.56 linux-tools-5.4.0-1054-kvm - 5.4.0-1054.56 linux-buildinfo-5.4.0-1054-kvm - 5.4.0-1054.56 linux-modules-5.4.0-1054-kvm - 5.4.0-1054.56 linux-image-5.4.0-1054-kvm - 5.4.0-1054.56 linux-kvm-headers-5.4.0-1054 - 5.4.0-1054.56 No subscription required linux-oracle-tools-5.4.0-1062 - 5.4.0-1062.66 linux-oracle-headers-5.4.0-1062 - 5.4.0-1062.66 linux-headers-5.4.0-1062-oracle - 5.4.0-1062.66 linux-modules-5.4.0-1062-oracle - 5.4.0-1062.66 linux-image-unsigned-5.4.0-1062-oracle - 5.4.0-1062.66 linux-image-5.4.0-1062-oracle - 5.4.0-1062.66 linux-tools-5.4.0-1062-oracle - 5.4.0-1062.66 linux-buildinfo-5.4.0-1062-oracle - 5.4.0-1062.66 linux-modules-extra-5.4.0-1062-oracle - 5.4.0-1062.66 No subscription required linux-gcp-tools-5.4.0-1063 - 5.4.0-1063.67 linux-image-unsigned-5.4.0-1063-gcp - 5.4.0-1063.67 linux-tools-5.4.0-1063-gcp - 5.4.0-1063.67 linux-modules-extra-5.4.0-1063-gcp - 5.4.0-1063.67 linux-image-5.4.0-1063-gcp - 5.4.0-1063.67 linux-headers-5.4.0-1063-gcp - 5.4.0-1063.67 linux-buildinfo-5.4.0-1063-gcp - 5.4.0-1063.67 linux-modules-5.4.0-1063-gcp - 5.4.0-1063.67 linux-gcp-headers-5.4.0-1063 - 5.4.0-1063.67 No subscription required linux-image-unsigned-5.4.0-1064-aws - 5.4.0-1064.67 linux-aws-headers-5.4.0-1064 - 5.4.0-1064.67 linux-headers-5.4.0-1064-aws - 5.4.0-1064.67 linux-buildinfo-5.4.0-1064-aws - 5.4.0-1064.67 linux-image-5.4.0-1064-aws - 5.4.0-1064.67 linux-aws-tools-5.4.0-1064 - 5.4.0-1064.67 linux-cloud-tools-5.4.0-1064-aws - 5.4.0-1064.67 linux-modules-extra-5.4.0-1064-aws - 5.4.0-1064.67 linux-aws-cloud-tools-5.4.0-1064 - 5.4.0-1064.67 linux-tools-5.4.0-1064-aws - 5.4.0-1064.67 linux-modules-5.4.0-1064-aws - 5.4.0-1064.67 No subscription required linux-azure-tools-5.4.0-1068 - 5.4.0-1068.71 linux-azure-headers-5.4.0-1068 - 5.4.0-1068.71 linux-azure-cloud-tools-5.4.0-1068 - 5.4.0-1068.71 linux-modules-extra-5.4.0-1068-azure - 5.4.0-1068.71 linux-buildinfo-5.4.0-1068-azure - 5.4.0-1068.71 linux-modules-5.4.0-1068-azure - 5.4.0-1068.71 linux-headers-5.4.0-1068-azure - 5.4.0-1068.71 linux-tools-5.4.0-1068-azure - 5.4.0-1068.71 linux-image-5.4.0-1068-azure - 5.4.0-1068.71 linux-cloud-tools-5.4.0-1068-azure - 5.4.0-1068.71 linux-image-unsigned-5.4.0-1068-azure - 5.4.0-1068.71 No subscription required linux-tools-common - 5.4.0-97.110 linux-modules-5.4.0-97-generic - 5.4.0-97.110 linux-image-unsigned-5.4.0-97-generic - 5.4.0-97.110 linux-modules-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-headers-5.4.0-97-generic - 5.4.0-97.110 linux-tools-host - 5.4.0-97.110 linux-doc - 5.4.0-97.110 linux-headers-5.4.0-97 - 5.4.0-97.110 linux-headers-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-tools-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-libc-dev - 5.4.0-97.110 linux-cloud-tools-5.4.0-97-generic - 5.4.0-97.110 linux-tools-5.4.0-97-generic - 5.4.0-97.110 linux-image-5.4.0-97-lowlatency - 5.4.0-97.110 linux-cloud-tools-common - 5.4.0-97.110 linux-headers-5.4.0-97-lowlatency - 5.4.0-97.110 linux-image-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-buildinfo-5.4.0-97-generic-lpae - 5.4.0-97.110 linux-cloud-tools-5.4.0-97-lowlatency - 5.4.0-97.110 linux-buildinfo-5.4.0-97-generic - 5.4.0-97.110 linux-tools-5.4.0-97-lowlatency - 5.4.0-97.110 linux-image-unsigned-5.4.0-97-lowlatency - 5.4.0-97.110 linux-modules-extra-5.4.0-97-generic - 5.4.0-97.110 linux-source-5.4.0 - 5.4.0-97.110 linux-modules-5.4.0-97-lowlatency - 5.4.0-97.110 linux-cloud-tools-5.4.0-97 - 5.4.0-97.110 linux-buildinfo-5.4.0-97-lowlatency - 5.4.0-97.110 linux-image-5.4.0-97-generic - 5.4.0-97.110 linux-tools-5.4.0-97 - 5.4.0-97.110 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1013.14 linux-image-ibm - 5.4.0.1013.14 linux-headers-ibm-lts-20.04 - 5.4.0.1013.14 linux-tools-ibm - 5.4.0.1013.14 linux-headers-ibm - 5.4.0.1013.14 linux-modules-extra-ibm - 5.4.0.1013.14 linux-ibm-lts-20.04 - 5.4.0.1013.14 linux-image-ibm-lts-20.04 - 5.4.0.1013.14 linux-ibm - 5.4.0.1013.14 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1013.14 No subscription required linux-bluefield - 5.4.0.1026.27 linux-image-bluefield - 5.4.0.1026.27 linux-headers-bluefield - 5.4.0.1026.27 linux-tools-bluefield - 5.4.0.1026.27 No subscription required linux-headers-gkeop - 5.4.0.1032.35 linux-cloud-tools-gkeop-5.4 - 5.4.0.1032.35 linux-image-gkeop - 5.4.0.1032.35 linux-gkeop-5.4 - 5.4.0.1032.35 linux-image-gkeop-5.4 - 5.4.0.1032.35 linux-gkeop - 5.4.0.1032.35 linux-cloud-tools-gkeop - 5.4.0.1032.35 linux-modules-extra-gkeop-5.4 - 5.4.0.1032.35 linux-headers-gkeop-5.4 - 5.4.0.1032.35 linux-modules-extra-gkeop - 5.4.0.1032.35 linux-tools-gkeop - 5.4.0.1032.35 linux-tools-gkeop-5.4 - 5.4.0.1032.35 No subscription required linux-kvm - 5.4.0.1054.53 linux-headers-kvm - 5.4.0.1054.53 linux-tools-kvm - 5.4.0.1054.53 linux-image-kvm - 5.4.0.1054.53 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1062.62 linux-oracle-lts-20.04 - 5.4.0.1062.62 linux-tools-oracle-lts-20.04 - 5.4.0.1062.62 linux-image-oracle-lts-20.04 - 5.4.0.1062.62 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1063.73 linux-gcp-lts-20.04 - 5.4.0.1063.73 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1063.73 linux-headers-gcp-lts-20.04 - 5.4.0.1063.73 linux-image-gcp-lts-20.04 - 5.4.0.1063.73 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1064.66 linux-image-aws-lts-20.04 - 5.4.0.1064.66 linux-headers-aws-lts-20.04 - 5.4.0.1064.66 linux-tools-aws-lts-20.04 - 5.4.0.1064.66 linux-aws-lts-20.04 - 5.4.0.1064.66 No subscription required linux-azure-lts-20.04 - 5.4.0.1068.66 linux-tools-azure-lts-20.04 - 5.4.0.1068.66 linux-image-azure-lts-20.04 - 5.4.0.1068.66 linux-modules-extra-azure-lts-20.04 - 5.4.0.1068.66 linux-headers-azure-lts-20.04 - 5.4.0.1068.66 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1068.66 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-cloud-tools-virtual - 5.4.0.97.101 linux-image-generic-hwe-18.04 - 5.4.0.97.101 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-headers-generic-lpae - 5.4.0.97.101 linux-image-virtual - 5.4.0.97.101 linux-oem-osp1-tools-host - 5.4.0.97.101 linux-image-generic - 5.4.0.97.101 linux-tools-lowlatency - 5.4.0.97.101 linux-tools-virtual-hwe-18.04 - 5.4.0.97.101 linux-headers-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-image-extra-virtual-hwe-18.04 - 5.4.0.97.101 linux-image-oem-osp1 - 5.4.0.97.101 linux-image-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-crashdump - 5.4.0.97.101 linux-tools-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-headers-generic-hwe-18.04 - 5.4.0.97.101 linux-headers-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-source - 5.4.0.97.101 linux-lowlatency - 5.4.0.97.101 linux-tools-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-virtual - 5.4.0.97.101 linux-headers-virtual-hwe-18.04 - 5.4.0.97.101 linux-virtual-hwe-18.04 - 5.4.0.97.101 linux-tools-generic-lpae - 5.4.0.97.101 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-tools-virtual - 5.4.0.97.101 linux-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-generic-lpae - 5.4.0.97.101 linux-headers-oem - 5.4.0.97.101 linux-generic - 5.4.0.97.101 linux-tools-oem-osp1 - 5.4.0.97.101 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-image-lowlatency - 5.4.0.97.101 linux-tools-generic-hwe-18.04-edge - 5.4.0.97.101 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-cloud-tools-lowlatency - 5.4.0.97.101 linux-headers-lowlatency - 5.4.0.97.101 linux-image-generic-hwe-18.04-edge - 5.4.0.97.101 linux-generic-hwe-18.04-edge - 5.4.0.97.101 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.97.101 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-oem - 5.4.0.97.101 linux-tools-generic - 5.4.0.97.101 linux-image-extra-virtual - 5.4.0.97.101 linux-cloud-tools-generic - 5.4.0.97.101 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-oem-tools-host - 5.4.0.97.101 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.97.101 linux-tools-oem - 5.4.0.97.101 linux-headers-oem-osp1 - 5.4.0.97.101 linux-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-headers-generic-hwe-18.04-edge - 5.4.0.97.101 linux-headers-generic - 5.4.0.97.101 linux-oem-osp1 - 5.4.0.97.101 linux-image-virtual-hwe-18.04 - 5.4.0.97.101 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.97.101 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-image-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.97.101 linux-virtual-hwe-18.04-edge - 5.4.0.97.101 linux-headers-virtual - 5.4.0.97.101 linux-image-oem - 5.4.0.97.101 linux-lowlatency-hwe-18.04 - 5.4.0.97.101 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.97.101 linux-generic-hwe-18.04 - 5.4.0.97.101 linux-image-generic-lpae - 5.4.0.97.101 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.97.101 linux-tools-generic-hwe-18.04 - 5.4.0.97.101 linux-image-virtual-hwe-18.04-edge - 5.4.0.97.101 No subscription required Medium CVE-2021-3640 CVE-2021-3752 CVE-2021-42739 Ubuntu 20.04 LTS USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5267-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1014-ibm - 5.4.0-1014.15 linux-buildinfo-5.4.0-1014-ibm - 5.4.0-1014.15 linux-image-unsigned-5.4.0-1014-ibm - 5.4.0-1014.15 linux-tools-5.4.0-1014-ibm - 5.4.0-1014.15 linux-image-5.4.0-1014-ibm - 5.4.0-1014.15 linux-ibm-tools-5.4.0-1014 - 5.4.0-1014.15 linux-ibm-source-5.4.0 - 5.4.0-1014.15 linux-ibm-headers-5.4.0-1014 - 5.4.0-1014.15 linux-ibm-tools-common - 5.4.0-1014.15 linux-headers-5.4.0-1014-ibm - 5.4.0-1014.15 linux-ibm-cloud-tools-common - 5.4.0-1014.15 linux-modules-5.4.0-1014-ibm - 5.4.0-1014.15 No subscription required linux-headers-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-headers-5.4.0-1033 - 5.4.0-1033.34 linux-modules-extra-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-image-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-modules-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-source-5.4.0 - 5.4.0-1033.34 linux-buildinfo-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-tools-5.4.0-1033 - 5.4.0-1033.34 linux-cloud-tools-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-gkeop-cloud-tools-5.4.0-1033 - 5.4.0-1033.34 linux-image-unsigned-5.4.0-1033-gkeop - 5.4.0-1033.34 linux-tools-5.4.0-1033-gkeop - 5.4.0-1033.34 No subscription required linux-image-unsigned-5.4.0-1055-kvm - 5.4.0-1055.57 linux-image-5.4.0-1055-kvm - 5.4.0-1055.57 linux-kvm-tools-5.4.0-1055 - 5.4.0-1055.57 linux-buildinfo-5.4.0-1055-kvm - 5.4.0-1055.57 linux-modules-5.4.0-1055-kvm - 5.4.0-1055.57 linux-headers-5.4.0-1055-kvm - 5.4.0-1055.57 linux-tools-5.4.0-1055-kvm - 5.4.0-1055.57 linux-kvm-headers-5.4.0-1055 - 5.4.0-1055.57 No subscription required linux-buildinfo-5.4.0-1062-gke - 5.4.0-1062.65 linux-modules-5.4.0-1062-gke - 5.4.0-1062.65 linux-gke-headers-5.4.0-1062 - 5.4.0-1062.65 linux-headers-5.4.0-1062-gke - 5.4.0-1062.65 linux-image-unsigned-5.4.0-1062-gke - 5.4.0-1062.65 linux-image-5.4.0-1062-gke - 5.4.0-1062.65 linux-tools-5.4.0-1062-gke - 5.4.0-1062.65 linux-gke-tools-5.4.0-1062 - 5.4.0-1062.65 linux-modules-extra-5.4.0-1062-gke - 5.4.0-1062.65 No subscription required linux-modules-extra-5.4.0-1063-oracle - 5.4.0-1063.67 linux-oracle-tools-5.4.0-1063 - 5.4.0-1063.67 linux-image-5.4.0-1063-oracle - 5.4.0-1063.67 linux-modules-5.4.0-1063-oracle - 5.4.0-1063.67 linux-oracle-headers-5.4.0-1063 - 5.4.0-1063.67 linux-headers-5.4.0-1063-oracle - 5.4.0-1063.67 linux-tools-5.4.0-1063-oracle - 5.4.0-1063.67 linux-buildinfo-5.4.0-1063-oracle - 5.4.0-1063.67 linux-image-unsigned-5.4.0-1063-oracle - 5.4.0-1063.67 No subscription required linux-tools-5.4.0-1064-gcp - 5.4.0-1064.68 linux-gcp-tools-5.4.0-1064 - 5.4.0-1064.68 linux-modules-extra-5.4.0-1064-gcp - 5.4.0-1064.68 linux-image-unsigned-5.4.0-1064-gcp - 5.4.0-1064.68 linux-modules-5.4.0-1064-gcp - 5.4.0-1064.68 linux-image-5.4.0-1064-gcp - 5.4.0-1064.68 linux-headers-5.4.0-1064-gcp - 5.4.0-1064.68 linux-gcp-headers-5.4.0-1064 - 5.4.0-1064.68 linux-buildinfo-5.4.0-1064-gcp - 5.4.0-1064.68 No subscription required linux-buildinfo-5.4.0-1065-aws - 5.4.0-1065.68 linux-modules-extra-5.4.0-1065-aws - 5.4.0-1065.68 linux-cloud-tools-5.4.0-1065-aws - 5.4.0-1065.68 linux-image-5.4.0-1065-aws - 5.4.0-1065.68 linux-headers-5.4.0-1065-aws - 5.4.0-1065.68 linux-aws-tools-5.4.0-1065 - 5.4.0-1065.68 linux-aws-headers-5.4.0-1065 - 5.4.0-1065.68 linux-aws-cloud-tools-5.4.0-1065 - 5.4.0-1065.68 linux-tools-5.4.0-1065-aws - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-aws - 5.4.0-1065.68 linux-modules-5.4.0-1065-aws - 5.4.0-1065.68 No subscription required linux-cloud-tools-5.4.0-1069-azure - 5.4.0-1069.72 linux-buildinfo-5.4.0-1069-azure - 5.4.0-1069.72 linux-image-unsigned-5.4.0-1069-azure - 5.4.0-1069.72 linux-azure-cloud-tools-5.4.0-1069 - 5.4.0-1069.72 linux-headers-5.4.0-1069-azure - 5.4.0-1069.72 linux-azure-tools-5.4.0-1069 - 5.4.0-1069.72 linux-image-5.4.0-1069-azure - 5.4.0-1069.72 linux-modules-extra-5.4.0-1069-azure - 5.4.0-1069.72 linux-modules-5.4.0-1069-azure - 5.4.0-1069.72 linux-azure-headers-5.4.0-1069 - 5.4.0-1069.72 linux-tools-5.4.0-1069-azure - 5.4.0-1069.72 No subscription required linux-cloud-tools-5.4.0-99 - 5.4.0-99.112 linux-tools-common - 5.4.0-99.112 linux-tools-5.4.0-99-generic - 5.4.0-99.112 linux-modules-5.4.0-99-lowlatency - 5.4.0-99.112 linux-tools-host - 5.4.0-99.112 linux-buildinfo-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-buildinfo-5.4.0-99-generic - 5.4.0-99.112 linux-doc - 5.4.0-99.112 linux-image-5.4.0-99-generic - 5.4.0-99.112 linux-headers-5.4.0-99 - 5.4.0-99.112 linux-buildinfo-5.4.0-99-lowlatency - 5.4.0-99.112 linux-headers-5.4.0-99-generic - 5.4.0-99.112 linux-libc-dev - 5.4.0-99.112 linux-source-5.4.0 - 5.4.0-99.112 linux-image-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-headers-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-headers-5.4.0-99-lowlatency - 5.4.0-99.112 linux-tools-5.4.0-99-lowlatency - 5.4.0-99.112 linux-modules-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-cloud-tools-5.4.0-99-lowlatency - 5.4.0-99.112 linux-cloud-tools-common - 5.4.0-99.112 linux-tools-5.4.0-99-generic-lpae - 5.4.0-99.112 linux-modules-extra-5.4.0-99-generic - 5.4.0-99.112 linux-modules-5.4.0-99-generic - 5.4.0-99.112 linux-image-5.4.0-99-lowlatency - 5.4.0-99.112 linux-image-unsigned-5.4.0-99-generic - 5.4.0-99.112 linux-cloud-tools-5.4.0-99-generic - 5.4.0-99.112 linux-image-unsigned-5.4.0-99-lowlatency - 5.4.0-99.112 linux-tools-5.4.0-99 - 5.4.0-99.112 No subscription required linux-image-ibm - 5.4.0.1014.15 linux-headers-ibm-lts-20.04 - 5.4.0.1014.15 linux-tools-ibm - 5.4.0.1014.15 linux-ibm-lts-20.04 - 5.4.0.1014.15 linux-image-ibm-lts-20.04 - 5.4.0.1014.15 linux-modules-extra-ibm - 5.4.0.1014.15 linux-ibm - 5.4.0.1014.15 linux-tools-ibm-lts-20.04 - 5.4.0.1014.15 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1014.15 linux-headers-ibm - 5.4.0.1014.15 No subscription required linux-headers-gkeop - 5.4.0.1033.36 linux-cloud-tools-gkeop-5.4 - 5.4.0.1033.36 linux-image-gkeop - 5.4.0.1033.36 linux-modules-extra-gkeop-5.4 - 5.4.0.1033.36 linux-gkeop-5.4 - 5.4.0.1033.36 linux-image-gkeop-5.4 - 5.4.0.1033.36 linux-gkeop - 5.4.0.1033.36 linux-cloud-tools-gkeop - 5.4.0.1033.36 linux-headers-gkeop-5.4 - 5.4.0.1033.36 linux-modules-extra-gkeop - 5.4.0.1033.36 linux-tools-gkeop - 5.4.0.1033.36 linux-tools-gkeop-5.4 - 5.4.0.1033.36 No subscription required linux-kvm - 5.4.0.1055.54 linux-headers-kvm - 5.4.0.1055.54 linux-image-kvm - 5.4.0.1055.54 linux-tools-kvm - 5.4.0.1055.54 No subscription required linux-modules-extra-gke - 5.4.0.1062.72 linux-headers-gke-5.4 - 5.4.0.1062.72 linux-modules-extra-gke-5.4 - 5.4.0.1062.72 linux-gke-5.4 - 5.4.0.1062.72 linux-tools-gke - 5.4.0.1062.72 linux-gke - 5.4.0.1062.72 linux-headers-gke - 5.4.0.1062.72 linux-image-gke - 5.4.0.1062.72 linux-image-gke-5.4 - 5.4.0.1062.72 linux-tools-gke-5.4 - 5.4.0.1062.72 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1063.63 linux-headers-oracle-lts-20.04 - 5.4.0.1063.63 linux-image-oracle-lts-20.04 - 5.4.0.1063.63 linux-oracle-lts-20.04 - 5.4.0.1063.63 No subscription required linux-gcp-lts-20.04 - 5.4.0.1064.74 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1064.74 linux-headers-gcp-lts-20.04 - 5.4.0.1064.74 linux-image-gcp-lts-20.04 - 5.4.0.1064.74 linux-tools-gcp-lts-20.04 - 5.4.0.1064.74 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1065.67 linux-image-aws-lts-20.04 - 5.4.0.1065.67 linux-headers-aws-lts-20.04 - 5.4.0.1065.67 linux-tools-aws-lts-20.04 - 5.4.0.1065.67 linux-aws-lts-20.04 - 5.4.0.1065.67 No subscription required linux-azure-lts-20.04 - 5.4.0.1069.67 linux-image-azure-lts-20.04 - 5.4.0.1069.67 linux-modules-extra-azure-lts-20.04 - 5.4.0.1069.67 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1069.67 linux-tools-azure-lts-20.04 - 5.4.0.1069.67 linux-headers-azure-lts-20.04 - 5.4.0.1069.67 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-virtual - 5.4.0.99.103 linux-image-generic-hwe-18.04 - 5.4.0.99.103 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-headers-generic-lpae - 5.4.0.99.103 linux-crashdump - 5.4.0.99.103 linux-image-virtual - 5.4.0.99.103 linux-oem-osp1-tools-host - 5.4.0.99.103 linux-image-generic - 5.4.0.99.103 linux-tools-lowlatency - 5.4.0.99.103 linux-image-oem - 5.4.0.99.103 linux-tools-virtual-hwe-18.04 - 5.4.0.99.103 linux-headers-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-image-extra-virtual-hwe-18.04 - 5.4.0.99.103 linux-image-oem-osp1 - 5.4.0.99.103 linux-image-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-headers-generic-hwe-18.04 - 5.4.0.99.103 linux-headers-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.99.103 linux-source - 5.4.0.99.103 linux-lowlatency - 5.4.0.99.103 linux-tools-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-generic - 5.4.0.99.103 linux-oem - 5.4.0.99.103 linux-headers-generic - 5.4.0.99.103 linux-headers-virtual-hwe-18.04 - 5.4.0.99.103 linux-tools-generic - 5.4.0.99.103 linux-virtual-hwe-18.04 - 5.4.0.99.103 linux-tools-generic-lpae - 5.4.0.99.103 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-headers-virtual - 5.4.0.99.103 linux-tools-virtual - 5.4.0.99.103 linux-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-generic-lpae - 5.4.0.99.103 linux-image-generic-hwe-18.04-edge - 5.4.0.99.103 linux-headers-oem - 5.4.0.99.103 linux-generic - 5.4.0.99.103 linux-tools-oem-osp1 - 5.4.0.99.103 linux-virtual - 5.4.0.99.103 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-image-virtual-hwe-18.04 - 5.4.0.99.103 linux-headers-lowlatency - 5.4.0.99.103 linux-generic-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.99.103 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-image-generic-lpae - 5.4.0.99.103 linux-image-extra-virtual - 5.4.0.99.103 linux-oem-tools-host - 5.4.0.99.103 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-cloud-tools-lowlatency - 5.4.0.99.103 linux-tools-oem - 5.4.0.99.103 linux-headers-oem-osp1 - 5.4.0.99.103 linux-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-headers-generic-hwe-18.04-edge - 5.4.0.99.103 linux-image-lowlatency - 5.4.0.99.103 linux-oem-osp1 - 5.4.0.99.103 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.99.103 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-image-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-virtual-hwe-18.04-edge - 5.4.0.99.103 linux-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.99.103 linux-generic-hwe-18.04 - 5.4.0.99.103 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.99.103 linux-tools-generic-hwe-18.04 - 5.4.0.99.103 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.99.103 linux-tools-lowlatency-hwe-18.04 - 5.4.0.99.103 linux-image-virtual-hwe-18.04-edge - 5.4.0.99.103 No subscription required None https://launchpad.net/bugs/1959665 Ubuntu 20.04 LTS USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. Original advisory details: It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3640) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Update Instructions: Run `sudo pro fix USN-5267-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1052-raspi - 5.4.0-1052.58 linux-modules-5.4.0-1052-raspi - 5.4.0-1052.58 linux-image-5.4.0-1052-raspi - 5.4.0-1052.58 linux-buildinfo-5.4.0-1052-raspi - 5.4.0-1052.58 linux-raspi-tools-5.4.0-1052 - 5.4.0-1052.58 linux-tools-5.4.0-1052-raspi - 5.4.0-1052.58 linux-raspi-headers-5.4.0-1052 - 5.4.0-1052.58 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-raspi-hwe-18.04 - 5.4.0.1052.86 linux-tools-raspi - 5.4.0.1052.86 linux-image-raspi - 5.4.0.1052.86 linux-tools-raspi2-hwe-18.04 - 5.4.0.1052.86 linux-raspi2-hwe-18.04 - 5.4.0.1052.86 linux-raspi2 - 5.4.0.1052.86 linux-headers-raspi2 - 5.4.0.1052.86 linux-headers-raspi2-hwe-18.04 - 5.4.0.1052.86 linux-image-raspi2 - 5.4.0.1052.86 linux-image-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-tools-raspi-hwe-18.04 - 5.4.0.1052.86 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1052.86 linux-tools-raspi2 - 5.4.0.1052.86 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1052.86 linux-raspi - 5.4.0.1052.86 linux-headers-raspi - 5.4.0.1052.86 linux-headers-raspi-hwe-18.04 - 5.4.0.1052.86 linux-image-raspi-hwe-18.04 - 5.4.0.1052.86 linux-image-raspi2-hwe-18.04 - 5.4.0.1052.86 No subscription required Medium CVE-2021-3640 CVE-2021-3752 CVE-2021-42739 Ubuntu 20.04 LTS Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to perform a cross-site scripting attack. (CVE-2022-22818) Alan Ryan discovered that Django incorrectly handled file uploads. A remote attacker could possibly use this issue to cause Django to hang, resulting in a denial of service. (CVE-2022-23833) Update Instructions: Run `sudo pro fix USN-5269-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.10 python-django-doc - 2:2.2.12-1ubuntu0.10 No subscription required Medium CVE-2022-22818 CVE-2022-23833 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.28 in Ubuntu 20.04 LTS and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.37. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-28.html https://www.oracle.com/security-alerts/cpujan2022.html Update Instructions: Run `sudo pro fix USN-5270-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.28-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.28-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.28-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-router - 8.0.28-0ubuntu0.20.04.3 mysql-server - 8.0.28-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.28-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-testsuite - 8.0.28-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.28-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.28-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-21245 CVE-2022-21249 CVE-2022-21253 CVE-2022-21254 CVE-2022-21256 CVE-2022-21264 CVE-2022-21265 CVE-2022-21270 CVE-2022-21301 CVE-2022-21302 CVE-2022-21303 CVE-2022-21304 CVE-2022-21339 CVE-2022-21342 CVE-2022-21344 CVE-2022-21348 CVE-2022-21351 CVE-2022-21358 CVE-2022-21362 CVE-2022-21367 CVE-2022-21368 CVE-2022-21370 CVE-2022-21372 CVE-2022-21374 CVE-2022-21378 CVE-2022-21379 Ubuntu 20.04 LTS It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 ESM. (CVE-2020-35572) Adam Crosser and Brian Sizemore discovered that Adminer incorrectly handled redirection requests to internal servers. An unauthenticated remote attacker could possibly use this to perform a server-side request forgery attack and expose sensitive information. (CVE-2021-21311) It was discovered that Adminer was incorrectly escaping data in the doc_link function. A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-29625) Update Instructions: Run `sudo pro fix USN-5271-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: adminer - 4.7.6-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-35572 CVE-2021-21311 CVE-2021-29625 Ubuntu 20.04 LTS It was discovered that HDF5 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5272-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhdf5-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-doc - 1.10.4+repack-11ubuntu1+esm1 hdf5-helpers - 1.10.4+repack-11ubuntu1+esm1 libhdf5-cpp-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-jni - 1.10.4+repack-11ubuntu1+esm1 libhdf5-dev - 1.10.4+repack-11ubuntu1+esm1 libhdf5-mpich-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-openmpi-dev - 1.10.4+repack-11ubuntu1+esm1 libhdf5-mpich-dev - 1.10.4+repack-11ubuntu1+esm1 libhdf5-openmpi-103 - 1.10.4+repack-11ubuntu1+esm1 libhdf5-java - 1.10.4+repack-11ubuntu1+esm1 libhdf5-mpi-dev - 1.10.4+repack-11ubuntu1+esm1 hdf5-tools - 1.10.4+repack-11ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-17233 CVE-2018-17234 CVE-2018-17237 Ubuntu 20.04 LTS Demi M. Obenour discovered that RPM Package Manager incorrectly handled certain files. An attacker could possibly use this issue to corrupt the database and cause a denial of service. (CVE-2021-3421, CVE-2021-20271) Demi M. Obenour discovered that RPM Package Manager incorrectly handled memory when processing certain data from the database. An attacker could possibly use this issue to cause a denial of service. This issue only affects Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2021-20266) Update Instructions: Run `sudo pro fix USN-5273-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: debugedit - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm-i18n - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 python-rpm - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm-common - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpm-dev - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 rpm2cpio - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpmio8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 python3-rpm - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpm8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpmsign8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 librpmbuild8 - 4.14.2.1+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2021-20266 CVE-2021-20271 CVE-2021-3421 Ubuntu 20.04 LTS It was discovered that Simple DirectMedia Layer library incorrectly handled memory when parsing certain specially crafted .BMP files. An attacker could possibly use these issues to crash the application or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5274-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsdl2-dev - 2.0.10+dfsg1-3ubuntu0.1~esm1 libsdl2-doc - 2.0.10+dfsg1-3ubuntu0.1~esm1 libsdl2-2.0-0 - 2.0.10+dfsg1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-14409 CVE-2020-14410 Ubuntu 20.04 LTS Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. (CVE-2022-0204) Update Instructions: Run `sudo pro fix USN-5275-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.5 bluez-tests - 5.53-0ubuntu3.5 bluez-obexd - 5.53-0ubuntu3.5 bluetooth - 5.53-0ubuntu3.5 bluez - 5.53-0ubuntu3.5 bluez-hcidump - 5.53-0ubuntu3.5 bluez-cups - 5.53-0ubuntu3.5 libbluetooth-dev - 5.53-0ubuntu3.5 No subscription required Medium CVE-2022-0204 Ubuntu 20.04 LTS It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected memory and cause a denial of service. Update Instructions: Run `sudo pro fix USN-5276-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnvidia-compute-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.172.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.172.01-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.172.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.172.01-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.172.01-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.172.01-0ubuntu0.20.04.1 No subscription required libnvidia-common-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-gl-465 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-465 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-encode-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-460 - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-dkms-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-compute-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-extra-470 - 470.103.01-0ubuntu0.20.04.1 nvidia-utils-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-465 - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-fbc1-470 - 470.103.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-common-470-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-common-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 470.103.01-0ubuntu0.20.04.1 libnvidia-decode-470 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 470.103.01-0ubuntu0.20.04.1 libnvidia-ifr1-465 - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-driver-460-server - 470.103.01-0ubuntu0.20.04.1 nvidia-headless-470-server - 470.103.01-0ubuntu0.20.04.1 No subscription required libnvidia-fbc1-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-common-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-utils-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-decode-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-common-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-compute-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-cfg1-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-dkms-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-encode-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-extra-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-fbc1-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-driver-510 - 510.47.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-source-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-utils-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-compute-utils-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-decode-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-source-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-kernel-common-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-gl-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-gl-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-common-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-compute-utils-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-encode-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-compute-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-dkms-510 - 510.47.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-495 - 510.47.03-0ubuntu0.20.04.1 libnvidia-extra-510 - 510.47.03-0ubuntu0.20.04.1 nvidia-driver-495 - 510.47.03-0ubuntu0.20.04.1 nvidia-headless-510 - 510.47.03-0ubuntu0.20.04.1 libnvidia-cfg1-495 - 510.47.03-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21813 CVE-2022-21814 Ubuntu 20.04 LTS It was discovered that the rlimit tracking for user namespaces in the Linux kernel did not properly perform reference counting, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-24122) It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-27820) It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) It was discovered that the BPF subsystem in the Linux kernel did not properly track pointer types on atomic fetch operations in some situations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2022-0264) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0382) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5278-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.14.0-1022-oem - 5.14.0-1022.24 linux-headers-5.14.0-1022-oem - 5.14.0-1022.24 linux-modules-5.14.0-1022-oem - 5.14.0-1022.24 linux-image-unsigned-5.14.0-1022-oem - 5.14.0-1022.24 linux-buildinfo-5.14.0-1022-oem - 5.14.0-1022.24 linux-oem-5.14-tools-host - 5.14.0-1022.24 linux-oem-5.14-tools-5.14.0-1022 - 5.14.0-1022.24 linux-image-5.14.0-1022-oem - 5.14.0-1022.24 linux-oem-5.14-headers-5.14.0-1022 - 5.14.0-1022.24 No subscription required linux-headers-oem-20.04d - 5.14.0.1022.19 linux-tools-oem-20.04d - 5.14.0.1022.19 linux-oem-20.04d - 5.14.0.1022.19 linux-image-oem-20.04d - 5.14.0.1022.19 No subscription required High CVE-2020-27820 CVE-2021-22600 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-4001 CVE-2021-4083 CVE-2021-4135 CVE-2021-4155 CVE-2021-4197 CVE-2021-43975 CVE-2021-44733 CVE-2021-45095 CVE-2021-45480 CVE-2022-0264 CVE-2022-0330 CVE-2022-0382 CVE-2022-22942 CVE-2022-23222 CVE-2022-24122 Ubuntu 20.04 LTS It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could possibly use this issue to unmount FUSE filesystems belonging to other users. Update Instructions: Run `sudo pro fix USN-5279-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.34-0.1ubuntu9.3 No subscription required libfdisk-dev - 2.34-0.1ubuntu9.3 libblkid1 - 2.34-0.1ubuntu9.3 libmount-dev - 2.34-0.1ubuntu9.3 rfkill - 2.34-0.1ubuntu9.3 mount - 2.34-0.1ubuntu9.3 libsmartcols1 - 2.34-0.1ubuntu9.3 util-linux-locales - 2.34-0.1ubuntu9.3 libfdisk1 - 2.34-0.1ubuntu9.3 libmount1 - 2.34-0.1ubuntu9.3 libsmartcols-dev - 2.34-0.1ubuntu9.3 uuid-dev - 2.34-0.1ubuntu9.3 libblkid-dev - 2.34-0.1ubuntu9.3 fdisk - 2.34-0.1ubuntu9.3 uuid-runtime - 2.34-0.1ubuntu9.3 util-linux - 2.34-0.1ubuntu9.3 libuuid1 - 2.34-0.1ubuntu9.3 No subscription required Medium CVE-2021-3995 CVE-2021-3996 Ubuntu 20.04 LTS It was discovered that Speex incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5280-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: speex - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeexdsp-dev - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeex-dev - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeexdsp1 - 1.2~rc1.2-1.1ubuntu1.20.04.1 speex-doc - 1.2~rc1.2-1.1ubuntu1.20.04.1 libspeex1 - 1.2~rc1.2-1.1ubuntu1.20.04.1 No subscription required Medium CVE-2020-23903 Ubuntu 20.04 LTS It was discovered that some OpenSC smart card drivers mishandled memory when performing certain decoding operations. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-15945, CVE-2019-15946) It was discovered that some OpenSC smart card drivers had buffer overflow vulnerabilities. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2020-26570, CVE-2020-26571, CVE-2020-26572) Update Instructions: Run `sudo pro fix USN-5281-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: opensc-pkcs11 - 0.20.0-3ubuntu0.1~esm1 opensc - 0.20.0-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-15945 CVE-2019-15946 CVE-2020-26570 CVE-2020-26571 CVE-2020-26572 Ubuntu 20.04 LTS It was discovered that PDFResurrect was incorrectly handling corrupted PDF files. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-14267) It was discovered that PDFResurrect incorrectly handled memory when loading PDF pages. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-14934) It was discovered that PDFResurrect was incorrectly validating header data in input PDF files. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-20740) Carter Yagemann discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service (system crash) or arbitrary code execution. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-9549) It was discovered that PDFResurrect was incorrectly processing data when performing trailer search operations. An attacker could possibly use this issue to cause an infinite loop, resulting in a denial of service. (CVE-2021-3508) Update Instructions: Run `sudo pro fix USN-5282-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pdfresurrect - 0.19-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-14267 CVE-2019-14934 CVE-2020-20740 CVE-2020-9549 CVE-2021-3508 Ubuntu 20.04 LTS It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a directory traversal attack. Update Instructions: Run `sudo pro fix USN-5283-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-tar - 4.4.10+ds1-2ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-32803 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0511, CVE-2022-22755, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22764) It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions. (CVE-2022-22754) It was discovered that dragging and dropping an image into a folder could result in it being marked as executable. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to execute arbitrary code. (CVE-2022-22756) It was discovered that Remote Agent, used in WebDriver, did not validate Host or Origin headers. If a user were tricked into opening a specially crafted website with WebDriver enabled, an attacker could potentially exploit this to connect back to the user's browser in order to control it. (CVE-2022-22757) Update Instructions: Run `sudo pro fix USN-5284-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 97.0+build2-0ubuntu0.20.04.1 firefox - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 97.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 97.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 97.0+build2-0ubuntu0.20.04.1 firefox-dev - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 97.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 97.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22754 CVE-2022-22755 CVE-2022-22756 CVE-2022-22757 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22764 CVE-2022-0511 Ubuntu 20.04 LTS Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature. Update Instructions: Run `sudo pro fix USN-5286-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cryptsetup - 2:2.2.2-3ubuntu2.4 cryptsetup-run - 2:2.2.2-3ubuntu2.4 libcryptsetup12 - 2:2.2.2-3ubuntu2.4 libcryptsetup-dev - 2:2.2.2-3ubuntu2.4 cryptsetup-bin - 2:2.2.2-3ubuntu2.4 cryptsetup-initramfs - 2:2.2.2-3ubuntu2.4 No subscription required Medium CVE-2021-4122 Ubuntu 20.04 LTS It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5288-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.2 libexpat1-dev - 2.2.9-1ubuntu0.2 libexpat1 - 2.2.9-1ubuntu0.2 No subscription required High CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23852 CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 Ubuntu 20.04 LTS James Isaac and Mathias Brodala discovered that Symfony incorrectly handled switch users functionality. An attacker could possibly use this issue to enumerate users. (CVE-2021-21424) It was discovered that Symfony incorrectly handled certain specially crafted CSV files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 ESM. (CVE-2021-41270) Update Instructions: Run `sudo pro fix USN-5290-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-symfony-framework-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-core - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-ldap - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-browser-kit - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-filesystem - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-twig-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mailchimp-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-web-profiler-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-asset - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-var-exporter - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-sendgrid-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-http - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-phpunit-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-http-client - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-web-server-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-http-kernel - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-templating - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-property-access - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-amazon-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-doctrine-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-intl - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-twig-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-guard - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-postmark-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-serializer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-translation - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-yaml - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-debug-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-css-selector - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-expression-language - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-process - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-var-dumper - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-property-info - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-routing - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-bundle - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-finder - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-google-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-lock - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-validator - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-debug - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-inflector - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-event-dispatcher - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-cache - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-monolog-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mime - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-workflow - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security-csrf - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-proxy-manager-bridge - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-http-foundation - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-form - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-options-resolver - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-dotenv - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-web-link - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-messenger - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-mailgun-mailer - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-dependency-injection - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-dom-crawler - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-security - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-console - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-config - 4.3.8+dfsg-1ubuntu1+esm1 php-symfony-stopwatch - 4.3.8+dfsg-1ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-21424 CVE-2021-41270 Ubuntu 20.04 LTS It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. (CVE-2021-23177, CVE-2021-31566) It was discovered that libarchive incorrectly handled certain RAR archives. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36976) Update Instructions: Run `sudo pro fix USN-5291-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.1 libarchive-tools - 3.4.0-2ubuntu1.1 libarchive13 - 3.4.0-2ubuntu1.1 No subscription required Medium CVE-2021-23177 CVE-2021-31566 CVE-2021-36976 Ubuntu 20.04 LTS James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155) Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120) The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730) The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731) Update Instructions: Run `sudo pro fix USN-5292-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.54.3+20.04 ubuntu-core-launcher - 2.54.3+20.04 snap-confine - 2.54.3+20.04 ubuntu-snappy-cli - 2.54.3+20.04 golang-github-snapcore-snapd-dev - 2.54.3+20.04 snapd-xdg-open - 2.54.3+20.04 snapd - 2.54.3+20.04 golang-github-ubuntu-core-snappy-dev - 2.54.3+20.04 ubuntu-snappy - 2.54.3+20.04 No subscription required High CVE-2021-3155 CVE-2021-4120 CVE-2021-44730 CVE-2021-44731 Ubuntu 20.04 LTS USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155) Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120) The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730) The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731) Update Instructions: Run `sudo pro fix USN-5292-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.54.3+20.04.1 ubuntu-core-launcher - 2.54.3+20.04.1 snap-confine - 2.54.3+20.04.1 ubuntu-snappy-cli - 2.54.3+20.04.1 golang-github-snapcore-snapd-dev - 2.54.3+20.04.1 snapd-xdg-open - 2.54.3+20.04.1 snapd - 2.54.3+20.04.1 golang-github-ubuntu-core-snappy-dev - 2.54.3+20.04.1 ubuntu-snappy - 2.54.3+20.04.1 No subscription required High CVE-2021-3155 CVE-2021-4120 CVE-2021-44730 CVE-2021-44731 Ubuntu 20.04 LTS USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155) Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120) The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730) The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731) Update Instructions: Run `sudo pro fix USN-5292-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.54.3+20.04.1ubuntu0.2 ubuntu-core-launcher - 2.54.3+20.04.1ubuntu0.2 snap-confine - 2.54.3+20.04.1ubuntu0.2 ubuntu-snappy-cli - 2.54.3+20.04.1ubuntu0.2 golang-github-snapcore-snapd-dev - 2.54.3+20.04.1ubuntu0.2 snapd-xdg-open - 2.54.3+20.04.1ubuntu0.2 snapd - 2.54.3+20.04.1ubuntu0.2 golang-github-ubuntu-core-snappy-dev - 2.54.3+20.04.1ubuntu0.2 ubuntu-snappy - 2.54.3+20.04.1ubuntu0.2 No subscription required None https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1961365 https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1961791 Ubuntu 20.04 LTS Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could cause a denial of service. Update Instructions: Run `sudo pro fix USN-5293-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc3p0-java-doc - 0.9.1.2-10ubuntu0.20.04.1 libc3p0-java - 0.9.1.2-10ubuntu0.20.04.1 No subscription required Medium CVE-2019-5427 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5294-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-common - 5.4.0-100.113 linux-modules-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-headers-5.4.0-100-lowlatency - 5.4.0-100.113 linux-tools-host - 5.4.0-100.113 linux-tools-5.4.0-100-lowlatency - 5.4.0-100.113 linux-doc - 5.4.0-100.113 linux-image-5.4.0-100-lowlatency - 5.4.0-100.113 linux-cloud-tools-5.4.0-100-generic - 5.4.0-100.113 linux-image-unsigned-5.4.0-100-generic - 5.4.0-100.113 linux-modules-5.4.0-100-lowlatency - 5.4.0-100.113 linux-libc-dev - 5.4.0-100.113 linux-source-5.4.0 - 5.4.0-100.113 linux-tools-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-tools-5.4.0-100-generic - 5.4.0-100.113 linux-image-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-buildinfo-5.4.0-100-generic - 5.4.0-100.113 linux-headers-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-modules-5.4.0-100-generic - 5.4.0-100.113 linux-headers-5.4.0-100-generic - 5.4.0-100.113 linux-image-unsigned-5.4.0-100-lowlatency - 5.4.0-100.113 linux-cloud-tools-common - 5.4.0-100.113 linux-headers-5.4.0-100 - 5.4.0-100.113 linux-cloud-tools-5.4.0-100-lowlatency - 5.4.0-100.113 linux-modules-extra-5.4.0-100-generic - 5.4.0-100.113 linux-buildinfo-5.4.0-100-generic-lpae - 5.4.0-100.113 linux-image-5.4.0-100-generic - 5.4.0-100.113 linux-cloud-tools-5.4.0-100 - 5.4.0-100.113 linux-tools-5.4.0-100 - 5.4.0-100.113 linux-buildinfo-5.4.0-100-lowlatency - 5.4.0-100.113 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-cloud-tools-virtual - 5.4.0.100.104 linux-image-generic-hwe-18.04 - 5.4.0.100.104 linux-tools-oem - 5.4.0.100.104 linux-headers-generic-lpae - 5.4.0.100.104 linux-image-virtual - 5.4.0.100.104 linux-oem-osp1-tools-host - 5.4.0.100.104 linux-image-generic - 5.4.0.100.104 linux-tools-lowlatency - 5.4.0.100.104 linux-image-oem - 5.4.0.100.104 linux-tools-virtual-hwe-18.04 - 5.4.0.100.104 linux-headers-generic-hwe-18.04 - 5.4.0.100.104 linux-headers-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-image-extra-virtual-hwe-18.04 - 5.4.0.100.104 linux-image-oem-osp1 - 5.4.0.100.104 linux-image-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-crashdump - 5.4.0.100.104 linux-tools-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-headers-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-source - 5.4.0.100.104 linux-lowlatency - 5.4.0.100.104 linux-tools-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-tools-generic-lpae - 5.4.0.100.104 linux-cloud-tools-generic - 5.4.0.100.104 linux-virtual - 5.4.0.100.104 linux-headers-virtual-hwe-18.04 - 5.4.0.100.104 linux-virtual-hwe-18.04 - 5.4.0.100.104 linux-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-tools-virtual - 5.4.0.100.104 linux-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-generic-lpae - 5.4.0.100.104 linux-headers-oem - 5.4.0.100.104 linux-generic - 5.4.0.100.104 linux-tools-oem-osp1 - 5.4.0.100.104 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-tools-generic-hwe-18.04-edge - 5.4.0.100.104 linux-image-virtual-hwe-18.04 - 5.4.0.100.104 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-oem-tools-host - 5.4.0.100.104 linux-headers-lowlatency - 5.4.0.100.104 linux-image-generic-hwe-18.04-edge - 5.4.0.100.104 linux-generic-hwe-18.04-edge - 5.4.0.100.104 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.100.104 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-oem - 5.4.0.100.104 linux-tools-generic - 5.4.0.100.104 linux-image-extra-virtual - 5.4.0.100.104 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.100.104 linux-cloud-tools-lowlatency - 5.4.0.100.104 linux-headers-oem-osp1 - 5.4.0.100.104 linux-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.100.104 linux-headers-generic-hwe-18.04-edge - 5.4.0.100.104 linux-headers-generic - 5.4.0.100.104 linux-oem-osp1 - 5.4.0.100.104 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.100.104 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-image-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.100.104 linux-headers-virtual - 5.4.0.100.104 linux-lowlatency-hwe-18.04 - 5.4.0.100.104 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.100.104 linux-generic-hwe-18.04 - 5.4.0.100.104 linux-image-generic-lpae - 5.4.0.100.104 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.100.104 linux-image-lowlatency - 5.4.0.100.104 linux-tools-generic-hwe-18.04 - 5.4.0.100.104 linux-image-virtual-hwe-18.04-edge - 5.4.0.100.104 No subscription required High CVE-2021-22600 CVE-2021-39685 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-43975 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5294-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1015-ibm - 5.4.0-1015.16 linux-image-5.4.0-1015-ibm - 5.4.0-1015.16 linux-ibm-tools-5.4.0-1015 - 5.4.0-1015.16 linux-ibm-headers-5.4.0-1015 - 5.4.0-1015.16 linux-ibm-tools-common - 5.4.0-1015.16 linux-buildinfo-5.4.0-1015-ibm - 5.4.0-1015.16 linux-modules-5.4.0-1015-ibm - 5.4.0-1015.16 linux-ibm-source-5.4.0 - 5.4.0-1015.16 linux-ibm-cloud-tools-common - 5.4.0-1015.16 linux-modules-extra-5.4.0-1015-ibm - 5.4.0-1015.16 linux-headers-5.4.0-1015-ibm - 5.4.0-1015.16 linux-image-unsigned-5.4.0-1015-ibm - 5.4.0-1015.16 No subscription required linux-bluefield-headers-5.4.0-1028 - 5.4.0-1028.31 linux-headers-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-modules-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-bluefield-tools-5.4.0-1028 - 5.4.0-1028.31 linux-image-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-tools-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-buildinfo-5.4.0-1028-bluefield - 5.4.0-1028.31 linux-image-unsigned-5.4.0-1028-bluefield - 5.4.0-1028.31 No subscription required linux-gkeop-headers-5.4.0-1034 - 5.4.0-1034.35 linux-modules-extra-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-image-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-tools-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-gkeop-source-5.4.0 - 5.4.0-1034.35 linux-headers-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-cloud-tools-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-modules-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-gkeop-cloud-tools-5.4.0-1034 - 5.4.0-1034.35 linux-gkeop-tools-5.4.0-1034 - 5.4.0-1034.35 linux-buildinfo-5.4.0-1034-gkeop - 5.4.0-1034.35 linux-image-unsigned-5.4.0-1034-gkeop - 5.4.0-1034.35 No subscription required linux-buildinfo-5.4.0-1053-raspi - 5.4.0-1053.60 linux-modules-5.4.0-1053-raspi - 5.4.0-1053.60 linux-raspi-tools-5.4.0-1053 - 5.4.0-1053.60 linux-raspi-headers-5.4.0-1053 - 5.4.0-1053.60 linux-image-5.4.0-1053-raspi - 5.4.0-1053.60 linux-headers-5.4.0-1053-raspi - 5.4.0-1053.60 linux-tools-5.4.0-1053-raspi - 5.4.0-1053.60 No subscription required linux-kvm-tools-5.4.0-1056 - 5.4.0-1056.58 linux-tools-5.4.0-1056-kvm - 5.4.0-1056.58 linux-buildinfo-5.4.0-1056-kvm - 5.4.0-1056.58 linux-headers-5.4.0-1056-kvm - 5.4.0-1056.58 linux-image-unsigned-5.4.0-1056-kvm - 5.4.0-1056.58 linux-kvm-headers-5.4.0-1056 - 5.4.0-1056.58 linux-modules-5.4.0-1056-kvm - 5.4.0-1056.58 linux-image-5.4.0-1056-kvm - 5.4.0-1056.58 No subscription required linux-headers-5.4.0-1064-oracle - 5.4.0-1064.68 linux-image-5.4.0-1064-oracle - 5.4.0-1064.68 linux-oracle-tools-5.4.0-1064 - 5.4.0-1064.68 linux-oracle-headers-5.4.0-1064 - 5.4.0-1064.68 linux-image-unsigned-5.4.0-1064-oracle - 5.4.0-1064.68 linux-modules-extra-5.4.0-1064-oracle - 5.4.0-1064.68 linux-modules-5.4.0-1064-oracle - 5.4.0-1064.68 linux-tools-5.4.0-1064-oracle - 5.4.0-1064.68 linux-buildinfo-5.4.0-1064-oracle - 5.4.0-1064.68 No subscription required linux-gcp-tools-5.4.0-1065 - 5.4.0-1065.69 linux-modules-5.4.0-1065-gcp - 5.4.0-1065.69 linux-modules-extra-5.4.0-1065-gcp - 5.4.0-1065.69 linux-buildinfo-5.4.0-1065-gcp - 5.4.0-1065.69 linux-image-5.4.0-1065-gcp - 5.4.0-1065.69 linux-tools-5.4.0-1065-gcp - 5.4.0-1065.69 linux-headers-5.4.0-1065-gcp - 5.4.0-1065.69 linux-gcp-headers-5.4.0-1065 - 5.4.0-1065.69 linux-image-unsigned-5.4.0-1065-gcp - 5.4.0-1065.69 No subscription required linux-tools-5.4.0-1066-aws - 5.4.0-1066.69 linux-image-5.4.0-1066-aws - 5.4.0-1066.69 linux-headers-5.4.0-1066-aws - 5.4.0-1066.69 linux-aws-tools-5.4.0-1066 - 5.4.0-1066.69 linux-aws-headers-5.4.0-1066 - 5.4.0-1066.69 linux-modules-5.4.0-1066-aws - 5.4.0-1066.69 linux-image-unsigned-5.4.0-1066-aws - 5.4.0-1066.69 linux-modules-extra-5.4.0-1066-aws - 5.4.0-1066.69 linux-aws-cloud-tools-5.4.0-1066 - 5.4.0-1066.69 linux-cloud-tools-5.4.0-1066-aws - 5.4.0-1066.69 linux-buildinfo-5.4.0-1066-aws - 5.4.0-1066.69 No subscription required linux-azure-headers-5.4.0-1070 - 5.4.0-1070.73 linux-modules-extra-5.4.0-1070-azure - 5.4.0-1070.73 linux-modules-5.4.0-1070-azure - 5.4.0-1070.73 linux-cloud-tools-5.4.0-1070-azure - 5.4.0-1070.73 linux-headers-5.4.0-1070-azure - 5.4.0-1070.73 linux-image-unsigned-5.4.0-1070-azure - 5.4.0-1070.73 linux-azure-cloud-tools-5.4.0-1070 - 5.4.0-1070.73 linux-tools-5.4.0-1070-azure - 5.4.0-1070.73 linux-image-5.4.0-1070-azure - 5.4.0-1070.73 linux-azure-tools-5.4.0-1070 - 5.4.0-1070.73 linux-buildinfo-5.4.0-1070-azure - 5.4.0-1070.73 No subscription required linux-image-unsigned-5.4.0-1070-azure-fde - 5.4.0-1070.73+cvm1.1 linux-image-5.4.0-1070-azure-fde - 5.4.0-1070.73+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1015.16 linux-headers-ibm-lts-20.04 - 5.4.0.1015.16 linux-tools-ibm - 5.4.0.1015.16 linux-modules-extra-ibm - 5.4.0.1015.16 linux-image-ibm-lts-20.04 - 5.4.0.1015.16 linux-ibm-lts-20.04 - 5.4.0.1015.16 linux-image-ibm - 5.4.0.1015.16 linux-ibm - 5.4.0.1015.16 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1015.16 linux-headers-ibm - 5.4.0.1015.16 No subscription required linux-image-bluefield - 5.4.0.1028.29 linux-bluefield - 5.4.0.1028.29 linux-tools-bluefield - 5.4.0.1028.29 linux-headers-bluefield - 5.4.0.1028.29 No subscription required linux-headers-gkeop - 5.4.0.1034.37 linux-cloud-tools-gkeop-5.4 - 5.4.0.1034.37 linux-image-gkeop - 5.4.0.1034.37 linux-gkeop-5.4 - 5.4.0.1034.37 linux-image-gkeop-5.4 - 5.4.0.1034.37 linux-gkeop - 5.4.0.1034.37 linux-modules-extra-gkeop - 5.4.0.1034.37 linux-cloud-tools-gkeop - 5.4.0.1034.37 linux-headers-gkeop-5.4 - 5.4.0.1034.37 linux-modules-extra-gkeop-5.4 - 5.4.0.1034.37 linux-tools-gkeop - 5.4.0.1034.37 linux-tools-gkeop-5.4 - 5.4.0.1034.37 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-headers-raspi2 - 5.4.0.1053.87 linux-image-raspi-hwe-18.04 - 5.4.0.1053.87 linux-image-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-tools-raspi - 5.4.0.1053.87 linux-headers-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-headers-raspi-hwe-18.04 - 5.4.0.1053.87 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-headers-raspi - 5.4.0.1053.87 linux-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-raspi-hwe-18.04 - 5.4.0.1053.87 linux-tools-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-image-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-image-raspi2 - 5.4.0.1053.87 linux-tools-raspi-hwe-18.04 - 5.4.0.1053.87 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-raspi-hwe-18.04-edge - 5.4.0.1053.87 linux-raspi2-hwe-18.04 - 5.4.0.1053.87 linux-raspi - 5.4.0.1053.87 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1053.87 linux-image-raspi - 5.4.0.1053.87 linux-raspi2 - 5.4.0.1053.87 linux-tools-raspi2 - 5.4.0.1053.87 No subscription required linux-kvm - 5.4.0.1056.55 linux-headers-kvm - 5.4.0.1056.55 linux-tools-kvm - 5.4.0.1056.55 linux-image-kvm - 5.4.0.1056.55 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1064.64 linux-headers-oracle-lts-20.04 - 5.4.0.1064.64 linux-oracle-lts-20.04 - 5.4.0.1064.64 linux-image-oracle-lts-20.04 - 5.4.0.1064.64 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1065.75 linux-gcp-lts-20.04 - 5.4.0.1065.75 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1065.75 linux-headers-gcp-lts-20.04 - 5.4.0.1065.75 linux-image-gcp-lts-20.04 - 5.4.0.1065.75 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1066.68 linux-tools-aws-lts-20.04 - 5.4.0.1066.68 linux-image-aws-lts-20.04 - 5.4.0.1066.68 linux-headers-aws-lts-20.04 - 5.4.0.1066.68 linux-aws-lts-20.04 - 5.4.0.1066.68 No subscription required linux-azure-lts-20.04 - 5.4.0.1070.68 linux-image-azure-lts-20.04 - 5.4.0.1070.68 linux-modules-extra-azure-lts-20.04 - 5.4.0.1070.68 linux-tools-azure-lts-20.04 - 5.4.0.1070.68 linux-headers-azure-lts-20.04 - 5.4.0.1070.68 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1070.68 No subscription required linux-tools-azure-fde - 5.4.0.1070.73+cvm1.16 linux-image-azure-fde - 5.4.0.1070.73+cvm1.16 linux-azure-fde - 5.4.0.1070.73+cvm1.16 linux-cloud-tools-azure-fde - 5.4.0.1070.73+cvm1.16 linux-modules-extra-azure-fde - 5.4.0.1070.73+cvm1.16 linux-headers-azure-fde - 5.4.0.1070.73+cvm1.16 No subscription required High CVE-2021-22600 CVE-2021-39685 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-43975 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5295-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-30.33~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-30 - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-hwe-5.13-headers-5.13.0-30 - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-image-unsigned-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-hwe-5.13-tools-5.13.0-30 - 5.13.0-30.33~20.04.1 linux-image-unsigned-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-30.33~20.04.1 linux-tools-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-modules-extra-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-image-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-cloud-tools-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-buildinfo-5.13.0-30-generic-lpae - 5.13.0-30.33~20.04.1 linux-tools-5.13.0-30-generic-64k - 5.13.0-30.33~20.04.1 linux-modules-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 linux-tools-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-cloud-tools-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-headers-5.13.0-30-generic - 5.13.0-30.33~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-30.33~20.04.1 linux-image-unsigned-5.13.0-30-lowlatency - 5.13.0-30.33~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-generic-64k-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-lowlatency-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-headers-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-image-extra-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-tools-generic-hwe-20.04 - 5.13.0.30.33~20.04.17 linux-virtual-hwe-20.04 - 5.13.0.30.33~20.04.17 No subscription required High CVE-2021-22600 CVE-2021-4083 CVE-2021-4155 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5295-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-modules-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-buildinfo-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-headers-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-cloud-tools-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-aws-5.13-tools-5.13.0-1014 - 5.13.0-1014.15~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1014 - 5.13.0-1014.15~20.04.1 linux-aws-5.13-headers-5.13.0-1014 - 5.13.0-1014.15~20.04.1 linux-modules-extra-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-tools-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 linux-image-unsigned-5.13.0-1014-aws - 5.13.0-1014.15~20.04.1 No subscription required linux-oracle-5.13-headers-5.13.0-1018 - 5.13.0-1018.22~20.04.1 linux-image-unsigned-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-oracle-5.13-tools-5.13.0-1018 - 5.13.0-1018.22~20.04.1 linux-image-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-tools-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-modules-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-headers-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-buildinfo-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 linux-modules-extra-5.13.0-1018-oracle - 5.13.0-1018.22~20.04.1 No subscription required linux-modules-extra-aws - 5.13.0.1014.15~20.04.7 linux-modules-extra-aws-edge - 5.13.0.1014.15~20.04.7 linux-tools-aws - 5.13.0.1014.15~20.04.7 linux-tools-aws-edge - 5.13.0.1014.15~20.04.7 linux-image-aws-edge - 5.13.0.1014.15~20.04.7 linux-headers-aws-edge - 5.13.0.1014.15~20.04.7 linux-aws-edge - 5.13.0.1014.15~20.04.7 linux-aws - 5.13.0.1014.15~20.04.7 linux-headers-aws - 5.13.0.1014.15~20.04.7 linux-image-aws - 5.13.0.1014.15~20.04.7 No subscription required linux-headers-oracle - 5.13.0.1018.22~20.04.1 linux-headers-oracle-edge - 5.13.0.1018.22~20.04.1 linux-image-oracle - 5.13.0.1018.22~20.04.1 linux-tools-oracle - 5.13.0.1018.22~20.04.1 linux-tools-oracle-edge - 5.13.0.1018.22~20.04.1 linux-oracle-edge - 5.13.0.1018.22~20.04.1 linux-image-oracle-edge - 5.13.0.1018.22~20.04.1 linux-oracle - 5.13.0.1018.22~20.04.1 No subscription required High CVE-2021-22600 CVE-2021-4083 CVE-2021-4155 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5297-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1063-gke - 5.4.0-1063.66 linux-buildinfo-5.4.0-1063-gke - 5.4.0-1063.66 linux-image-5.4.0-1063-gke - 5.4.0-1063.66 linux-tools-5.4.0-1063-gke - 5.4.0-1063.66 linux-headers-5.4.0-1063-gke - 5.4.0-1063.66 linux-gke-headers-5.4.0-1063 - 5.4.0-1063.66 linux-modules-5.4.0-1063-gke - 5.4.0-1063.66 linux-image-unsigned-5.4.0-1063-gke - 5.4.0-1063.66 linux-gke-tools-5.4.0-1063 - 5.4.0-1063.66 No subscription required linux-modules-extra-gke - 5.4.0.1063.73 linux-image-gke - 5.4.0.1063.73 linux-gke-5.4 - 5.4.0.1063.73 linux-headers-gke-5.4 - 5.4.0.1063.73 linux-image-gke-5.4 - 5.4.0.1063.73 linux-tools-gke-5.4 - 5.4.0.1063.73 linux-modules-extra-gke-5.4 - 5.4.0.1063.73 linux-headers-gke - 5.4.0.1063.73 linux-gke - 5.4.0.1063.73 linux-tools-gke - 5.4.0.1063.73 No subscription required Medium CVE-2021-39685 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-43975 CVE-2022-0330 CVE-2022-22942 Ubuntu 20.04 LTS USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. (CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly obtain sensitive information. (CVE-2017-9119) It was discovered that PHP incorrectly handled certain scripts with XML parsing functions. An attacker could possibly use this issue to obtain sensitive information. (CVE-2021-21707) Update Instructions: Run `sudo pro fix USN-5300-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.10 php7.4-readline - 7.4.3-4ubuntu2.10 php7.4-dba - 7.4.3-4ubuntu2.10 php7.4-common - 7.4.3-4ubuntu2.10 php7.4-xmlrpc - 7.4.3-4ubuntu2.10 php7.4-intl - 7.4.3-4ubuntu2.10 php7.4-phpdbg - 7.4.3-4ubuntu2.10 php7.4-ldap - 7.4.3-4ubuntu2.10 php7.4-sybase - 7.4.3-4ubuntu2.10 php7.4-xsl - 7.4.3-4ubuntu2.10 php7.4-pgsql - 7.4.3-4ubuntu2.10 php7.4-pspell - 7.4.3-4ubuntu2.10 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.10 php7.4-zip - 7.4.3-4ubuntu2.10 php7.4-curl - 7.4.3-4ubuntu2.10 php7.4-odbc - 7.4.3-4ubuntu2.10 php7.4-json - 7.4.3-4ubuntu2.10 php7.4-mbstring - 7.4.3-4ubuntu2.10 php7.4-imap - 7.4.3-4ubuntu2.10 php7.4-bz2 - 7.4.3-4ubuntu2.10 php7.4-cgi - 7.4.3-4ubuntu2.10 php7.4 - 7.4.3-4ubuntu2.10 php7.4-bcmath - 7.4.3-4ubuntu2.10 php7.4-dev - 7.4.3-4ubuntu2.10 php7.4-interbase - 7.4.3-4ubuntu2.10 php7.4-tidy - 7.4.3-4ubuntu2.10 php7.4-gmp - 7.4.3-4ubuntu2.10 php7.4-sqlite3 - 7.4.3-4ubuntu2.10 php7.4-fpm - 7.4.3-4ubuntu2.10 php7.4-soap - 7.4.3-4ubuntu2.10 php7.4-cli - 7.4.3-4ubuntu2.10 libphp7.4-embed - 7.4.3-4ubuntu2.10 php7.4-enchant - 7.4.3-4ubuntu2.10 php7.4-mysql - 7.4.3-4ubuntu2.10 php7.4-snmp - 7.4.3-4ubuntu2.10 php7.4-xml - 7.4.3-4ubuntu2.10 php7.4-opcache - 7.4.3-4ubuntu2.10 No subscription required Medium CVE-2017-8923 CVE-2017-9118 CVE-2017-9119 CVE-2017-9120 CVE-2021-21707 Ubuntu 20.04 LTS It was discovered that the Cyrus SASL SQL plugin incorrectly handled SQL input. A remote attacker could use this issue to execute arbitrary SQL commands. Update Instructions: Run `sudo pro fix USN-5301-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsasl2-2 - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-gssapi-heimdal - 2.1.27+dfsg-2ubuntu0.1 sasl2-bin - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-db - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-gssapi-mit - 2.1.27+dfsg-2ubuntu0.1 libsasl2-dev - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-sql - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-otp - 2.1.27+dfsg-2ubuntu0.1 libsasl2-modules-ldap - 2.1.27+dfsg-2ubuntu0.1 cyrus-sasl2-doc - 2.1.27+dfsg-2ubuntu0.1 No subscription required High CVE-2022-24407 Ubuntu 20.04 LTS Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448) It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959) Update Instructions: Run `sudo pro fix USN-5302-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1024-oem - 5.14.0-1024.26 linux-image-unsigned-5.14.0-1024-oem - 5.14.0-1024.26 linux-image-5.14.0-1024-oem - 5.14.0-1024.26 linux-tools-5.14.0-1024-oem - 5.14.0-1024.26 linux-headers-5.14.0-1024-oem - 5.14.0-1024.26 linux-oem-5.14-tools-5.14.0-1024 - 5.14.0-1024.26 linux-modules-5.14.0-1024-oem - 5.14.0-1024.26 linux-oem-5.14-headers-5.14.0-1024 - 5.14.0-1024.26 linux-oem-5.14-tools-host - 5.14.0-1024.26 No subscription required linux-image-oem-20.04c - 5.14.0.1024.22 linux-image-oem-20.04b - 5.14.0.1024.22 linux-image-oem-20.04d - 5.14.0.1024.22 linux-tools-oem-20.04d - 5.14.0.1024.22 linux-tools-oem-20.04c - 5.14.0.1024.22 linux-tools-oem-20.04b - 5.14.0.1024.22 linux-oem-20.04 - 5.14.0.1024.22 linux-image-oem-20.04 - 5.14.0.1024.22 linux-oem-20.04c - 5.14.0.1024.22 linux-oem-20.04d - 5.14.0.1024.22 linux-oem-20.04b - 5.14.0.1024.22 linux-headers-oem-20.04 - 5.14.0.1024.22 linux-headers-oem-20.04b - 5.14.0.1024.22 linux-headers-oem-20.04c - 5.14.0.1024.22 linux-headers-oem-20.04d - 5.14.0.1024.22 linux-tools-oem-20.04 - 5.14.0.1024.22 No subscription required High CVE-2021-43976 CVE-2021-44879 CVE-2022-0435 CVE-2022-0492 CVE-2022-24448 CVE-2022-24959 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5303-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.9 php7.4-readline - 7.4.3-4ubuntu2.9 php7.4-dba - 7.4.3-4ubuntu2.9 php7.4-common - 7.4.3-4ubuntu2.9 php7.4-xmlrpc - 7.4.3-4ubuntu2.9 php7.4-intl - 7.4.3-4ubuntu2.9 php7.4-phpdbg - 7.4.3-4ubuntu2.9 php7.4-ldap - 7.4.3-4ubuntu2.9 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.9 php7.4-soap - 7.4.3-4ubuntu2.9 php7.4-xsl - 7.4.3-4ubuntu2.9 php7.4-pgsql - 7.4.3-4ubuntu2.9 php7.4-pspell - 7.4.3-4ubuntu2.9 php7.4-zip - 7.4.3-4ubuntu2.9 php7.4-curl - 7.4.3-4ubuntu2.9 php7.4-odbc - 7.4.3-4ubuntu2.9 php7.4-json - 7.4.3-4ubuntu2.9 php7.4-mbstring - 7.4.3-4ubuntu2.9 php7.4-imap - 7.4.3-4ubuntu2.9 php7.4-bz2 - 7.4.3-4ubuntu2.9 php7.4-cgi - 7.4.3-4ubuntu2.9 php7.4 - 7.4.3-4ubuntu2.9 php7.4-bcmath - 7.4.3-4ubuntu2.9 php7.4-dev - 7.4.3-4ubuntu2.9 php7.4-interbase - 7.4.3-4ubuntu2.9 php7.4-tidy - 7.4.3-4ubuntu2.9 php7.4-gmp - 7.4.3-4ubuntu2.9 php7.4-sqlite3 - 7.4.3-4ubuntu2.9 php7.4-fpm - 7.4.3-4ubuntu2.9 php7.4-sybase - 7.4.3-4ubuntu2.9 php7.4-cli - 7.4.3-4ubuntu2.9 libphp7.4-embed - 7.4.3-4ubuntu2.9 php7.4-enchant - 7.4.3-4ubuntu2.9 php7.4-mysql - 7.4.3-4ubuntu2.9 php7.4-snmp - 7.4.3-4ubuntu2.9 php7.4-xml - 7.4.3-4ubuntu2.9 php7.4-opcache - 7.4.3-4ubuntu2.9 No subscription required Medium CVE-2021-21708 Ubuntu 20.04 LTS Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5304-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: policykit-1-doc - 0.105-26ubuntu1.3 libpolkit-gobject-1-dev - 0.105-26ubuntu1.3 libpolkit-agent-1-0 - 0.105-26ubuntu1.3 libpolkit-agent-1-dev - 0.105-26ubuntu1.3 policykit-1 - 0.105-26ubuntu1.3 gir1.2-polkit-1.0 - 0.105-26ubuntu1.3 libpolkit-gobject-1-0 - 0.105-26ubuntu1.3 No subscription required Medium CVE-2021-4115 Ubuntu 20.04 LTS Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-5305-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.34-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.34-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.34-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.34-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.34-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.34-0ubuntu0.20.04.1 mariadb-client - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.34-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.34-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.34-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.34-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.34-0ubuntu0.20.04.1 mariadb-server - 1:10.3.34-0ubuntu0.20.04.1 mariadb-common - 1:10.3.34-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.34-0ubuntu0.20.04.1 mariadb-test - 1:10.3.34-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5306-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.34.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.34.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.34.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.34.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.34.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.34.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.34.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22589 CVE-2022-22590 CVE-2022-22592 Ubuntu 20.04 LTS Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20196) Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203) It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546) It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3682) It was discovered that the QEMU UAS device emulation incorrectly handled certain stream numbers. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3713) It was discovered that the QEMU virtio-net device incorrectly handled certain buffer addresses. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3748) It was discovered that the QEMU SCSI device emulation incorrectly handled certain MODE SELECT commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-3930) It was discovered that the QEMU ACPI logic incorrectly handled certain values. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-4158) Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU virtiofsd device incorrectly handled permissions when creating files. An attacker inside the guest could use this issue to create files inside the directory shared by virtiofs with unintended permissions, possibly allowing privilege escalation. This issue only affected Ubuntu 21.10. (CVE-2022-0358) Update Instructions: Run `sudo pro fix USN-5307-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.21 qemu-system-common - 1:4.2-3ubuntu6.21 qemu-user-static - 1:4.2-3ubuntu6.21 qemu-system-misc - 1:4.2-3ubuntu6.21 qemu-block-extra - 1:4.2-3ubuntu6.21 qemu-system-s390x - 1:4.2-3ubuntu6.21 qemu-user - 1:4.2-3ubuntu6.21 qemu-system-sparc - 1:4.2-3ubuntu6.21 qemu-guest-agent - 1:4.2-3ubuntu6.21 qemu-system - 1:4.2-3ubuntu6.21 qemu-utils - 1:4.2-3ubuntu6.21 qemu-system-data - 1:4.2-3ubuntu6.21 qemu-kvm - 1:4.2-3ubuntu6.21 qemu-user-binfmt - 1:4.2-3ubuntu6.21 qemu-system-x86 - 1:4.2-3ubuntu6.21 qemu-system-arm - 1:4.2-3ubuntu6.21 qemu-system-gui - 1:4.2-3ubuntu6.21 qemu - 1:4.2-3ubuntu6.21 qemu-system-ppc - 1:4.2-3ubuntu6.21 qemu-system-mips - 1:4.2-3ubuntu6.21 qemu-system-x86-xen - 1:4.2-3ubuntu6.21 No subscription required Medium CVE-2021-20196 CVE-2021-20203 CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3682 CVE-2021-3713 CVE-2021-3748 CVE-2021-3930 CVE-2021-4158 CVE-2022-0358 Ubuntu 20.04 LTS It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0135) It was discovered that virglrenderer incorrectly initialized memory. An attacker inside a guest could possibly use this issue to obtain sensitive host information. (CVE-2022-0175) Update Instructions: Run `sudo pro fix USN-5309-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirglrenderer1 - 0.8.2-1ubuntu1.1 virgl-server - 0.8.2-1ubuntu1.1 libvirglrenderer-dev - 0.8.2-1ubuntu1.1 No subscription required Medium CVE-2022-0135 CVE-2022-0175 Ubuntu 20.04 LTS Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2016-10228, CVE-2019-25013, CVE-2020-27618, CVE-2020-29562, CVE-2021-3326) Jason Royes and Samuel Dytrych discovered that the GNU C Library incorrectly handled signed comparisons on ARMv7 targets. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-6096) It was discovered that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-27645) It was discovered that the GNU C Library wordexp function incorrectly handled certain patterns. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-35942) It was discovered that the GNU C Library realpath function incorrectly handled return values. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 21.10. (CVE-2021-3998) It was discovered that the GNU C library getcwd function incorrectly handled buffers. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3999) It was discovered that the GNU C Library sunrpc module incorrectly handled buffer lengths. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service. (CVE-2022-23218, CVE-2022-23219) Update Instructions: Run `sudo pro fix USN-5310-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc6-i386 - 2.31-0ubuntu9.7 nscd - 2.31-0ubuntu9.7 libc6-dev-s390 - 2.31-0ubuntu9.7 glibc-source - 2.31-0ubuntu9.7 libc-bin - 2.31-0ubuntu9.7 libc6-x32 - 2.31-0ubuntu9.7 libc6-s390 - 2.31-0ubuntu9.7 libc6-armel - 2.31-0ubuntu9.7 libc6-pic - 2.31-0ubuntu9.7 libc6-dev-armel - 2.31-0ubuntu9.7 glibc-doc - 2.31-0ubuntu9.7 libc6-dev - 2.31-0ubuntu9.7 libc6-amd64 - 2.31-0ubuntu9.7 libc6-dev-amd64 - 2.31-0ubuntu9.7 libc6 - 2.31-0ubuntu9.7 locales-all - 2.31-0ubuntu9.7 libc6-dev-x32 - 2.31-0ubuntu9.7 locales - 2.31-0ubuntu9.7 libc6-lse - 2.31-0ubuntu9.7 libc6-dev-i386 - 2.31-0ubuntu9.7 libc-dev-bin - 2.31-0ubuntu9.7 libc6-prof - 2.31-0ubuntu9.7 No subscription required Medium CVE-2016-10228 CVE-2019-25013 CVE-2020-27618 CVE-2020-29562 CVE-2020-6096 CVE-2021-27645 CVE-2021-3326 CVE-2021-35942 CVE-2021-3998 CVE-2021-3999 CVE-2022-23218 CVE-2022-23219 Ubuntu 20.04 LTS It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5311-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.5-0ubuntu3~20.04.2 golang-github-containerd-containerd-dev - 1.5.5-0ubuntu3~20.04.2 No subscription required Medium CVE-2022-23648 Ubuntu 20.04 LTS USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for this CVE by mistake. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5311-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.9-0ubuntu1~20.04.4 golang-github-containerd-containerd-dev - 1.5.9-0ubuntu1~20.04.4 No subscription required Medium CVE-2022-23648 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled certain headers. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5312-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.13-2ubuntu0.5 haproxy-doc - 2.0.13-2ubuntu0.5 vim-haproxy - 2.0.13-2ubuntu0.5 No subscription required Medium CVE-2022-0711 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled deserialization filters. An attacker could possibly use this issue to insert, delete or obtain sensitive information. (CVE-2022-21248) It was discovered that OpenJDK incorrectly read uncompressed TIFF files. An attacker could possibly use this issue to cause a denial of service via a specially crafted TIFF file. (CVE-2022-21277) Jonni Passki discovered that OpenJDK incorrectly verified access restrictions when performing URI resolution. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21282) It was discovered that OpenJDK incorrectly handled certain regular expressions in the Pattern class implementation. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21283) It was discovered that OpenJDK incorrectly handled specially crafted Java class files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21291) Markus Loewe discovered that OpenJDK incorrectly validated attributes during object deserialization. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21293, CVE-2022-21294) Dan Rabe discovered that OpenJDK incorrectly verified access permissions in the JAXP component. An attacker could possibly use this to specially craft an XML file to obtain sensitive information. (CVE-2022-21296) It was discovered that OpenJDK incorrectly handled XML entities. An attacker could use this to specially craft an XML file that, when parsed, would possibly cause a denial of service. (CVE-2022-21299) Zhiqiang Zang discovered that OpenJDK incorrectly handled array indexes. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21305) It was discovered that OpenJDK incorrectly read very long attributes values in JAR file manifests. An attacker could possibly use this to specially craft JAR file to cause a denial of service. (CVE-2022-21340) It was discovered that OpenJDK incorrectly validated input from serialized streams. An attacker cold possibly use this issue to bypass sandbox restrictions. (CVE-2022-21341) Fabian Meumertzheim discovered that OpenJDK incorrectly handled certain specially crafted BMP or TIFF files. An attacker could possibly use this to cause a denial of service. (CVE-2022-21360, CVE-2022-21366) It was discovered that an integer overflow could be triggered in OpenJDK BMPImageReader class implementation. An attacker could possibly use this to specially craft a BMP file to cause a denial of service. (CVE-2022-21365) Update Instructions: Run `sudo pro fix USN-5313-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jre-zero - 11.0.14+9-0ubuntu2~20.04 openjdk-11-doc - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jre-headless - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jdk - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jdk-headless - 11.0.14+9-0ubuntu2~20.04 openjdk-11-jre - 11.0.14+9-0ubuntu2~20.04 openjdk-11-demo - 11.0.14+9-0ubuntu2~20.04 No subscription required openjdk-17-demo - 17.0.2+8-1~20.04 openjdk-17-jdk - 17.0.2+8-1~20.04 openjdk-17-jdk-headless - 17.0.2+8-1~20.04 openjdk-17-jre-zero - 17.0.2+8-1~20.04 openjdk-17-source - 17.0.2+8-1~20.04 openjdk-17-jre-headless - 17.0.2+8-1~20.04 openjdk-17-jre - 17.0.2+8-1~20.04 openjdk-17-doc - 17.0.2+8-1~20.04 No subscription required Medium CVE-2022-21248 CVE-2022-21277 CVE-2022-21282 CVE-2022-21283 CVE-2022-21291 CVE-2022-21293 CVE-2022-21294 CVE-2022-21296 CVE-2022-21299 CVE-2022-21305 CVE-2022-21340 CVE-2022-21341 CVE-2022-21360 CVE-2022-21365 CVE-2022-21366 Ubuntu 20.04 LTS USN-5313-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression in OpenJDK 11 that could impact interoperability with some popular HTTP/2 servers making it unable to connect to said servers. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenJDK incorrectly handled deserialization filters. An attacker could possibly use this issue to insert, delete or obtain sensitive information. (CVE-2022-21248) It was discovered that OpenJDK incorrectly read uncompressed TIFF files. An attacker could possibly use this issue to cause a denial of service via a specially crafted TIFF file. (CVE-2022-21277) Jonni Passki discovered that OpenJDK incorrectly verified access restrictions when performing URI resolution. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21282) It was discovered that OpenJDK incorrectly handled certain regular expressions in the Pattern class implementation. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21283) It was discovered that OpenJDK incorrectly handled specially crafted Java class files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21291) Markus Loewe discovered that OpenJDK incorrectly validated attributes during object deserialization. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21293, CVE-2022-21294) Dan Rabe discovered that OpenJDK incorrectly verified access permissions in the JAXP component. An attacker could possibly use this to specially craft an XML file to obtain sensitive information. (CVE-2022-21296) It was discovered that OpenJDK incorrectly handled XML entities. An attacker could use this to specially craft an XML file that, when parsed, would possibly cause a denial of service. (CVE-2022-21299) Zhiqiang Zang discovered that OpenJDK incorrectly handled array indexes. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21305) It was discovered that OpenJDK incorrectly read very long attributes values in JAR file manifests. An attacker could possibly use this to specially craft JAR file to cause a denial of service. (CVE-2022-21340) It was discovered that OpenJDK incorrectly validated input from serialized streams. An attacker cold possibly use this issue to bypass sandbox restrictions. (CVE-2022-21341) Fabian Meumertzheim discovered that OpenJDK incorrectly handled certain specially crafted BMP or TIFF files. An attacker could possibly use this to cause a denial of service. (CVE-2022-21360, CVE-2022-21366) It was discovered that an integer overflow could be triggered in OpenJDK BMPImageReader class implementation. An attacker could possibly use this to specially craft a BMP file to cause a denial of service. (CVE-2022-21365) Update Instructions: Run `sudo pro fix USN-5313-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-doc - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-jre - 11.0.14.1+1-0ubuntu1~20.04 openjdk-11-demo - 11.0.14.1+1-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/1966338 Ubuntu 20.04 LTS A use-after-free was discovered when removing an XSLT parameter in some circumstances. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. (CVE-2022-26485) A use-after-free was discovered in the WebGPU IPC framework. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. (CVE-2022-26486) Update Instructions: Run `sudo pro fix USN-5314-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 97.0.2+build1-0ubuntu0.20.04.1 firefox - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 97.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 97.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 97.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 97.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 97.0.2+build1-0ubuntu0.20.04.1 No subscription required High CVE-2022-26485 CVE-2022-26486 Ubuntu 20.04 LTS It was discovered that Ansible did not properly manage directory permissions when running playbooks with an unprivileged become user. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-1733) It was discovered that the fix to address CVE-2020-1733 in Ansible was incomplete on systems using ACLs and FUSE filesystems. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-10744) It was discovered that Ansible did not properly manage multi-line YAML strings and special template characters. A local attacker could possibly use this issue to cause a template injection, resulting in the disclosure of sensitive information or other unspecified impact. (CVE-2021-3583) It was discovered that the ansible-connection module in Ansible did not properly manage certain error messages. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3620) Update Instructions: Run `sudo pro fix USN-5315-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ansible - 2.9.6+dfsg-1ubuntu0.1~esm1 ansible-doc - 2.9.6+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-10744 CVE-2020-1733 CVE-2021-3583 CVE-2021-3620 Ubuntu 20.04 LTS Reginaldo Silva discovered that due to a packaging issue, a remote attacker with the ability to execute arbitrary Lua scripts could possibly escape the Lua sandbox and execute arbitrary code on the host. Update Instructions: Run `sudo pro fix USN-5316-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis - 5:5.0.7-2ubuntu0.1 redis-server - 5:5.0.7-2ubuntu0.1 redis-sentinel - 5:5.0.7-2ubuntu0.1 redis-tools - 5:5.0.7-2ubuntu0.1 No subscription required Medium CVE-2022-0543 Ubuntu 20.04 LTS Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) Max Kellermann discovered that the Linux kernel incorrectly handled Unix pipes. A local attacker could potentially use this to modify any file that could be opened for reading. (CVE-2022-0847) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001, CVE-2022-0002) Update Instructions: Run `sudo pro fix USN-5317-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-cloud-tools-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-cloud-tools-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-headers-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-image-unsigned-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-image-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-modules-extra-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-aws-5.13-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-tools-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-aws-5.13-headers-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-modules-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-buildinfo-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-tools-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-headers-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-azure-5.13-tools-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-image-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 linux-buildinfo-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-modules-extra-5.13.0-1017-azure - 5.13.0-1017.19~20.04.1 linux-azure-5.13-headers-5.13.0-1017 - 5.13.0-1017.19~20.04.1 linux-image-unsigned-5.13.0-1017-aws - 5.13.0-1017.19~20.04.1 No subscription required linux-modules-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-gcp-5.13-headers-5.13.0-1019 - 5.13.0-1019.23~20.04.1 linux-tools-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-buildinfo-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-image-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-headers-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-gcp-5.13-tools-5.13.0-1019 - 5.13.0-1019.23~20.04.1 linux-image-unsigned-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 linux-modules-extra-5.13.0-1019-gcp - 5.13.0-1019.23~20.04.1 No subscription required linux-oracle-5.13-tools-5.13.0-1021 - 5.13.0-1021.26~20.04.1 linux-image-unsigned-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-headers-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-modules-extra-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-buildinfo-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-tools-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-image-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 linux-oracle-5.13-headers-5.13.0-1021 - 5.13.0-1021.26~20.04.1 linux-modules-5.13.0-1021-oracle - 5.13.0-1021.26~20.04.1 No subscription required linux-image-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-image-unsigned-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-headers-5.13.0-35 - 5.13.0-35.40~20.04.1 linux-hwe-5.13-tools-5.13.0-35 - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-image-unsigned-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-image-unsigned-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-cloud-tools-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-headers-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-modules-extra-5.13.0-35-generic - 5.13.0-35.40~20.04.1 linux-tools-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-35 - 5.13.0-35.40~20.04.1 linux-cloud-tools-5.13.0-35-lowlatency - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-buildinfo-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-generic-lpae - 5.13.0-35.40~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-35.40~20.04.1 linux-modules-5.13.0-35-generic-64k - 5.13.0-35.40~20.04.1 No subscription required linux-headers-aws - 5.13.0.1017.19~20.04.10 linux-image-aws - 5.13.0.1017.19~20.04.10 linux-modules-extra-aws-edge - 5.13.0.1017.19~20.04.10 linux-image-aws-edge - 5.13.0.1017.19~20.04.10 linux-aws-edge - 5.13.0.1017.19~20.04.10 linux-aws - 5.13.0.1017.19~20.04.10 linux-headers-aws-edge - 5.13.0.1017.19~20.04.10 linux-modules-extra-aws - 5.13.0.1017.19~20.04.10 linux-tools-aws - 5.13.0.1017.19~20.04.10 linux-tools-aws-edge - 5.13.0.1017.19~20.04.10 No subscription required linux-tools-azure-edge - 5.13.0.1017.19~20.04.7 linux-cloud-tools-azure - 5.13.0.1017.19~20.04.7 linux-tools-azure - 5.13.0.1017.19~20.04.7 linux-image-azure-edge - 5.13.0.1017.19~20.04.7 linux-cloud-tools-azure-edge - 5.13.0.1017.19~20.04.7 linux-modules-extra-azure - 5.13.0.1017.19~20.04.7 linux-image-azure - 5.13.0.1017.19~20.04.7 linux-headers-azure-edge - 5.13.0.1017.19~20.04.7 linux-modules-extra-azure-edge - 5.13.0.1017.19~20.04.7 linux-azure - 5.13.0.1017.19~20.04.7 linux-azure-edge - 5.13.0.1017.19~20.04.7 linux-headers-azure - 5.13.0.1017.19~20.04.7 No subscription required linux-headers-gcp - 5.13.0.1019.23~20.04.1 linux-image-gcp-edge - 5.13.0.1019.23~20.04.1 linux-tools-gcp-edge - 5.13.0.1019.23~20.04.1 linux-headers-gcp-edge - 5.13.0.1019.23~20.04.1 linux-tools-gcp - 5.13.0.1019.23~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1019.23~20.04.1 linux-gcp - 5.13.0.1019.23~20.04.1 linux-image-gcp - 5.13.0.1019.23~20.04.1 linux-modules-extra-gcp - 5.13.0.1019.23~20.04.1 linux-gcp-edge - 5.13.0.1019.23~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1021.26~20.04.1 linux-tools-oracle-edge - 5.13.0.1021.26~20.04.1 linux-image-oracle-edge - 5.13.0.1021.26~20.04.1 linux-oracle-edge - 5.13.0.1021.26~20.04.1 linux-headers-oracle-edge - 5.13.0.1021.26~20.04.1 linux-image-oracle - 5.13.0.1021.26~20.04.1 linux-tools-oracle - 5.13.0.1021.26~20.04.1 linux-oracle - 5.13.0.1021.26~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-extra-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-lowlatency-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-generic-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-generic-lpae-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-tools-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-generic-64k-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-image-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 linux-headers-virtual-hwe-20.04 - 5.13.0.35.40~20.04.20 No subscription required linux-image-5.14.0-1027-oem - 5.14.0-1027.30 linux-oem-5.14-headers-5.14.0-1027 - 5.14.0-1027.30 linux-oem-5.14-tools-host - 5.14.0-1027.30 linux-image-unsigned-5.14.0-1027-oem - 5.14.0-1027.30 linux-buildinfo-5.14.0-1027-oem - 5.14.0-1027.30 linux-tools-5.14.0-1027-oem - 5.14.0-1027.30 linux-headers-5.14.0-1027-oem - 5.14.0-1027.30 linux-modules-5.14.0-1027-oem - 5.14.0-1027.30 linux-oem-5.14-tools-5.14.0-1027 - 5.14.0-1027.30 No subscription required linux-headers-oem-20.04 - 5.14.0.1027.24 linux-tools-oem-20.04d - 5.14.0.1027.24 linux-tools-oem-20.04c - 5.14.0.1027.24 linux-tools-oem-20.04b - 5.14.0.1027.24 linux-image-oem-20.04c - 5.14.0.1027.24 linux-image-oem-20.04b - 5.14.0.1027.24 linux-image-oem-20.04d - 5.14.0.1027.24 linux-oem-20.04 - 5.14.0.1027.24 linux-image-oem-20.04 - 5.14.0.1027.24 linux-oem-20.04d - 5.14.0.1027.24 linux-oem-20.04c - 5.14.0.1027.24 linux-tools-oem-20.04 - 5.14.0.1027.24 linux-oem-20.04b - 5.14.0.1027.24 linux-headers-oem-20.04b - 5.14.0.1027.24 linux-headers-oem-20.04c - 5.14.0.1027.24 linux-headers-oem-20.04d - 5.14.0.1027.24 No subscription required High CVE-2022-0001 CVE-2022-0002 CVE-2022-0847 CVE-2022-23960 CVE-2022-25636 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI Ubuntu 20.04 LTS Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001, CVE-2022-0002) Update Instructions: Run `sudo pro fix USN-5318-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1017-ibm - 5.4.0-1017.19 linux-ibm-tools-5.4.0-1017 - 5.4.0-1017.19 linux-buildinfo-5.4.0-1017-ibm - 5.4.0-1017.19 linux-ibm-headers-5.4.0-1017 - 5.4.0-1017.19 linux-ibm-tools-common - 5.4.0-1017.19 linux-modules-extra-5.4.0-1017-ibm - 5.4.0-1017.19 linux-ibm-source-5.4.0 - 5.4.0-1017.19 linux-ibm-cloud-tools-common - 5.4.0-1017.19 linux-modules-5.4.0-1017-ibm - 5.4.0-1017.19 linux-image-5.4.0-1017-ibm - 5.4.0-1017.19 linux-tools-5.4.0-1017-ibm - 5.4.0-1017.19 linux-headers-5.4.0-1017-ibm - 5.4.0-1017.19 No subscription required linux-bluefield-tools-5.4.0-1030 - 5.4.0-1030.33 linux-buildinfo-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-image-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-bluefield-headers-5.4.0-1030 - 5.4.0-1030.33 linux-headers-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-image-unsigned-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-tools-5.4.0-1030-bluefield - 5.4.0-1030.33 linux-modules-5.4.0-1030-bluefield - 5.4.0-1030.33 No subscription required linux-gkeop-headers-5.4.0-1036 - 5.4.0-1036.37 linux-buildinfo-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-gkeop-source-5.4.0 - 5.4.0-1036.37 linux-cloud-tools-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-tools-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-image-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-modules-extra-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-gkeop-tools-5.4.0-1036 - 5.4.0-1036.37 linux-gkeop-cloud-tools-5.4.0-1036 - 5.4.0-1036.37 linux-headers-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-image-unsigned-5.4.0-1036-gkeop - 5.4.0-1036.37 linux-modules-5.4.0-1036-gkeop - 5.4.0-1036.37 No subscription required linux-tools-5.4.0-104-generic - 5.4.0-104.118 linux-tools-common - 5.4.0-104.118 linux-tools-host - 5.4.0-104.118 linux-doc - 5.4.0-104.118 linux-headers-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-buildinfo-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-cloud-tools-5.4.0-104-generic - 5.4.0-104.118 linux-libc-dev - 5.4.0-104.118 linux-source-5.4.0 - 5.4.0-104.118 linux-headers-5.4.0-104-lowlatency - 5.4.0-104.118 linux-cloud-tools-5.4.0-104-lowlatency - 5.4.0-104.118 linux-modules-5.4.0-104-lowlatency - 5.4.0-104.118 linux-tools-5.4.0-104-lowlatency - 5.4.0-104.118 linux-buildinfo-5.4.0-104-lowlatency - 5.4.0-104.118 linux-modules-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-tools-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-headers-5.4.0-104-generic - 5.4.0-104.118 linux-image-5.4.0-104-generic - 5.4.0-104.118 linux-image-unsigned-5.4.0-104-generic - 5.4.0-104.118 linux-headers-5.4.0-104 - 5.4.0-104.118 linux-image-5.4.0-104-generic-lpae - 5.4.0-104.118 linux-image-5.4.0-104-lowlatency - 5.4.0-104.118 linux-cloud-tools-common - 5.4.0-104.118 linux-image-unsigned-5.4.0-104-lowlatency - 5.4.0-104.118 linux-cloud-tools-5.4.0-104 - 5.4.0-104.118 linux-buildinfo-5.4.0-104-generic - 5.4.0-104.118 linux-modules-5.4.0-104-generic - 5.4.0-104.118 linux-modules-extra-5.4.0-104-generic - 5.4.0-104.118 linux-tools-5.4.0-104 - 5.4.0-104.118 No subscription required linux-headers-5.4.0-1055-raspi - 5.4.0-1055.62 linux-tools-5.4.0-1055-raspi - 5.4.0-1055.62 linux-buildinfo-5.4.0-1055-raspi - 5.4.0-1055.62 linux-modules-5.4.0-1055-raspi - 5.4.0-1055.62 linux-raspi-tools-5.4.0-1055 - 5.4.0-1055.62 linux-raspi-headers-5.4.0-1055 - 5.4.0-1055.62 linux-image-5.4.0-1055-raspi - 5.4.0-1055.62 No subscription required linux-image-5.4.0-1058-kvm - 5.4.0-1058.61 linux-image-unsigned-5.4.0-1058-kvm - 5.4.0-1058.61 linux-modules-5.4.0-1058-kvm - 5.4.0-1058.61 linux-kvm-headers-5.4.0-1058 - 5.4.0-1058.61 linux-tools-5.4.0-1058-kvm - 5.4.0-1058.61 linux-kvm-tools-5.4.0-1058 - 5.4.0-1058.61 linux-headers-5.4.0-1058-kvm - 5.4.0-1058.61 linux-buildinfo-5.4.0-1058-kvm - 5.4.0-1058.61 No subscription required linux-buildinfo-5.4.0-1065-gke - 5.4.0-1065.68 linux-modules-5.4.0-1065-gke - 5.4.0-1065.68 linux-modules-extra-5.4.0-1065-gke - 5.4.0-1065.68 linux-gke-headers-5.4.0-1065 - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-gke - 5.4.0-1065.68 linux-tools-5.4.0-1065-gke - 5.4.0-1065.68 linux-headers-5.4.0-1065-gke - 5.4.0-1065.68 linux-gke-tools-5.4.0-1065 - 5.4.0-1065.68 linux-image-5.4.0-1065-gke - 5.4.0-1065.68 No subscription required linux-oracle-tools-5.4.0-1066 - 5.4.0-1066.71 linux-tools-5.4.0-1066-oracle - 5.4.0-1066.71 linux-image-5.4.0-1066-oracle - 5.4.0-1066.71 linux-oracle-headers-5.4.0-1066 - 5.4.0-1066.71 linux-modules-5.4.0-1066-oracle - 5.4.0-1066.71 linux-image-unsigned-5.4.0-1066-oracle - 5.4.0-1066.71 linux-buildinfo-5.4.0-1066-oracle - 5.4.0-1066.71 linux-headers-5.4.0-1066-oracle - 5.4.0-1066.71 linux-modules-extra-5.4.0-1066-oracle - 5.4.0-1066.71 No subscription required linux-gcp-tools-5.4.0-1067 - 5.4.0-1067.71 linux-modules-extra-5.4.0-1067-gcp - 5.4.0-1067.71 linux-headers-5.4.0-1067-gcp - 5.4.0-1067.71 linux-modules-5.4.0-1067-gcp - 5.4.0-1067.71 linux-image-5.4.0-1067-gcp - 5.4.0-1067.71 linux-tools-5.4.0-1067-gcp - 5.4.0-1067.71 linux-buildinfo-5.4.0-1067-gcp - 5.4.0-1067.71 linux-image-unsigned-5.4.0-1067-gcp - 5.4.0-1067.71 linux-gcp-headers-5.4.0-1067 - 5.4.0-1067.71 No subscription required linux-cloud-tools-5.4.0-1068-aws - 5.4.0-1068.72 linux-modules-extra-5.4.0-1068-aws - 5.4.0-1068.72 linux-aws-tools-5.4.0-1068 - 5.4.0-1068.72 linux-modules-5.4.0-1068-aws - 5.4.0-1068.72 linux-aws-headers-5.4.0-1068 - 5.4.0-1068.72 linux-tools-5.4.0-1068-aws - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-aws - 5.4.0-1068.72 linux-headers-5.4.0-1068-aws - 5.4.0-1068.72 linux-image-5.4.0-1068-aws - 5.4.0-1068.72 linux-aws-cloud-tools-5.4.0-1068 - 5.4.0-1068.72 linux-image-unsigned-5.4.0-1068-aws - 5.4.0-1068.72 No subscription required linux-azure-headers-5.4.0-1072 - 5.4.0-1072.75 linux-headers-5.4.0-1072-azure - 5.4.0-1072.75 linux-image-5.4.0-1072-azure - 5.4.0-1072.75 linux-cloud-tools-5.4.0-1072-azure - 5.4.0-1072.75 linux-image-unsigned-5.4.0-1072-azure - 5.4.0-1072.75 linux-buildinfo-5.4.0-1072-azure - 5.4.0-1072.75 linux-modules-5.4.0-1072-azure - 5.4.0-1072.75 linux-azure-cloud-tools-5.4.0-1072 - 5.4.0-1072.75 linux-modules-extra-5.4.0-1072-azure - 5.4.0-1072.75 linux-tools-5.4.0-1072-azure - 5.4.0-1072.75 linux-azure-tools-5.4.0-1072 - 5.4.0-1072.75 No subscription required linux-image-unsigned-5.4.0-1072-azure-fde - 5.4.0-1072.75+cvm1.1 linux-image-5.4.0-1072-azure-fde - 5.4.0-1072.75+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1017.17 linux-headers-ibm-lts-20.04 - 5.4.0.1017.17 linux-tools-ibm - 5.4.0.1017.17 linux-image-ibm-lts-20.04 - 5.4.0.1017.17 linux-ibm-lts-20.04 - 5.4.0.1017.17 linux-image-ibm - 5.4.0.1017.17 linux-modules-extra-ibm - 5.4.0.1017.17 linux-ibm - 5.4.0.1017.17 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1017.17 linux-headers-ibm - 5.4.0.1017.17 No subscription required linux-image-bluefield - 5.4.0.1030.31 linux-bluefield - 5.4.0.1030.31 linux-headers-bluefield - 5.4.0.1030.31 linux-tools-bluefield - 5.4.0.1030.31 No subscription required linux-headers-gkeop - 5.4.0.1036.39 linux-cloud-tools-gkeop-5.4 - 5.4.0.1036.39 linux-image-gkeop - 5.4.0.1036.39 linux-gkeop-5.4 - 5.4.0.1036.39 linux-modules-extra-gkeop-5.4 - 5.4.0.1036.39 linux-image-gkeop-5.4 - 5.4.0.1036.39 linux-gkeop - 5.4.0.1036.39 linux-cloud-tools-gkeop - 5.4.0.1036.39 linux-headers-gkeop-5.4 - 5.4.0.1036.39 linux-modules-extra-gkeop - 5.4.0.1036.39 linux-tools-gkeop - 5.4.0.1036.39 linux-tools-gkeop-5.4 - 5.4.0.1036.39 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-cloud-tools-virtual - 5.4.0.104.108 linux-image-generic-hwe-18.04 - 5.4.0.104.108 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-headers-generic-lpae - 5.4.0.104.108 linux-image-virtual - 5.4.0.104.108 linux-oem-osp1-tools-host - 5.4.0.104.108 linux-image-generic - 5.4.0.104.108 linux-tools-lowlatency - 5.4.0.104.108 linux-image-oem - 5.4.0.104.108 linux-headers-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-image-extra-virtual-hwe-18.04 - 5.4.0.104.108 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-oem - 5.4.0.104.108 linux-image-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-crashdump - 5.4.0.104.108 linux-headers-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-tools-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-headers-generic-hwe-18.04 - 5.4.0.104.108 linux-source - 5.4.0.104.108 linux-lowlatency - 5.4.0.104.108 linux-tools-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-tools-generic-lpae - 5.4.0.104.108 linux-virtual - 5.4.0.104.108 linux-headers-virtual-hwe-18.04 - 5.4.0.104.108 linux-tools-generic - 5.4.0.104.108 linux-virtual-hwe-18.04 - 5.4.0.104.108 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-tools-virtual - 5.4.0.104.108 linux-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-generic-lpae - 5.4.0.104.108 linux-headers-oem - 5.4.0.104.108 linux-headers-oem-osp1 - 5.4.0.104.108 linux-generic - 5.4.0.104.108 linux-tools-oem-osp1 - 5.4.0.104.108 linux-tools-generic-hwe-18.04-edge - 5.4.0.104.108 linux-image-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-image-virtual-hwe-18.04 - 5.4.0.104.108 linux-cloud-tools-lowlatency - 5.4.0.104.108 linux-headers-lowlatency - 5.4.0.104.108 linux-image-generic-hwe-18.04-edge - 5.4.0.104.108 linux-generic-hwe-18.04-edge - 5.4.0.104.108 linux-tools-generic-hwe-18.04 - 5.4.0.104.108 linux-generic-hwe-18.04 - 5.4.0.104.108 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-image-extra-virtual - 5.4.0.104.108 linux-cloud-tools-generic - 5.4.0.104.108 linux-image-oem-osp1 - 5.4.0.104.108 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-oem-tools-host - 5.4.0.104.108 linux-tools-oem - 5.4.0.104.108 linux-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-headers-generic-hwe-18.04-edge - 5.4.0.104.108 linux-headers-generic - 5.4.0.104.108 linux-oem-osp1 - 5.4.0.104.108 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.104.108 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.104.108 linux-image-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.104.108 linux-virtual-hwe-18.04-edge - 5.4.0.104.108 linux-headers-virtual - 5.4.0.104.108 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.104.108 linux-tools-virtual-hwe-18.04 - 5.4.0.104.108 linux-lowlatency-hwe-18.04 - 5.4.0.104.108 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.104.108 linux-image-generic-lpae - 5.4.0.104.108 linux-image-lowlatency - 5.4.0.104.108 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.104.108 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-raspi2 - 5.4.0.1055.89 linux-image-raspi - 5.4.0.1055.89 linux-image-raspi-hwe-18.04 - 5.4.0.1055.89 linux-image-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-tools-raspi - 5.4.0.1055.89 linux-headers-raspi-hwe-18.04 - 5.4.0.1055.89 linux-headers-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-headers-raspi - 5.4.0.1055.89 linux-raspi-hwe-18.04 - 5.4.0.1055.89 linux-tools-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-raspi2-hwe-18.04 - 5.4.0.1055.89 linux-image-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-image-raspi2 - 5.4.0.1055.89 linux-tools-raspi-hwe-18.04 - 5.4.0.1055.89 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-raspi-hwe-18.04-edge - 5.4.0.1055.89 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1055.89 linux-tools-raspi2 - 5.4.0.1055.89 linux-raspi - 5.4.0.1055.89 linux-headers-raspi2 - 5.4.0.1055.89 No subscription required linux-kvm - 5.4.0.1058.57 linux-headers-kvm - 5.4.0.1058.57 linux-image-kvm - 5.4.0.1058.57 linux-tools-kvm - 5.4.0.1058.57 No subscription required linux-modules-extra-gke - 5.4.0.1065.75 linux-headers-gke-5.4 - 5.4.0.1065.75 linux-tools-gke-5.4 - 5.4.0.1065.75 linux-modules-extra-gke-5.4 - 5.4.0.1065.75 linux-gke-5.4 - 5.4.0.1065.75 linux-tools-gke - 5.4.0.1065.75 linux-gke - 5.4.0.1065.75 linux-headers-gke - 5.4.0.1065.75 linux-image-gke-5.4 - 5.4.0.1065.75 linux-image-gke - 5.4.0.1065.75 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1066.66 linux-oracle-lts-20.04 - 5.4.0.1066.66 linux-image-oracle-lts-20.04 - 5.4.0.1066.66 linux-tools-oracle-lts-20.04 - 5.4.0.1066.66 No subscription required linux-gcp-lts-20.04 - 5.4.0.1067.76 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1067.76 linux-headers-gcp-lts-20.04 - 5.4.0.1067.76 linux-image-gcp-lts-20.04 - 5.4.0.1067.76 linux-tools-gcp-lts-20.04 - 5.4.0.1067.76 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1068.70 linux-tools-aws-lts-20.04 - 5.4.0.1068.70 linux-image-aws-lts-20.04 - 5.4.0.1068.70 linux-headers-aws-lts-20.04 - 5.4.0.1068.70 linux-aws-lts-20.04 - 5.4.0.1068.70 No subscription required linux-azure-lts-20.04 - 5.4.0.1072.70 linux-image-azure-lts-20.04 - 5.4.0.1072.70 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1072.70 linux-headers-azure-lts-20.04 - 5.4.0.1072.70 linux-modules-extra-azure-lts-20.04 - 5.4.0.1072.70 linux-tools-azure-lts-20.04 - 5.4.0.1072.70 No subscription required linux-tools-azure-fde - 5.4.0.1072.75+cvm1.18 linux-image-azure-fde - 5.4.0.1072.75+cvm1.18 linux-azure-fde - 5.4.0.1072.75+cvm1.18 linux-cloud-tools-azure-fde - 5.4.0.1072.75+cvm1.18 linux-modules-extra-azure-fde - 5.4.0.1072.75+cvm1.18 linux-headers-azure-fde - 5.4.0.1072.75+cvm1.18 No subscription required High CVE-2022-0001 CVE-2022-0002 CVE-2022-23960 CVE-2022-25636 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI Ubuntu 20.04 LTS USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-25313) It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-25314) It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-25315) Original advisory details: It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-25236) Update Instructions: Run `sudo pro fix USN-5320-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.4 libexpat1-dev - 2.2.9-1ubuntu0.4 libexpat1 - 2.2.9-1ubuntu0.4 No subscription required Medium CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 https://launchpad.net/bugs/1963903 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Update Instructions: Run `sudo pro fix USN-5321-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-nn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ne - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-nb - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fa - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fi - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-fy - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-or - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-kab - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-oc - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-cs - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ga - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gd - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-gu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-pa - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-pl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-cy - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-pt - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-szl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hi - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ms - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-he - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hy - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-it - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-as - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ar - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ia - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-az - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-id - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mai - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-af - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-is - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-vi - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-an - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-bs - 98.0+build3-0ubuntu0.20.04.2 firefox - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ro - 98.0+build3-0ubuntu0.20.04.2 firefox-geckodriver - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ja - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ru - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-br - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hant - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-zh-hans - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-bn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-be - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-bg - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sl - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-si - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sw - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sv - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-sq - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ko - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-kn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-km - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-kk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ka - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-xh - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ca - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ku - 98.0+build3-0ubuntu0.20.04.2 firefox-mozsymbols - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-lv - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-lt - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-th - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-hsb - 98.0+build3-0ubuntu0.20.04.2 firefox-dev - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-te - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-cak - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ta - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-lg - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-tr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-nso - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-de - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-da - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-uk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mr - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-my - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-uz - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ml - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mn - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-mk - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ur - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-eu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-et - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-es - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-csb - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-el - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-eo - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-en - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-zu - 98.0+build3-0ubuntu0.20.04.2 firefox-locale-ast - 98.0+build3-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-0843 CVE-2022-26381 CVE-2022-26382 CVE-2022-26383 CVE-2022-26384 CVE-2022-26385 CVE-2022-26387 Ubuntu 20.04 LTS USN-5321-1 fixed vulnerabilities in Firefox. The update didn't include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down search menu. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Update Instructions: Run `sudo pro fix USN-5321-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 98.0.1+build2-0ubuntu0.20.04.1 firefox - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 98.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 98.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 98.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 98.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 98.0.1+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-0843 CVE-2022-26381 CVE-2022-26382 CVE-2022-26383 CVE-2022-26384 CVE-2022-26385 CVE-2022-26387 Ubuntu 20.04 LTS USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Update Instructions: Run `sudo pro fix USN-5321-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 98.0.2+build1-0ubuntu0.20.04.1 firefox - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 98.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 98.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 98.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 98.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 98.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1966306 Ubuntu 20.04 LTS It was discovered that NBD incorrectly handled name length fields. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5323-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nbd-server - 1:3.20-1ubuntu0.1 nbd-client - 1:3.20-1ubuntu0.1 No subscription required Medium CVE-2022-26495 CVE-2022-26496 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML files. An attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5324-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.2 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.2 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.2 No subscription required Medium CVE-2022-23308 Ubuntu 20.04 LTS Sam Foxman discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to regain dropped privileges. (CVE-2019-20044) It was discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-45444) Update Instructions: Run `sudo pro fix USN-5325-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zsh-static - 5.8-3ubuntu1.1 zsh-common - 5.8-3ubuntu1.1 zsh-dev - 5.8-3ubuntu1.1 zsh - 5.8-3ubuntu1.1 zsh-doc - 5.8-3ubuntu1.1 No subscription required Low CVE-2019-20044 CVE-2021-45444 Ubuntu 20.04 LTS Tavis Ormandy discovered that OpenSSL incorrectly parsed certain certificates. A remote attacker could possibly use this issue to cause OpenSSH to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5328-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.12 libssl-dev - 1.1.1f-1ubuntu2.12 openssl - 1.1.1f-1ubuntu2.12 libssl-doc - 1.1.1f-1ubuntu2.12 No subscription required High CVE-2022-0778 Ubuntu 20.04 LTS It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to cause tar to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5329-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.2 tar - 1.30+dfsg-7ubuntu0.20.04.2 No subscription required Low CVE-2021-20193 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations. Update Instructions: Run `sudo pro fix USN-5330-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.4 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.4 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.4 libreoffice - 1:6.4.7-0ubuntu0.20.04.4 libjuh-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.4 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.4 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.4 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.4 libridl-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.4 python3-access2base - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.4 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.4 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.4 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.4 libunoil-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.4 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.4 libjurt-java - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.4 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.4 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.4 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.4 ure - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.4 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.4 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.4 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.4 python3-uno - 1:6.4.7-0ubuntu0.20.04.4 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.4 No subscription required Medium CVE-2021-25636 Ubuntu 20.04 LTS USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-16301) It was discovered that tcpdump incorrectly handled certain captured data. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8037) Update Instructions: Run `sudo pro fix USN-5331-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcpdump - 4.9.3-4ubuntu0.1 No subscription required Low CVE-2018-16301 CVE-2020-8037 Ubuntu 20.04 LTS Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. (CVE-2021-25220) It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2022-0396) Update Instructions: Run `sudo pro fix USN-5332-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.10 bind9-libs - 1:9.16.1-0ubuntu2.10 bind9utils - 1:9.16.1-0ubuntu2.10 bind9-doc - 1:9.16.1-0ubuntu2.10 bind9-utils - 1:9.16.1-0ubuntu2.10 bind9 - 1:9.16.1-0ubuntu2.10 bind9-dnsutils - 1:9.16.1-0ubuntu2.10 bind9-host - 1:9.16.1-0ubuntu2.10 No subscription required Medium CVE-2021-25220 CVE-2022-0396 Ubuntu 20.04 LTS Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2022-22719) James Kettle discovered that the Apache HTTP Server incorrectly closed inbound connection when certain errors are encountered. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-22720) It was discovered that the Apache HTTP Server incorrectly handled large LimitXMLRequestBody settings on certain platforms. In certain configurations, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-22721) Ronald Crane discovered that the Apache HTTP Server mod_sed module incorrectly handled memory. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-23943) Update Instructions: Run `sudo pro fix USN-5333-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.10 libapache2-mod-md - 2.4.41-4ubuntu3.10 apache2-utils - 2.4.41-4ubuntu3.10 apache2-dev - 2.4.41-4ubuntu3.10 apache2-suexec-pristine - 2.4.41-4ubuntu3.10 apache2-suexec-custom - 2.4.41-4ubuntu3.10 apache2 - 2.4.41-4ubuntu3.10 apache2-doc - 2.4.41-4ubuntu3.10 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.10 apache2-ssl-dev - 2.4.41-4ubuntu3.10 apache2-bin - 2.4.41-4ubuntu3.10 No subscription required Medium CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that a race condition existed in the poll implementation in the Linux kernel, resulting in a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39698) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the eBPF verifier in the Linux kernel did not properly perform bounds checking on mov32 operations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2021-45402) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) It was discovered that the BPF subsystem in the Linux kernel did not properly track pointer types on atomic fetch operations in some situations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2022-0264) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0382) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) Update Instructions: Run `sudo pro fix USN-5337-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-tools-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-headers-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-image-unsigned-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-aws-5.13-tools-5.13.0-1019 - 5.13.0-1019.21~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1019 - 5.13.0-1019.21~20.04.1 linux-aws-5.13-headers-5.13.0-1019 - 5.13.0-1019.21~20.04.1 linux-buildinfo-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-modules-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-image-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 linux-cloud-tools-5.13.0-1019-aws - 5.13.0-1019.21~20.04.1 No subscription required linux-image-unsigned-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-buildinfo-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-modules-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-gcp-5.13-tools-5.13.0-1021 - 5.13.0-1021.25~20.04.1 linux-modules-extra-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-gcp-5.13-headers-5.13.0-1021 - 5.13.0-1021.25~20.04.1 linux-tools-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-headers-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 linux-image-5.13.0-1021-gcp - 5.13.0-1021.25~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-cloud-tools-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-modules-extra-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-hwe-5.13-headers-5.13.0-37 - 5.13.0-37.42~20.04.1 linux-hwe-5.13-tools-5.13.0-37 - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-cloud-tools-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-image-unsigned-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-image-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-tools-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-37 - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-generic - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-modules-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-headers-5.13.0-37-generic-lpae - 5.13.0-37.42~20.04.1 linux-image-unsigned-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-37.42~20.04.1 linux-buildinfo-5.13.0-37-generic-64k - 5.13.0-37.42~20.04.1 linux-image-unsigned-5.13.0-37-lowlatency - 5.13.0-37.42~20.04.1 No subscription required linux-headers-aws - 5.13.0.1019.21~20.04.12 linux-image-aws - 5.13.0.1019.21~20.04.12 linux-modules-extra-aws-edge - 5.13.0.1019.21~20.04.12 linux-image-aws-edge - 5.13.0.1019.21~20.04.12 linux-aws-edge - 5.13.0.1019.21~20.04.12 linux-aws - 5.13.0.1019.21~20.04.12 linux-headers-aws-edge - 5.13.0.1019.21~20.04.12 linux-modules-extra-aws - 5.13.0.1019.21~20.04.12 linux-tools-aws - 5.13.0.1019.21~20.04.12 linux-tools-aws-edge - 5.13.0.1019.21~20.04.12 No subscription required linux-image-gcp-edge - 5.13.0.1021.25~20.04.1 linux-tools-gcp-edge - 5.13.0.1021.25~20.04.1 linux-headers-gcp-edge - 5.13.0.1021.25~20.04.1 linux-tools-gcp - 5.13.0.1021.25~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1021.25~20.04.1 linux-gcp - 5.13.0.1021.25~20.04.1 linux-headers-gcp - 5.13.0.1021.25~20.04.1 linux-image-gcp - 5.13.0.1021.25~20.04.1 linux-modules-extra-gcp - 5.13.0.1021.25~20.04.1 linux-gcp-edge - 5.13.0.1021.25~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-extra-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-generic-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-generic-lpae-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-tools-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-lowlatency-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-image-generic-64k-hwe-20.04 - 5.13.0.37.42~20.04.22 linux-headers-virtual-hwe-20.04 - 5.13.0.37.42~20.04.22 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-39698 CVE-2021-4135 CVE-2021-4197 CVE-2021-43975 CVE-2021-44733 CVE-2021-45095 CVE-2021-45402 CVE-2021-45480 CVE-2022-0264 CVE-2022-0382 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0742 CVE-2022-23222 Ubuntu 20.04 LTS Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) Update Instructions: Run `sudo pro fix USN-5338-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1018-ibm - 5.4.0-1018.20 linux-buildinfo-5.4.0-1018-ibm - 5.4.0-1018.20 linux-ibm-tools-5.4.0-1018 - 5.4.0-1018.20 linux-image-5.4.0-1018-ibm - 5.4.0-1018.20 linux-modules-5.4.0-1018-ibm - 5.4.0-1018.20 linux-ibm-tools-common - 5.4.0-1018.20 linux-modules-extra-5.4.0-1018-ibm - 5.4.0-1018.20 linux-ibm-source-5.4.0 - 5.4.0-1018.20 linux-ibm-cloud-tools-common - 5.4.0-1018.20 linux-ibm-headers-5.4.0-1018 - 5.4.0-1018.20 linux-tools-5.4.0-1018-ibm - 5.4.0-1018.20 linux-headers-5.4.0-1018-ibm - 5.4.0-1018.20 No subscription required linux-gkeop-headers-5.4.0-1037 - 5.4.0-1037.38 linux-image-unsigned-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-cloud-tools-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-modules-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-tools-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-gkeop-source-5.4.0 - 5.4.0-1037.38 linux-buildinfo-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-image-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-gkeop-cloud-tools-5.4.0-1037 - 5.4.0-1037.38 linux-gkeop-tools-5.4.0-1037 - 5.4.0-1037.38 linux-headers-5.4.0-1037-gkeop - 5.4.0-1037.38 linux-modules-extra-5.4.0-1037-gkeop - 5.4.0-1037.38 No subscription required linux-tools-common - 5.4.0-105.119 linux-headers-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-modules-5.4.0-105-generic - 5.4.0-105.119 linux-headers-5.4.0-105-lowlatency - 5.4.0-105.119 linux-tools-host - 5.4.0-105.119 linux-cloud-tools-5.4.0-105-lowlatency - 5.4.0-105.119 linux-doc - 5.4.0-105.119 linux-image-unsigned-5.4.0-105-generic - 5.4.0-105.119 linux-tools-5.4.0-105-lowlatency - 5.4.0-105.119 linux-image-5.4.0-105-lowlatency - 5.4.0-105.119 linux-tools-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-headers-5.4.0-105-generic - 5.4.0-105.119 linux-libc-dev - 5.4.0-105.119 linux-source-5.4.0 - 5.4.0-105.119 linux-buildinfo-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-buildinfo-5.4.0-105-generic - 5.4.0-105.119 linux-modules-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-tools-5.4.0-105-generic - 5.4.0-105.119 linux-image-unsigned-5.4.0-105-lowlatency - 5.4.0-105.119 linux-cloud-tools-5.4.0-105-generic - 5.4.0-105.119 linux-buildinfo-5.4.0-105-lowlatency - 5.4.0-105.119 linux-cloud-tools-common - 5.4.0-105.119 linux-headers-5.4.0-105 - 5.4.0-105.119 linux-image-5.4.0-105-generic - 5.4.0-105.119 linux-modules-5.4.0-105-lowlatency - 5.4.0-105.119 linux-modules-extra-5.4.0-105-generic - 5.4.0-105.119 linux-image-5.4.0-105-generic-lpae - 5.4.0-105.119 linux-cloud-tools-5.4.0-105 - 5.4.0-105.119 linux-tools-5.4.0-105 - 5.4.0-105.119 No subscription required linux-headers-5.4.0-1056-raspi - 5.4.0-1056.63 linux-buildinfo-5.4.0-1056-raspi - 5.4.0-1056.63 linux-tools-5.4.0-1056-raspi - 5.4.0-1056.63 linux-raspi-headers-5.4.0-1056 - 5.4.0-1056.63 linux-image-5.4.0-1056-raspi - 5.4.0-1056.63 linux-modules-5.4.0-1056-raspi - 5.4.0-1056.63 linux-raspi-tools-5.4.0-1056 - 5.4.0-1056.63 No subscription required linux-image-unsigned-5.4.0-1059-kvm - 5.4.0-1059.62 linux-kvm-tools-5.4.0-1059 - 5.4.0-1059.62 linux-image-5.4.0-1059-kvm - 5.4.0-1059.62 linux-buildinfo-5.4.0-1059-kvm - 5.4.0-1059.62 linux-tools-5.4.0-1059-kvm - 5.4.0-1059.62 linux-modules-5.4.0-1059-kvm - 5.4.0-1059.62 linux-kvm-headers-5.4.0-1059 - 5.4.0-1059.62 linux-headers-5.4.0-1059-kvm - 5.4.0-1059.62 No subscription required linux-gke-headers-5.4.0-1066 - 5.4.0-1066.69 linux-image-unsigned-5.4.0-1066-gke - 5.4.0-1066.69 linux-headers-5.4.0-1066-gke - 5.4.0-1066.69 linux-buildinfo-5.4.0-1066-gke - 5.4.0-1066.69 linux-image-5.4.0-1066-gke - 5.4.0-1066.69 linux-modules-extra-5.4.0-1066-gke - 5.4.0-1066.69 linux-tools-5.4.0-1066-gke - 5.4.0-1066.69 linux-gke-tools-5.4.0-1066 - 5.4.0-1066.69 linux-modules-5.4.0-1066-gke - 5.4.0-1066.69 No subscription required linux-modules-5.4.0-1067-oracle - 5.4.0-1067.72 linux-oracle-tools-5.4.0-1067 - 5.4.0-1067.72 linux-oracle-headers-5.4.0-1067 - 5.4.0-1067.72 linux-modules-extra-5.4.0-1067-oracle - 5.4.0-1067.72 linux-image-unsigned-5.4.0-1067-oracle - 5.4.0-1067.72 linux-headers-5.4.0-1067-oracle - 5.4.0-1067.72 linux-buildinfo-5.4.0-1067-oracle - 5.4.0-1067.72 linux-tools-5.4.0-1067-oracle - 5.4.0-1067.72 linux-image-5.4.0-1067-oracle - 5.4.0-1067.72 No subscription required linux-gcp-tools-5.4.0-1068 - 5.4.0-1068.72 linux-tools-5.4.0-1068-gcp - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-gcp - 5.4.0-1068.72 linux-headers-5.4.0-1068-gcp - 5.4.0-1068.72 linux-modules-5.4.0-1068-gcp - 5.4.0-1068.72 linux-gcp-headers-5.4.0-1068 - 5.4.0-1068.72 linux-image-unsigned-5.4.0-1068-gcp - 5.4.0-1068.72 linux-image-5.4.0-1068-gcp - 5.4.0-1068.72 linux-modules-extra-5.4.0-1068-gcp - 5.4.0-1068.72 No subscription required linux-aws-tools-5.4.0-1069 - 5.4.0-1069.73 linux-aws-headers-5.4.0-1069 - 5.4.0-1069.73 linux-cloud-tools-5.4.0-1069-aws - 5.4.0-1069.73 linux-image-unsigned-5.4.0-1069-aws - 5.4.0-1069.73 linux-modules-extra-5.4.0-1069-aws - 5.4.0-1069.73 linux-headers-5.4.0-1069-aws - 5.4.0-1069.73 linux-tools-5.4.0-1069-aws - 5.4.0-1069.73 linux-aws-cloud-tools-5.4.0-1069 - 5.4.0-1069.73 linux-buildinfo-5.4.0-1069-aws - 5.4.0-1069.73 linux-modules-5.4.0-1069-aws - 5.4.0-1069.73 linux-image-5.4.0-1069-aws - 5.4.0-1069.73 No subscription required linux-azure-headers-5.4.0-1073 - 5.4.0-1073.76 linux-buildinfo-5.4.0-1073-azure - 5.4.0-1073.76 linux-modules-5.4.0-1073-azure - 5.4.0-1073.76 linux-image-5.4.0-1073-azure - 5.4.0-1073.76 linux-cloud-tools-5.4.0-1073-azure - 5.4.0-1073.76 linux-headers-5.4.0-1073-azure - 5.4.0-1073.76 linux-azure-cloud-tools-5.4.0-1073 - 5.4.0-1073.76 linux-azure-tools-5.4.0-1073 - 5.4.0-1073.76 linux-tools-5.4.0-1073-azure - 5.4.0-1073.76 linux-modules-extra-5.4.0-1073-azure - 5.4.0-1073.76 linux-image-unsigned-5.4.0-1073-azure - 5.4.0-1073.76 No subscription required linux-image-unsigned-5.4.0-1073-azure-fde - 5.4.0-1073.76+cvm1.1 linux-image-5.4.0-1073-azure-fde - 5.4.0-1073.76+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1018.18 linux-image-ibm - 5.4.0.1018.18 linux-headers-ibm-lts-20.04 - 5.4.0.1018.18 linux-tools-ibm - 5.4.0.1018.18 linux-image-ibm-lts-20.04 - 5.4.0.1018.18 linux-ibm-lts-20.04 - 5.4.0.1018.18 linux-modules-extra-ibm - 5.4.0.1018.18 linux-ibm - 5.4.0.1018.18 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1018.18 linux-headers-ibm - 5.4.0.1018.18 No subscription required linux-headers-gkeop - 5.4.0.1037.40 linux-cloud-tools-gkeop-5.4 - 5.4.0.1037.40 linux-image-gkeop - 5.4.0.1037.40 linux-gkeop-5.4 - 5.4.0.1037.40 linux-headers-gkeop-5.4 - 5.4.0.1037.40 linux-image-gkeop-5.4 - 5.4.0.1037.40 linux-gkeop - 5.4.0.1037.40 linux-cloud-tools-gkeop - 5.4.0.1037.40 linux-modules-extra-gkeop-5.4 - 5.4.0.1037.40 linux-modules-extra-gkeop - 5.4.0.1037.40 linux-tools-gkeop - 5.4.0.1037.40 linux-tools-gkeop-5.4 - 5.4.0.1037.40 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-virtual - 5.4.0.105.109 linux-image-generic-hwe-18.04 - 5.4.0.105.109 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-headers-generic-lpae - 5.4.0.105.109 linux-crashdump - 5.4.0.105.109 linux-image-virtual - 5.4.0.105.109 linux-image-generic - 5.4.0.105.109 linux-oem-osp1-tools-host - 5.4.0.105.109 linux-image-oem - 5.4.0.105.109 linux-image-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-headers-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-image-extra-virtual-hwe-18.04 - 5.4.0.105.109 linux-oem - 5.4.0.105.109 linux-image-oem-osp1 - 5.4.0.105.109 linux-image-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-headers-generic-hwe-18.04 - 5.4.0.105.109 linux-headers-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-source - 5.4.0.105.109 linux-lowlatency - 5.4.0.105.109 linux-tools-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-tools-virtual - 5.4.0.105.109 linux-virtual - 5.4.0.105.109 linux-headers-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-generic - 5.4.0.105.109 linux-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-generic-lpae - 5.4.0.105.109 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-generic-lpae - 5.4.0.105.109 linux-headers-oem - 5.4.0.105.109 linux-generic - 5.4.0.105.109 linux-tools-oem-osp1 - 5.4.0.105.109 linux-tools-generic-hwe-18.04-edge - 5.4.0.105.109 linux-image-virtual-hwe-18.04 - 5.4.0.105.109 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-oem-tools-host - 5.4.0.105.109 linux-headers-lowlatency - 5.4.0.105.109 linux-image-generic-hwe-18.04-edge - 5.4.0.105.109 linux-generic-hwe-18.04-edge - 5.4.0.105.109 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-generic - 5.4.0.105.109 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-image-extra-virtual - 5.4.0.105.109 linux-cloud-tools-lowlatency - 5.4.0.105.109 linux-tools-oem - 5.4.0.105.109 linux-headers-oem-osp1 - 5.4.0.105.109 linux-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-tools-generic-hwe-18.04 - 5.4.0.105.109 linux-headers-generic-hwe-18.04-edge - 5.4.0.105.109 linux-headers-generic - 5.4.0.105.109 linux-oem-osp1 - 5.4.0.105.109 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.105.109 linux-tools-lowlatency - 5.4.0.105.109 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.105.109 linux-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-headers-virtual - 5.4.0.105.109 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.105.109 linux-tools-virtual-hwe-18.04 - 5.4.0.105.109 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.105.109 linux-generic-hwe-18.04 - 5.4.0.105.109 linux-image-generic-lpae - 5.4.0.105.109 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.105.109 linux-image-virtual-hwe-18.04-edge - 5.4.0.105.109 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.105.109 linux-tools-lowlatency-hwe-18.04 - 5.4.0.105.109 linux-image-lowlatency - 5.4.0.105.109 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-raspi2 - 5.4.0.1056.90 linux-image-raspi - 5.4.0.1056.90 linux-image-raspi-hwe-18.04 - 5.4.0.1056.90 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1056.90 linux-image-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-tools-raspi - 5.4.0.1056.90 linux-headers-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-headers-raspi-hwe-18.04 - 5.4.0.1056.90 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-headers-raspi - 5.4.0.1056.90 linux-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-raspi-hwe-18.04 - 5.4.0.1056.90 linux-tools-raspi2-hwe-18.04 - 5.4.0.1056.90 linux-image-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-image-raspi2 - 5.4.0.1056.90 linux-tools-raspi-hwe-18.04 - 5.4.0.1056.90 linux-raspi-hwe-18.04-edge - 5.4.0.1056.90 linux-tools-raspi2 - 5.4.0.1056.90 linux-raspi - 5.4.0.1056.90 linux-headers-raspi2 - 5.4.0.1056.90 No subscription required linux-tools-kvm - 5.4.0.1059.58 linux-kvm - 5.4.0.1059.58 linux-headers-kvm - 5.4.0.1059.58 linux-image-kvm - 5.4.0.1059.58 No subscription required linux-modules-extra-gke - 5.4.0.1066.76 linux-headers-gke-5.4 - 5.4.0.1066.76 linux-tools-gke-5.4 - 5.4.0.1066.76 linux-gke-5.4 - 5.4.0.1066.76 linux-image-gke-5.4 - 5.4.0.1066.76 linux-modules-extra-gke-5.4 - 5.4.0.1066.76 linux-tools-gke - 5.4.0.1066.76 linux-gke - 5.4.0.1066.76 linux-headers-gke - 5.4.0.1066.76 linux-image-gke - 5.4.0.1066.76 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1067.67 linux-headers-oracle-lts-20.04 - 5.4.0.1067.67 linux-oracle-lts-20.04 - 5.4.0.1067.67 linux-image-oracle-lts-20.04 - 5.4.0.1067.67 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1068.77 linux-gcp-lts-20.04 - 5.4.0.1068.77 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1068.77 linux-headers-gcp-lts-20.04 - 5.4.0.1068.77 linux-image-gcp-lts-20.04 - 5.4.0.1068.77 No subscription required linux-tools-aws-lts-20.04 - 5.4.0.1069.71 linux-modules-extra-aws-lts-20.04 - 5.4.0.1069.71 linux-image-aws-lts-20.04 - 5.4.0.1069.71 linux-headers-aws-lts-20.04 - 5.4.0.1069.71 linux-aws-lts-20.04 - 5.4.0.1069.71 No subscription required linux-azure-lts-20.04 - 5.4.0.1073.71 linux-image-azure-lts-20.04 - 5.4.0.1073.71 linux-headers-azure-lts-20.04 - 5.4.0.1073.71 linux-modules-extra-azure-lts-20.04 - 5.4.0.1073.71 linux-tools-azure-lts-20.04 - 5.4.0.1073.71 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1073.71 No subscription required linux-tools-azure-fde - 5.4.0.1073.76+cvm1.19 linux-image-azure-fde - 5.4.0.1073.76+cvm1.19 linux-azure-fde - 5.4.0.1073.76+cvm1.19 linux-cloud-tools-azure-fde - 5.4.0.1073.76+cvm1.19 linux-modules-extra-azure-fde - 5.4.0.1073.76+cvm1.19 linux-headers-azure-fde - 5.4.0.1073.76+cvm1.19 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-43976 CVE-2021-44733 CVE-2021-45095 CVE-2021-45480 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 Ubuntu 20.04 LTS Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS. (CVE-2018-9861) Micha Bentkowski discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9281) Anton Subbotin discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 21.10. (CVE-2021-32808) Anton Subbotin discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code. (CVE-2021-32809) Or Sahar discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-33829) Mika Kulmala discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37695) Update Instructions: Run `sudo pro fix USN-5340-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ckeditor - 4.12.1+dfsg-1ubuntu0.1 No subscription required Medium CVE-2018-9861 CVE-2020-9281 CVE-2021-32808 CVE-2021-32809 CVE-2021-33829 CVE-2021-37695 Ubuntu 20.04 LTS David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426) It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0391) Update Instructions: Run `sudo pro fix USN-5342-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.4 python3.8-full - 3.8.10-0ubuntu1~20.04.4 python3.8-examples - 3.8.10-0ubuntu1~20.04.4 python3.8-dev - 3.8.10-0ubuntu1~20.04.4 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.4 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.4 python3.8-venv - 3.8.10-0ubuntu1~20.04.4 libpython3.8 - 3.8.10-0ubuntu1~20.04.4 idle-python3.8 - 3.8.10-0ubuntu1~20.04.4 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.4 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.4 python3.8 - 3.8.10-0ubuntu1~20.04.4 python3.8-doc - 3.8.10-0ubuntu1~20.04.4 No subscription required Medium CVE-2021-3426 CVE-2021-4189 CVE-2022-0391 Ubuntu 20.04 LTS USN-5342-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0391) Update Instructions: Run `sudo pro fix USN-5342-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpython2.7-minimal - 2.7.18-1~20.04.3+esm1 libpython2.7 - 2.7.18-1~20.04.3+esm1 python2.7 - 2.7.18-1~20.04.3+esm1 python2.7-minimal - 2.7.18-1~20.04.3+esm1 libpython2.7-testsuite - 2.7.18-1~20.04.3+esm1 libpython2.7-dev - 2.7.18-1~20.04.3+esm1 idle-python2.7 - 2.7.18-1~20.04.3+esm1 python2.7-doc - 2.7.18-1~20.04.3+esm1 python2.7-dev - 2.7.18-1~20.04.3+esm1 python2.7-examples - 2.7.18-1~20.04.3+esm1 libpython2.7-stdlib - 2.7.18-1~20.04.3+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-4189 CVE-2022-0391 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined behaviour, spoof the browser UI, or execute arbitrary code. (CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384) It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions. (CVE-2022-22754) It was discovered that dragging and dropping an image into a folder could result in it being marked as executable. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to execute arbitrary code. (CVE-2022-22756) It was discovered that files downloaded to /tmp were accessible to other users. A local attacker could exploit this to obtain sensitive information. (CVE-2022-26386) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) An out-of-bounds write by one byte was discovered when processing messages in some circumstances. If a user were tricked into opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service. (CVE-2022-0566) Update Instructions: Run `sudo pro fix USN-5345-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.7.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.7.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.7.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.7.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.7.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22754 CVE-2022-22756 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22763 CVE-2022-22764 CVE-2022-0566 CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387 Ubuntu 20.04 LTS It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). Update Instructions: Run `sudo pro fix USN-5346-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.14.0-1029-oem - 5.14.0-1029.32 linux-oem-5.14-tools-5.14.0-1029 - 5.14.0-1029.32 linux-image-5.14.0-1029-oem - 5.14.0-1029.32 linux-buildinfo-5.14.0-1029-oem - 5.14.0-1029.32 linux-modules-5.14.0-1029-oem - 5.14.0-1029.32 linux-image-unsigned-5.14.0-1029-oem - 5.14.0-1029.32 linux-oem-5.14-headers-5.14.0-1029 - 5.14.0-1029.32 linux-headers-5.14.0-1029-oem - 5.14.0-1029.32 linux-oem-5.14-tools-host - 5.14.0-1029.32 No subscription required linux-image-oem-20.04c - 5.14.0.1029.26 linux-image-oem-20.04b - 5.14.0.1029.26 linux-image-oem-20.04d - 5.14.0.1029.26 linux-headers-oem-20.04 - 5.14.0.1029.26 linux-tools-oem-20.04c - 5.14.0.1029.26 linux-tools-oem-20.04b - 5.14.0.1029.26 linux-oem-20.04 - 5.14.0.1029.26 linux-image-oem-20.04 - 5.14.0.1029.26 linux-oem-20.04d - 5.14.0.1029.26 linux-oem-20.04c - 5.14.0.1029.26 linux-oem-20.04b - 5.14.0.1029.26 linux-tools-oem-20.04d - 5.14.0.1029.26 linux-headers-oem-20.04b - 5.14.0.1029.26 linux-headers-oem-20.04c - 5.14.0.1029.26 linux-headers-oem-20.04d - 5.14.0.1029.26 linux-tools-oem-20.04 - 5.14.0.1029.26 No subscription required Medium CVE-2022-0742 Ubuntu 20.04 LTS It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials. Update Instructions: Run `sudo pro fix USN-5347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvpn - 2.4.7-1ubuntu2.20.04.4 No subscription required Medium CVE-2022-0547 Ubuntu 20.04 LTS USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454 for Ubuntu 20.04 ESM. Original advisory details: David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. (CVE-2018-13982) It was discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. (CVE-2018-16831) It was discovered that Smarty was incorrectly validating security policy data, allowing the execution of static classes even when not permitted by the security settings. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-21408) It was discovered that Smarty was incorrectly managing access control to template objects, which allowed users to perform a sandbox escape. An attacker could possibly use this issue to send specially crafted input to applications that use Smarty and execute arbitrary code. (CVE-2021-26119) It was discovered that Smarty was not checking for special characters when setting function names during plugin compile operations. An attacker could possibly use this issue to send specially crafted input to applications that use Smarty and execute arbitrary code. (CVE-2021-26120) It was discovered that Smarty was incorrectly sanitizing characters in math strings processed by the math function. An attacker could possibly use this issue to send specially crafted input to applications that use Smarty and execute arbitrary code. (CVE-2021-29454) Update Instructions: Run `sudo pro fix USN-5348-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: smarty3 - 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-21408 CVE-2021-26119 CVE-2021-26120 CVE-2021-29454 Ubuntu 20.04 LTS Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys. Update Instructions: Run `sudo pro fix USN-5351-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-paramiko - 2.6.0-2ubuntu0.1 paramiko-doc - 2.6.0-2ubuntu0.1 No subscription required Medium CVE-2022-24302 Ubuntu 20.04 LTS It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.14.0-1031-oem - 5.14.0-1031.34 linux-image-5.14.0-1031-oem - 5.14.0-1031.34 linux-tools-5.14.0-1031-oem - 5.14.0-1031.34 linux-modules-5.14.0-1031-oem - 5.14.0-1031.34 linux-buildinfo-5.14.0-1031-oem - 5.14.0-1031.34 linux-oem-5.14-headers-5.14.0-1031 - 5.14.0-1031.34 linux-image-unsigned-5.14.0-1031-oem - 5.14.0-1031.34 linux-oem-5.14-tools-5.14.0-1031 - 5.14.0-1031.34 linux-oem-5.14-tools-host - 5.14.0-1031.34 No subscription required linux-image-oem-20.04c - 5.14.0.1031.28 linux-image-oem-20.04b - 5.14.0.1031.28 linux-image-oem-20.04d - 5.14.0.1031.28 linux-headers-oem-20.04 - 5.14.0.1031.28 linux-tools-oem-20.04c - 5.14.0.1031.28 linux-tools-oem-20.04b - 5.14.0.1031.28 linux-image-oem-20.04 - 5.14.0.1031.28 linux-oem-20.04d - 5.14.0.1031.28 linux-oem-20.04c - 5.14.0.1031.28 linux-oem-20.04b - 5.14.0.1031.28 linux-oem-20.04 - 5.14.0.1031.28 linux-tools-oem-20.04d - 5.14.0.1031.28 linux-headers-oem-20.04b - 5.14.0.1031.28 linux-headers-oem-20.04c - 5.14.0.1031.28 linux-headers-oem-20.04d - 5.14.0.1031.28 linux-tools-oem-20.04 - 5.14.0.1031.28 No subscription required Medium CVE-2022-27666 Ubuntu 20.04 LTS It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. (CVE-2022-21712) It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attacker could use this issue to cause Twisted to crash, resulting in a denial of service. (CVE-2022-21716) Update Instructions: Run `sudo pro fix USN-5354-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: twisted-doc - 18.9.0-11ubuntu0.20.04.2 python3-twisted-bin - 18.9.0-11ubuntu0.20.04.2 python3-twisted - 18.9.0-11ubuntu0.20.04.2 No subscription required Medium CVE-2022-21712 CVE-2022-21716 Ubuntu 20.04 LTS Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx32z1-dev - 1:1.2.11.dfsg-2ubuntu1.3 lib64z1 - 1:1.2.11.dfsg-2ubuntu1.3 libx32z1 - 1:1.2.11.dfsg-2ubuntu1.3 lib64z1-dev - 1:1.2.11.dfsg-2ubuntu1.3 lib32z1 - 1:1.2.11.dfsg-2ubuntu1.3 zlib1g - 1:1.2.11.dfsg-2ubuntu1.3 lib32z1-dev - 1:1.2.11.dfsg-2ubuntu1.3 zlib1g-dev - 1:1.2.11.dfsg-2ubuntu1.3 No subscription required Medium CVE-2018-25032 Ubuntu 20.04 LTS It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5358-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-39.44~20.04.1 linux-image-unsigned-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-image-unsigned-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-modules-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-hwe-5.13-headers-5.13.0-39 - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-hwe-5.13-tools-5.13.0-39 - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-modules-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-image-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-cloud-tools-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-39.44~20.04.1 linux-headers-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-39 - 5.13.0-39.44~20.04.1 linux-modules-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-tools-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-lowlatency - 5.13.0-39.44~20.04.1 linux-image-unsigned-5.13.0-39-generic-64k - 5.13.0-39.44~20.04.1 linux-cloud-tools-5.13.0-39-generic - 5.13.0-39.44~20.04.1 linux-buildinfo-5.13.0-39-generic-lpae - 5.13.0-39.44~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-39.44~20.04.1 linux-modules-extra-5.13.0-39-generic - 5.13.0-39.44~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-extra-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-generic-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-generic-lpae-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-tools-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-lowlatency-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-image-generic-64k-hwe-20.04 - 5.13.0.39.44~20.04.24 linux-headers-virtual-hwe-20.04 - 5.13.0.39.44~20.04.24 No subscription required linux-kvm-headers-5.4.0-1061 - 5.4.0-1061.64 linux-kvm-tools-5.4.0-1061 - 5.4.0-1061.64 linux-headers-5.4.0-1061-kvm - 5.4.0-1061.64 linux-image-5.4.0-1061-kvm - 5.4.0-1061.64 linux-tools-5.4.0-1061-kvm - 5.4.0-1061.64 linux-modules-5.4.0-1061-kvm - 5.4.0-1061.64 linux-buildinfo-5.4.0-1061-kvm - 5.4.0-1061.64 linux-image-unsigned-5.4.0-1061-kvm - 5.4.0-1061.64 No subscription required linux-headers-5.4.0-1069-oracle - 5.4.0-1069.75 linux-modules-5.4.0-1069-oracle - 5.4.0-1069.75 linux-oracle-tools-5.4.0-1069 - 5.4.0-1069.75 linux-tools-5.4.0-1069-oracle - 5.4.0-1069.75 linux-buildinfo-5.4.0-1069-oracle - 5.4.0-1069.75 linux-oracle-headers-5.4.0-1069 - 5.4.0-1069.75 linux-image-unsigned-5.4.0-1069-oracle - 5.4.0-1069.75 linux-image-5.4.0-1069-oracle - 5.4.0-1069.75 linux-modules-extra-5.4.0-1069-oracle - 5.4.0-1069.75 No subscription required linux-tools-common - 5.4.0-107.121 linux-image-unsigned-5.4.0-107-generic - 5.4.0-107.121 linux-tools-host - 5.4.0-107.121 linux-doc - 5.4.0-107.121 linux-image-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-tools-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-libc-dev - 5.4.0-107.121 linux-source-5.4.0 - 5.4.0-107.121 linux-image-5.4.0-107-lowlatency - 5.4.0-107.121 linux-headers-5.4.0-107-generic - 5.4.0-107.121 linux-modules-5.4.0-107-lowlatency - 5.4.0-107.121 linux-modules-extra-5.4.0-107-generic - 5.4.0-107.121 linux-modules-5.4.0-107-generic - 5.4.0-107.121 linux-tools-5.4.0-107-lowlatency - 5.4.0-107.121 linux-headers-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-headers-5.4.0-107 - 5.4.0-107.121 linux-modules-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-buildinfo-5.4.0-107-lowlatency - 5.4.0-107.121 linux-image-5.4.0-107-generic - 5.4.0-107.121 linux-cloud-tools-common - 5.4.0-107.121 linux-buildinfo-5.4.0-107-generic-lpae - 5.4.0-107.121 linux-buildinfo-5.4.0-107-generic - 5.4.0-107.121 linux-image-unsigned-5.4.0-107-lowlatency - 5.4.0-107.121 linux-tools-5.4.0-107-generic - 5.4.0-107.121 linux-cloud-tools-5.4.0-107-lowlatency - 5.4.0-107.121 linux-headers-5.4.0-107-lowlatency - 5.4.0-107.121 linux-cloud-tools-5.4.0-107-generic - 5.4.0-107.121 linux-cloud-tools-5.4.0-107 - 5.4.0-107.121 linux-tools-5.4.0-107 - 5.4.0-107.121 No subscription required linux-buildinfo-5.4.0-1071-aws - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-aws - 5.4.0-1071.76 linux-aws-cloud-tools-5.4.0-1071 - 5.4.0-1071.76 linux-aws-headers-5.4.0-1071 - 5.4.0-1071.76 linux-tools-5.4.0-1071-aws - 5.4.0-1071.76 linux-modules-5.4.0-1071-aws - 5.4.0-1071.76 linux-headers-5.4.0-1071-aws - 5.4.0-1071.76 linux-image-5.4.0-1071-aws - 5.4.0-1071.76 linux-cloud-tools-5.4.0-1071-aws - 5.4.0-1071.76 linux-aws-tools-5.4.0-1071 - 5.4.0-1071.76 linux-modules-extra-5.4.0-1071-aws - 5.4.0-1071.76 No subscription required linux-azure-headers-5.4.0-1074 - 5.4.0-1074.77 linux-modules-extra-5.4.0-1074-azure - 5.4.0-1074.77 linux-buildinfo-5.4.0-1074-azure - 5.4.0-1074.77 linux-image-unsigned-5.4.0-1074-azure - 5.4.0-1074.77 linux-modules-5.4.0-1074-azure - 5.4.0-1074.77 linux-headers-5.4.0-1074-azure - 5.4.0-1074.77 linux-image-5.4.0-1074-azure - 5.4.0-1074.77 linux-azure-cloud-tools-5.4.0-1074 - 5.4.0-1074.77 linux-azure-tools-5.4.0-1074 - 5.4.0-1074.77 linux-tools-5.4.0-1074-azure - 5.4.0-1074.77 linux-cloud-tools-5.4.0-1074-azure - 5.4.0-1074.77 No subscription required linux-tools-kvm - 5.4.0.1061.60 linux-kvm - 5.4.0.1061.60 linux-headers-kvm - 5.4.0.1061.60 linux-image-kvm - 5.4.0.1061.60 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1069.69 linux-oracle-lts-20.04 - 5.4.0.1069.69 linux-image-oracle-lts-20.04 - 5.4.0.1069.69 linux-tools-oracle-lts-20.04 - 5.4.0.1069.69 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-virtual - 5.4.0.107.111 linux-image-generic-hwe-18.04 - 5.4.0.107.111 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-headers-generic-lpae - 5.4.0.107.111 linux-image-virtual - 5.4.0.107.111 linux-oem-osp1-tools-host - 5.4.0.107.111 linux-image-generic - 5.4.0.107.111 linux-tools-lowlatency - 5.4.0.107.111 linux-image-oem - 5.4.0.107.111 linux-tools-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-headers-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-image-extra-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-crashdump - 5.4.0.107.111 linux-tools-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-headers-generic-hwe-18.04 - 5.4.0.107.111 linux-headers-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-lowlatency - 5.4.0.107.111 linux-tools-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-tools-generic-lpae - 5.4.0.107.111 linux-cloud-tools-generic - 5.4.0.107.111 linux-virtual - 5.4.0.107.111 linux-headers-virtual-hwe-18.04 - 5.4.0.107.111 linux-virtual-hwe-18.04 - 5.4.0.107.111 linux-headers-oem-osp1 - 5.4.0.107.111 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-tools-virtual - 5.4.0.107.111 linux-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-generic-lpae - 5.4.0.107.111 linux-generic - 5.4.0.107.111 linux-tools-oem-osp1 - 5.4.0.107.111 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.107.111 linux-tools-generic-hwe-18.04-edge - 5.4.0.107.111 linux-image-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-oem-tools-host - 5.4.0.107.111 linux-headers-lowlatency - 5.4.0.107.111 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.107.111 linux-generic-hwe-18.04-edge - 5.4.0.107.111 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-oem - 5.4.0.107.111 linux-tools-generic - 5.4.0.107.111 linux-source - 5.4.0.107.111 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-image-extra-virtual - 5.4.0.107.111 linux-image-oem-osp1 - 5.4.0.107.111 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-lowlatency - 5.4.0.107.111 linux-tools-oem - 5.4.0.107.111 linux-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-tools-generic-hwe-18.04 - 5.4.0.107.111 linux-headers-generic-hwe-18.04-edge - 5.4.0.107.111 linux-headers-oem - 5.4.0.107.111 linux-headers-generic - 5.4.0.107.111 linux-oem-osp1 - 5.4.0.107.111 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.107.111 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.107.111 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.107.111 linux-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-headers-virtual - 5.4.0.107.111 linux-lowlatency-hwe-18.04 - 5.4.0.107.111 linux-generic-hwe-18.04 - 5.4.0.107.111 linux-image-generic-lpae - 5.4.0.107.111 linux-image-virtual-hwe-18.04-edge - 5.4.0.107.111 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.107.111 linux-image-generic-hwe-18.04-edge - 5.4.0.107.111 linux-image-lowlatency - 5.4.0.107.111 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1071.73 linux-image-aws-lts-20.04 - 5.4.0.1071.73 linux-headers-aws-lts-20.04 - 5.4.0.1071.73 linux-tools-aws-lts-20.04 - 5.4.0.1071.73 linux-aws-lts-20.04 - 5.4.0.1071.73 No subscription required linux-azure-lts-20.04 - 5.4.0.1074.72 linux-image-azure-lts-20.04 - 5.4.0.1074.72 linux-modules-extra-azure-lts-20.04 - 5.4.0.1074.72 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1074.72 linux-tools-azure-lts-20.04 - 5.4.0.1074.72 linux-headers-azure-lts-20.04 - 5.4.0.1074.72 No subscription required High CVE-2022-1055 CVE-2022-27666 Ubuntu 20.04 LTS It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5358-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.13-headers-5.13.0-1021 - 5.13.0-1021.23~20.04.2 linux-image-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-tools-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-modules-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-headers-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-buildinfo-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-aws-5.13-tools-5.13.0-1021 - 5.13.0-1021.23~20.04.2 linux-aws-5.13-cloud-tools-5.13.0-1021 - 5.13.0-1021.23~20.04.2 linux-image-unsigned-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-cloud-tools-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 linux-modules-extra-5.13.0-1021-aws - 5.13.0-1021.23~20.04.2 No subscription required linux-image-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-modules-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-image-unsigned-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-gcp-5.13-tools-5.13.0-1023 - 5.13.0-1023.28~20.04.1 linux-headers-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-tools-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-modules-extra-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 linux-gcp-5.13-headers-5.13.0-1023 - 5.13.0-1023.28~20.04.1 linux-buildinfo-5.13.0-1023-gcp - 5.13.0-1023.28~20.04.1 No subscription required linux-headers-aws - 5.13.0.1021.23~20.04.14 linux-image-aws - 5.13.0.1021.23~20.04.14 linux-image-aws-edge - 5.13.0.1021.23~20.04.14 linux-aws-edge - 5.13.0.1021.23~20.04.14 linux-aws - 5.13.0.1021.23~20.04.14 linux-modules-extra-aws-edge - 5.13.0.1021.23~20.04.14 linux-headers-aws-edge - 5.13.0.1021.23~20.04.14 linux-modules-extra-aws - 5.13.0.1021.23~20.04.14 linux-tools-aws - 5.13.0.1021.23~20.04.14 linux-tools-aws-edge - 5.13.0.1021.23~20.04.14 No subscription required linux-image-gcp-edge - 5.13.0.1023.28~20.04.1 linux-tools-gcp-edge - 5.13.0.1023.28~20.04.1 linux-headers-gcp-edge - 5.13.0.1023.28~20.04.1 linux-modules-extra-gcp - 5.13.0.1023.28~20.04.1 linux-tools-gcp - 5.13.0.1023.28~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1023.28~20.04.1 linux-gcp - 5.13.0.1023.28~20.04.1 linux-headers-gcp - 5.13.0.1023.28~20.04.1 linux-image-gcp - 5.13.0.1023.28~20.04.1 linux-gcp-edge - 5.13.0.1023.28~20.04.1 No subscription required linux-image-5.4.0-1019-ibm - 5.4.0-1019.21 linux-headers-5.4.0-1019-ibm - 5.4.0-1019.21 linux-ibm-tools-5.4.0-1019 - 5.4.0-1019.21 linux-ibm-headers-5.4.0-1019 - 5.4.0-1019.21 linux-tools-5.4.0-1019-ibm - 5.4.0-1019.21 linux-ibm-tools-common - 5.4.0-1019.21 linux-buildinfo-5.4.0-1019-ibm - 5.4.0-1019.21 linux-modules-5.4.0-1019-ibm - 5.4.0-1019.21 linux-ibm-source-5.4.0 - 5.4.0-1019.21 linux-ibm-cloud-tools-common - 5.4.0-1019.21 linux-modules-extra-5.4.0-1019-ibm - 5.4.0-1019.21 linux-image-unsigned-5.4.0-1019-ibm - 5.4.0-1019.21 No subscription required linux-modules-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-gkeop-headers-5.4.0-1038 - 5.4.0-1038.39 linux-buildinfo-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-tools-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-image-unsigned-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-gkeop-source-5.4.0 - 5.4.0-1038.39 linux-modules-extra-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-cloud-tools-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-gkeop-cloud-tools-5.4.0-1038 - 5.4.0-1038.39 linux-gkeop-tools-5.4.0-1038 - 5.4.0-1038.39 linux-headers-5.4.0-1038-gkeop - 5.4.0-1038.39 linux-image-5.4.0-1038-gkeop - 5.4.0-1038.39 No subscription required linux-modules-5.4.0-1058-raspi - 5.4.0-1058.65 linux-raspi-tools-5.4.0-1058 - 5.4.0-1058.65 linux-raspi-headers-5.4.0-1058 - 5.4.0-1058.65 linux-tools-5.4.0-1058-raspi - 5.4.0-1058.65 linux-headers-5.4.0-1058-raspi - 5.4.0-1058.65 linux-image-5.4.0-1058-raspi - 5.4.0-1058.65 linux-buildinfo-5.4.0-1058-raspi - 5.4.0-1058.65 No subscription required linux-modules-extra-5.4.0-1067-gke - 5.4.0-1067.70 linux-gke-headers-5.4.0-1067 - 5.4.0-1067.70 linux-tools-5.4.0-1067-gke - 5.4.0-1067.70 linux-modules-5.4.0-1067-gke - 5.4.0-1067.70 linux-buildinfo-5.4.0-1067-gke - 5.4.0-1067.70 linux-headers-5.4.0-1067-gke - 5.4.0-1067.70 linux-image-5.4.0-1067-gke - 5.4.0-1067.70 linux-image-unsigned-5.4.0-1067-gke - 5.4.0-1067.70 linux-gke-tools-5.4.0-1067 - 5.4.0-1067.70 No subscription required linux-headers-5.4.0-1069-gcp - 5.4.0-1069.73 linux-gcp-tools-5.4.0-1069 - 5.4.0-1069.73 linux-image-5.4.0-1069-gcp - 5.4.0-1069.73 linux-modules-extra-5.4.0-1069-gcp - 5.4.0-1069.73 linux-buildinfo-5.4.0-1069-gcp - 5.4.0-1069.73 linux-gcp-headers-5.4.0-1069 - 5.4.0-1069.73 linux-modules-5.4.0-1069-gcp - 5.4.0-1069.73 linux-image-unsigned-5.4.0-1069-gcp - 5.4.0-1069.73 linux-tools-5.4.0-1069-gcp - 5.4.0-1069.73 No subscription required linux-image-unsigned-5.4.0-1074-azure-fde - 5.4.0-1074.77+cvm1.1 linux-image-5.4.0-1074-azure-fde - 5.4.0-1074.77+cvm1.1 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1019.19 linux-image-ibm - 5.4.0.1019.19 linux-headers-ibm-lts-20.04 - 5.4.0.1019.19 linux-tools-ibm - 5.4.0.1019.19 linux-image-ibm-lts-20.04 - 5.4.0.1019.19 linux-ibm-lts-20.04 - 5.4.0.1019.19 linux-modules-extra-ibm - 5.4.0.1019.19 linux-ibm - 5.4.0.1019.19 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1019.19 linux-headers-ibm - 5.4.0.1019.19 No subscription required linux-headers-gkeop - 5.4.0.1038.41 linux-cloud-tools-gkeop-5.4 - 5.4.0.1038.41 linux-image-gkeop - 5.4.0.1038.41 linux-modules-extra-gkeop-5.4 - 5.4.0.1038.41 linux-image-gkeop-5.4 - 5.4.0.1038.41 linux-gkeop - 5.4.0.1038.41 linux-cloud-tools-gkeop - 5.4.0.1038.41 linux-headers-gkeop-5.4 - 5.4.0.1038.41 linux-modules-extra-gkeop - 5.4.0.1038.41 linux-tools-gkeop - 5.4.0.1038.41 linux-tools-gkeop-5.4 - 5.4.0.1038.41 linux-gkeop-5.4 - 5.4.0.1038.41 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-raspi2 - 5.4.0.1058.92 linux-headers-raspi2 - 5.4.0.1058.92 linux-image-raspi-hwe-18.04 - 5.4.0.1058.92 linux-image-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-tools-raspi - 5.4.0.1058.92 linux-headers-raspi-hwe-18.04 - 5.4.0.1058.92 linux-headers-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-headers-raspi - 5.4.0.1058.92 linux-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-raspi-hwe-18.04 - 5.4.0.1058.92 linux-tools-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-raspi2-hwe-18.04 - 5.4.0.1058.92 linux-image-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-image-raspi2 - 5.4.0.1058.92 linux-tools-raspi-hwe-18.04 - 5.4.0.1058.92 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-raspi-hwe-18.04-edge - 5.4.0.1058.92 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1058.92 linux-image-raspi - 5.4.0.1058.92 linux-tools-raspi2 - 5.4.0.1058.92 linux-raspi - 5.4.0.1058.92 No subscription required linux-modules-extra-gke - 5.4.0.1067.77 linux-headers-gke-5.4 - 5.4.0.1067.77 linux-modules-extra-gke-5.4 - 5.4.0.1067.77 linux-gke-5.4 - 5.4.0.1067.77 linux-tools-gke - 5.4.0.1067.77 linux-gke - 5.4.0.1067.77 linux-headers-gke - 5.4.0.1067.77 linux-image-gke - 5.4.0.1067.77 linux-image-gke-5.4 - 5.4.0.1067.77 linux-tools-gke-5.4 - 5.4.0.1067.77 No subscription required linux-gcp-lts-20.04 - 5.4.0.1069.78 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1069.78 linux-headers-gcp-lts-20.04 - 5.4.0.1069.78 linux-image-gcp-lts-20.04 - 5.4.0.1069.78 linux-tools-gcp-lts-20.04 - 5.4.0.1069.78 No subscription required linux-image-azure-fde - 5.4.0.1074.77+cvm1.20 linux-azure-fde - 5.4.0.1074.77+cvm1.20 linux-cloud-tools-azure-fde - 5.4.0.1074.77+cvm1.20 linux-modules-extra-azure-fde - 5.4.0.1074.77+cvm1.20 linux-tools-azure-fde - 5.4.0.1074.77+cvm1.20 linux-headers-azure-fde - 5.4.0.1074.77+cvm1.20 No subscription required High CVE-2022-1055 CVE-2022-27666 Ubuntu 20.04 LTS Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5359-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.3 No subscription required Medium CVE-2018-25032 Ubuntu 20.04 LTS It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. (CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640) It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484, CVE-2021-33037) It was discovered that Tomcat did not properly validate the input length. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service. (CVE-2021-25329, CVE-2021-41079) Update Instructions: Run `sudo pro fix USN-5360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tomcat9-docs - 9.0.31-1ubuntu0.2 libtomcat9-embed-java - 9.0.31-1ubuntu0.2 tomcat9-admin - 9.0.31-1ubuntu0.2 tomcat9-common - 9.0.31-1ubuntu0.2 libtomcat9-java - 9.0.31-1ubuntu0.2 tomcat9-user - 9.0.31-1ubuntu0.2 tomcat9 - 9.0.31-1ubuntu0.2 tomcat9-examples - 9.0.31-1ubuntu0.2 No subscription required Medium CVE-2020-13943 CVE-2020-17527 CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 CVE-2021-30640 CVE-2021-33037 CVE-2021-41079 https://bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1915911 Ubuntu 20.04 LTS Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Max Kellermann discovered that the Linux kernel incorrectly handled Unix pipes. A local attacker could potentially use this to modify any file that could be opened for reading. (CVE-2022-0847) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-0185) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update Instructions: Run `sudo pro fix USN-5362-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-source-5.13.0 - 5.13.0-1010.10 linux-modules-extra-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-tools-host - 5.13.0-1010.10 linux-modules-5.13.0-1010-intel - 5.13.0-1010.10 linux-tools-5.13.0-1010-intel - 5.13.0-1010.10 linux-image-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-tools-5.13.0-1010 - 5.13.0-1010.10 linux-intel-5.13-tools-common - 5.13.0-1010.10 linux-headers-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-cloud-tools-common - 5.13.0-1010.10 linux-intel-5.13-headers-5.13.0-1010 - 5.13.0-1010.10 linux-cloud-tools-5.13.0-1010-intel - 5.13.0-1010.10 linux-intel-5.13-cloud-tools-5.13.0-1010 - 5.13.0-1010.10 linux-image-unsigned-5.13.0-1010-intel - 5.13.0-1010.10 No subscription required linux-cloud-tools-intel - 5.13.0.1010.11 linux-tools-intel - 5.13.0.1010.11 linux-intel - 5.13.0.1010.11 linux-image-intel - 5.13.0.1010.11 linux-headers-intel - 5.13.0.1010.11 No subscription required High CVE-2021-4083 CVE-2021-4090 CVE-2021-4155 CVE-2021-42327 CVE-2022-0001 CVE-2022-0185 CVE-2022-0330 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0742 CVE-2022-0847 CVE-2022-22942 CVE-2022-23222 CVE-2022-23960 CVE-2022-25636 Ubuntu 20.04 LTS It was discovered that Waitress incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5364-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-waitress-doc - 1.4.1-1ubuntu0.1 python3-waitress - 1.4.1-1ubuntu0.1 No subscription required Medium CVE-2022-24761 Ubuntu 20.04 LTS It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-42392) It was discovered that H2 incorrectly handled some specially crafted connection URLs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-23221) Update Instructions: Run `sudo pro fix USN-5365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libh2-java - 1.4.197-4+deb10u1build0.20.04.1 libh2-java-doc - 1.4.197-4+deb10u1build0.20.04.1 No subscription required High CVE-2021-42392 CVE-2022-23221 Ubuntu 20.04 LTS It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. (CVE-2022-25308) It was discovered that FriBidi incorrectly validated input data to its CapRTL unicode encoder, resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. (CVE-2022-25309) It was discovered that FriBidi incorrectly handled empty input when removing marks from unicode strings, resulting in a crash. An attacker could use this to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. (CVE-2022-25310) Update Instructions: Run `sudo pro fix USN-5366-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfribidi-bin - 1.0.8-2ubuntu0.1 libfribidi0 - 1.0.8-2ubuntu0.1 libfribidi-dev - 1.0.8-2ubuntu0.1 No subscription required Medium CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 Ubuntu 20.04 LTS Justin Steven discovered that fish was not properly filtering local git configuration directives when running background git commands. A remote unauthenticated attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fish - 3.1.0-1.2ubuntu0.1~esm1 fish-common - 3.1.0-1.2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-20001 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that a race condition existed in the poll implementation in the Linux kernel, resulting in a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39698) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43975) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) It was discovered that the eBPF verifier in the Linux kernel did not properly perform bounds checking on mov32 operations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2021-45402) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) It was discovered that the BPF subsystem in the Linux kernel did not properly track pointer types on atomic fetch operations in some situations. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2022-0264) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0382) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5368-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-modules-extra-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-buildinfo-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-azure-5.13-headers-5.13.0-1021 - 5.13.0-1021.24~20.04.1 linux-image-unsigned-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1021 - 5.13.0-1021.24~20.04.1 linux-cloud-tools-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-modules-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-image-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 linux-azure-5.13-tools-5.13.0-1021 - 5.13.0-1021.24~20.04.1 linux-tools-5.13.0-1021-azure - 5.13.0-1021.24~20.04.1 No subscription required linux-oracle-5.13-headers-5.13.0-1025 - 5.13.0-1025.30~20.04.1 linux-modules-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-buildinfo-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-headers-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-modules-extra-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-image-unsigned-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-image-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-tools-5.13.0-1025-oracle - 5.13.0-1025.30~20.04.1 linux-oracle-5.13-tools-5.13.0-1025 - 5.13.0-1025.30~20.04.1 No subscription required linux-tools-azure-edge - 5.13.0.1021.24~20.04.10 linux-azure - 5.13.0.1021.24~20.04.10 linux-image-azure - 5.13.0.1021.24~20.04.10 linux-cloud-tools-azure - 5.13.0.1021.24~20.04.10 linux-cloud-tools-azure-edge - 5.13.0.1021.24~20.04.10 linux-tools-azure - 5.13.0.1021.24~20.04.10 linux-headers-azure-edge - 5.13.0.1021.24~20.04.10 linux-image-azure-edge - 5.13.0.1021.24~20.04.10 linux-modules-extra-azure - 5.13.0.1021.24~20.04.10 linux-azure-edge - 5.13.0.1021.24~20.04.10 linux-modules-extra-azure-edge - 5.13.0.1021.24~20.04.10 linux-headers-azure - 5.13.0.1021.24~20.04.10 No subscription required linux-headers-oracle - 5.13.0.1025.30~20.04.1 linux-headers-oracle-edge - 5.13.0.1025.30~20.04.1 linux-image-oracle - 5.13.0.1025.30~20.04.1 linux-tools-oracle - 5.13.0.1025.30~20.04.1 linux-tools-oracle-edge - 5.13.0.1025.30~20.04.1 linux-oracle-edge - 5.13.0.1025.30~20.04.1 linux-image-oracle-edge - 5.13.0.1025.30~20.04.1 linux-oracle - 5.13.0.1025.30~20.04.1 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-39698 CVE-2021-4135 CVE-2021-4197 CVE-2021-43975 CVE-2021-44733 CVE-2021-45095 CVE-2021-45402 CVE-2021-45480 CVE-2022-0264 CVE-2022-0382 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0742 CVE-2022-1055 CVE-2022-23222 CVE-2022-27666 Ubuntu 20.04 LTS It was discovered that oslo.utils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5369-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-oslo.utils-doc - 4.1.1-0ubuntu1.1 python3-oslo.utils - 4.1.1-0ubuntu1.1 No subscription required Medium CVE-2022-0718 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary code. (CVE-2022-1097, CVE-2022-24713, CVE-2022-28281, CVE-2022-28282, CVE-2022-28284, CVE-2022-28285, CVE-2022-28286, CVE-2022-28288, CVE-2022-28289) A security issue was discovered with the sourceMapURL feature of devtools. An attacker could potentially exploit this to include local files that should have been inaccessible. (CVE-2022-28283) It was discovered that selecting text caused Firefox to crash in some circumstances. An attacker could potentially exploit this to cause a denial of service. (CVE-2022-28287) Update Instructions: Run `sudo pro fix USN-5370-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-nn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ne - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-nb - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fa - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fi - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-fy - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-or - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-kab - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-oc - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-cs - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ga - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gd - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-gu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-pa - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-pl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-cy - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-pt - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-szl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hi - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ms - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-he - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hy - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-as - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ar - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ia - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-az - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-id - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mai - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-af - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-is - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-vi - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-an - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-bs - 99.0+build2-0ubuntu0.20.04.2 firefox - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ro - 99.0+build2-0ubuntu0.20.04.2 firefox-geckodriver - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ja - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ru - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-br - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hant - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hans - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-bn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-be - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-bg - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sl - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-si - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sw - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sv - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-sq - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ko - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-kn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-km - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-kk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ka - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-xh - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ca - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ku - 99.0+build2-0ubuntu0.20.04.2 firefox-mozsymbols - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-lv - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-lt - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-th - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-hsb - 99.0+build2-0ubuntu0.20.04.2 firefox-dev - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-te - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-cak - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ta - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-lg - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-csb - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-tr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-nso - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-de - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-da - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-uk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mr - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-my - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-uz - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ml - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mn - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-mk - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ur - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-eu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-et - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-es - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-it - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-el - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-eo - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-en - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-zu - 99.0+build2-0ubuntu0.20.04.2 firefox-locale-ast - 99.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-1097 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28283 CVE-2022-28284 CVE-2022-28285 CVE-2022-28286 CVE-2022-28287 CVE-2022-28288 CVE-2022-28289 Ubuntu 20.04 LTS It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue was fixed for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11724) It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-36309) It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. If a remote attacker were able to intercept the communication, this issue could be used to redirect traffic between subdomains. (CVE-2021-3618) Update Instructions: Run `sudo pro fix USN-5371-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-stream - 1.18.0-0ubuntu1.3 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.3 nginx-doc - 1.18.0-0ubuntu1.3 libnginx-mod-mail - 1.18.0-0ubuntu1.3 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.3 libnginx-mod-http-echo - 1.18.0-0ubuntu1.3 libnginx-mod-rtmp - 1.18.0-0ubuntu1.3 libnginx-mod-nchan - 1.18.0-0ubuntu1.3 nginx-common - 1.18.0-0ubuntu1.3 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.3 libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.3 nginx-light - 1.18.0-0ubuntu1.3 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.3 nginx-extras - 1.18.0-0ubuntu1.3 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.3 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.3 libnginx-mod-http-lua - 1.18.0-0ubuntu1.3 libnginx-mod-http-perl - 1.18.0-0ubuntu1.3 nginx-core - 1.18.0-0ubuntu1.3 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.3 nginx - 1.18.0-0ubuntu1.3 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.3 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.3 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.3 nginx-full - 1.18.0-0ubuntu1.3 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.3 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.3 No subscription required Medium CVE-2020-11724 CVE-2020-36309 CVE-2021-3618 Ubuntu 20.04 LTS Evgeny Kotkov discovered that Subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. (CVE-2021-28544) Thomas Weißschuh discovered that Subversion servers did not properly handle memory in certain configurations. A remote attacker could potentially use this issue to cause a denial of service or other unspecified impact. (CVE-2022-24070) Update Instructions: Run `sudo pro fix USN-5372-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsvn-dev - 1.13.0-3ubuntu0.1 ruby-svn - 1.13.0-3ubuntu0.1 subversion-tools - 1.13.0-3ubuntu0.1 libapache2-mod-svn - 1.13.0-3ubuntu0.1 python-subversion - 1.13.0-3ubuntu0.1 libsvn1 - 1.13.0-3ubuntu0.1 subversion - 1.13.0-3ubuntu0.1 libsvn-doc - 1.13.0-3ubuntu0.1 libsvn-java - 1.13.0-3ubuntu0.1 libsvn-perl - 1.13.0-3ubuntu0.1 No subscription required Medium CVE-2021-28544 CVE-2022-24070 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate(), aggregate(), and extra() methods. A remote attacker could possibly use this issue to perform an SQL injection attack. (CVE-2022-28346) It was discovered that Django incorrectly handled certain option names in the QuerySet.explain() method. A remote attacker could possibly use this issue to perform an SQL injection attack. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-28347) It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-32052) Update Instructions: Run `sudo pro fix USN-5373-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.11 python-django-doc - 2:2.2.12-1ubuntu0.11 No subscription required High CVE-2021-32052 CVE-2022-28346 CVE-2022-28347 Ubuntu 20.04 LTS It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.2 libarchive-tools - 3.4.0-2ubuntu1.2 libarchive13 - 3.4.0-2ubuntu1.2 No subscription required Medium CVE-2022-26280 Ubuntu 20.04 LTS 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands. Update Instructions: Run `sudo pro fix USN-5376-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.3 gitweb - 1:2.25.1-1ubuntu3.3 git-gui - 1:2.25.1-1ubuntu3.3 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.3 git-el - 1:2.25.1-1ubuntu3.3 gitk - 1:2.25.1-1ubuntu3.3 git-all - 1:2.25.1-1ubuntu3.3 git-mediawiki - 1:2.25.1-1ubuntu3.3 git-daemon-run - 1:2.25.1-1ubuntu3.3 git-man - 1:2.25.1-1ubuntu3.3 git-doc - 1:2.25.1-1ubuntu3.3 git-svn - 1:2.25.1-1ubuntu3.3 git-cvs - 1:2.25.1-1ubuntu3.3 git-email - 1:2.25.1-1ubuntu3.3 No subscription required Medium CVE-2022-24765 Ubuntu 20.04 LTS USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix the issue. This update fixes the problem. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands. Update Instructions: Run `sudo pro fix USN-5376-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.4 gitweb - 1:2.25.1-1ubuntu3.4 git-all - 1:2.25.1-1ubuntu3.4 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.4 git-el - 1:2.25.1-1ubuntu3.4 gitk - 1:2.25.1-1ubuntu3.4 git-gui - 1:2.25.1-1ubuntu3.4 git-mediawiki - 1:2.25.1-1ubuntu3.4 git-daemon-run - 1:2.25.1-1ubuntu3.4 git-man - 1:2.25.1-1ubuntu3.4 git-doc - 1:2.25.1-1ubuntu3.4 git-svn - 1:2.25.1-1ubuntu3.4 git-cvs - 1:2.25.1-1ubuntu3.4 git-email - 1:2.25.1-1ubuntu3.4 No subscription required None https://launchpad.net/bugs/1970260 Ubuntu 20.04 LTS It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) Jürgen Groß discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713) Jürgen Groß discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. (CVE-2021-28714, CVE-2021-28715) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4135) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-44733) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45095) Wenqing Liu discovered that the f2fs file system in the Linux kernel did not properly validate the last xattr entry in an inode. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-45469) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2021-45480) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Update Instructions: Run `sudo pro fix USN-5377-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-tools-5.4.0-1032 - 5.4.0-1032.35 linux-image-unsigned-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-modules-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-image-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-headers-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-tools-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-buildinfo-5.4.0-1032-bluefield - 5.4.0-1032.35 linux-bluefield-headers-5.4.0-1032 - 5.4.0-1032.35 No subscription required linux-bluefield - 5.4.0.1032.33 linux-tools-bluefield - 5.4.0.1032.33 linux-image-bluefield - 5.4.0.1032.33 linux-headers-bluefield - 5.4.0.1032.33 No subscription required High CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-4135 CVE-2021-43976 CVE-2021-44733 CVE-2021-45095 CVE-2021-45469 CVE-2021-45480 CVE-2022-0435 CVE-2022-0492 CVE-2022-1055 CVE-2022-27666 Ubuntu 20.04 LTS Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update Instructions: Run `sudo pro fix USN-5378-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gzip - 1.10-0ubuntu4.1 gzip-win32 - 1.10-0ubuntu4.1 No subscription required Medium CVE-2022-1271 Ubuntu 20.04 LTS Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update Instructions: Run `sudo pro fix USN-5378-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblzma5 - 5.2.4-1ubuntu1.1 liblzma-doc - 5.2.4-1ubuntu1.1 liblzma-dev - 5.2.4-1ubuntu1.1 xz-utils - 5.2.4-1ubuntu1.1 xzdec - 5.2.4-1ubuntu1.1 No subscription required Medium CVE-2022-1271 Ubuntu 20.04 LTS It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31870) It was discovered that klibc did not properly handled some memory allocations on 64 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31871) It was discovered that klibc did not properly handled some file sizes values on 32 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31872) It was discovered that klibc did not properly handled some memory allocations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31873) Update Instructions: Run `sudo pro fix USN-5379-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: klibc-utils - 2.0.7-1ubuntu5.1 libklibc - 2.0.7-1ubuntu5.1 libklibc-dev - 2.0.7-1ubuntu5.1 No subscription required Low CVE-2021-31870 CVE-2021-31871 CVE-2021-31872 CVE-2021-31873 Ubuntu 20.04 LTS It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-5380-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bash-builtins - 5.0-6ubuntu1.2 bash-doc - 5.0-6ubuntu1.2 bash - 5.0-6ubuntu1.2 bash-static - 5.0-6ubuntu1.2 No subscription required Low CVE-2019-18276 Ubuntu 20.04 LTS David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-1015) It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0494) It was discovered that the DMA subsystem in the Linux kernel did not properly ensure bounce buffers were completely overwritten by the DMA device. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0854) Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1011) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223) 赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356) Update Instructions: Run `sudo pro fix USN-5381-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.14.0-1033-oem - 5.14.0-1033.36 linux-oem-5.14-headers-5.14.0-1033 - 5.14.0-1033.36 linux-headers-5.14.0-1033-oem - 5.14.0-1033.36 linux-buildinfo-5.14.0-1033-oem - 5.14.0-1033.36 linux-tools-5.14.0-1033-oem - 5.14.0-1033.36 linux-image-unsigned-5.14.0-1033-oem - 5.14.0-1033.36 linux-modules-5.14.0-1033-oem - 5.14.0-1033.36 linux-oem-5.14-tools-host - 5.14.0-1033.36 linux-oem-5.14-tools-5.14.0-1033 - 5.14.0-1033.36 No subscription required linux-image-oem-20.04c - 5.14.0.1033.30 linux-image-oem-20.04b - 5.14.0.1033.30 linux-image-oem-20.04d - 5.14.0.1033.30 linux-tools-oem-20.04d - 5.14.0.1033.30 linux-tools-oem-20.04c - 5.14.0.1033.30 linux-tools-oem-20.04b - 5.14.0.1033.30 linux-oem-20.04 - 5.14.0.1033.30 linux-image-oem-20.04 - 5.14.0.1033.30 linux-oem-20.04d - 5.14.0.1033.30 linux-oem-20.04c - 5.14.0.1033.30 linux-oem-20.04b - 5.14.0.1033.30 linux-headers-oem-20.04 - 5.14.0.1033.30 linux-headers-oem-20.04b - 5.14.0.1033.30 linux-headers-oem-20.04c - 5.14.0.1033.30 linux-headers-oem-20.04d - 5.14.0.1033.30 linux-tools-oem-20.04 - 5.14.0.1033.30 No subscription required High CVE-2022-0494 CVE-2022-0854 CVE-2022-1011 CVE-2022-1015 CVE-2022-1016 CVE-2022-1048 CVE-2022-24958 CVE-2022-26490 CVE-2022-26966 CVE-2022-27223 CVE-2022-28356 Ubuntu 20.04 LTS Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physical access could use this to cause libinput to crash or expose sensitive information. Update Instructions: Run `sudo pro fix USN-5382-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libinput-dev - 1.15.5-1ubuntu0.3 libinput-bin - 1.15.5-1ubuntu0.3 libinput10 - 1.15.5-1ubuntu0.3 libinput-tools - 1.15.5-1ubuntu0.3 No subscription required Medium CVE-2022-1215 Ubuntu 20.04 LTS David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-1015) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-0617) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448) It was discovered that the VirtIO Bluetooth driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-26878) It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959) Update Instructions: Run `sudo pro fix USN-5383-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-intel-5.13-tools-host - 5.13.0-1011.11 linux-intel-5.13-tools-5.13.0-1011 - 5.13.0-1011.11 linux-image-unsigned-5.13.0-1011-intel - 5.13.0-1011.11 linux-tools-5.13.0-1011-intel - 5.13.0-1011.11 linux-cloud-tools-5.13.0-1011-intel - 5.13.0-1011.11 linux-intel-5.13-cloud-tools-common - 5.13.0-1011.11 linux-intel-5.13-cloud-tools-5.13.0-1011 - 5.13.0-1011.11 linux-modules-5.13.0-1011-intel - 5.13.0-1011.11 linux-headers-5.13.0-1011-intel - 5.13.0-1011.11 linux-buildinfo-5.13.0-1011-intel - 5.13.0-1011.11 linux-modules-extra-5.13.0-1011-intel - 5.13.0-1011.11 linux-intel-5.13-tools-common - 5.13.0-1011.11 linux-intel-5.13-headers-5.13.0-1011 - 5.13.0-1011.11 linux-image-5.13.0-1011-intel - 5.13.0-1011.11 linux-intel-5.13-source-5.13.0 - 5.13.0-1011.11 No subscription required linux-aws-5.13-headers-5.13.0-1022 - 5.13.0-1022.24~20.04.1 linux-tools-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-image-unsigned-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-modules-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-aws-5.13-tools-5.13.0-1022 - 5.13.0-1022.24~20.04.1 linux-buildinfo-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-image-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-cloud-tools-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1022 - 5.13.0-1022.24~20.04.1 linux-headers-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 linux-modules-extra-5.13.0-1022-aws - 5.13.0-1022.24~20.04.1 No subscription required linux-tools-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-image-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1022 - 5.13.0-1022.26~20.04.1 linux-cloud-tools-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-headers-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-azure-5.13-tools-5.13.0-1022 - 5.13.0-1022.26~20.04.1 linux-buildinfo-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-image-unsigned-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-modules-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 linux-azure-5.13-headers-5.13.0-1022 - 5.13.0-1022.26~20.04.1 linux-modules-extra-5.13.0-1022-azure - 5.13.0-1022.26~20.04.1 No subscription required linux-buildinfo-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-gcp-5.13-tools-5.13.0-1024 - 5.13.0-1024.29~20.04.1 linux-image-unsigned-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-gcp-5.13-headers-5.13.0-1024 - 5.13.0-1024.29~20.04.1 linux-image-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-headers-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-modules-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-modules-extra-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 linux-tools-5.13.0-1024-gcp - 5.13.0-1024.29~20.04.1 No subscription required linux-modules-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-oracle-5.13-tools-5.13.0-1027 - 5.13.0-1027.32~20.04.1 linux-tools-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-buildinfo-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-modules-extra-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-headers-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-image-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-image-unsigned-5.13.0-1027-oracle - 5.13.0-1027.32~20.04.1 linux-oracle-5.13-headers-5.13.0-1027 - 5.13.0-1027.32~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-cloud-tools-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-hwe-5.13-headers-5.13.0-40 - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-40 - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-image-unsigned-5.13.0-40-generic-64k - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-image-unsigned-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-buildinfo-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-image-5.13.0-40-generic-lpae - 5.13.0-40.45~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-40.45~20.04.1 linux-image-unsigned-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-modules-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-modules-extra-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-cloud-tools-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-tools-5.13.0-40-generic - 5.13.0-40.45~20.04.1 linux-headers-5.13.0-40-lowlatency - 5.13.0-40.45~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-40.45~20.04.1 linux-hwe-5.13-tools-5.13.0-40 - 5.13.0-40.45~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-40.45~20.04.1 No subscription required linux-image-intel - 5.13.0.1011.12 linux-cloud-tools-intel - 5.13.0.1011.12 linux-tools-intel - 5.13.0.1011.12 linux-intel - 5.13.0.1011.12 linux-headers-intel - 5.13.0.1011.12 No subscription required linux-headers-aws - 5.13.0.1022.24~20.04.15 linux-image-aws - 5.13.0.1022.24~20.04.15 linux-modules-extra-aws-edge - 5.13.0.1022.24~20.04.15 linux-image-aws-edge - 5.13.0.1022.24~20.04.15 linux-aws-edge - 5.13.0.1022.24~20.04.15 linux-aws - 5.13.0.1022.24~20.04.15 linux-headers-aws-edge - 5.13.0.1022.24~20.04.15 linux-modules-extra-aws - 5.13.0.1022.24~20.04.15 linux-tools-aws - 5.13.0.1022.24~20.04.15 linux-tools-aws-edge - 5.13.0.1022.24~20.04.15 No subscription required linux-tools-azure-edge - 5.13.0.1022.26~20.04.11 linux-cloud-tools-azure - 5.13.0.1022.26~20.04.11 linux-tools-azure - 5.13.0.1022.26~20.04.11 linux-image-azure-edge - 5.13.0.1022.26~20.04.11 linux-cloud-tools-azure-edge - 5.13.0.1022.26~20.04.11 linux-modules-extra-azure - 5.13.0.1022.26~20.04.11 linux-azure - 5.13.0.1022.26~20.04.11 linux-image-azure - 5.13.0.1022.26~20.04.11 linux-headers-azure-edge - 5.13.0.1022.26~20.04.11 linux-azure-edge - 5.13.0.1022.26~20.04.11 linux-modules-extra-azure-edge - 5.13.0.1022.26~20.04.11 linux-headers-azure - 5.13.0.1022.26~20.04.11 No subscription required linux-image-gcp-edge - 5.13.0.1024.29~20.04.1 linux-headers-gcp-edge - 5.13.0.1024.29~20.04.1 linux-modules-extra-gcp - 5.13.0.1024.29~20.04.1 linux-tools-gcp - 5.13.0.1024.29~20.04.1 linux-modules-extra-gcp-edge - 5.13.0.1024.29~20.04.1 linux-gcp - 5.13.0.1024.29~20.04.1 linux-tools-gcp-edge - 5.13.0.1024.29~20.04.1 linux-headers-gcp - 5.13.0.1024.29~20.04.1 linux-image-gcp - 5.13.0.1024.29~20.04.1 linux-gcp-edge - 5.13.0.1024.29~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1027.32~20.04.1 linux-tools-oracle-edge - 5.13.0.1027.32~20.04.1 linux-oracle-edge - 5.13.0.1027.32~20.04.1 linux-image-oracle-edge - 5.13.0.1027.32~20.04.1 linux-headers-oracle-edge - 5.13.0.1027.32~20.04.1 linux-image-oracle - 5.13.0.1027.32~20.04.1 linux-tools-oracle - 5.13.0.1027.32~20.04.1 linux-oracle - 5.13.0.1027.32~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-extra-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-lowlatency-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-generic-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-generic-lpae-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-tools-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-image-generic-64k-hwe-20.04 - 5.13.0.40.45~20.04.25 linux-headers-virtual-hwe-20.04 - 5.13.0.40.45~20.04.25 No subscription required High CVE-2021-43976 CVE-2021-44879 CVE-2022-0617 CVE-2022-1015 CVE-2022-1016 CVE-2022-24448 CVE-2022-24959 CVE-2022-26878 Ubuntu 20.04 LTS It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-0617) Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448) It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959) Update Instructions: Run `sudo pro fix USN-5384-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1020 - 5.4.0-1020.22 linux-buildinfo-5.4.0-1020-ibm - 5.4.0-1020.22 linux-ibm-source-5.4.0 - 5.4.0-1020.22 linux-ibm-cloud-tools-common - 5.4.0-1020.22 linux-tools-5.4.0-1020-ibm - 5.4.0-1020.22 linux-ibm-tools-5.4.0-1020 - 5.4.0-1020.22 linux-ibm-tools-common - 5.4.0-1020.22 linux-modules-5.4.0-1020-ibm - 5.4.0-1020.22 linux-modules-extra-5.4.0-1020-ibm - 5.4.0-1020.22 linux-headers-5.4.0-1020-ibm - 5.4.0-1020.22 linux-image-5.4.0-1020-ibm - 5.4.0-1020.22 linux-image-unsigned-5.4.0-1020-ibm - 5.4.0-1020.22 No subscription required linux-gkeop-headers-5.4.0-1039 - 5.4.0-1039.40 linux-image-unsigned-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-modules-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-cloud-tools-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-gkeop-source-5.4.0 - 5.4.0-1039.40 linux-modules-extra-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-gkeop-cloud-tools-5.4.0-1039 - 5.4.0-1039.40 linux-image-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-gkeop-tools-5.4.0-1039 - 5.4.0-1039.40 linux-buildinfo-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-tools-5.4.0-1039-gkeop - 5.4.0-1039.40 linux-headers-5.4.0-1039-gkeop - 5.4.0-1039.40 No subscription required linux-buildinfo-5.4.0-1059-raspi - 5.4.0-1059.67 linux-modules-5.4.0-1059-raspi - 5.4.0-1059.67 linux-image-5.4.0-1059-raspi - 5.4.0-1059.67 linux-headers-5.4.0-1059-raspi - 5.4.0-1059.67 linux-raspi-headers-5.4.0-1059 - 5.4.0-1059.67 linux-raspi-tools-5.4.0-1059 - 5.4.0-1059.67 linux-tools-5.4.0-1059-raspi - 5.4.0-1059.67 No subscription required linux-kvm-headers-5.4.0-1062 - 5.4.0-1062.65 linux-kvm-tools-5.4.0-1062 - 5.4.0-1062.65 linux-headers-5.4.0-1062-kvm - 5.4.0-1062.65 linux-image-unsigned-5.4.0-1062-kvm - 5.4.0-1062.65 linux-modules-5.4.0-1062-kvm - 5.4.0-1062.65 linux-tools-5.4.0-1062-kvm - 5.4.0-1062.65 linux-image-5.4.0-1062-kvm - 5.4.0-1062.65 linux-buildinfo-5.4.0-1062-kvm - 5.4.0-1062.65 No subscription required linux-gke-headers-5.4.0-1068 - 5.4.0-1068.71 linux-tools-5.4.0-1068-gke - 5.4.0-1068.71 linux-buildinfo-5.4.0-1068-gke - 5.4.0-1068.71 linux-modules-5.4.0-1068-gke - 5.4.0-1068.71 linux-modules-extra-5.4.0-1068-gke - 5.4.0-1068.71 linux-image-5.4.0-1068-gke - 5.4.0-1068.71 linux-image-unsigned-5.4.0-1068-gke - 5.4.0-1068.71 linux-headers-5.4.0-1068-gke - 5.4.0-1068.71 linux-gke-tools-5.4.0-1068 - 5.4.0-1068.71 No subscription required linux-oracle-tools-5.4.0-1070 - 5.4.0-1070.76 linux-headers-5.4.0-1070-oracle - 5.4.0-1070.76 linux-image-unsigned-5.4.0-1070-oracle - 5.4.0-1070.76 linux-modules-5.4.0-1070-oracle - 5.4.0-1070.76 linux-tools-5.4.0-1070-oracle - 5.4.0-1070.76 linux-oracle-headers-5.4.0-1070 - 5.4.0-1070.76 linux-modules-extra-5.4.0-1070-oracle - 5.4.0-1070.76 linux-image-5.4.0-1070-oracle - 5.4.0-1070.76 linux-buildinfo-5.4.0-1070-oracle - 5.4.0-1070.76 No subscription required linux-image-unsigned-5.4.0-1072-gcp - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-aws - 5.4.0-1072.77 linux-gcp-tools-5.4.0-1072 - 5.4.0-1072.77 linux-aws-headers-5.4.0-1072 - 5.4.0-1072.77 linux-headers-5.4.0-1072-gcp - 5.4.0-1072.77 linux-tools-5.4.0-1072-gcp - 5.4.0-1072.77 linux-modules-5.4.0-1072-gcp - 5.4.0-1072.77 linux-aws-tools-5.4.0-1072 - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-aws - 5.4.0-1072.77 linux-cloud-tools-5.4.0-1072-aws - 5.4.0-1072.77 linux-image-unsigned-5.4.0-1072-aws - 5.4.0-1072.77 linux-modules-5.4.0-1072-aws - 5.4.0-1072.77 linux-image-5.4.0-1072-gcp - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-gcp - 5.4.0-1072.77 linux-headers-5.4.0-1072-aws - 5.4.0-1072.77 linux-tools-5.4.0-1072-aws - 5.4.0-1072.77 linux-aws-cloud-tools-5.4.0-1072 - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-gcp - 5.4.0-1072.77 linux-image-5.4.0-1072-aws - 5.4.0-1072.77 linux-gcp-headers-5.4.0-1072 - 5.4.0-1072.77 No subscription required linux-image-5.4.0-1076-azure-fde - 5.4.0-1076.79+cvm1.1 linux-image-unsigned-5.4.0-1076-azure-fde - 5.4.0-1076.79+cvm1.1 No subscription required linux-azure-headers-5.4.0-1077 - 5.4.0-1077.80 linux-image-unsigned-5.4.0-1077-azure - 5.4.0-1077.80 linux-modules-extra-5.4.0-1077-azure - 5.4.0-1077.80 linux-tools-5.4.0-1077-azure - 5.4.0-1077.80 linux-azure-tools-5.4.0-1077 - 5.4.0-1077.80 linux-buildinfo-5.4.0-1077-azure - 5.4.0-1077.80 linux-headers-5.4.0-1077-azure - 5.4.0-1077.80 linux-image-5.4.0-1077-azure - 5.4.0-1077.80 linux-azure-cloud-tools-5.4.0-1077 - 5.4.0-1077.80 linux-cloud-tools-5.4.0-1077-azure - 5.4.0-1077.80 linux-modules-5.4.0-1077-azure - 5.4.0-1077.80 No subscription required linux-tools-common - 5.4.0-109.123 linux-buildinfo-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-image-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-tools-host - 5.4.0-109.123 linux-doc - 5.4.0-109.123 linux-buildinfo-5.4.0-109-lowlatency - 5.4.0-109.123 linux-image-5.4.0-109-generic - 5.4.0-109.123 linux-cloud-tools-5.4.0-109-lowlatency - 5.4.0-109.123 linux-image-unsigned-5.4.0-109-generic - 5.4.0-109.123 linux-headers-5.4.0-109-lowlatency - 5.4.0-109.123 linux-libc-dev - 5.4.0-109.123 linux-source-5.4.0 - 5.4.0-109.123 linux-headers-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-modules-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-modules-5.4.0-109-lowlatency - 5.4.0-109.123 linux-cloud-tools-5.4.0-109 - 5.4.0-109.123 linux-tools-5.4.0-109-generic - 5.4.0-109.123 linux-tools-5.4.0-109-generic-lpae - 5.4.0-109.123 linux-image-unsigned-5.4.0-109-lowlatency - 5.4.0-109.123 linux-image-5.4.0-109-lowlatency - 5.4.0-109.123 linux-cloud-tools-common - 5.4.0-109.123 linux-modules-extra-5.4.0-109-generic - 5.4.0-109.123 linux-headers-5.4.0-109 - 5.4.0-109.123 linux-tools-5.4.0-109-lowlatency - 5.4.0-109.123 linux-headers-5.4.0-109-generic - 5.4.0-109.123 linux-cloud-tools-5.4.0-109-generic - 5.4.0-109.123 linux-modules-5.4.0-109-generic - 5.4.0-109.123 linux-buildinfo-5.4.0-109-generic - 5.4.0-109.123 linux-tools-5.4.0-109 - 5.4.0-109.123 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1020.20 linux-modules-extra-ibm - 5.4.0.1020.20 linux-headers-ibm-lts-20.04 - 5.4.0.1020.20 linux-tools-ibm - 5.4.0.1020.20 linux-image-ibm-lts-20.04 - 5.4.0.1020.20 linux-ibm-lts-20.04 - 5.4.0.1020.20 linux-image-ibm - 5.4.0.1020.20 linux-ibm - 5.4.0.1020.20 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1020.20 linux-headers-ibm - 5.4.0.1020.20 No subscription required linux-headers-gkeop - 5.4.0.1039.42 linux-cloud-tools-gkeop-5.4 - 5.4.0.1039.42 linux-image-gkeop - 5.4.0.1039.42 linux-gkeop-5.4 - 5.4.0.1039.42 linux-image-gkeop-5.4 - 5.4.0.1039.42 linux-gkeop - 5.4.0.1039.42 linux-cloud-tools-gkeop - 5.4.0.1039.42 linux-modules-extra-gkeop-5.4 - 5.4.0.1039.42 linux-headers-gkeop-5.4 - 5.4.0.1039.42 linux-modules-extra-gkeop - 5.4.0.1039.42 linux-tools-gkeop - 5.4.0.1039.42 linux-tools-gkeop-5.4 - 5.4.0.1039.42 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-raspi2 - 5.4.0.1059.93 linux-image-raspi - 5.4.0.1059.93 linux-image-raspi-hwe-18.04 - 5.4.0.1059.93 linux-image-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-tools-raspi - 5.4.0.1059.93 linux-headers-raspi-hwe-18.04 - 5.4.0.1059.93 linux-headers-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-headers-raspi - 5.4.0.1059.93 linux-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-image-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-raspi-hwe-18.04 - 5.4.0.1059.93 linux-tools-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-raspi2-hwe-18.04 - 5.4.0.1059.93 linux-image-raspi2 - 5.4.0.1059.93 linux-tools-raspi-hwe-18.04 - 5.4.0.1059.93 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-raspi-hwe-18.04-edge - 5.4.0.1059.93 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1059.93 linux-tools-raspi2 - 5.4.0.1059.93 linux-raspi - 5.4.0.1059.93 linux-headers-raspi2 - 5.4.0.1059.93 No subscription required linux-kvm - 5.4.0.1062.61 linux-headers-kvm - 5.4.0.1062.61 linux-image-kvm - 5.4.0.1062.61 linux-tools-kvm - 5.4.0.1062.61 No subscription required linux-modules-extra-gke - 5.4.0.1068.78 linux-headers-gke-5.4 - 5.4.0.1068.78 linux-tools-gke-5.4 - 5.4.0.1068.78 linux-modules-extra-gke-5.4 - 5.4.0.1068.78 linux-gke-5.4 - 5.4.0.1068.78 linux-tools-gke - 5.4.0.1068.78 linux-gke - 5.4.0.1068.78 linux-image-gke - 5.4.0.1068.78 linux-headers-gke - 5.4.0.1068.78 linux-image-gke-5.4 - 5.4.0.1068.78 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1070.70 linux-headers-oracle-lts-20.04 - 5.4.0.1070.70 linux-oracle-lts-20.04 - 5.4.0.1070.70 linux-image-oracle-lts-20.04 - 5.4.0.1070.70 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1072.74 linux-image-aws-lts-20.04 - 5.4.0.1072.74 linux-headers-aws-lts-20.04 - 5.4.0.1072.74 linux-tools-aws-lts-20.04 - 5.4.0.1072.74 linux-aws-lts-20.04 - 5.4.0.1072.74 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1072.80 linux-gcp-lts-20.04 - 5.4.0.1072.80 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1072.80 linux-headers-gcp-lts-20.04 - 5.4.0.1072.80 linux-image-gcp-lts-20.04 - 5.4.0.1072.80 No subscription required linux-tools-azure-fde - 5.4.0.1076.79+cvm1.21 linux-azure-fde - 5.4.0.1076.79+cvm1.21 linux-image-azure-fde - 5.4.0.1076.79+cvm1.21 linux-cloud-tools-azure-fde - 5.4.0.1076.79+cvm1.21 linux-modules-extra-azure-fde - 5.4.0.1076.79+cvm1.21 linux-headers-azure-fde - 5.4.0.1076.79+cvm1.21 No subscription required linux-azure-lts-20.04 - 5.4.0.1077.75 linux-image-azure-lts-20.04 - 5.4.0.1077.75 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1077.75 linux-modules-extra-azure-lts-20.04 - 5.4.0.1077.75 linux-tools-azure-lts-20.04 - 5.4.0.1077.75 linux-headers-azure-lts-20.04 - 5.4.0.1077.75 No subscription required linux-cloud-tools-virtual - 5.4.0.109.113 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-image-generic-hwe-18.04 - 5.4.0.109.113 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-headers-generic-lpae - 5.4.0.109.113 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-image-virtual - 5.4.0.109.113 linux-generic-hwe-18.04 - 5.4.0.109.113 linux-oem-osp1-tools-host - 5.4.0.109.113 linux-cloud-tools-lowlatency - 5.4.0.109.113 linux-image-generic - 5.4.0.109.113 linux-tools-lowlatency - 5.4.0.109.113 linux-image-oem - 5.4.0.109.113 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.109.113 linux-headers-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-image-extra-virtual-hwe-18.04 - 5.4.0.109.113 linux-image-oem-osp1 - 5.4.0.109.113 linux-image-generic-lpae-hwe-18.04 - 5.4.0.109.113 linux-crashdump - 5.4.0.109.113 linux-tools-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-headers-generic-hwe-18.04 - 5.4.0.109.113 linux-headers-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.109.113 linux-source - 5.4.0.109.113 linux-lowlatency - 5.4.0.109.113 linux-tools-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-tools-generic-lpae - 5.4.0.109.113 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-cloud-tools-generic - 5.4.0.109.113 linux-virtual - 5.4.0.109.113 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-tools-virtual - 5.4.0.109.113 linux-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-generic-lpae - 5.4.0.109.113 linux-headers-oem - 5.4.0.109.113 linux-tools-oem-osp1 - 5.4.0.109.113 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-image-lowlatency - 5.4.0.109.113 linux-image-virtual-hwe-18.04 - 5.4.0.109.113 linux-headers-lowlatency - 5.4.0.109.113 linux-image-generic-hwe-18.04-edge - 5.4.0.109.113 linux-generic-hwe-18.04-edge - 5.4.0.109.113 linux-generic - 5.4.0.109.113 linux-tools-generic-hwe-18.04-edge - 5.4.0.109.113 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.109.113 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-oem - 5.4.0.109.113 linux-tools-generic - 5.4.0.109.113 linux-image-extra-virtual - 5.4.0.109.113 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-oem-tools-host - 5.4.0.109.113 linux-tools-oem - 5.4.0.109.113 linux-headers-oem-osp1 - 5.4.0.109.113 linux-virtual-hwe-18.04 - 5.4.0.109.113 linux-generic-lpae-hwe-18.04 - 5.4.0.109.113 linux-headers-generic-hwe-18.04-edge - 5.4.0.109.113 linux-headers-generic - 5.4.0.109.113 linux-headers-virtual-hwe-18.04 - 5.4.0.109.113 linux-oem-osp1 - 5.4.0.109.113 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.109.113 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.109.113 linux-image-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-headers-virtual - 5.4.0.109.113 linux-tools-virtual-hwe-18.04 - 5.4.0.109.113 linux-lowlatency-hwe-18.04 - 5.4.0.109.113 linux-image-generic-lpae - 5.4.0.109.113 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.109.113 linux-image-virtual-hwe-18.04-edge - 5.4.0.109.113 linux-tools-generic-hwe-18.04 - 5.4.0.109.113 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.109.113 No subscription required Medium CVE-2022-0617 CVE-2022-24448 CVE-2022-24959 Ubuntu 20.04 LTS Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks. Update Instructions: Run `sudo pro fix USN-5386-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-aiohttp - 3.6.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-21330 Ubuntu 20.04 LTS Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service. (CVE-2022-23451, CVE-2022-23452) Update Instructions: Run `sudo pro fix USN-5387-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: barbican-keystone-listener - 1:10.1.0-0ubuntu2.1 barbican-api - 1:10.1.0-0ubuntu2.1 barbican-worker - 1:10.1.0-0ubuntu2.1 barbican-common - 1:10.1.0-0ubuntu2.1 python3-barbican - 1:10.1.0-0ubuntu2.1 barbican-doc - 1:10.1.0-0ubuntu2.1 No subscription required Medium CVE-2022-23451 CVE-2022-23452 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21426) It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21434) It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21443) It was discovered that OpenJDK incorrectly validated certain paths. An attacker could possibly use this issue to bypass the secure validation feature and expose sensitive information in XML files. (CVE-2022-21476) It was discovered that OpenJDK incorrectly parsed certain URI strings. An attacker could possibly use this issue to make applications accept invalid of malformed URI strings. (CVE-2022-21496) Update Instructions: Run `sudo pro fix USN-5388-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jre-zero - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-doc - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jre-headless - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jdk - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jdk-headless - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-jre - 11.0.15+10-0ubuntu0.20.04.1 openjdk-11-demo - 11.0.15+10-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21476 CVE-2022-21496 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly verified ECDSA signatures. An attacker could use this issue to bypass the signature verification process. (CVE-2022-21449) It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21426) It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21434) It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21443) It was discovered that OpenJDK incorrectly validated certain paths. An attacker could possibly use this issue to bypass the secure validation feature and expose sensitive information in XML files. (CVE-2022-21476) It was discovered that OpenJDK incorrectly parsed certain URI strings. An attacker could possibly use this issue to make applications accept invalid of malformed URI strings. (CVE-2022-21496) Update Instructions: Run `sudo pro fix USN-5388-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jdk - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jre-zero - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jdk-headless - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-source - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jre-headless - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-doc - 17.0.3+7-0ubuntu0.20.04.1 openjdk-17-jre - 17.0.3+7-0ubuntu0.20.04.1 No subscription required High CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21449 CVE-2022-21476 CVE-2022-21496 Ubuntu 20.04 LTS Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36084) It was discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36085) It was discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-36086) It was discovered that libsepol incorrectly validated certain data, leading to a heap overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-36087) Update Instructions: Run `sudo pro fix USN-5391-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsepol1 - 3.0-1ubuntu0.1 libsepol1-dev - 3.0-1ubuntu0.1 sepol-utils - 3.0-1ubuntu0.1 No subscription required Low CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32055) It was discovered that Mutt incorrectly handled certain input. An attacker could possibly use this issue to cause a crash, or expose sensitive information. (CVE-2022-1328) Update Instructions: Run `sudo pro fix USN-5392-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.5 No subscription required Medium CVE-2021-32055 CVE-2022-1328 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. (CVE-2022-1097, CVE-2022-1196, CVE-2022-28281, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289) It was discovered that Thunderbird ignored OpenPGP revocation when importing a revoked key in some circumstances. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message or tricking them into use a revoked key to send an encrypted message. (CVE-2022-1197) Update Instructions: Run `sudo pro fix USN-5393-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.8.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.8.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.8.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.8.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1097 CVE-2022-1196 CVE-2022-1197 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5394-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-37-gtk2 - 2.36.0-0ubuntu0.20.04.3 libjavascriptcoregtk-4.0-dev - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-37 - 2.36.0-0ubuntu0.20.04.3 webkit2gtk-driver - 2.36.0-0ubuntu0.20.04.3 libjavascriptcoregtk-4.0-18 - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-doc - 2.36.0-0ubuntu0.20.04.3 libjavascriptcoregtk-4.0-bin - 2.36.0-0ubuntu0.20.04.3 gir1.2-webkit2-4.0 - 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-dev - 2.36.0-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22637 Ubuntu 20.04 LTS It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. (CVE-2022-29799, CVE-2022-29800) Update Instructions: Run `sudo pro fix USN-5395-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: networkd-dispatcher - 2.1-2~ubuntu20.04.2 No subscription required High CVE-2022-29799 CVE-2022-29800 Ubuntu 20.04 LTS USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. (CVE-2022-29799, CVE-2022-29800) Update Instructions: Run `sudo pro fix USN-5395-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: networkd-dispatcher - 2.1-2~ubuntu20.04.3 No subscription required None https://launchpad.net/bugs/1971550 Ubuntu 20.04 LTS Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2. An attacker could possibly use this issue to access sensitive information. (CVE-2022-22576) Harry Sintonen discovered that curl incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776) Update Instructions: Run `sudo pro fix USN-5397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.10 libcurl4-openssl-dev - 7.68.0-1ubuntu2.10 libcurl3-gnutls - 7.68.0-1ubuntu2.10 libcurl4-doc - 7.68.0-1ubuntu2.10 libcurl3-nss - 7.68.0-1ubuntu2.10 libcurl4-nss-dev - 7.68.0-1ubuntu2.10 libcurl4 - 7.68.0-1ubuntu2.10 curl - 7.68.0-1ubuntu2.10 No subscription required Medium CVE-2022-22576 CVE-2022-27774 CVE-2022-27775 CVE-2022-27776 Ubuntu 20.04 LTS It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3667) It was discovered that libvirt incorrectly handled threads during shutdown. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3975) It was discovered that libvirt incorrectly handled the libxl driver. An attacker inside a guest could possibly use this issue to cause libvirtd to crash or stop responding, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2021-4147) It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2022-0897) It was discovered that libvirt incorrectly handled the polkit access control driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-25637) It was discovered that libvirt incorrectly generated SELinux labels. In environments using SELinux, this issue could allow the sVirt confinement to be bypassed. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3631) Update Instructions: Run `sudo pro fix USN-5399-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirt0 - 6.0.0-0ubuntu8.16 libvirt-dev - 6.0.0-0ubuntu8.16 libnss-libvirt - 6.0.0-0ubuntu8.16 libvirt-daemon - 6.0.0-0ubuntu8.16 libvirt-daemon-system-systemd - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-xen - 6.0.0-0ubuntu8.16 libvirt-sanlock - 6.0.0-0ubuntu8.16 libvirt-wireshark - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-vbox - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-qemu - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-storage-gluster - 6.0.0-0ubuntu8.16 libvirt-doc - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-storage-rbd - 6.0.0-0ubuntu8.16 libvirt-daemon-system-sysv - 6.0.0-0ubuntu8.16 libvirt-daemon-system - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-lxc - 6.0.0-0ubuntu8.16 libvirt-clients - 6.0.0-0ubuntu8.16 libvirt-daemon-driver-storage-zfs - 6.0.0-0ubuntu8.16 No subscription required Low CVE-2020-25637 CVE-2021-3631 CVE-2021-3667 CVE-2021-3975 CVE-2021-4147 CVE-2022-0897 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.html https://www.oracle.com/security-alerts/cpuapr2022.html Update Instructions: Run `sudo pro fix USN-5400-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.29-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.29-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-router - 8.0.29-0ubuntu0.20.04.2 mysql-server - 8.0.29-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.29-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-testsuite - 8.0.29-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.29-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.29-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-21412 CVE-2022-21413 CVE-2022-21414 CVE-2022-21415 CVE-2022-21417 CVE-2022-21418 CVE-2022-21423 CVE-2022-21425 CVE-2022-21427 CVE-2022-21435 CVE-2022-21436 CVE-2022-21437 CVE-2022-21438 CVE-2022-21440 CVE-2022-21444 CVE-2022-21451 CVE-2022-21452 CVE-2022-21454 CVE-2022-21457 CVE-2022-21459 CVE-2022-21460 CVE-2022-21462 CVE-2022-21478 Ubuntu 20.04 LTS USN-5400-1 fixed vulnerabilities in MySQL. The fix breaks existing charm configurations. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.html https://www.oracle.com/security-alerts/cpuapr2022.html Update Instructions: Run `sudo pro fix USN-5400-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.29-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.29-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.29-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-router - 8.0.29-0ubuntu0.20.04.3 mysql-server - 8.0.29-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.29-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-testsuite - 8.0.29-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.29-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.29-0ubuntu0.20.04.3 No subscription required None https://launchpad.net/bugs/1971565 Ubuntu 20.04 LTS Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3839) It was discovered that DPDK incorrectly handled inflight type messages. An attacker could possibly use this issue to cause DPDK to consume resources, leading to a denial of service. (CVE-2022-0669) Update Instructions: Run `sudo pro fix USN-5401-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-memif20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk-igb-uio-dkms - 19.11.12-0ubuntu0.20.04.1 librte-pmd-iavf20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-enic20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-af-packet20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-netvsc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx2-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-ifpga20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-dpaa2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-stack0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-e1000-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bbdev-null20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pipeline20.0 - 19.11.12-0ubuntu0.20.04.1 librte-sched20.0 - 19.11.12-0ubuntu0.20.04.1 librte-distributor20.0 - 19.11.12-0ubuntu0.20.04.1 librte-efd20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ark20.0 - 19.11.12-0ubuntu0.20.04.1 librte-gro20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-sfc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-failsafe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-pcap20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-meter20.0 - 19.11.12-0ubuntu0.20.04.1 librte-hash20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ring20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-octeontx20.0 - 19.11.12-0ubuntu0.20.04.1 librte-telemetry0.200 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-skeleton20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bond20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-ioat20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-skeleton-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-mlx5-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-dpaa2-cmdif20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-fm10k20.0 - 19.11.12-0ubuntu0.20.04.1 librte-cryptodev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-i40e20.0 - 19.11.12-0ubuntu0.20.04.1 librte-cmdline20.0 - 19.11.12-0ubuntu0.20.04.1 librte-jobstats20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk-dev - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ccp20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-atlantic20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-sw-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ip-frag20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-isal20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dsw-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-nitrox20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-kni20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-bucket20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa2-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-gso20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-vdev-netvsc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-openssl20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bnx2x20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx-compress20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-hinic20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-dpaa20.0 - 19.11.12-0ubuntu0.20.04.1 librte-latencystats20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-octeontx2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-kvargs20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-fslmc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-avp20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pdump20.0 - 19.11.12-0ubuntu0.20.04.1 librte-metrics20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bbdev0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa-sec20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-vmbus20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bnxt20.0 - 19.11.12-0ubuntu0.20.04.1 librte-timer20.0 - 19.11.12-0ubuntu0.20.04.1 librte-cfgfile20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rcu0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-qat20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool20.0 - 19.11.12-0ubuntu0.20.04.1 libdpdk-dev - 19.11.12-0ubuntu0.20.04.1 librte-pmd-null20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-virtio20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-axgbe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-port20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-aesni-mb20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-ntb20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-softnic20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk-doc - 19.11.12-0ubuntu0.20.04.1 librte-pmd-mlx4-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-net20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-null-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ena20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ice20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-dpaax20.0 - 19.11.12-0ubuntu0.20.04.1 librte-member20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-pci20.0 - 19.11.12-0ubuntu0.20.04.1 librte-kni20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-thunderx20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-octeontx20.0 - 19.11.12-0ubuntu0.20.04.1 dpdk - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ifc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-opdl-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pci20.0 - 19.11.12-0ubuntu0.20.04.1 librte-eal20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-bbdev-turbo-sw20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ethdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-table20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-hns3-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-ipsec0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-zlib20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bitratestats20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa2-sec20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-caam-jr20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-octeontx2-dma20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mbuf20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-stack20.0 - 19.11.12-0ubuntu0.20.04.1 librte-power20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-liquidio20.0 - 19.11.12-0ubuntu0.20.04.1 librte-vhost20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-vhost20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-virtio-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-reorder20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-qede20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-pfe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-flow-classify0.200 - 19.11.12-0ubuntu0.20.04.1 librte-rib0.200 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-cxgbe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-mempool-ring20.0 - 19.11.12-0ubuntu0.20.04.1 librte-acl20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-cpt20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-aesni-gcm20.0 - 19.11.12-0ubuntu0.20.04.1 librte-rawdev-dpaa2-qdma20.0 - 19.11.12-0ubuntu0.20.04.1 librte-lpm20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-tap20.0 - 19.11.12-0ubuntu0.20.04.1 librte-eventdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-nfp20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-dpaa20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ring20.0 - 19.11.12-0ubuntu0.20.04.1 librte-bus-vdev20.0 - 19.11.12-0ubuntu0.20.04.1 librte-common-octeontx2-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-ixgbe20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-vmxnet3-20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-crypto-scheduler20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-enetc20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-dpaa-event20.0 - 19.11.12-0ubuntu0.20.04.1 librte-pmd-octeontx2-crypto20.0 - 19.11.12-0ubuntu0.20.04.1 librte-security20.0 - 19.11.12-0ubuntu0.20.04.1 librte-compressdev0.200 - 19.11.12-0ubuntu0.20.04.1 librte-fib0.200 - 19.11.12-0ubuntu0.20.04.1 librte-bpf0.200 - 19.11.12-0ubuntu0.20.04.1 No subscription required Medium CVE-2021-3839 CVE-2022-0669 Ubuntu 20.04 LTS Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. (CVE-2022-1292) Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote attacker could possibly use this issue to spoof certain response signing certificates. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1343) Tom Colley discovered that OpenSSL used the incorrect MAC key in the RC4-MD5 ciphersuite. In non-default configurations were RC4-MD5 is enabled, a remote attacker could possibly use this issue to modify encrypted communications. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1434) Aliaksei Levin discovered that OpenSSL incorrectly handled resources when decoding certificates and keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473) Update Instructions: Run `sudo pro fix USN-5402-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.13 libssl-dev - 1.1.1f-1ubuntu2.13 openssl - 1.1.1f-1ubuntu2.13 libssl-doc - 1.1.1f-1ubuntu2.13 No subscription required Medium CVE-2022-1292 CVE-2022-1343 CVE-2022-1434 CVE-2022-1473 Ubuntu 20.04 LTS It was discovered that SQLite command-line component incorrectly handled certain queries. An attacker could possibly use this issue to cause a crash or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5403-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.3 sqlite3-doc - 3.31.1-4ubuntu0.3 libsqlite3-0 - 3.31.1-4ubuntu0.3 libsqlite3-tcl - 3.31.1-4ubuntu0.3 sqlite3 - 3.31.1-4ubuntu0.3 libsqlite3-dev - 3.31.1-4ubuntu0.3 No subscription required Negligible CVE-2021-36690 Ubuntu 20.04 LTS Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-5404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsyslog-gssapi - 8.2001.0-1ubuntu1.3 rsyslog-czmq - 8.2001.0-1ubuntu1.3 rsyslog-pgsql - 8.2001.0-1ubuntu1.3 rsyslog-hiredis - 8.2001.0-1ubuntu1.3 rsyslog-mysql - 8.2001.0-1ubuntu1.3 rsyslog-gnutls - 8.2001.0-1ubuntu1.3 rsyslog-openssl - 8.2001.0-1ubuntu1.3 rsyslog - 8.2001.0-1ubuntu1.3 rsyslog-relp - 8.2001.0-1ubuntu1.3 rsyslog-mongodb - 8.2001.0-1ubuntu1.3 rsyslog-elasticsearch - 8.2001.0-1ubuntu1.3 rsyslog-kafka - 8.2001.0-1ubuntu1.3 No subscription required Medium CVE-2022-24903 Ubuntu 20.04 LTS Petr Menšík and Richard Johnson discovered that Dnsmasq incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or expose sensitive information. Update Instructions: Run `sudo pro fix USN-5408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.5 dnsmasq-base-lua - 2.80-1.1ubuntu1.5 dnsmasq-utils - 2.80-1.1ubuntu1.5 dnsmasq-base - 2.80-1.1ubuntu1.5 No subscription required Medium CVE-2022-0934 Ubuntu 20.04 LTS Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NSS to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.7 libnss3 - 2:3.49.1-1ubuntu1.7 libnss3-tools - 2:3.49.1-1ubuntu1.7 No subscription required Low CVE-2020-25648 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5411-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 100.0+build2-0ubuntu0.20.04.1 firefox - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 100.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 100.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 100.0+build2-0ubuntu0.20.04.1 firefox-dev - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 100.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 100.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29914 CVE-2022-29915 CVE-2022-29916 CVE-2022-29917 CVE-2022-29918 Ubuntu 20.04 LTS Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-27780) Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server's certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service. (CVE-2022-27781) Harry Sintonen discovered that curl incorrectly reused a previous connection when certain options had been changed, contrary to expectations. (CVE-2022-27782) Update Instructions: Run `sudo pro fix USN-5412-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.11 libcurl4-openssl-dev - 7.68.0-1ubuntu2.11 libcurl3-gnutls - 7.68.0-1ubuntu2.11 libcurl4-doc - 7.68.0-1ubuntu2.11 libcurl3-nss - 7.68.0-1ubuntu2.11 libcurl4-nss-dev - 7.68.0-1ubuntu2.11 libcurl4 - 7.68.0-1ubuntu2.11 curl - 7.68.0-1ubuntu2.11 No subscription required Medium CVE-2022-27780 CVE-2022-27781 CVE-2022-27782 Ubuntu 20.04 LTS Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-27820) Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-26401) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-20008) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-25258) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-25375) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223) Update Instructions: Run `sudo pro fix USN-5415-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1021 - 5.4.0-1021.23 linux-buildinfo-5.4.0-1021-ibm - 5.4.0-1021.23 linux-image-5.4.0-1021-ibm - 5.4.0-1021.23 linux-ibm-tools-common - 5.4.0-1021.23 linux-image-unsigned-5.4.0-1021-ibm - 5.4.0-1021.23 linux-modules-5.4.0-1021-ibm - 5.4.0-1021.23 linux-modules-extra-5.4.0-1021-ibm - 5.4.0-1021.23 linux-ibm-tools-5.4.0-1021 - 5.4.0-1021.23 linux-tools-5.4.0-1021-ibm - 5.4.0-1021.23 linux-headers-5.4.0-1021-ibm - 5.4.0-1021.23 linux-ibm-source-5.4.0 - 5.4.0-1021.23 linux-ibm-cloud-tools-common - 5.4.0-1021.23 No subscription required linux-image-unsigned-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-modules-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-gkeop-headers-5.4.0-1040 - 5.4.0-1040.41 linux-gkeop-cloud-tools-5.4.0-1040 - 5.4.0-1040.41 linux-gkeop-tools-5.4.0-1040 - 5.4.0-1040.41 linux-headers-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-gkeop-source-5.4.0 - 5.4.0-1040.41 linux-image-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-cloud-tools-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-modules-extra-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-buildinfo-5.4.0-1040-gkeop - 5.4.0-1040.41 linux-tools-5.4.0-1040-gkeop - 5.4.0-1040.41 No subscription required linux-buildinfo-5.4.0-1060-raspi - 5.4.0-1060.68 linux-headers-5.4.0-1060-raspi - 5.4.0-1060.68 linux-modules-5.4.0-1060-raspi - 5.4.0-1060.68 linux-raspi-tools-5.4.0-1060 - 5.4.0-1060.68 linux-tools-5.4.0-1060-raspi - 5.4.0-1060.68 linux-image-5.4.0-1060-raspi - 5.4.0-1060.68 linux-raspi-headers-5.4.0-1060 - 5.4.0-1060.68 No subscription required linux-image-unsigned-5.4.0-1063-kvm - 5.4.0-1063.66 linux-image-5.4.0-1063-kvm - 5.4.0-1063.66 linux-kvm-headers-5.4.0-1063 - 5.4.0-1063.66 linux-kvm-tools-5.4.0-1063 - 5.4.0-1063.66 linux-headers-5.4.0-1063-kvm - 5.4.0-1063.66 linux-buildinfo-5.4.0-1063-kvm - 5.4.0-1063.66 linux-modules-5.4.0-1063-kvm - 5.4.0-1063.66 linux-tools-5.4.0-1063-kvm - 5.4.0-1063.66 No subscription required linux-image-5.4.0-1071-gke - 5.4.0-1071.76 linux-headers-5.4.0-1071-gke - 5.4.0-1071.76 linux-tools-5.4.0-1071-gke - 5.4.0-1071.76 linux-modules-extra-5.4.0-1071-gke - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-gke - 5.4.0-1071.76 linux-buildinfo-5.4.0-1071-gke - 5.4.0-1071.76 linux-modules-5.4.0-1071-gke - 5.4.0-1071.76 linux-gke-tools-5.4.0-1071 - 5.4.0-1071.76 linux-gke-headers-5.4.0-1071 - 5.4.0-1071.76 No subscription required linux-headers-5.4.0-1071-oracle - 5.4.0-1071.77 linux-oracle-tools-5.4.0-1071 - 5.4.0-1071.77 linux-tools-5.4.0-1071-oracle - 5.4.0-1071.77 linux-modules-extra-5.4.0-1071-oracle - 5.4.0-1071.77 linux-buildinfo-5.4.0-1071-oracle - 5.4.0-1071.77 linux-image-unsigned-5.4.0-1071-oracle - 5.4.0-1071.77 linux-oracle-headers-5.4.0-1071 - 5.4.0-1071.77 linux-modules-5.4.0-1071-oracle - 5.4.0-1071.77 linux-image-5.4.0-1071-oracle - 5.4.0-1071.77 No subscription required linux-gcp-headers-5.4.0-1073 - 5.4.0-1073.78 linux-image-5.4.0-1073-aws - 5.4.0-1073.78 linux-modules-5.4.0-1073-aws - 5.4.0-1073.78 linux-cloud-tools-5.4.0-1073-aws - 5.4.0-1073.78 linux-headers-5.4.0-1073-aws - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-gcp - 5.4.0-1073.78 linux-image-5.4.0-1073-gcp - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-aws - 5.4.0-1073.78 linux-aws-headers-5.4.0-1073 - 5.4.0-1073.78 linux-modules-extra-5.4.0-1073-aws - 5.4.0-1073.78 linux-aws-tools-5.4.0-1073 - 5.4.0-1073.78 linux-tools-5.4.0-1073-aws - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-aws - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-gcp - 5.4.0-1073.78 linux-headers-5.4.0-1073-gcp - 5.4.0-1073.78 linux-tools-5.4.0-1073-gcp - 5.4.0-1073.78 linux-aws-cloud-tools-5.4.0-1073 - 5.4.0-1073.78 linux-modules-extra-5.4.0-1073-gcp - 5.4.0-1073.78 linux-modules-5.4.0-1073-gcp - 5.4.0-1073.78 linux-gcp-tools-5.4.0-1073 - 5.4.0-1073.78 No subscription required linux-azure-headers-5.4.0-1078 - 5.4.0-1078.81 linux-buildinfo-5.4.0-1078-azure - 5.4.0-1078.81 linux-cloud-tools-5.4.0-1078-azure - 5.4.0-1078.81 linux-headers-5.4.0-1078-azure - 5.4.0-1078.81 linux-tools-5.4.0-1078-azure - 5.4.0-1078.81 linux-image-unsigned-5.4.0-1078-azure - 5.4.0-1078.81 linux-modules-extra-5.4.0-1078-azure - 5.4.0-1078.81 linux-azure-cloud-tools-5.4.0-1078 - 5.4.0-1078.81 linux-image-5.4.0-1078-azure - 5.4.0-1078.81 linux-azure-tools-5.4.0-1078 - 5.4.0-1078.81 linux-modules-5.4.0-1078-azure - 5.4.0-1078.81 No subscription required linux-image-unsigned-5.4.0-1078-azure-fde - 5.4.0-1078.81+cvm1.1 linux-image-5.4.0-1078-azure-fde - 5.4.0-1078.81+cvm1.1 No subscription required linux-tools-common - 5.4.0-110.124 linux-headers-5.4.0-110-lowlatency - 5.4.0-110.124 linux-image-unsigned-5.4.0-110-lowlatency - 5.4.0-110.124 linux-cloud-tools-5.4.0-110 - 5.4.0-110.124 linux-tools-host - 5.4.0-110.124 linux-tools-5.4.0-110 - 5.4.0-110.124 linux-modules-5.4.0-110-generic - 5.4.0-110.124 linux-doc - 5.4.0-110.124 linux-buildinfo-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-image-5.4.0-110-generic - 5.4.0-110.124 linux-headers-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-cloud-tools-5.4.0-110-generic - 5.4.0-110.124 linux-tools-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-libc-dev - 5.4.0-110.124 linux-source-5.4.0 - 5.4.0-110.124 linux-tools-5.4.0-110-generic - 5.4.0-110.124 linux-image-5.4.0-110-lowlatency - 5.4.0-110.124 linux-buildinfo-5.4.0-110-generic - 5.4.0-110.124 linux-image-5.4.0-110-generic-lpae - 5.4.0-110.124 linux-buildinfo-5.4.0-110-lowlatency - 5.4.0-110.124 linux-headers-5.4.0-110 - 5.4.0-110.124 linux-cloud-tools-5.4.0-110-lowlatency - 5.4.0-110.124 linux-modules-extra-5.4.0-110-generic - 5.4.0-110.124 linux-cloud-tools-common - 5.4.0-110.124 linux-modules-5.4.0-110-lowlatency - 5.4.0-110.124 linux-headers-5.4.0-110-generic - 5.4.0-110.124 linux-image-unsigned-5.4.0-110-generic - 5.4.0-110.124 linux-tools-5.4.0-110-lowlatency - 5.4.0-110.124 linux-modules-5.4.0-110-generic-lpae - 5.4.0-110.124 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1021.21 linux-image-ibm - 5.4.0.1021.21 linux-tools-ibm - 5.4.0.1021.21 linux-headers-ibm-lts-20.04 - 5.4.0.1021.21 linux-image-ibm-lts-20.04 - 5.4.0.1021.21 linux-ibm-lts-20.04 - 5.4.0.1021.21 linux-modules-extra-ibm - 5.4.0.1021.21 linux-ibm - 5.4.0.1021.21 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1021.21 linux-headers-ibm - 5.4.0.1021.21 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1040.43 linux-image-gkeop - 5.4.0.1040.43 linux-gkeop-5.4 - 5.4.0.1040.43 linux-headers-gkeop - 5.4.0.1040.43 linux-image-gkeop-5.4 - 5.4.0.1040.43 linux-gkeop - 5.4.0.1040.43 linux-cloud-tools-gkeop - 5.4.0.1040.43 linux-modules-extra-gkeop-5.4 - 5.4.0.1040.43 linux-headers-gkeop-5.4 - 5.4.0.1040.43 linux-modules-extra-gkeop - 5.4.0.1040.43 linux-tools-gkeop - 5.4.0.1040.43 linux-tools-gkeop-5.4 - 5.4.0.1040.43 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-raspi2 - 5.4.0.1060.94 linux-image-raspi-hwe-18.04 - 5.4.0.1060.94 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-tools-raspi - 5.4.0.1060.94 linux-headers-raspi-hwe-18.04 - 5.4.0.1060.94 linux-headers-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-headers-raspi - 5.4.0.1060.94 linux-image-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-raspi-hwe-18.04 - 5.4.0.1060.94 linux-tools-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-raspi2-hwe-18.04 - 5.4.0.1060.94 linux-image-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-image-raspi2 - 5.4.0.1060.94 linux-tools-raspi-hwe-18.04 - 5.4.0.1060.94 linux-raspi-hwe-18.04-edge - 5.4.0.1060.94 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1060.94 linux-image-raspi - 5.4.0.1060.94 linux-tools-raspi2 - 5.4.0.1060.94 linux-raspi - 5.4.0.1060.94 linux-headers-raspi2 - 5.4.0.1060.94 No subscription required linux-kvm - 5.4.0.1063.62 linux-headers-kvm - 5.4.0.1063.62 linux-image-kvm - 5.4.0.1063.62 linux-tools-kvm - 5.4.0.1063.62 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1071.71 linux-headers-oracle-lts-20.04 - 5.4.0.1071.71 linux-oracle-lts-20.04 - 5.4.0.1071.71 linux-image-oracle-lts-20.04 - 5.4.0.1071.71 No subscription required linux-modules-extra-gke - 5.4.0.1071.80 linux-headers-gke-5.4 - 5.4.0.1071.80 linux-tools-gke-5.4 - 5.4.0.1071.80 linux-modules-extra-gke-5.4 - 5.4.0.1071.80 linux-gke-5.4 - 5.4.0.1071.80 linux-tools-gke - 5.4.0.1071.80 linux-gke - 5.4.0.1071.80 linux-headers-gke - 5.4.0.1071.80 linux-image-gke - 5.4.0.1071.80 linux-image-gke-5.4 - 5.4.0.1071.80 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1073.75 linux-headers-aws-lts-20.04 - 5.4.0.1073.75 linux-tools-aws-lts-20.04 - 5.4.0.1073.75 linux-modules-extra-aws-lts-20.04 - 5.4.0.1073.75 linux-aws-lts-20.04 - 5.4.0.1073.75 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1073.81 linux-tools-gcp-lts-20.04 - 5.4.0.1073.81 linux-gcp-lts-20.04 - 5.4.0.1073.81 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1073.81 linux-image-gcp-lts-20.04 - 5.4.0.1073.81 No subscription required linux-azure-lts-20.04 - 5.4.0.1078.76 linux-image-azure-lts-20.04 - 5.4.0.1078.76 linux-headers-azure-lts-20.04 - 5.4.0.1078.76 linux-modules-extra-azure-lts-20.04 - 5.4.0.1078.76 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1078.76 linux-tools-azure-lts-20.04 - 5.4.0.1078.76 No subscription required linux-image-azure-fde - 5.4.0.1078.81+cvm1.22 linux-tools-azure-fde - 5.4.0.1078.81+cvm1.22 linux-azure-fde - 5.4.0.1078.81+cvm1.22 linux-cloud-tools-azure-fde - 5.4.0.1078.81+cvm1.22 linux-modules-extra-azure-fde - 5.4.0.1078.81+cvm1.22 linux-headers-azure-fde - 5.4.0.1078.81+cvm1.22 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-cloud-tools-virtual - 5.4.0.110.114 linux-image-generic-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-image-virtual - 5.4.0.110.114 linux-cloud-tools-lowlatency - 5.4.0.110.114 linux-image-generic - 5.4.0.110.114 linux-image-oem - 5.4.0.110.114 linux-image-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-generic-lpae - 5.4.0.110.114 linux-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-image-extra-virtual-hwe-18.04 - 5.4.0.110.114 linux-oem - 5.4.0.110.114 linux-image-oem-osp1 - 5.4.0.110.114 linux-image-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-crashdump - 5.4.0.110.114 linux-tools-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-generic-hwe-18.04 - 5.4.0.110.114 linux-tools-oem - 5.4.0.110.114 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-headers-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-headers-generic-lpae - 5.4.0.110.114 linux-source - 5.4.0.110.114 linux-lowlatency - 5.4.0.110.114 linux-tools-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-tools-generic-lpae - 5.4.0.110.114 linux-cloud-tools-generic - 5.4.0.110.114 linux-virtual - 5.4.0.110.114 linux-headers-virtual-hwe-18.04 - 5.4.0.110.114 linux-tools-generic - 5.4.0.110.114 linux-virtual-hwe-18.04 - 5.4.0.110.114 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-tools-virtual - 5.4.0.110.114 linux-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-oem - 5.4.0.110.114 linux-generic - 5.4.0.110.114 linux-tools-oem-osp1 - 5.4.0.110.114 linux-tools-generic-hwe-18.04-edge - 5.4.0.110.114 linux-image-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-image-virtual-hwe-18.04 - 5.4.0.110.114 linux-lowlatency-hwe-18.04 - 5.4.0.110.114 linux-headers-lowlatency - 5.4.0.110.114 linux-image-generic-hwe-18.04-edge - 5.4.0.110.114 linux-generic-hwe-18.04-edge - 5.4.0.110.114 linux-generic-hwe-18.04 - 5.4.0.110.114 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-image-extra-virtual - 5.4.0.110.114 linux-oem-tools-host - 5.4.0.110.114 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-oem-osp1-tools-host - 5.4.0.110.114 linux-headers-oem-osp1 - 5.4.0.110.114 linux-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-headers-generic-hwe-18.04-edge - 5.4.0.110.114 linux-headers-generic - 5.4.0.110.114 linux-oem-osp1 - 5.4.0.110.114 linux-tools-generic-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.110.114 linux-tools-lowlatency - 5.4.0.110.114 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.110.114 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-virtual-hwe-18.04-edge - 5.4.0.110.114 linux-headers-virtual - 5.4.0.110.114 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.110.114 linux-tools-virtual-hwe-18.04 - 5.4.0.110.114 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.110.114 linux-image-generic-lpae - 5.4.0.110.114 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.110.114 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.110.114 linux-image-lowlatency - 5.4.0.110.114 No subscription required Medium CVE-2020-27820 CVE-2021-26401 CVE-2022-1016 CVE-2022-20008 CVE-2022-25258 CVE-2022-25375 CVE-2022-26490 CVE-2022-27223 Ubuntu 20.04 LTS Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1516) It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28388) It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28389) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390) Update Instructions: Run `sudo pro fix USN-5416-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.14.0-1036-oem - 5.14.0-1036.40 linux-image-unsigned-5.14.0-1036-oem - 5.14.0-1036.40 linux-tools-5.14.0-1036-oem - 5.14.0-1036.40 linux-headers-5.14.0-1036-oem - 5.14.0-1036.40 linux-buildinfo-5.14.0-1036-oem - 5.14.0-1036.40 linux-modules-5.14.0-1036-oem - 5.14.0-1036.40 linux-oem-5.14-headers-5.14.0-1036 - 5.14.0-1036.40 linux-oem-5.14-tools-5.14.0-1036 - 5.14.0-1036.40 linux-oem-5.14-tools-host - 5.14.0-1036.40 No subscription required linux-image-oem-20.04c - 5.14.0.1036.33 linux-image-oem-20.04b - 5.14.0.1036.33 linux-image-oem-20.04d - 5.14.0.1036.33 linux-headers-oem-20.04 - 5.14.0.1036.33 linux-tools-oem-20.04c - 5.14.0.1036.33 linux-tools-oem-20.04b - 5.14.0.1036.33 linux-oem-20.04 - 5.14.0.1036.33 linux-image-oem-20.04 - 5.14.0.1036.33 linux-oem-20.04d - 5.14.0.1036.33 linux-oem-20.04c - 5.14.0.1036.33 linux-oem-20.04b - 5.14.0.1036.33 linux-tools-oem-20.04d - 5.14.0.1036.33 linux-headers-oem-20.04b - 5.14.0.1036.33 linux-headers-oem-20.04c - 5.14.0.1036.33 linux-headers-oem-20.04d - 5.14.0.1036.33 linux-tools-oem-20.04 - 5.14.0.1036.33 No subscription required Medium CVE-2022-1158 CVE-2022-1516 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 Ubuntu 20.04 LTS Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-26401) It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-20008) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-25258) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-25375) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223) Miaoqian Lin discovered that the RDMA Transport (RTRS) client implementation in the Linux kernel contained a double-free when handling certain error conditions. An attacker could use this to cause a denial of service (system crash). (CVE-2022-29156) Update Instructions: Run `sudo pro fix USN-5417-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.13-headers-5.13.0-1023 - 5.13.0-1023.25~20.04.1 linux-buildinfo-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-cloud-tools-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-image-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-aws-5.13-tools-5.13.0-1023 - 5.13.0-1023.25~20.04.1 linux-image-unsigned-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-modules-extra-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-headers-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-modules-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1023 - 5.13.0-1023.25~20.04.1 linux-tools-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 No subscription required linux-modules-extra-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-buildinfo-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1023 - 5.13.0-1023.27~20.04.1 linux-image-unsigned-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-modules-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-headers-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-cloud-tools-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-tools-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-image-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 linux-azure-5.13-tools-5.13.0-1023 - 5.13.0-1023.27~20.04.1 linux-azure-5.13-headers-5.13.0-1023 - 5.13.0-1023.27~20.04.1 No subscription required linux-modules-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-buildinfo-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-gcp-5.13-tools-5.13.0-1025 - 5.13.0-1025.30~20.04.1 linux-image-unsigned-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-modules-extra-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-gcp-5.13-headers-5.13.0-1025 - 5.13.0-1025.30~20.04.1 linux-headers-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-image-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 linux-tools-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-image-unsigned-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-41.46~20.04.1 linux-cloud-tools-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-modules-extra-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-41 - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-image-unsigned-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-image-unsigned-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-hwe-5.13-headers-5.13.0-41 - 5.13.0-41.46~20.04.1 linux-headers-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-buildinfo-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-tools-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-cloud-tools-5.13.0-41-generic - 5.13.0-41.46~20.04.1 linux-image-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 linux-modules-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-41.46~20.04.1 linux-hwe-5.13-tools-5.13.0-41 - 5.13.0-41.46~20.04.1 No subscription required linux-headers-aws - 5.13.0.1023.25~20.04.16 linux-image-aws - 5.13.0.1023.25~20.04.16 linux-modules-extra-aws-edge - 5.13.0.1023.25~20.04.16 linux-image-aws-edge - 5.13.0.1023.25~20.04.16 linux-aws-edge - 5.13.0.1023.25~20.04.16 linux-aws - 5.13.0.1023.25~20.04.16 linux-headers-aws-edge - 5.13.0.1023.25~20.04.16 linux-modules-extra-aws - 5.13.0.1023.25~20.04.16 linux-tools-aws - 5.13.0.1023.25~20.04.16 linux-tools-aws-edge - 5.13.0.1023.25~20.04.16 No subscription required linux-tools-azure-edge - 5.13.0.1023.27~20.04.12 linux-cloud-tools-azure - 5.13.0.1023.27~20.04.12 linux-tools-azure - 5.13.0.1023.27~20.04.12 linux-image-azure-edge - 5.13.0.1023.27~20.04.12 linux-cloud-tools-azure-edge - 5.13.0.1023.27~20.04.12 linux-modules-extra-azure - 5.13.0.1023.27~20.04.12 linux-azure - 5.13.0.1023.27~20.04.12 linux-image-azure - 5.13.0.1023.27~20.04.12 linux-headers-azure-edge - 5.13.0.1023.27~20.04.12 linux-azure-edge - 5.13.0.1023.27~20.04.12 linux-modules-extra-azure-edge - 5.13.0.1023.27~20.04.12 linux-headers-azure - 5.13.0.1023.27~20.04.12 No subscription required linux-modules-extra-gcp-edge - 5.13.0.1025.30~20.04.1 linux-image-gcp-edge - 5.13.0.1025.30~20.04.1 linux-tools-gcp-edge - 5.13.0.1025.30~20.04.1 linux-headers-gcp-edge - 5.13.0.1025.30~20.04.1 linux-modules-extra-gcp - 5.13.0.1025.30~20.04.1 linux-tools-gcp - 5.13.0.1025.30~20.04.1 linux-gcp - 5.13.0.1025.30~20.04.1 linux-headers-gcp - 5.13.0.1025.30~20.04.1 linux-image-gcp - 5.13.0.1025.30~20.04.1 linux-gcp-edge - 5.13.0.1025.30~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-extra-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-tools-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-image-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 linux-headers-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 No subscription required Medium CVE-2021-26401 CVE-2022-20008 CVE-2022-25258 CVE-2022-25375 CVE-2022-26490 CVE-2022-26966 CVE-2022-27223 CVE-2022-29156 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-35522) Chintan Shah discovered that LibTIFF incorrectly handled memory when handling certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891) It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2022-0865) Update Instructions: Run `sudo pro fix USN-5421-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.3 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.3 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.3 No subscription required Medium CVE-2020-35522 CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 Ubuntu 20.04 LTS Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-29824) Update Instructions: Run `sudo pro fix USN-5422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.3 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.3 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.3 No subscription required Medium CVE-2022-23308 CVE-2022-29824 Ubuntu 20.04 LTS Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770) Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771) Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785) Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792) Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796) Update Instructions: Run `sudo pro fix USN-5423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.6+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.6+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.6+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.6+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796 Ubuntu 20.04 LTS It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. Update Instructions: Run `sudo pro fix USN-5424-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.9 libldap-common - 2.4.49+dfsg-2ubuntu1.9 slapd-contrib - 2.4.49+dfsg-2ubuntu1.9 slapi-dev - 2.4.49+dfsg-2ubuntu1.9 ldap-utils - 2.4.49+dfsg-2ubuntu1.9 libldap2-dev - 2.4.49+dfsg-2ubuntu1.9 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.9 slapd - 2.4.49+dfsg-2ubuntu1.9 No subscription required Medium CVE-2022-29155 Ubuntu 20.04 LTS Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2019-20838) It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to have unexpected behavior. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14155) Update Instructions: Run `sudo pro fix USN-5425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pcregrep - 2:8.39-12ubuntu0.1 libpcre3-dev - 2:8.39-12ubuntu0.1 libpcre3 - 2:8.39-12ubuntu0.1 libpcrecpp0v5 - 2:8.39-12ubuntu0.1 libpcre16-3 - 2:8.39-12ubuntu0.1 libpcre32-3 - 2:8.39-12ubuntu0.1 No subscription required Low CVE-2019-20838 CVE-2020-14155 Ubuntu 20.04 LTS Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5426-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: needrestart - 3.4-6ubuntu0.1 No subscription required Medium CVE-2022-30688 Ubuntu 20.04 LTS Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242) Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652) Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to denial of service. (CVE-2022-28654) Gerrit Venema discovered that Apport did not filter D-Bus connection strings. A local attacker could possibly use this issue to cause Apport to make arbitrary network connections. (CVE-2022-28655) Gerrit Venema discovered that Apport did not limit the amount of memory being consumed during D-Bus connections. A local attacker could possibly use this issue to cause Apport to consume memory, leading to a denial of service. (CVE-2022-28656) Gerrit Venema discovered that Apport did not disable the python crash handler before chrooting into a container. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2022-28657) Gerrit Venema discovered that Apport incorrectly handled filename argument whitespace. A local attacker could possibly use this issue to spoof arguments to the Apport daemon. (CVE-2022-28658) Update Instructions: Run `sudo pro fix USN-5427-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.24 apport-kde - 2.20.11-0ubuntu27.24 apport-retrace - 2.20.11-0ubuntu27.24 apport-valgrind - 2.20.11-0ubuntu27.24 python3-apport - 2.20.11-0ubuntu27.24 dh-apport - 2.20.11-0ubuntu27.24 apport-gtk - 2.20.11-0ubuntu27.24 apport - 2.20.11-0ubuntu27.24 apport-noui - 2.20.11-0ubuntu27.24 No subscription required Medium CVE-2021-3899 CVE-2022-1242 CVE-2022-28652 CVE-2022-28654 CVE-2022-28655 CVE-2022-28656 CVE-2022-28657 CVE-2022-28658 Ubuntu 20.04 LTS It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context. Update Instructions: Run `sudo pro fix USN-5434-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 100.0.2+build1-0ubuntu0.20.04.1 firefox - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 100.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 100.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 100.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 100.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 100.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1529 CVE-2022-1802 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security restrictions, cause user confusion, or execute arbitrary code. (CVE-2022-29909, CVE-2022-29911, CVE-2022-29912, CVE-2022-29913, CVE-2022-29914, CVE-2022-29916, CVE-2022-29917) It was discovered that Thunderbird would show the wrong security status after viewing an attached message that is signed or encrypted. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message. (CVE-2022-1520) It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could exploit this to execute JavaScript in a privileged context. (CVE-2022-1529, CVE-2022-1802) Update Instructions: Run `sudo pro fix USN-5435-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.9.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.9.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.9.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.9.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.9.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1520 CVE-2022-1529 CVE-2022-1802 CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29913 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917 Ubuntu 20.04 LTS It was discovered that HTMLDOC did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted HTML file, a remote attacker could possibly use this issue to cause HTMLDOC to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5438-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: htmldoc - 1.9.7-1ubuntu0.3 htmldoc-common - 1.9.7-1ubuntu0.3 No subscription required Medium CVE-2021-23165 Ubuntu 20.04 LTS Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser. Update Instructions: Run `sudo pro fix USN-5440-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.11-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.11-0ubuntu0.20.04.1 libecpg6 - 12.11-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.11-0ubuntu0.20.04.1 libpgtypes3 - 12.11-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.11-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.11-0ubuntu0.20.04.1 libecpg-dev - 12.11-0ubuntu0.20.04.1 libpq-dev - 12.11-0ubuntu0.20.04.1 postgresql-doc-12 - 12.11-0ubuntu0.20.04.1 postgresql-12 - 12.11-0ubuntu0.20.04.1 postgresql-client-12 - 12.11-0ubuntu0.20.04.1 libecpg-compat3 - 12.11-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1552 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.2-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.2-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1975602 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1116) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5442-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1023 - 5.4.0-1023.25 linux-headers-5.4.0-1023-ibm - 5.4.0-1023.25 linux-tools-5.4.0-1023-ibm - 5.4.0-1023.25 linux-buildinfo-5.4.0-1023-ibm - 5.4.0-1023.25 linux-modules-extra-5.4.0-1023-ibm - 5.4.0-1023.25 linux-ibm-tools-common - 5.4.0-1023.25 linux-ibm-tools-5.4.0-1023 - 5.4.0-1023.25 linux-modules-5.4.0-1023-ibm - 5.4.0-1023.25 linux-ibm-source-5.4.0 - 5.4.0-1023.25 linux-ibm-cloud-tools-common - 5.4.0-1023.25 linux-image-unsigned-5.4.0-1023-ibm - 5.4.0-1023.25 linux-image-5.4.0-1023-ibm - 5.4.0-1023.25 No subscription required linux-headers-5.4.0-1065-kvm - 5.4.0-1065.68 linux-buildinfo-5.4.0-1065-kvm - 5.4.0-1065.68 linux-kvm-headers-5.4.0-1065 - 5.4.0-1065.68 linux-kvm-tools-5.4.0-1065 - 5.4.0-1065.68 linux-image-5.4.0-1065-kvm - 5.4.0-1065.68 linux-image-unsigned-5.4.0-1065-kvm - 5.4.0-1065.68 linux-tools-5.4.0-1065-kvm - 5.4.0-1065.68 linux-modules-5.4.0-1065-kvm - 5.4.0-1065.68 No subscription required linux-image-unsigned-5.4.0-1072-gke - 5.4.0-1072.77 linux-modules-5.4.0-1072-gke - 5.4.0-1072.77 linux-headers-5.4.0-1072-gke - 5.4.0-1072.77 linux-tools-5.4.0-1072-gke - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-gke - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-gke - 5.4.0-1072.77 linux-image-5.4.0-1072-gke - 5.4.0-1072.77 linux-gke-tools-5.4.0-1072 - 5.4.0-1072.77 linux-gke-headers-5.4.0-1072 - 5.4.0-1072.77 No subscription required linux-gcp-headers-5.4.0-1075 - 5.4.0-1075.80 linux-aws-headers-5.4.0-1075 - 5.4.0-1075.80 linux-modules-5.4.0-1075-aws - 5.4.0-1075.80 linux-image-5.4.0-1075-aws - 5.4.0-1075.80 linux-tools-5.4.0-1075-gcp - 5.4.0-1075.80 linux-image-5.4.0-1075-gcp - 5.4.0-1075.80 linux-buildinfo-5.4.0-1075-gcp - 5.4.0-1075.80 linux-aws-tools-5.4.0-1075 - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-aws - 5.4.0-1075.80 linux-tools-5.4.0-1075-aws - 5.4.0-1075.80 linux-headers-5.4.0-1075-gcp - 5.4.0-1075.80 linux-modules-5.4.0-1075-gcp - 5.4.0-1075.80 linux-modules-extra-5.4.0-1075-gcp - 5.4.0-1075.80 linux-modules-extra-5.4.0-1075-aws - 5.4.0-1075.80 linux-cloud-tools-5.4.0-1075-aws - 5.4.0-1075.80 linux-headers-5.4.0-1075-aws - 5.4.0-1075.80 linux-aws-cloud-tools-5.4.0-1075 - 5.4.0-1075.80 linux-buildinfo-5.4.0-1075-aws - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-gcp - 5.4.0-1075.80 linux-gcp-tools-5.4.0-1075 - 5.4.0-1075.80 No subscription required linux-azure-cloud-tools-5.4.0-1080 - 5.4.0-1080.83 linux-image-unsigned-5.4.0-1080-azure - 5.4.0-1080.83 linux-buildinfo-5.4.0-1080-azure - 5.4.0-1080.83 linux-headers-5.4.0-1080-azure - 5.4.0-1080.83 linux-cloud-tools-5.4.0-1080-azure - 5.4.0-1080.83 linux-azure-tools-5.4.0-1080 - 5.4.0-1080.83 linux-azure-headers-5.4.0-1080 - 5.4.0-1080.83 linux-tools-5.4.0-1080-azure - 5.4.0-1080.83 linux-modules-5.4.0-1080-azure - 5.4.0-1080.83 linux-image-5.4.0-1080-azure - 5.4.0-1080.83 linux-modules-extra-5.4.0-1080-azure - 5.4.0-1080.83 No subscription required linux-image-unsigned-5.4.0-1080-azure-fde - 5.4.0-1080.83+cvm1.1 linux-image-5.4.0-1080-azure-fde - 5.4.0-1080.83+cvm1.1 No subscription required linux-modules-5.4.0-113-lowlatency - 5.4.0-113.127 linux-tools-common - 5.4.0-113.127 linux-buildinfo-5.4.0-113-lowlatency - 5.4.0-113.127 linux-cloud-tools-5.4.0-113 - 5.4.0-113.127 linux-tools-5.4.0-113 - 5.4.0-113.127 linux-image-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-doc - 5.4.0-113.127 linux-image-unsigned-5.4.0-113-lowlatency - 5.4.0-113.127 linux-image-5.4.0-113-generic - 5.4.0-113.127 linux-tools-5.4.0-113-generic - 5.4.0-113.127 linux-image-unsigned-5.4.0-113-generic - 5.4.0-113.127 linux-buildinfo-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-libc-dev - 5.4.0-113.127 linux-source-5.4.0 - 5.4.0-113.127 linux-modules-5.4.0-113-generic - 5.4.0-113.127 linux-modules-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-tools-5.4.0-113-generic-lpae - 5.4.0-113.127 linux-cloud-tools-5.4.0-113-generic - 5.4.0-113.127 linux-headers-5.4.0-113 - 5.4.0-113.127 linux-cloud-tools-5.4.0-113-lowlatency - 5.4.0-113.127 linux-modules-extra-5.4.0-113-generic - 5.4.0-113.127 linux-headers-5.4.0-113-lowlatency - 5.4.0-113.127 linux-tools-host - 5.4.0-113.127 linux-cloud-tools-common - 5.4.0-113.127 linux-buildinfo-5.4.0-113-generic - 5.4.0-113.127 linux-headers-5.4.0-113-generic - 5.4.0-113.127 linux-image-5.4.0-113-lowlatency - 5.4.0-113.127 linux-tools-5.4.0-113-lowlatency - 5.4.0-113.127 linux-headers-5.4.0-113-generic-lpae - 5.4.0-113.127 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1023.22 linux-image-ibm - 5.4.0.1023.22 linux-headers-ibm-lts-20.04 - 5.4.0.1023.22 linux-tools-ibm - 5.4.0.1023.22 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1023.22 linux-ibm-lts-20.04 - 5.4.0.1023.22 linux-image-ibm-lts-20.04 - 5.4.0.1023.22 linux-modules-extra-ibm - 5.4.0.1023.22 linux-ibm - 5.4.0.1023.22 linux-headers-ibm - 5.4.0.1023.22 No subscription required linux-kvm - 5.4.0.1065.64 linux-headers-kvm - 5.4.0.1065.64 linux-image-kvm - 5.4.0.1065.64 linux-tools-kvm - 5.4.0.1065.64 No subscription required linux-modules-extra-gke - 5.4.0.1072.81 linux-headers-gke-5.4 - 5.4.0.1072.81 linux-tools-gke-5.4 - 5.4.0.1072.81 linux-modules-extra-gke-5.4 - 5.4.0.1072.81 linux-gke-5.4 - 5.4.0.1072.81 linux-image-gke-5.4 - 5.4.0.1072.81 linux-tools-gke - 5.4.0.1072.81 linux-gke - 5.4.0.1072.81 linux-headers-gke - 5.4.0.1072.81 linux-image-gke - 5.4.0.1072.81 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1075.77 linux-tools-aws-lts-20.04 - 5.4.0.1075.77 linux-headers-aws-lts-20.04 - 5.4.0.1075.77 linux-aws-lts-20.04 - 5.4.0.1075.77 linux-image-aws-lts-20.04 - 5.4.0.1075.77 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1075.83 linux-gcp-lts-20.04 - 5.4.0.1075.83 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1075.83 linux-headers-gcp-lts-20.04 - 5.4.0.1075.83 linux-image-gcp-lts-20.04 - 5.4.0.1075.83 No subscription required linux-azure-lts-20.04 - 5.4.0.1080.79 linux-image-azure-lts-20.04 - 5.4.0.1080.79 linux-modules-extra-azure-lts-20.04 - 5.4.0.1080.79 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1080.79 linux-tools-azure-lts-20.04 - 5.4.0.1080.79 linux-headers-azure-lts-20.04 - 5.4.0.1080.79 No subscription required linux-image-azure-fde - 5.4.0.1080.83+cvm1.23 linux-tools-azure-fde - 5.4.0.1080.83+cvm1.23 linux-azure-fde - 5.4.0.1080.83+cvm1.23 linux-cloud-tools-azure-fde - 5.4.0.1080.83+cvm1.23 linux-modules-extra-azure-fde - 5.4.0.1080.83+cvm1.23 linux-headers-azure-fde - 5.4.0.1080.83+cvm1.23 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-virtual - 5.4.0.113.117 linux-image-generic-hwe-18.04 - 5.4.0.113.117 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic-lpae - 5.4.0.113.117 linux-oem-osp1-tools-host - 5.4.0.113.117 linux-image-generic - 5.4.0.113.117 linux-tools-lowlatency - 5.4.0.113.117 linux-image-oem - 5.4.0.113.117 linux-tools-virtual-hwe-18.04 - 5.4.0.113.117 linux-oem-osp1 - 5.4.0.113.117 linux-headers-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-image-extra-virtual-hwe-18.04 - 5.4.0.113.117 linux-image-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-crashdump - 5.4.0.113.117 linux-tools-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-headers-generic-hwe-18.04 - 5.4.0.113.117 linux-headers-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-lowlatency - 5.4.0.113.117 linux-tools-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-tools-generic-lpae - 5.4.0.113.117 linux-oem - 5.4.0.113.117 linux-virtual - 5.4.0.113.117 linux-headers-virtual-hwe-18.04 - 5.4.0.113.117 linux-tools-generic - 5.4.0.113.117 linux-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-tools-virtual - 5.4.0.113.117 linux-image-extra-virtual - 5.4.0.113.117 linux-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-generic-lpae - 5.4.0.113.117 linux-headers-oem - 5.4.0.113.117 linux-generic - 5.4.0.113.117 linux-tools-oem-osp1 - 5.4.0.113.117 linux-image-virtual - 5.4.0.113.117 linux-tools-generic-hwe-18.04-edge - 5.4.0.113.117 linux-image-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-image-virtual-hwe-18.04 - 5.4.0.113.117 linux-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-oem-tools-host - 5.4.0.113.117 linux-headers-lowlatency - 5.4.0.113.117 linux-image-generic-hwe-18.04-edge - 5.4.0.113.117 linux-generic-hwe-18.04-edge - 5.4.0.113.117 linux-tools-generic-hwe-18.04 - 5.4.0.113.117 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-source - 5.4.0.113.117 linux-cloud-tools-generic - 5.4.0.113.117 linux-image-oem-osp1 - 5.4.0.113.117 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-lowlatency - 5.4.0.113.117 linux-tools-oem - 5.4.0.113.117 linux-headers-oem-osp1 - 5.4.0.113.117 linux-virtual-hwe-18.04 - 5.4.0.113.117 linux-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-headers-generic-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic - 5.4.0.113.117 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.113.117 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-image-lowlatency-hwe-18.04 - 5.4.0.113.117 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.113.117 linux-headers-virtual - 5.4.0.113.117 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.113.117 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.113.117 linux-generic-hwe-18.04 - 5.4.0.113.117 linux-image-generic-lpae - 5.4.0.113.117 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.113.117 linux-image-lowlatency - 5.4.0.113.117 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.113.117 No subscription required High CVE-2022-1116 CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1116) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5442-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-bluefield-headers-5.4.0-1036 - 5.4.0-1036.39 linux-headers-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-modules-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-bluefield-tools-5.4.0-1036 - 5.4.0-1036.39 linux-tools-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-buildinfo-5.4.0-1036-bluefield - 5.4.0-1036.39 linux-image-5.4.0-1036-bluefield - 5.4.0-1036.39 No subscription required linux-headers-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-modules-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-image-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-source-5.4.0 - 5.4.0-1043.44 linux-tools-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-cloud-tools-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-image-unsigned-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-buildinfo-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-headers-5.4.0-1043 - 5.4.0-1043.44 linux-modules-extra-5.4.0-1043-gkeop - 5.4.0-1043.44 linux-gkeop-cloud-tools-5.4.0-1043 - 5.4.0-1043.44 linux-gkeop-tools-5.4.0-1043 - 5.4.0-1043.44 No subscription required linux-raspi-tools-5.4.0-1062 - 5.4.0-1062.70 linux-headers-5.4.0-1062-raspi - 5.4.0-1062.70 linux-tools-5.4.0-1062-raspi - 5.4.0-1062.70 linux-raspi-headers-5.4.0-1062 - 5.4.0-1062.70 linux-buildinfo-5.4.0-1062-raspi - 5.4.0-1062.70 linux-image-5.4.0-1062-raspi - 5.4.0-1062.70 linux-modules-5.4.0-1062-raspi - 5.4.0-1062.70 No subscription required linux-modules-extra-5.4.0-1073-oracle - 5.4.0-1073.79 linux-modules-5.4.0-1073-oracle - 5.4.0-1073.79 linux-oracle-headers-5.4.0-1073 - 5.4.0-1073.79 linux-oracle-tools-5.4.0-1073 - 5.4.0-1073.79 linux-image-unsigned-5.4.0-1073-oracle - 5.4.0-1073.79 linux-headers-5.4.0-1073-oracle - 5.4.0-1073.79 linux-tools-5.4.0-1073-oracle - 5.4.0-1073.79 linux-image-5.4.0-1073-oracle - 5.4.0-1073.79 linux-buildinfo-5.4.0-1073-oracle - 5.4.0-1073.79 No subscription required linux-image-bluefield - 5.4.0.1036.37 linux-headers-bluefield - 5.4.0.1036.37 linux-tools-bluefield - 5.4.0.1036.37 linux-bluefield - 5.4.0.1036.37 No subscription required linux-image-gkeop-5.4 - 5.4.0.1043.46 linux-headers-gkeop - 5.4.0.1043.46 linux-gkeop-5.4 - 5.4.0.1043.46 linux-cloud-tools-gkeop-5.4 - 5.4.0.1043.46 linux-image-gkeop - 5.4.0.1043.46 linux-modules-extra-gkeop-5.4 - 5.4.0.1043.46 linux-gkeop - 5.4.0.1043.46 linux-cloud-tools-gkeop - 5.4.0.1043.46 linux-tools-gkeop-5.4 - 5.4.0.1043.46 linux-modules-extra-gkeop - 5.4.0.1043.46 linux-tools-gkeop - 5.4.0.1043.46 linux-headers-gkeop-5.4 - 5.4.0.1043.46 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-raspi-hwe-18.04 - 5.4.0.1062.96 linux-image-raspi2 - 5.4.0.1062.96 linux-tools-raspi - 5.4.0.1062.96 linux-image-raspi - 5.4.0.1062.96 linux-tools-raspi2-hwe-18.04 - 5.4.0.1062.96 linux-raspi2-hwe-18.04 - 5.4.0.1062.96 linux-raspi2 - 5.4.0.1062.96 linux-headers-raspi2-hwe-18.04 - 5.4.0.1062.96 linux-image-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-tools-raspi-hwe-18.04 - 5.4.0.1062.96 linux-tools-raspi2 - 5.4.0.1062.96 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1062.96 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1062.96 linux-raspi - 5.4.0.1062.96 linux-headers-raspi2 - 5.4.0.1062.96 linux-headers-raspi - 5.4.0.1062.96 linux-image-raspi-hwe-18.04 - 5.4.0.1062.96 linux-headers-raspi-hwe-18.04 - 5.4.0.1062.96 linux-image-raspi2-hwe-18.04 - 5.4.0.1062.96 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1073.73 linux-headers-oracle-lts-20.04 - 5.4.0.1073.73 linux-image-oracle-lts-20.04 - 5.4.0.1073.73 linux-oracle-lts-20.04 - 5.4.0.1073.73 No subscription required High CVE-2022-1116 CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5443-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.13-headers-5.13.0-1025 - 5.13.0-1025.27~20.04.1 linux-image-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-headers-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-tools-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-cloud-tools-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-modules-extra-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-buildinfo-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-modules-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 linux-aws-5.13-tools-5.13.0-1025 - 5.13.0-1025.27~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1025 - 5.13.0-1025.27~20.04.1 linux-image-unsigned-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 No subscription required linux-buildinfo-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-modules-extra-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-image-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1025 - 5.13.0-1025.29~20.04.1 linux-tools-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-azure-5.13-tools-5.13.0-1025 - 5.13.0-1025.29~20.04.1 linux-modules-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-image-unsigned-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-azure-5.13-headers-5.13.0-1025 - 5.13.0-1025.29~20.04.1 linux-cloud-tools-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 linux-headers-5.13.0-1025-azure - 5.13.0-1025.29~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-image-unsigned-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-cloud-tools-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-44 - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-44.49~20.04.1 linux-image-unsigned-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-cloud-tools-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-modules-extra-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-modules-5.13.0-44-generic - 5.13.0-44.49~20.04.1 linux-hwe-5.13-headers-5.13.0-44 - 5.13.0-44.49~20.04.1 linux-image-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-image-unsigned-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 linux-headers-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 linux-buildinfo-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 linux-hwe-5.13-tools-5.13.0-44 - 5.13.0-44.49~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-44.49~20.04.1 linux-tools-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 No subscription required linux-headers-aws - 5.13.0.1025.27~20.04.20 linux-image-aws - 5.13.0.1025.27~20.04.20 linux-aws - 5.13.0.1025.27~20.04.20 linux-modules-extra-aws - 5.13.0.1025.27~20.04.20 linux-tools-aws - 5.13.0.1025.27~20.04.20 No subscription required linux-cloud-tools-azure - 5.13.0.1025.29~20.04.15 linux-tools-azure - 5.13.0.1025.29~20.04.15 linux-modules-extra-azure - 5.13.0.1025.29~20.04.15 linux-azure - 5.13.0.1025.29~20.04.15 linux-image-azure - 5.13.0.1025.29~20.04.15 linux-headers-azure - 5.13.0.1025.29~20.04.15 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-extra-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-tools-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-image-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 linux-headers-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 No subscription required High CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Update Instructions: Run `sudo pro fix USN-5443-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-gcp-5.13-headers-5.13.0-1027 - 5.13.0-1027.32~20.04.1 linux-gcp-5.13-tools-5.13.0-1027 - 5.13.0-1027.32~20.04.1 linux-tools-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-image-unsigned-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-modules-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-modules-extra-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-headers-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 linux-image-5.13.0-1027-gcp - 5.13.0-1027.32~20.04.1 No subscription required linux-oracle-5.13-headers-5.13.0-1030 - 5.13.0-1030.35~20.04.1 linux-buildinfo-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-tools-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-image-unsigned-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-headers-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-image-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-modules-extra-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-modules-5.13.0-1030-oracle - 5.13.0-1030.35~20.04.1 linux-oracle-5.13-tools-5.13.0-1030 - 5.13.0-1030.35~20.04.1 No subscription required linux-modules-extra-gcp - 5.13.0.1027.32~20.04.1 linux-tools-gcp - 5.13.0.1027.32~20.04.1 linux-headers-gcp - 5.13.0.1027.32~20.04.1 linux-gcp - 5.13.0.1027.32~20.04.1 linux-image-gcp - 5.13.0.1027.32~20.04.1 No subscription required linux-image-oracle - 5.13.0.1030.35~20.04.1 linux-tools-oracle - 5.13.0.1030.35~20.04.1 linux-headers-oracle - 5.13.0.1030.35~20.04.1 linux-oracle - 5.13.0.1030.35~20.04.1 No subscription required High CVE-2022-29581 CVE-2022-30594 Ubuntu 20.04 LTS Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5444-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.14.0-1038-oem - 5.14.0-1038.42 linux-oem-5.14-headers-5.14.0-1038 - 5.14.0-1038.42 linux-modules-iwlwifi-5.14.0-1038-oem - 5.14.0-1038.42 linux-image-5.14.0-1038-oem - 5.14.0-1038.42 linux-headers-5.14.0-1038-oem - 5.14.0-1038.42 linux-image-unsigned-5.14.0-1038-oem - 5.14.0-1038.42 linux-oem-5.14-tools-5.14.0-1038 - 5.14.0-1038.42 linux-modules-5.14.0-1038-oem - 5.14.0-1038.42 linux-tools-5.14.0-1038-oem - 5.14.0-1038.42 linux-oem-5.14-tools-host - 5.14.0-1038.42 No subscription required linux-image-oem-20.04c - 5.14.0.1038.35 linux-image-oem-20.04b - 5.14.0.1038.35 linux-image-oem-20.04d - 5.14.0.1038.35 linux-headers-oem-20.04 - 5.14.0.1038.35 linux-tools-oem-20.04c - 5.14.0.1038.35 linux-tools-oem-20.04b - 5.14.0.1038.35 linux-oem-20.04 - 5.14.0.1038.35 linux-image-oem-20.04 - 5.14.0.1038.35 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1038.35 linux-oem-20.04d - 5.14.0.1038.35 linux-oem-20.04c - 5.14.0.1038.35 linux-oem-20.04b - 5.14.0.1038.35 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1038.35 linux-tools-oem-20.04d - 5.14.0.1038.35 linux-headers-oem-20.04b - 5.14.0.1038.35 linux-headers-oem-20.04c - 5.14.0.1038.35 linux-headers-oem-20.04d - 5.14.0.1038.35 linux-tools-oem-20.04 - 5.14.0.1038.35 No subscription required High CVE-2022-29581 Ubuntu 20.04 LTS Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-11782) Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-0203) Thomas Åkesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-17525) Update Instructions: Run `sudo pro fix USN-5445-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsvn-dev - 1.13.0-3ubuntu0.2 ruby-svn - 1.13.0-3ubuntu0.2 subversion-tools - 1.13.0-3ubuntu0.2 libapache2-mod-svn - 1.13.0-3ubuntu0.2 python-subversion - 1.13.0-3ubuntu0.2 libsvn1 - 1.13.0-3ubuntu0.2 subversion - 1.13.0-3ubuntu0.2 libsvn-doc - 1.13.0-3ubuntu0.2 libsvn-java - 1.13.0-3ubuntu0.2 libsvn-perl - 1.13.0-3ubuntu0.2 No subscription required Medium CVE-2018-11782 CVE-2019-0203 CVE-2020-17525 Ubuntu 20.04 LTS Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system. Update Instructions: Run `sudo pro fix USN-5446-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dpkg-dev - 1.19.7ubuntu3.2 dselect - 1.19.7ubuntu3.2 dpkg - 1.19.7ubuntu3.2 libdpkg-dev - 1.19.7ubuntu3.2 libdpkg-perl - 1.19.7ubuntu3.2 No subscription required Medium CVE-2022-1664 Ubuntu 20.04 LTS Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user. Update Instructions: Run `sudo pro fix USN-5451-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-influxdb-influxdb-dev - 1.6.4-1+deb10u1build0.20.04.1 influxdb - 1.6.4-1+deb10u1build0.20.04.1 influxdb-client - 1.6.4-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2019-20933 Ubuntu 20.04 LTS Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. (CVE-2022-26691) It was discovered that CUPS incorrectly handled certain memory operations when handling IPP printing. A remote attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-8842, CVE-2020-10001) Update Instructions: Run `sudo pro fix USN-5454-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.2 cups-bsd - 2.3.1-9ubuntu1.2 cups-common - 2.3.1-9ubuntu1.2 cups-core-drivers - 2.3.1-9ubuntu1.2 cups-server-common - 2.3.1-9ubuntu1.2 libcupsimage2 - 2.3.1-9ubuntu1.2 cups-client - 2.3.1-9ubuntu1.2 cups-ipp-utils - 2.3.1-9ubuntu1.2 libcups2 - 2.3.1-9ubuntu1.2 cups-ppdc - 2.3.1-9ubuntu1.2 cups - 2.3.1-9ubuntu1.2 libcupsimage2-dev - 2.3.1-9ubuntu1.2 cups-daemon - 2.3.1-9ubuntu1.2 No subscription required Medium CVE-2019-8842 CVE-2020-10001 CVE-2022-26691 Ubuntu 20.04 LTS Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled certain files. An attacker could possibly use these issues to cause a denial of service, or possibly execute arbitrary code. These issues were only addressed in Ubuntu 16.04 ESM. (CVE-2012-1148, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827) It was discovered that Expat, that is integrated in xmltok library, incorrectly handled encoding validation of certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-25235) It was discovered that Expat, that is integrated in xmltok library, incorrectly handled namespace URIs of certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-25236) Update Instructions: Run `sudo pro fix USN-5455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxmltok1 - 1.2-4ubuntu0.20.04.1~esm1 libxmltok1-dev - 1.2-4ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2012-1148 CVE-2015-1283 CVE-2016-0718 CVE-2016-4472 CVE-2018-20843 CVE-2019-15903 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-25235 CVE-2022-25236 Ubuntu 20.04 LTS A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5457-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-26700 CVE-2022-26709 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 Ubuntu 20.04 LTS Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14342) It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file system from within a container. An attacker inside a container could possibly use this issue to obtain access to sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-20208) It was discovered that cifs-utils incorrectly handled certain command-line arguments. A local attacker could possibly use this issue to obtain root privileges. (CVE-2022-27239) It was discovered that cifs-utils incorrectly handled verbose logging. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2022-29869) Update Instructions: Run `sudo pro fix USN-5459-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cifs-utils - 2:6.9-1ubuntu0.2 No subscription required Medium CVE-2020-14342 CVE-2021-20208 CVE-2022-27239 CVE-2022-29869 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-24882) It was discovered that FreeRDP incorrectly handled server configurations with an invalid SAM file path. A remote attacker could use this issue to bypass server authentication. (CVE-2022-24883) Update Instructions: Run `sudo pro fix USN-5461-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.3 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.3 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.3 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-24882 CVE-2022-24883 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-28738) It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-28739) Update Instructions: Run `sudo pro fix USN-5462-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.7 ruby2.7-doc - 2.7.0-5ubuntu1.7 ruby2.7-dev - 2.7.0-5ubuntu1.7 libruby2.7 - 2.7.0-5ubuntu1.7 No subscription required Medium CVE-2022-28738 CVE-2022-28739 Ubuntu 20.04 LTS It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-46790) Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel. (CVE-2022-30783) It was discovered that NTFS-3G incorrectly handled certain NTFS disk images. If a user or automated system were tricked into mounting a specially crafted disk image, a remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-30784, CVE-2022-30786, CVE-2022-30788, CVE-2022-30789) Roman Fiedler discovered that NTFS-3G incorrectly handled certain file handles. A local attacker could possibly use this issue to read and write arbitrary memory. (CVE-2022-30785, CVE-2022-30787) Update Instructions: Run `sudo pro fix USN-5463-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntfs-3g - 1:2017.3.23AR.3-3ubuntu1.2 libntfs-3g883 - 1:2017.3.23AR.3-3ubuntu1.2 ntfs-3g-dev - 1:2017.3.23AR.3-3ubuntu1.2 No subscription required Medium CVE-2021-46790 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789 Ubuntu 20.04 LTS Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5464-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libss2 - 1.45.5-2ubuntu1.1 e2fslibs-dev - 1.45.5-2ubuntu1.1 libcomerr2 - 1.45.5-2ubuntu1.1 libcom-err2 - 1.45.5-2ubuntu1.1 e2fsprogs - 1.45.5-2ubuntu1.1 e2fsck-static - 1.45.5-2ubuntu1.1 logsave - 1.45.5-2ubuntu1.1 e2fslibs - 1.45.5-2ubuntu1.1 e2fsprogs-l10n - 1.45.5-2ubuntu1.1 libext2fs-dev - 1.45.5-2ubuntu1.1 libext2fs2 - 1.45.5-2ubuntu1.1 fuse2fs - 1.45.5-2ubuntu1.1 No subscription required ss-dev - 2.0-1.45.5-2ubuntu1.1 No subscription required comerr-dev - 2.1-1.45.5-2ubuntu1.1 No subscription required Medium CVE-2022-1304 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1011) Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) Duoming Zhou discovered that the 6pack protocol implementation in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-1198) It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353) It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1516) Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest. (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966) 赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356) It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28389) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390) Update Instructions: Run `sudo pro fix USN-5467-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1026 - 5.4.0-1026.29 linux-modules-extra-5.4.0-1026-ibm - 5.4.0-1026.29 linux-image-5.4.0-1026-ibm - 5.4.0-1026.29 linux-headers-5.4.0-1026-ibm - 5.4.0-1026.29 linux-modules-5.4.0-1026-ibm - 5.4.0-1026.29 linux-tools-5.4.0-1026-ibm - 5.4.0-1026.29 linux-ibm-tools-5.4.0-1026 - 5.4.0-1026.29 linux-ibm-source-5.4.0 - 5.4.0-1026.29 linux-ibm-cloud-tools-common - 5.4.0-1026.29 linux-ibm-tools-common - 5.4.0-1026.29 linux-image-unsigned-5.4.0-1026-ibm - 5.4.0-1026.29 linux-buildinfo-5.4.0-1026-ibm - 5.4.0-1026.29 No subscription required linux-buildinfo-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-gkeop-cloud-tools-5.4.0-1046 - 5.4.0-1046.48 linux-gkeop-tools-5.4.0-1046 - 5.4.0-1046.48 linux-gkeop-source-5.4.0 - 5.4.0-1046.48 linux-headers-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-modules-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-tools-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-gkeop-headers-5.4.0-1046 - 5.4.0-1046.48 linux-image-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-cloud-tools-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-image-unsigned-5.4.0-1046-gkeop - 5.4.0-1046.48 linux-modules-extra-5.4.0-1046-gkeop - 5.4.0-1046.48 No subscription required linux-raspi-headers-5.4.0-1065 - 5.4.0-1065.75 linux-raspi-tools-5.4.0-1065 - 5.4.0-1065.75 linux-image-5.4.0-1065-raspi - 5.4.0-1065.75 linux-modules-5.4.0-1065-raspi - 5.4.0-1065.75 linux-buildinfo-5.4.0-1065-raspi - 5.4.0-1065.75 linux-tools-5.4.0-1065-raspi - 5.4.0-1065.75 linux-headers-5.4.0-1065-raspi - 5.4.0-1065.75 No subscription required linux-headers-5.4.0-1068-kvm - 5.4.0-1068.72 linux-kvm-tools-5.4.0-1068 - 5.4.0-1068.72 linux-image-5.4.0-1068-kvm - 5.4.0-1068.72 linux-image-unsigned-5.4.0-1068-kvm - 5.4.0-1068.72 linux-modules-5.4.0-1068-kvm - 5.4.0-1068.72 linux-tools-5.4.0-1068-kvm - 5.4.0-1068.72 linux-kvm-headers-5.4.0-1068 - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-kvm - 5.4.0-1068.72 No subscription required linux-modules-5.4.0-1074-gke - 5.4.0-1074.79 linux-image-unsigned-5.4.0-1074-gke - 5.4.0-1074.79 linux-tools-5.4.0-1074-gke - 5.4.0-1074.79 linux-buildinfo-5.4.0-1074-gke - 5.4.0-1074.79 linux-image-5.4.0-1074-gke - 5.4.0-1074.79 linux-modules-extra-5.4.0-1074-gke - 5.4.0-1074.79 linux-gke-tools-5.4.0-1074 - 5.4.0-1074.79 linux-gke-headers-5.4.0-1074 - 5.4.0-1074.79 linux-headers-5.4.0-1074-gke - 5.4.0-1074.79 No subscription required linux-image-5.4.0-1076-oracle - 5.4.0-1076.83 linux-image-unsigned-5.4.0-1076-oracle - 5.4.0-1076.83 linux-buildinfo-5.4.0-1076-oracle - 5.4.0-1076.83 linux-headers-5.4.0-1076-oracle - 5.4.0-1076.83 linux-oracle-tools-5.4.0-1076 - 5.4.0-1076.83 linux-modules-extra-5.4.0-1076-oracle - 5.4.0-1076.83 linux-oracle-headers-5.4.0-1076 - 5.4.0-1076.83 linux-tools-5.4.0-1076-oracle - 5.4.0-1076.83 linux-modules-5.4.0-1076-oracle - 5.4.0-1076.83 No subscription required linux-gcp-headers-5.4.0-1078 - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-gcp - 5.4.0-1078.84 linux-tools-5.4.0-1078-gcp - 5.4.0-1078.84 linux-cloud-tools-5.4.0-1078-aws - 5.4.0-1078.84 linux-aws-headers-5.4.0-1078 - 5.4.0-1078.84 linux-headers-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-5.4.0-1078-gcp - 5.4.0-1078.84 linux-modules-5.4.0-1078-gcp - 5.4.0-1078.84 linux-aws-tools-5.4.0-1078 - 5.4.0-1078.84 linux-tools-5.4.0-1078-aws - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-gcp - 5.4.0-1078.84 linux-modules-extra-5.4.0-1078-gcp - 5.4.0-1078.84 linux-headers-5.4.0-1078-gcp - 5.4.0-1078.84 linux-modules-extra-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-aws - 5.4.0-1078.84 linux-image-5.4.0-1078-aws - 5.4.0-1078.84 linux-aws-cloud-tools-5.4.0-1078 - 5.4.0-1078.84 linux-gcp-tools-5.4.0-1078 - 5.4.0-1078.84 linux-modules-5.4.0-1078-aws - 5.4.0-1078.84 No subscription required linux-modules-5.4.0-1083-azure - 5.4.0-1083.87 linux-modules-extra-5.4.0-1083-azure - 5.4.0-1083.87 linux-headers-5.4.0-1083-azure - 5.4.0-1083.87 linux-image-unsigned-5.4.0-1083-azure - 5.4.0-1083.87 linux-image-5.4.0-1083-azure - 5.4.0-1083.87 linux-buildinfo-5.4.0-1083-azure - 5.4.0-1083.87 linux-tools-5.4.0-1083-azure - 5.4.0-1083.87 linux-azure-tools-5.4.0-1083 - 5.4.0-1083.87 linux-azure-headers-5.4.0-1083 - 5.4.0-1083.87 linux-azure-cloud-tools-5.4.0-1083 - 5.4.0-1083.87 linux-cloud-tools-5.4.0-1083-azure - 5.4.0-1083.87 No subscription required linux-image-5.4.0-1083-azure-fde - 5.4.0-1083.87+cvm1.1 linux-image-unsigned-5.4.0-1083-azure-fde - 5.4.0-1083.87+cvm1.1 No subscription required linux-tools-common - 5.4.0-117.132 linux-cloud-tools-5.4.0-117-lowlatency - 5.4.0-117.132 linux-tools-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-tools-host - 5.4.0-117.132 linux-cloud-tools-5.4.0-117 - 5.4.0-117.132 linux-tools-5.4.0-117 - 5.4.0-117.132 linux-buildinfo-5.4.0-117-lowlatency - 5.4.0-117.132 linux-doc - 5.4.0-117.132 linux-headers-5.4.0-117-generic - 5.4.0-117.132 linux-modules-5.4.0-117-lowlatency - 5.4.0-117.132 linux-libc-dev - 5.4.0-117.132 linux-source-5.4.0 - 5.4.0-117.132 linux-tools-5.4.0-117-generic - 5.4.0-117.132 linux-headers-5.4.0-117-lowlatency - 5.4.0-117.132 linux-cloud-tools-5.4.0-117-generic - 5.4.0-117.132 linux-modules-extra-5.4.0-117-generic - 5.4.0-117.132 linux-image-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-headers-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-modules-5.4.0-117-generic-lpae - 5.4.0-117.132 linux-buildinfo-5.4.0-117-generic - 5.4.0-117.132 linux-image-unsigned-5.4.0-117-lowlatency - 5.4.0-117.132 linux-headers-5.4.0-117 - 5.4.0-117.132 linux-image-5.4.0-117-generic - 5.4.0-117.132 linux-modules-5.4.0-117-generic - 5.4.0-117.132 linux-cloud-tools-common - 5.4.0-117.132 linux-image-5.4.0-117-lowlatency - 5.4.0-117.132 linux-tools-5.4.0-117-lowlatency - 5.4.0-117.132 linux-image-unsigned-5.4.0-117-generic - 5.4.0-117.132 linux-buildinfo-5.4.0-117-generic-lpae - 5.4.0-117.132 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1026.24 linux-modules-extra-ibm - 5.4.0.1026.24 linux-image-ibm - 5.4.0.1026.24 linux-headers-ibm-lts-20.04 - 5.4.0.1026.24 linux-tools-ibm - 5.4.0.1026.24 linux-image-ibm-lts-20.04 - 5.4.0.1026.24 linux-ibm-lts-20.04 - 5.4.0.1026.24 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1026.24 linux-ibm - 5.4.0.1026.24 linux-headers-ibm - 5.4.0.1026.24 No subscription required linux-headers-gkeop - 5.4.0.1046.48 linux-cloud-tools-gkeop-5.4 - 5.4.0.1046.48 linux-image-gkeop - 5.4.0.1046.48 linux-gkeop-5.4 - 5.4.0.1046.48 linux-image-gkeop-5.4 - 5.4.0.1046.48 linux-tools-gkeop - 5.4.0.1046.48 linux-gkeop - 5.4.0.1046.48 linux-cloud-tools-gkeop - 5.4.0.1046.48 linux-modules-extra-gkeop-5.4 - 5.4.0.1046.48 linux-headers-gkeop-5.4 - 5.4.0.1046.48 linux-modules-extra-gkeop - 5.4.0.1046.48 linux-tools-gkeop-5.4 - 5.4.0.1046.48 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-raspi2 - 5.4.0.1065.98 linux-headers-raspi2 - 5.4.0.1065.98 linux-image-raspi-hwe-18.04 - 5.4.0.1065.98 linux-image-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-tools-raspi - 5.4.0.1065.98 linux-headers-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-raspi-hwe-18.04 - 5.4.0.1065.98 linux-tools-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-raspi2-hwe-18.04 - 5.4.0.1065.98 linux-image-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-image-raspi2 - 5.4.0.1065.98 linux-tools-raspi-hwe-18.04 - 5.4.0.1065.98 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-tools-raspi2 - 5.4.0.1065.98 linux-headers-raspi-hwe-18.04 - 5.4.0.1065.98 linux-raspi-hwe-18.04-edge - 5.4.0.1065.98 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1065.98 linux-headers-raspi - 5.4.0.1065.98 linux-image-raspi - 5.4.0.1065.98 linux-raspi - 5.4.0.1065.98 No subscription required linux-kvm - 5.4.0.1068.66 linux-headers-kvm - 5.4.0.1068.66 linux-image-kvm - 5.4.0.1068.66 linux-tools-kvm - 5.4.0.1068.66 No subscription required linux-modules-extra-gke - 5.4.0.1074.83 linux-modules-extra-gke-5.4 - 5.4.0.1074.83 linux-gke-5.4 - 5.4.0.1074.83 linux-gke - 5.4.0.1074.83 linux-headers-gke - 5.4.0.1074.83 linux-tools-gke - 5.4.0.1074.83 linux-headers-gke-5.4 - 5.4.0.1074.83 linux-image-gke-5.4 - 5.4.0.1074.83 linux-image-gke - 5.4.0.1074.83 linux-tools-gke-5.4 - 5.4.0.1074.83 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1076.75 linux-oracle-lts-20.04 - 5.4.0.1076.75 linux-tools-oracle-lts-20.04 - 5.4.0.1076.75 linux-image-oracle-lts-20.04 - 5.4.0.1076.75 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1078.79 linux-image-aws-lts-20.04 - 5.4.0.1078.79 linux-headers-aws-lts-20.04 - 5.4.0.1078.79 linux-tools-aws-lts-20.04 - 5.4.0.1078.79 linux-aws-lts-20.04 - 5.4.0.1078.79 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1078.85 linux-gcp-lts-20.04 - 5.4.0.1078.85 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1078.85 linux-headers-gcp-lts-20.04 - 5.4.0.1078.85 linux-image-gcp-lts-20.04 - 5.4.0.1078.85 No subscription required linux-azure-lts-20.04 - 5.4.0.1083.81 linux-image-azure-lts-20.04 - 5.4.0.1083.81 linux-modules-extra-azure-lts-20.04 - 5.4.0.1083.81 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1083.81 linux-tools-azure-lts-20.04 - 5.4.0.1083.81 linux-headers-azure-lts-20.04 - 5.4.0.1083.81 No subscription required linux-image-azure-fde - 5.4.0.1083.87+cvm1.24 linux-tools-azure-fde - 5.4.0.1083.87+cvm1.24 linux-azure-fde - 5.4.0.1083.87+cvm1.24 linux-cloud-tools-azure-fde - 5.4.0.1083.87+cvm1.24 linux-modules-extra-azure-fde - 5.4.0.1083.87+cvm1.24 linux-headers-azure-fde - 5.4.0.1083.87+cvm1.24 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-cloud-tools-virtual - 5.4.0.117.120 linux-image-generic-hwe-18.04 - 5.4.0.117.120 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-image-virtual - 5.4.0.117.120 linux-oem-osp1-tools-host - 5.4.0.117.120 linux-image-generic - 5.4.0.117.120 linux-tools-lowlatency - 5.4.0.117.120 linux-image-oem - 5.4.0.117.120 linux-headers-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.117.120 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-image-extra-virtual-hwe-18.04 - 5.4.0.117.120 linux-image-oem-osp1 - 5.4.0.117.120 linux-image-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-crashdump - 5.4.0.117.120 linux-tools-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-headers-generic-hwe-18.04 - 5.4.0.117.120 linux-tools-oem - 5.4.0.117.120 linux-headers-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-headers-generic-lpae - 5.4.0.117.120 linux-source - 5.4.0.117.120 linux-lowlatency - 5.4.0.117.120 linux-tools-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-tools-generic-lpae - 5.4.0.117.120 linux-tools-virtual - 5.4.0.117.120 linux-virtual - 5.4.0.117.120 linux-virtual-hwe-18.04 - 5.4.0.117.120 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-headers-virtual - 5.4.0.117.120 linux-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-generic-lpae - 5.4.0.117.120 linux-headers-oem - 5.4.0.117.120 linux-generic - 5.4.0.117.120 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.117.120 linux-tools-generic-hwe-18.04-edge - 5.4.0.117.120 linux-oem - 5.4.0.117.120 linux-image-virtual-hwe-18.04 - 5.4.0.117.120 linux-oem-tools-host - 5.4.0.117.120 linux-headers-lowlatency - 5.4.0.117.120 linux-image-generic-hwe-18.04-edge - 5.4.0.117.120 linux-generic-hwe-18.04-edge - 5.4.0.117.120 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-image-extra-virtual - 5.4.0.117.120 linux-cloud-tools-generic - 5.4.0.117.120 linux-tools-generic - 5.4.0.117.120 linux-cloud-tools-lowlatency - 5.4.0.117.120 linux-headers-oem-osp1 - 5.4.0.117.120 linux-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-tools-oem-osp1 - 5.4.0.117.120 linux-tools-generic-hwe-18.04 - 5.4.0.117.120 linux-headers-generic-hwe-18.04-edge - 5.4.0.117.120 linux-headers-generic - 5.4.0.117.120 linux-headers-virtual-hwe-18.04 - 5.4.0.117.120 linux-oem-osp1 - 5.4.0.117.120 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.117.120 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-image-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.117.120 linux-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-tools-virtual-hwe-18.04 - 5.4.0.117.120 linux-lowlatency-hwe-18.04 - 5.4.0.117.120 linux-generic-hwe-18.04 - 5.4.0.117.120 linux-image-generic-lpae - 5.4.0.117.120 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.117.120 linux-image-virtual-hwe-18.04-edge - 5.4.0.117.120 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.117.120 linux-image-lowlatency - 5.4.0.117.120 No subscription required High CVE-2021-3772 CVE-2021-4197 CVE-2022-1011 CVE-2022-1158 CVE-2022-1198 CVE-2022-1353 CVE-2022-1516 CVE-2022-21499 CVE-2022-23036 CVE-2022-23037 CVE-2022-23038 CVE-2022-23039 CVE-2022-23040 CVE-2022-23041 CVE-2022-23042 CVE-2022-24958 CVE-2022-26966 CVE-2022-28356 CVE-2022-28389 CVE-2022-28390 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390) Update Instructions: Run `sudo pro fix USN-5468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-intel-5.13-tools-host - 5.13.0-1014.15 linux-intel-5.13-tools-5.13.0-1014 - 5.13.0-1014.15 linux-intel-5.13-cloud-tools-5.13.0-1014 - 5.13.0-1014.15 linux-cloud-tools-5.13.0-1014-intel - 5.13.0-1014.15 linux-intel-5.13-headers-5.13.0-1014 - 5.13.0-1014.15 linux-headers-5.13.0-1014-intel - 5.13.0-1014.15 linux-tools-5.13.0-1014-intel - 5.13.0-1014.15 linux-modules-extra-5.13.0-1014-intel - 5.13.0-1014.15 linux-buildinfo-5.13.0-1014-intel - 5.13.0-1014.15 linux-intel-5.13-tools-common - 5.13.0-1014.15 linux-intel-5.13-source-5.13.0 - 5.13.0-1014.15 linux-modules-5.13.0-1014-intel - 5.13.0-1014.15 linux-intel-5.13-cloud-tools-common - 5.13.0-1014.15 linux-image-5.13.0-1014-intel - 5.13.0-1014.15 linux-image-unsigned-5.13.0-1014-intel - 5.13.0-1014.15 No subscription required linux-modules-extra-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-aws-5.13-headers-5.13.0-1028 - 5.13.0-1028.31~20.04.1 linux-image-unsigned-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-modules-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-tools-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-aws-5.13-tools-5.13.0-1028 - 5.13.0-1028.31~20.04.1 linux-headers-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-cloud-tools-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-image-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1028 - 5.13.0-1028.31~20.04.1 linux-buildinfo-5.13.0-1028-aws - 5.13.0-1028.31~20.04.1 No subscription required linux-image-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-headers-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1028 - 5.13.0-1028.33~20.04.1 linux-azure-5.13-tools-5.13.0-1028 - 5.13.0-1028.33~20.04.1 linux-modules-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-buildinfo-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-tools-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-image-unsigned-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-azure-5.13-headers-5.13.0-1028 - 5.13.0-1028.33~20.04.1 linux-modules-extra-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 linux-cloud-tools-5.13.0-1028-azure - 5.13.0-1028.33~20.04.1 No subscription required linux-gcp-5.13-tools-5.13.0-1030 - 5.13.0-1030.36~20.04.1 linux-tools-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-image-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-modules-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-modules-extra-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-image-unsigned-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-gcp-5.13-headers-5.13.0-1030 - 5.13.0-1030.36~20.04.1 linux-headers-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 linux-buildinfo-5.13.0-1030-gcp - 5.13.0-1030.36~20.04.1 No subscription required linux-headers-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-oracle-5.13-headers-5.13.0-1033 - 5.13.0-1033.39~20.04.1 linux-image-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-buildinfo-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-modules-extra-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-oracle-5.13-tools-5.13.0-1033 - 5.13.0-1033.39~20.04.1 linux-tools-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-image-unsigned-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 linux-modules-5.13.0-1033-oracle - 5.13.0-1033.39~20.04.1 No subscription required linux-hwe-5.13-cloud-tools-common - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-hwe-5.13-headers-5.13.0-48 - 5.13.0-48.54~20.04.1 linux-image-unsigned-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-image-unsigned-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-48 - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-cloud-tools-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-image-unsigned-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-modules-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-tools-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-modules-extra-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-cloud-tools-5.13.0-48-generic - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-generic-64k - 5.13.0-48.54~20.04.1 linux-image-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-headers-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-generic-lpae - 5.13.0-48.54~20.04.1 linux-buildinfo-5.13.0-48-lowlatency - 5.13.0-48.54~20.04.1 linux-hwe-5.13-tools-5.13.0-48 - 5.13.0-48.54~20.04.1 No subscription required linux-intel - 5.13.0.1014.14 linux-image-intel - 5.13.0.1014.14 linux-cloud-tools-intel - 5.13.0.1014.14 linux-tools-intel - 5.13.0.1014.14 linux-headers-intel - 5.13.0.1014.14 No subscription required linux-headers-aws - 5.13.0.1028.31~20.04.22 linux-image-aws - 5.13.0.1028.31~20.04.22 linux-aws - 5.13.0.1028.31~20.04.22 linux-tools-aws - 5.13.0.1028.31~20.04.22 linux-modules-extra-aws - 5.13.0.1028.31~20.04.22 No subscription required linux-cloud-tools-azure - 5.13.0.1028.33~20.04.17 linux-tools-azure - 5.13.0.1028.33~20.04.17 linux-modules-extra-azure - 5.13.0.1028.33~20.04.17 linux-azure - 5.13.0.1028.33~20.04.17 linux-image-azure - 5.13.0.1028.33~20.04.17 linux-headers-azure - 5.13.0.1028.33~20.04.17 No subscription required linux-headers-gcp - 5.13.0.1030.36~20.04.1 linux-gcp - 5.13.0.1030.36~20.04.1 linux-image-gcp - 5.13.0.1030.36~20.04.1 linux-modules-extra-gcp - 5.13.0.1030.36~20.04.1 linux-tools-gcp - 5.13.0.1030.36~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1033.39~20.04.1 linux-tools-oracle - 5.13.0.1033.39~20.04.1 linux-image-oracle - 5.13.0.1033.39~20.04.1 linux-oracle - 5.13.0.1033.39~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-extra-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-generic-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-generic-lpae-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-tools-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-lowlatency-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-image-generic-64k-hwe-20.04 - 5.13.0.48.54~20.04.30 linux-headers-virtual-hwe-20.04 - 5.13.0.48.54~20.04.30 No subscription required High CVE-2022-1158 CVE-2022-21499 CVE-2022-24958 CVE-2022-28390 Ubuntu 20.04 LTS It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1836) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972) Update Instructions: Run `sudo pro fix USN-5470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1042 - 5.14.0-1042.47 linux-buildinfo-5.14.0-1042-oem - 5.14.0-1042.47 linux-image-5.14.0-1042-oem - 5.14.0-1042.47 linux-oem-5.14-headers-5.14.0-1042 - 5.14.0-1042.47 linux-tools-5.14.0-1042-oem - 5.14.0-1042.47 linux-headers-5.14.0-1042-oem - 5.14.0-1042.47 linux-modules-iwlwifi-5.14.0-1042-oem - 5.14.0-1042.47 linux-modules-5.14.0-1042-oem - 5.14.0-1042.47 linux-oem-5.14-tools-host - 5.14.0-1042.47 linux-image-unsigned-5.14.0-1042-oem - 5.14.0-1042.47 No subscription required linux-image-oem-20.04c - 5.14.0.1042.38 linux-image-oem-20.04b - 5.14.0.1042.38 linux-image-oem-20.04d - 5.14.0.1042.38 linux-headers-oem-20.04 - 5.14.0.1042.38 linux-tools-oem-20.04c - 5.14.0.1042.38 linux-tools-oem-20.04b - 5.14.0.1042.38 linux-oem-20.04 - 5.14.0.1042.38 linux-image-oem-20.04 - 5.14.0.1042.38 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1042.38 linux-oem-20.04d - 5.14.0.1042.38 linux-oem-20.04c - 5.14.0.1042.38 linux-oem-20.04b - 5.14.0.1042.38 linux-tools-oem-20.04d - 5.14.0.1042.38 linux-headers-oem-20.04b - 5.14.0.1042.38 linux-headers-oem-20.04c - 5.14.0.1042.38 linux-headers-oem-20.04d - 5.14.0.1042.38 linux-tools-oem-20.04 - 5.14.0.1042.38 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1042.38 No subscription required High CVE-2022-21499 Ubuntu 20.04 LTS It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding (LPC) or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20445, CVE-2020-20446, CVE-2020-20453) It was discovered that FFmpeg incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20450) It was discovered that FFmpeg incorrectly handled file conversion to APNG format. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21041) It was discovered that FFmpeg incorrectly handled remuxing RTP-hint tracks. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21688) It was discovered that FFmpeg incorrectly handled certain specially crafted AVI files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21697) It was discovered that FFmpeg incorrectly handled writing MOV video tags. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22015) It was discovered that FFmpeg incorrectly handled writing MOV files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue affected only Ubuntu 18.04 LTS. (CVE-2020-22016) It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2022-22025, CVE-2020-22026, CVE-2020-22028, CVE-2020-22031, CVE-2020-22032, CVE-2020-22034, CVE-2020-22036, CVE-2020-22042) It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22019, CVE-2020-22021, CVE-2020-22033) It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 21.10. (CVE-2020-22027, CVE-2020-22029, CVE-2020-22030, CVE-2020-22035) It was discovered that FFmpeg incorrectly handled certain specially crafted JPEG files. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22037) It was discovered that FFmpeg incorrectly performed calculations in EXR codec. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-35965) It was discovered that FFmpeg did not verify return values of functions init_vlc and init_get_bits. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-38114, CVE-2021-38171) It was discovered that FFmpeg incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2022-1475) Update Instructions: Run `sudo pro fix USN-5472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.7-0ubuntu0.1 libavcodec-extra - 7:4.2.7-0ubuntu0.1 libavformat-dev - 7:4.2.7-0ubuntu0.1 libswscale5 - 7:4.2.7-0ubuntu0.1 libavresample4 - 7:4.2.7-0ubuntu0.1 libavcodec-dev - 7:4.2.7-0ubuntu0.1 libavutil-dev - 7:4.2.7-0ubuntu0.1 libavfilter-extra - 7:4.2.7-0ubuntu0.1 libswscale-dev - 7:4.2.7-0ubuntu0.1 libswresample-dev - 7:4.2.7-0ubuntu0.1 libswresample3 - 7:4.2.7-0ubuntu0.1 libavdevice-dev - 7:4.2.7-0ubuntu0.1 libavformat58 - 7:4.2.7-0ubuntu0.1 libavdevice58 - 7:4.2.7-0ubuntu0.1 libavfilter-dev - 7:4.2.7-0ubuntu0.1 libpostproc55 - 7:4.2.7-0ubuntu0.1 libpostproc-dev - 7:4.2.7-0ubuntu0.1 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1 libavutil56 - 7:4.2.7-0ubuntu0.1 libavfilter7 - 7:4.2.7-0ubuntu0.1 ffmpeg - 7:4.2.7-0ubuntu0.1 ffmpeg-doc - 7:4.2.7-0ubuntu0.1 libavcodec58 - 7:4.2.7-0ubuntu0.1 No subscription required Medium CVE-2020-20445 CVE-2020-20446 CVE-2020-20450 CVE-2020-20453 CVE-2020-21041 CVE-2020-21688 CVE-2020-21697 CVE-2020-22015 CVE-2020-22016 CVE-2020-22017 CVE-2020-22019 CVE-2020-22020 CVE-2020-22021 CVE-2020-22022 CVE-2020-22023 CVE-2020-22025 CVE-2020-22026 CVE-2020-22027 CVE-2020-22028 CVE-2020-22029 CVE-2020-22030 CVE-2020-22031 CVE-2020-22032 CVE-2020-22033 CVE-2020-22034 CVE-2020-22035 CVE-2020-22036 CVE-2020-22037 CVE-2020-22042 CVE-2020-35965 CVE-2021-38114 CVE-2021-38171 CVE-2021-38291 CVE-2022-1475 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-5473-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20211016~20.04.1 No subscription required None https://launchpad.net/bugs/1976631 Ubuntu 20.04 LTS It was dicovered that Varnish Cache did not clear a pointer between the handling of one client request and the next request within the same connection. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2019-20637) It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote attacker could possibly use this issue to restart the daemon and cause a performance loss. (CVE-2020-11653) It was discovered that Varnish Cache allowed request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-36740) It was discovered that Varnish Cache allowed request smuggling for HTTP/1 connections. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-23959) Update Instructions: Run `sudo pro fix USN-5474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: varnish - 6.2.1-2ubuntu0.1 varnish-doc - 6.2.1-2ubuntu0.1 libvarnishapi-dev - 6.2.1-2ubuntu0.1 libvarnishapi2 - 6.2.1-2ubuntu0.1 No subscription required Medium CVE-2019-20637 CVE-2020-11653 CVE-2021-36740 CVE-2022-23959 Ubuntu 20.04 LTS USN-5474-1 fixed vulnerabilities in Varnish Cache. Unfortunately the fix for CVE-2020-11653 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote attacker could possibly use this issue to restart the daemon and cause a performance loss. (CVE-2020-11653) Update Instructions: Run `sudo pro fix USN-5474-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: varnish - 6.2.1-2ubuntu0.2 varnish-doc - 6.2.1-2ubuntu0.2 libvarnishapi-dev - 6.2.1-2ubuntu0.2 libvarnishapi2 - 6.2.1-2ubuntu0.2 No subscription required Low CVE-2020-11653 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the browser UI, conduct cross-site scripting (XSS) attacks, bypass content security policy (CSP) restrictions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5475-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 101.0.1+build1-0ubuntu0.20.04.1 firefox - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 101.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 101.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 101.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 101.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 101.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1919 CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31743 CVE-2022-31744 CVE-2022-31745 CVE-2022-31747 CVE-2022-31748 Ubuntu 20.04 LTS Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2022-26981) It was discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2022-31783) Update Instructions: Run `sudo pro fix USN-5476-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblouis-dev - 3.12.0-3ubuntu0.1 python3-louis - 3.12.0-3ubuntu0.1 liblouis-data - 3.12.0-3ubuntu0.1 liblouis20 - 3.12.0-3ubuntu0.1 liblouis-bin - 3.12.0-3ubuntu0.1 No subscription required Medium CVE-2022-26981 CVE-2022-31783 Ubuntu 20.04 LTS Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pg_query_params function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-31625) Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-31626) Update Instructions: Run `sudo pro fix USN-5479-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.12 php7.4-readline - 7.4.3-4ubuntu2.12 php7.4-dba - 7.4.3-4ubuntu2.12 php7.4-common - 7.4.3-4ubuntu2.12 php7.4-xmlrpc - 7.4.3-4ubuntu2.12 php7.4-intl - 7.4.3-4ubuntu2.12 php7.4-phpdbg - 7.4.3-4ubuntu2.12 php7.4-ldap - 7.4.3-4ubuntu2.12 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.12 php7.4-soap - 7.4.3-4ubuntu2.12 php7.4-xsl - 7.4.3-4ubuntu2.12 php7.4-pgsql - 7.4.3-4ubuntu2.12 php7.4-pspell - 7.4.3-4ubuntu2.12 php7.4-zip - 7.4.3-4ubuntu2.12 php7.4-curl - 7.4.3-4ubuntu2.12 php7.4-odbc - 7.4.3-4ubuntu2.12 php7.4-json - 7.4.3-4ubuntu2.12 php7.4-mbstring - 7.4.3-4ubuntu2.12 php7.4-imap - 7.4.3-4ubuntu2.12 php7.4-bz2 - 7.4.3-4ubuntu2.12 php7.4-cgi - 7.4.3-4ubuntu2.12 php7.4 - 7.4.3-4ubuntu2.12 php7.4-bcmath - 7.4.3-4ubuntu2.12 php7.4-dev - 7.4.3-4ubuntu2.12 php7.4-interbase - 7.4.3-4ubuntu2.12 php7.4-tidy - 7.4.3-4ubuntu2.12 php7.4-gmp - 7.4.3-4ubuntu2.12 php7.4-sqlite3 - 7.4.3-4ubuntu2.12 php7.4-fpm - 7.4.3-4ubuntu2.12 php7.4-sybase - 7.4.3-4ubuntu2.12 php7.4-cli - 7.4.3-4ubuntu2.12 libphp7.4-embed - 7.4.3-4ubuntu2.12 php7.4-enchant - 7.4.3-4ubuntu2.12 php7.4-mysql - 7.4.3-4ubuntu2.12 php7.4-snmp - 7.4.3-4ubuntu2.12 php7.4-xml - 7.4.3-4ubuntu2.12 php7.4-opcache - 7.4.3-4ubuntu2.12 No subscription required Medium CVE-2022-31625 CVE-2022-31626 Ubuntu 20.04 LTS It was discovered that BlueZ incorrectly validated certain capabilities and lengths when handling the A2DP profile. A remote attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5481-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.6 bluez-tests - 5.53-0ubuntu3.6 bluez-obexd - 5.53-0ubuntu3.6 bluetooth - 5.53-0ubuntu3.6 bluez - 5.53-0ubuntu3.6 bluez-hcidump - 5.53-0ubuntu3.6 bluez-cups - 5.53-0ubuntu3.6 libbluetooth-dev - 5.53-0ubuntu3.6 No subscription required None https://launchpad.net/bugs/1977968 Ubuntu 20.04 LTS USN-5482-1 fixed several vulnerabilities in SPIP. This update provides the corresponding updates for Ubuntu 20.04 LTS for CVE-2021-44118, CVE-2021-44120, CVE-2021-44122 and CVE-2021-44123. Original advisory details: It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-28984) Charles Fol and Théo Gordyjan discovered that SPIP is vulnerable to Cross Site Scripting (XSS). If a user were tricked into browsing a malicious SVG file, an attacker could possibly exploit this issue to execute arbitrary code. This issue was only fixed in Ubuntu 21.10. (CVE-2021-44118, CVE-2021-44120, CVE-2021-44122, CVE-2021-44123) It was discovered that SPIP incorrectly handled certain forms. A remote authenticated editor could possibly use this issue to execute arbitrary code, and a remote unauthenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2022-26846, CVE-2022-26847) Update Instructions: Run `sudo pro fix USN-5482-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spip - 3.2.7-1ubuntu0.1 No subscription required Medium CVE-2021-44118 CVE-2021-44120 CVE-2021-44122 CVE-2021-44123 Ubuntu 20.04 LTS It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexempi8 - 2.5.1-1ubuntu0.1 exempi - 2.5.1-1ubuntu0.1 libexempi-dev - 2.5.1-1ubuntu0.1 No subscription required Medium CVE-2018-12648 CVE-2021-36045 CVE-2021-36046 CVE-2021-36047 CVE-2021-36048 CVE-2021-36050 CVE-2021-36051 CVE-2021-36052 CVE-2021-36053 CVE-2021-36054 CVE-2021-36055 CVE-2021-36056 CVE-2021-36058 CVE-2021-36064 CVE-2021-39847 CVE-2021-40716 CVE-2021-40732 CVE-2021-42528 CVE-2021-42529 CVE-2021-42530 CVE-2021-42531 CVE-2021-42532 Ubuntu 20.04 LTS It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) Update Instructions: Run `sudo pro fix USN-5485-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.13.0-1017-intel - 5.13.0-1017.19 linux-image-unsigned-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-tools-host - 5.13.0-1017.19 linux-modules-extra-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-cloud-tools-common - 5.13.0-1017.19 linux-tools-5.13.0-1017-intel - 5.13.0-1017.19 linux-buildinfo-5.13.0-1017-intel - 5.13.0-1017.19 linux-cloud-tools-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-tools-5.13.0-1017 - 5.13.0-1017.19 linux-intel-5.13-source-5.13.0 - 5.13.0-1017.19 linux-intel-5.13-cloud-tools-5.13.0-1017 - 5.13.0-1017.19 linux-intel-5.13-headers-5.13.0-1017 - 5.13.0-1017.19 linux-headers-5.13.0-1017-intel - 5.13.0-1017.19 linux-modules-5.13.0-1017-intel - 5.13.0-1017.19 linux-intel-5.13-tools-common - 5.13.0-1017.19 No subscription required linux-image-unsigned-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-modules-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-modules-extra-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-aws-5.13-cloud-tools-5.13.0-1031 - 5.13.0-1031.35~20.04.1 linux-headers-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-aws-5.13-tools-5.13.0-1031 - 5.13.0-1031.35~20.04.1 linux-buildinfo-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-cloud-tools-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-image-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-tools-5.13.0-1031-aws - 5.13.0-1031.35~20.04.1 linux-aws-5.13-headers-5.13.0-1031 - 5.13.0-1031.35~20.04.1 No subscription required linux-buildinfo-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-azure-5.13-tools-5.13.0-1031 - 5.13.0-1031.37~20.04.1 linux-image-unsigned-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-image-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-azure-5.13-cloud-tools-5.13.0-1031 - 5.13.0-1031.37~20.04.1 linux-azure-5.13-headers-5.13.0-1031 - 5.13.0-1031.37~20.04.1 linux-modules-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-headers-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-tools-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-modules-extra-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 linux-cloud-tools-5.13.0-1031-azure - 5.13.0-1031.37~20.04.1 No subscription required linux-gcp-5.13-tools-5.13.0-1033 - 5.13.0-1033.40~20.04.1 linux-image-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-image-unsigned-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-tools-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-gcp-5.13-headers-5.13.0-1033 - 5.13.0-1033.40~20.04.1 linux-modules-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-modules-extra-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-buildinfo-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 linux-headers-5.13.0-1033-gcp - 5.13.0-1033.40~20.04.1 No subscription required linux-image-unsigned-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-headers-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-modules-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-modules-extra-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-buildinfo-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-tools-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-image-5.13.0-1036-oracle - 5.13.0-1036.43~20.04.1 linux-oracle-5.13-tools-5.13.0-1036 - 5.13.0-1036.43~20.04.1 linux-oracle-5.13-headers-5.13.0-1036 - 5.13.0-1036.43~20.04.1 No subscription required linux-hwe-5.13-headers-5.13.0-51 - 5.13.0-51.58~20.04.1 linux-image-unsigned-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-cloud-tools-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-51 - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-cloud-tools-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-generic-64k - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-tools-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-image-unsigned-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-image-unsigned-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-image-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-headers-5.13.0-51-generic-lpae - 5.13.0-51.58~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-51.58~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-51.58~20.04.1 linux-hwe-5.13-tools-5.13.0-51 - 5.13.0-51.58~20.04.1 linux-modules-extra-5.13.0-51-generic - 5.13.0-51.58~20.04.1 linux-buildinfo-5.13.0-51-lowlatency - 5.13.0-51.58~20.04.1 linux-modules-5.13.0-51-generic - 5.13.0-51.58~20.04.1 No subscription required linux-intel - 5.13.0.1017.15 linux-cloud-tools-intel - 5.13.0.1017.15 linux-headers-intel - 5.13.0.1017.15 linux-image-intel - 5.13.0.1017.15 linux-tools-intel - 5.13.0.1017.15 No subscription required linux-image-aws - 5.13.0.1031.35~20.04.25 linux-aws - 5.13.0.1031.35~20.04.25 linux-headers-aws - 5.13.0.1031.35~20.04.25 linux-tools-aws - 5.13.0.1031.35~20.04.25 linux-modules-extra-aws - 5.13.0.1031.35~20.04.25 No subscription required linux-cloud-tools-azure - 5.13.0.1031.37~20.04.20 linux-modules-extra-azure - 5.13.0.1031.37~20.04.20 linux-azure - 5.13.0.1031.37~20.04.20 linux-image-azure - 5.13.0.1031.37~20.04.20 linux-headers-azure - 5.13.0.1031.37~20.04.20 linux-tools-azure - 5.13.0.1031.37~20.04.20 No subscription required linux-modules-extra-gcp - 5.13.0.1033.40~20.04.1 linux-gcp - 5.13.0.1033.40~20.04.1 linux-image-gcp - 5.13.0.1033.40~20.04.1 linux-tools-gcp - 5.13.0.1033.40~20.04.1 linux-headers-gcp - 5.13.0.1033.40~20.04.1 No subscription required linux-headers-oracle - 5.13.0.1036.43~20.04.1 linux-tools-oracle - 5.13.0.1036.43~20.04.1 linux-image-oracle - 5.13.0.1036.43~20.04.1 linux-oracle - 5.13.0.1036.43~20.04.1 No subscription required linux-image-extra-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-generic-lpae-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-tools-generic-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-headers-virtual-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.13.0.51.58~20.04.31 No subscription required linux-buildinfo-5.4.0-1028-ibm - 5.4.0-1028.32 linux-modules-5.4.0-1028-ibm - 5.4.0-1028.32 linux-ibm-cloud-tools-common - 5.4.0-1028.32 linux-ibm-headers-5.4.0-1028 - 5.4.0-1028.32 linux-image-5.4.0-1028-ibm - 5.4.0-1028.32 linux-tools-5.4.0-1028-ibm - 5.4.0-1028.32 linux-ibm-tools-common - 5.4.0-1028.32 linux-ibm-source-5.4.0 - 5.4.0-1028.32 linux-headers-5.4.0-1028-ibm - 5.4.0-1028.32 linux-modules-extra-5.4.0-1028-ibm - 5.4.0-1028.32 linux-ibm-tools-5.4.0-1028 - 5.4.0-1028.32 linux-image-unsigned-5.4.0-1028-ibm - 5.4.0-1028.32 No subscription required linux-gkeop-tools-5.4.0-1048 - 5.4.0-1048.51 linux-modules-extra-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-headers-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-modules-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-image-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-gkeop-headers-5.4.0-1048 - 5.4.0-1048.51 linux-cloud-tools-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-gkeop-cloud-tools-5.4.0-1048 - 5.4.0-1048.51 linux-tools-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-gkeop-source-5.4.0 - 5.4.0-1048.51 linux-image-unsigned-5.4.0-1048-gkeop - 5.4.0-1048.51 linux-buildinfo-5.4.0-1048-gkeop - 5.4.0-1048.51 No subscription required linux-image-unsigned-5.4.0-1070-kvm - 5.4.0-1070.75 linux-headers-5.4.0-1070-kvm - 5.4.0-1070.75 linux-tools-5.4.0-1070-kvm - 5.4.0-1070.75 linux-kvm-headers-5.4.0-1070 - 5.4.0-1070.75 linux-kvm-tools-5.4.0-1070 - 5.4.0-1070.75 linux-modules-5.4.0-1070-kvm - 5.4.0-1070.75 linux-buildinfo-5.4.0-1070-kvm - 5.4.0-1070.75 linux-image-5.4.0-1070-kvm - 5.4.0-1070.75 No subscription required linux-image-5.4.0-1076-gke - 5.4.0-1076.82 linux-gke-headers-5.4.0-1076 - 5.4.0-1076.82 linux-tools-5.4.0-1076-gke - 5.4.0-1076.82 linux-modules-5.4.0-1076-gke - 5.4.0-1076.82 linux-image-unsigned-5.4.0-1076-gke - 5.4.0-1076.82 linux-gke-tools-5.4.0-1076 - 5.4.0-1076.82 linux-headers-5.4.0-1076-gke - 5.4.0-1076.82 linux-buildinfo-5.4.0-1076-gke - 5.4.0-1076.82 linux-modules-extra-5.4.0-1076-gke - 5.4.0-1076.82 No subscription required linux-tools-5.4.0-1078-oracle - 5.4.0-1078.86 linux-image-unsigned-5.4.0-1078-oracle - 5.4.0-1078.86 linux-oracle-headers-5.4.0-1078 - 5.4.0-1078.86 linux-oracle-tools-5.4.0-1078 - 5.4.0-1078.86 linux-modules-5.4.0-1078-oracle - 5.4.0-1078.86 linux-buildinfo-5.4.0-1078-oracle - 5.4.0-1078.86 linux-modules-extra-5.4.0-1078-oracle - 5.4.0-1078.86 linux-image-5.4.0-1078-oracle - 5.4.0-1078.86 linux-headers-5.4.0-1078-oracle - 5.4.0-1078.86 No subscription required linux-image-unsigned-5.4.0-1080-aws - 5.4.0-1080.87 linux-image-unsigned-5.4.0-1080-gcp - 5.4.0-1080.87 linux-buildinfo-5.4.0-1080-aws - 5.4.0-1080.87 linux-gcp-tools-5.4.0-1080 - 5.4.0-1080.87 linux-headers-5.4.0-1080-gcp - 5.4.0-1080.87 linux-image-5.4.0-1080-aws - 5.4.0-1080.87 linux-tools-5.4.0-1080-aws - 5.4.0-1080.87 linux-gcp-headers-5.4.0-1080 - 5.4.0-1080.87 linux-cloud-tools-5.4.0-1080-aws - 5.4.0-1080.87 linux-aws-cloud-tools-5.4.0-1080 - 5.4.0-1080.87 linux-tools-5.4.0-1080-gcp - 5.4.0-1080.87 linux-modules-extra-5.4.0-1080-gcp - 5.4.0-1080.87 linux-image-5.4.0-1080-gcp - 5.4.0-1080.87 linux-aws-tools-5.4.0-1080 - 5.4.0-1080.87 linux-buildinfo-5.4.0-1080-gcp - 5.4.0-1080.87 linux-headers-5.4.0-1080-aws - 5.4.0-1080.87 linux-modules-5.4.0-1080-aws - 5.4.0-1080.87 linux-aws-headers-5.4.0-1080 - 5.4.0-1080.87 linux-modules-extra-5.4.0-1080-aws - 5.4.0-1080.87 linux-modules-5.4.0-1080-gcp - 5.4.0-1080.87 No subscription required linux-headers-5.4.0-1085-azure - 5.4.0-1085.90 linux-modules-5.4.0-1085-azure - 5.4.0-1085.90 linux-modules-extra-5.4.0-1085-azure - 5.4.0-1085.90 linux-azure-headers-5.4.0-1085 - 5.4.0-1085.90 linux-cloud-tools-5.4.0-1085-azure - 5.4.0-1085.90 linux-azure-tools-5.4.0-1085 - 5.4.0-1085.90 linux-tools-5.4.0-1085-azure - 5.4.0-1085.90 linux-image-unsigned-5.4.0-1085-azure - 5.4.0-1085.90 linux-image-5.4.0-1085-azure - 5.4.0-1085.90 linux-azure-cloud-tools-5.4.0-1085 - 5.4.0-1085.90 linux-buildinfo-5.4.0-1085-azure - 5.4.0-1085.90 No subscription required linux-image-5.4.0-1085-azure-fde - 5.4.0-1085.90+cvm1.1 linux-image-unsigned-5.4.0-1085-azure-fde - 5.4.0-1085.90+cvm1.1 No subscription required linux-tools-5.4.0-120 - 5.4.0-120.136 linux-source-5.4.0 - 5.4.0-120.136 linux-cloud-tools-5.4.0-120-generic - 5.4.0-120.136 linux-modules-5.4.0-120-generic - 5.4.0-120.136 linux-cloud-tools-common - 5.4.0-120.136 linux-buildinfo-5.4.0-120-generic - 5.4.0-120.136 linux-tools-5.4.0-120-generic - 5.4.0-120.136 linux-buildinfo-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-headers-5.4.0-120-lowlatency - 5.4.0-120.136 linux-libc-dev - 5.4.0-120.136 linux-headers-5.4.0-120-generic - 5.4.0-120.136 linux-image-5.4.0-120-generic - 5.4.0-120.136 linux-headers-5.4.0-120 - 5.4.0-120.136 linux-image-unsigned-5.4.0-120-generic - 5.4.0-120.136 linux-tools-host - 5.4.0-120.136 linux-tools-common - 5.4.0-120.136 linux-tools-5.4.0-120-lowlatency - 5.4.0-120.136 linux-cloud-tools-5.4.0-120 - 5.4.0-120.136 linux-image-5.4.0-120-lowlatency - 5.4.0-120.136 linux-headers-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-image-unsigned-5.4.0-120-lowlatency - 5.4.0-120.136 linux-cloud-tools-5.4.0-120-lowlatency - 5.4.0-120.136 linux-doc - 5.4.0-120.136 linux-modules-extra-5.4.0-120-generic - 5.4.0-120.136 linux-modules-5.4.0-120-lowlatency - 5.4.0-120.136 linux-image-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-buildinfo-5.4.0-120-lowlatency - 5.4.0-120.136 linux-tools-5.4.0-120-generic-lpae - 5.4.0-120.136 linux-modules-5.4.0-120-generic-lpae - 5.4.0-120.136 No subscription required linux-tools-ibm - 5.4.0.1028.25 linux-modules-extra-ibm - 5.4.0.1028.25 linux-image-ibm-lts-20.04 - 5.4.0.1028.25 linux-tools-ibm-lts-20.04 - 5.4.0.1028.25 linux-ibm-lts-20.04 - 5.4.0.1028.25 linux-ibm - 5.4.0.1028.25 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1028.25 linux-headers-ibm - 5.4.0.1028.25 linux-image-ibm - 5.4.0.1028.25 linux-headers-ibm-lts-20.04 - 5.4.0.1028.25 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1048.49 linux-image-gkeop - 5.4.0.1048.49 linux-image-gkeop-5.4 - 5.4.0.1048.49 linux-modules-extra-gkeop - 5.4.0.1048.49 linux-tools-gkeop-5.4 - 5.4.0.1048.49 linux-headers-gkeop - 5.4.0.1048.49 linux-tools-gkeop - 5.4.0.1048.49 linux-gkeop-5.4 - 5.4.0.1048.49 linux-cloud-tools-gkeop - 5.4.0.1048.49 linux-headers-gkeop-5.4 - 5.4.0.1048.49 linux-modules-extra-gkeop-5.4 - 5.4.0.1048.49 linux-gkeop - 5.4.0.1048.49 No subscription required linux-kvm - 5.4.0.1070.67 linux-image-kvm - 5.4.0.1070.67 linux-tools-kvm - 5.4.0.1070.67 linux-headers-kvm - 5.4.0.1070.67 No subscription required linux-tools-gke-5.4 - 5.4.0.1076.84 linux-image-gke-5.4 - 5.4.0.1076.84 linux-headers-gke-5.4 - 5.4.0.1076.84 linux-modules-extra-gke-5.4 - 5.4.0.1076.84 linux-gke - 5.4.0.1076.84 linux-gke-5.4 - 5.4.0.1076.84 linux-image-gke - 5.4.0.1076.84 linux-headers-gke - 5.4.0.1076.84 linux-modules-extra-gke - 5.4.0.1076.84 linux-tools-gke - 5.4.0.1076.84 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1078.76 linux-headers-oracle-lts-20.04 - 5.4.0.1078.76 linux-tools-oracle-lts-20.04 - 5.4.0.1078.76 linux-oracle-lts-20.04 - 5.4.0.1078.76 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1080.80 linux-aws-lts-20.04 - 5.4.0.1080.80 linux-modules-extra-aws-lts-20.04 - 5.4.0.1080.80 linux-tools-aws-lts-20.04 - 5.4.0.1080.80 linux-image-aws-lts-20.04 - 5.4.0.1080.80 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1080.86 linux-gcp-lts-20.04 - 5.4.0.1080.86 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1080.86 linux-headers-gcp-lts-20.04 - 5.4.0.1080.86 linux-image-gcp-lts-20.04 - 5.4.0.1080.86 No subscription required linux-azure-lts-20.04 - 5.4.0.1085.82 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1085.82 linux-tools-azure-lts-20.04 - 5.4.0.1085.82 linux-headers-azure-lts-20.04 - 5.4.0.1085.82 linux-image-azure-lts-20.04 - 5.4.0.1085.82 linux-modules-extra-azure-lts-20.04 - 5.4.0.1085.82 No subscription required linux-tools-azure-fde - 5.4.0.1085.90+cvm1.25 linux-cloud-tools-azure-fde - 5.4.0.1085.90+cvm1.25 linux-headers-azure-fde - 5.4.0.1085.90+cvm1.25 linux-image-azure-fde - 5.4.0.1085.90+cvm1.25 linux-azure-fde - 5.4.0.1085.90+cvm1.25 linux-modules-extra-azure-fde - 5.4.0.1085.90+cvm1.25 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-virtual - 5.4.0.120.121 linux-tools-lowlatency - 5.4.0.120.121 linux-tools-virtual-hwe-18.04 - 5.4.0.120.121 linux-headers-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-headers-generic-hwe-18.04 - 5.4.0.120.121 linux-source - 5.4.0.120.121 linux-cloud-tools-generic - 5.4.0.120.121 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-generic - 5.4.0.120.121 linux-generic-hwe-18.04-edge - 5.4.0.120.121 linux-headers-generic-hwe-18.04-edge - 5.4.0.120.121 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.120.121 linux-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-image-lowlatency - 5.4.0.120.121 linux-image-oem-osp1 - 5.4.0.120.121 linux-crashdump - 5.4.0.120.121 linux-headers-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-tools-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-headers-virtual-hwe-18.04 - 5.4.0.120.121 linux-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-generic-lpae - 5.4.0.120.121 linux-tools-oem-osp1 - 5.4.0.120.121 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-hwe-18.04-edge - 5.4.0.120.121 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-oem - 5.4.0.120.121 linux-image-extra-virtual - 5.4.0.120.121 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-headers-virtual - 5.4.0.120.121 linux-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.120.121 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.120.121 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-hwe-18.04 - 5.4.0.120.121 linux-image-oem - 5.4.0.120.121 linux-tools-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-lowlatency - 5.4.0.120.121 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-tools-virtual - 5.4.0.120.121 linux-virtual - 5.4.0.120.121 linux-tools-generic - 5.4.0.120.121 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.120.121 linux-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-headers-oem - 5.4.0.120.121 linux-tools-generic-hwe-18.04-edge - 5.4.0.120.121 linux-image-virtual-hwe-18.04 - 5.4.0.120.121 linux-image-virtual-hwe-18.04-edge - 5.4.0.120.121 linux-cloud-tools-lowlatency - 5.4.0.120.121 linux-headers-lowlatency - 5.4.0.120.121 linux-oem-osp1 - 5.4.0.120.121 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-image-lowlatency-hwe-18.04 - 5.4.0.120.121 linux-cloud-tools-virtual - 5.4.0.120.121 linux-headers-generic-lpae - 5.4.0.120.121 linux-oem-osp1-tools-host - 5.4.0.120.121 linux-image-generic - 5.4.0.120.121 linux-image-extra-virtual-hwe-18.04 - 5.4.0.120.121 linux-tools-generic-lpae - 5.4.0.120.121 linux-virtual-hwe-18.04 - 5.4.0.120.121 linux-tools-oem - 5.4.0.120.121 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.120.121 linux-image-generic-lpae - 5.4.0.120.121 linux-oem-tools-host - 5.4.0.120.121 linux-headers-oem-osp1 - 5.4.0.120.121 linux-headers-generic - 5.4.0.120.121 linux-generic-hwe-18.04 - 5.4.0.120.121 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.120.121 linux-tools-generic-hwe-18.04 - 5.4.0.120.121 No subscription required Medium CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 Ubuntu 20.04 LTS It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) Update Instructions: Run `sudo pro fix USN-5485-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1044 - 5.14.0-1044.49 linux-buildinfo-5.14.0-1044-oem - 5.14.0-1044.49 linux-image-unsigned-5.14.0-1044-oem - 5.14.0-1044.49 linux-headers-5.14.0-1044-oem - 5.14.0-1044.49 linux-tools-5.14.0-1044-oem - 5.14.0-1044.49 linux-modules-iwlwifi-5.14.0-1044-oem - 5.14.0-1044.49 linux-oem-5.14-headers-5.14.0-1044 - 5.14.0-1044.49 linux-image-5.14.0-1044-oem - 5.14.0-1044.49 linux-modules-5.14.0-1044-oem - 5.14.0-1044.49 linux-oem-5.14-tools-host - 5.14.0-1044.49 No subscription required linux-image-oem-20.04c - 5.14.0.1044.40 linux-image-oem-20.04b - 5.14.0.1044.40 linux-image-oem-20.04d - 5.14.0.1044.40 linux-headers-oem-20.04 - 5.14.0.1044.40 linux-tools-oem-20.04c - 5.14.0.1044.40 linux-tools-oem-20.04b - 5.14.0.1044.40 linux-oem-20.04 - 5.14.0.1044.40 linux-image-oem-20.04 - 5.14.0.1044.40 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1044.40 linux-oem-20.04d - 5.14.0.1044.40 linux-oem-20.04c - 5.14.0.1044.40 linux-oem-20.04b - 5.14.0.1044.40 linux-tools-oem-20.04d - 5.14.0.1044.40 linux-headers-oem-20.04b - 5.14.0.1044.40 linux-headers-oem-20.04c - 5.14.0.1044.40 linux-headers-oem-20.04d - 5.14.0.1044.40 linux-tools-oem-20.04 - 5.14.0.1044.40 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1044.40 No subscription required Medium CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 Ubuntu 20.04 LTS It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. (CVE-2021-0127) Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. (CVE-2021-0145) Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges. (CVE-2021-0146) It was discovered that some Intel processors did not properly restrict access in some situations. A local attacker could use this to obtain sensitive information. (CVE-2021-33117) Brandon Miller discovered that some Intel processors did not properly restrict access in some situations. A local attacker could use this to obtain sensitive information or a remote attacker could use this to cause a denial of service. (CVE-2021-33120) It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123, CVE-2022-21127) Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that some Intel processors improperly optimised security-critical code. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21151) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) Update Instructions: Run `sudo pro fix USN-5486-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20220510.0ubuntu0.20.04.1 No subscription required Medium CVE-2021-0127 CVE-2021-0145 CVE-2021-0146 CVE-2021-33117 CVE-2021-33120 CVE-2022-21123 CVE-2022-21127 CVE-2022-21151 CVE-2022-21166 Ubuntu 20.04 LTS It was discovered that Apache HTTP Server mod_proxy_ajp incorrectly handled certain crafted request. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-26377) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-28614) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2022-28615) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-29404) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a crash. (CVE-2022-30522) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2022-30556) It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to bypass IP based authentication. (CVE-2022-31813) Update Instructions: Run `sudo pro fix USN-5487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.12 libapache2-mod-md - 2.4.41-4ubuntu3.12 apache2-utils - 2.4.41-4ubuntu3.12 apache2-dev - 2.4.41-4ubuntu3.12 apache2-suexec-pristine - 2.4.41-4ubuntu3.12 apache2-suexec-custom - 2.4.41-4ubuntu3.12 apache2 - 2.4.41-4ubuntu3.12 apache2-doc - 2.4.41-4ubuntu3.12 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.12 apache2-ssl-dev - 2.4.41-4ubuntu3.12 apache2-bin - 2.4.41-4ubuntu3.12 No subscription required Medium CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813 Ubuntu 20.04 LTS Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Update Instructions: Run `sudo pro fix USN-5488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.15 libssl-dev - 1.1.1f-1ubuntu2.15 openssl - 1.1.1f-1ubuntu2.15 libssl-doc - 1.1.1f-1ubuntu2.15 No subscription required Medium CVE-2022-2068 Ubuntu 20.04 LTS Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak sensitive information. (CVE-2021-3507) It was discovered that QEMU incorrectly handled NVME controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-3929) It was discovered that QEMU incorrectly handled QXL display device emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-4206, CVE-2021-4207) Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that QEMU incorrectly handled the virtiofsd shared file system daemon. An attacker inside the guest could use this issue to create files with incorrect ownership, possibly leading to privilege escalation. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-0358) It was discovered that QEMU incorrectly handled virtio-net devices. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-26353) It was discovered that QEMU incorrectly handled vhost-vsock devices. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-26354) Update Instructions: Run `sudo pro fix USN-5489-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.23 qemu-system-common - 1:4.2-3ubuntu6.23 qemu-user-static - 1:4.2-3ubuntu6.23 qemu-system-misc - 1:4.2-3ubuntu6.23 qemu-block-extra - 1:4.2-3ubuntu6.23 qemu-system-s390x - 1:4.2-3ubuntu6.23 qemu-user - 1:4.2-3ubuntu6.23 qemu-system-sparc - 1:4.2-3ubuntu6.23 qemu-guest-agent - 1:4.2-3ubuntu6.23 qemu-system - 1:4.2-3ubuntu6.23 qemu-utils - 1:4.2-3ubuntu6.23 qemu-system-data - 1:4.2-3ubuntu6.23 qemu-kvm - 1:4.2-3ubuntu6.23 qemu-user-binfmt - 1:4.2-3ubuntu6.23 qemu-system-x86 - 1:4.2-3ubuntu6.23 qemu-system-arm - 1:4.2-3ubuntu6.23 qemu-system-gui - 1:4.2-3ubuntu6.23 qemu - 1:4.2-3ubuntu6.23 qemu-system-ppc - 1:4.2-3ubuntu6.23 qemu-system-mips - 1:4.2-3ubuntu6.23 qemu-system-x86-xen - 1:4.2-3ubuntu6.23 No subscription required Medium CVE-2021-3507 CVE-2021-3929 CVE-2021-4206 CVE-2021-4207 CVE-2022-0358 CVE-2022-26353 CVE-2022-26354 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5491-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.6 squidclient - 4.10-1ubuntu1.6 squid - 4.10-1ubuntu1.6 squid-cgi - 4.10-1ubuntu1.6 squid-purge - 4.10-1ubuntu1.6 No subscription required Medium CVE-2021-46784 Ubuntu 20.04 LTS It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). Update Instructions: Run `sudo pro fix USN-5493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-common - 5.4.0-121.137 linux-headers-5.4.0-121 - 5.4.0-121.137 linux-headers-5.4.0-121-generic - 5.4.0-121.137 linux-tools-host - 5.4.0-121.137 linux-doc - 5.4.0-121.137 linux-headers-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-image-unsigned-5.4.0-121-lowlatency - 5.4.0-121.137 linux-cloud-tools-5.4.0-121-generic - 5.4.0-121.137 linux-cloud-tools-5.4.0-121 - 5.4.0-121.137 linux-tools-5.4.0-121 - 5.4.0-121.137 linux-libc-dev - 5.4.0-121.137 linux-source-5.4.0 - 5.4.0-121.137 linux-tools-5.4.0-121-generic - 5.4.0-121.137 linux-modules-5.4.0-121-generic - 5.4.0-121.137 linux-tools-5.4.0-121-lowlatency - 5.4.0-121.137 linux-buildinfo-5.4.0-121-lowlatency - 5.4.0-121.137 linux-image-5.4.0-121-generic - 5.4.0-121.137 linux-image-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-modules-extra-5.4.0-121-generic - 5.4.0-121.137 linux-image-5.4.0-121-lowlatency - 5.4.0-121.137 linux-modules-5.4.0-121-lowlatency - 5.4.0-121.137 linux-cloud-tools-5.4.0-121-lowlatency - 5.4.0-121.137 linux-buildinfo-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-modules-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-cloud-tools-common - 5.4.0-121.137 linux-headers-5.4.0-121-lowlatency - 5.4.0-121.137 linux-buildinfo-5.4.0-121-generic - 5.4.0-121.137 linux-tools-5.4.0-121-generic-lpae - 5.4.0-121.137 linux-image-unsigned-5.4.0-121-generic - 5.4.0-121.137 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-cloud-tools-virtual - 5.4.0.121.122 linux-image-generic-hwe-18.04 - 5.4.0.121.122 linux-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-headers-generic-lpae - 5.4.0.121.122 linux-image-virtual - 5.4.0.121.122 linux-oem-osp1-tools-host - 5.4.0.121.122 linux-image-generic - 5.4.0.121.122 linux-tools-lowlatency - 5.4.0.121.122 linux-image-oem - 5.4.0.121.122 linux-tools-virtual-hwe-18.04 - 5.4.0.121.122 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-headers-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-image-extra-virtual-hwe-18.04 - 5.4.0.121.122 linux-image-oem-osp1 - 5.4.0.121.122 linux-image-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-crashdump - 5.4.0.121.122 linux-tools-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-hwe-18.04 - 5.4.0.121.122 linux-headers-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-lowlatency - 5.4.0.121.122 linux-source - 5.4.0.121.122 linux-tools-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-tools-generic-lpae - 5.4.0.121.122 linux-cloud-tools-generic - 5.4.0.121.122 linux-virtual - 5.4.0.121.122 linux-headers-virtual-hwe-18.04 - 5.4.0.121.122 linux-virtual-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-headers-virtual - 5.4.0.121.122 linux-tools-virtual - 5.4.0.121.122 linux-tools-oem - 5.4.0.121.122 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-generic-lpae - 5.4.0.121.122 linux-headers-oem - 5.4.0.121.122 linux-generic - 5.4.0.121.122 linux-tools-oem-osp1 - 5.4.0.121.122 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-tools-generic-hwe-18.04-edge - 5.4.0.121.122 linux-image-virtual-hwe-18.04 - 5.4.0.121.122 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-cloud-tools-lowlatency - 5.4.0.121.122 linux-headers-lowlatency - 5.4.0.121.122 linux-image-generic-hwe-18.04-edge - 5.4.0.121.122 linux-generic-hwe-18.04-edge - 5.4.0.121.122 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.121.122 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-oem - 5.4.0.121.122 linux-tools-generic - 5.4.0.121.122 linux-image-extra-virtual - 5.4.0.121.122 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-oem-tools-host - 5.4.0.121.122 linux-headers-oem-osp1 - 5.4.0.121.122 linux-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-tools-generic-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-hwe-18.04-edge - 5.4.0.121.122 linux-headers-generic - 5.4.0.121.122 linux-oem-osp1 - 5.4.0.121.122 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.121.122 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-image-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.121.122 linux-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-lowlatency-hwe-18.04 - 5.4.0.121.122 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.121.122 linux-generic-hwe-18.04 - 5.4.0.121.122 linux-image-generic-lpae - 5.4.0.121.122 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.121.122 linux-image-virtual-hwe-18.04-edge - 5.4.0.121.122 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.121.122 linux-image-lowlatency - 5.4.0.121.122 No subscription required Medium CVE-2022-28388 Ubuntu 20.04 LTS It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). Update Instructions: Run `sudo pro fix USN-5493-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-hwe-5.13-headers-5.13.0-52 - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-hwe-5.13-cloud-tools-common - 5.13.0-52.59~20.04.1 linux-hwe-5.13-cloud-tools-5.13.0-52 - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-hwe-5.13-tools-common - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-modules-extra-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-tools-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-cloud-tools-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-image-unsigned-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-hwe-5.13-tools-5.13.0-52 - 5.13.0-52.59~20.04.1 linux-image-unsigned-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-generic - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-buildinfo-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-hwe-5.13-source-5.13.0 - 5.13.0-52.59~20.04.1 linux-modules-5.13.0-52-generic-64k - 5.13.0-52.59~20.04.1 linux-headers-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-generic-lpae - 5.13.0-52.59~20.04.1 linux-image-unsigned-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-hwe-5.13-tools-host - 5.13.0-52.59~20.04.1 linux-cloud-tools-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 linux-image-5.13.0-52-lowlatency - 5.13.0-52.59~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-cloud-tools-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-tools-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-generic-lpae-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-headers-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-generic-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-extra-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-cloud-tools-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 linux-virtual-hwe-20.04 - 5.13.0.52.59~20.04.31 No subscription required Medium CVE-2022-28388 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32205) Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-32206) Harry Sintonen incorrectly handled certain file permissions. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207) Harry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages. An attacker could possibly use this to perform a machine-in-the-middle attack. (CVE-2022-32208) Update Instructions: Run `sudo pro fix USN-5495-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.12 libcurl4-openssl-dev - 7.68.0-1ubuntu2.12 libcurl3-gnutls - 7.68.0-1ubuntu2.12 libcurl4-doc - 7.68.0-1ubuntu2.12 libcurl3-nss - 7.68.0-1ubuntu2.12 libcurl4-nss-dev - 7.68.0-1ubuntu2.12 libcurl4 - 7.68.0-1ubuntu2.12 curl - 7.68.0-1ubuntu2.12 No subscription required Medium CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 Ubuntu 20.04 LTS Mike Stroyan discovered that cloud-init could log password hashes when reporting schema failures. An attacker with access to these logs could potentially use this to gain user credentials. Update Instructions: Run `sudo pro fix USN-5496-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cloud-init - 22.2-0ubuntu1~20.04.3 No subscription required Medium CVE-2022-2084 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5501-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.12 python-django-doc - 2:2.2.12-1ubuntu0.12 No subscription required Medium CVE-2022-34265 Ubuntu 20.04 LTS Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5502-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.16 libssl-dev - 1.1.1f-1ubuntu2.16 openssl - 1.1.1f-1ubuntu2.16 libssl-doc - 1.1.1f-1ubuntu2.16 No subscription required Medium CVE-2022-2097 Ubuntu 20.04 LTS Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures. Update Instructions: Run `sudo pro fix USN-5503-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dirmngr - 2.2.19-3ubuntu2.2 gpgv-static - 2.2.19-3ubuntu2.2 gpgv-win32 - 2.2.19-3ubuntu2.2 scdaemon - 2.2.19-3ubuntu2.2 gpgsm - 2.2.19-3ubuntu2.2 gpgv - 2.2.19-3ubuntu2.2 gpg - 2.2.19-3ubuntu2.2 gnupg-agent - 2.2.19-3ubuntu2.2 gnupg2 - 2.2.19-3ubuntu2.2 gnupg-l10n - 2.2.19-3ubuntu2.2 gnupg-utils - 2.2.19-3ubuntu2.2 gpgconf - 2.2.19-3ubuntu2.2 gpg-wks-server - 2.2.19-3ubuntu2.2 gpg-agent - 2.2.19-3ubuntu2.2 gnupg - 2.2.19-3ubuntu2.2 gpg-wks-client - 2.2.19-3ubuntu2.2 gpgv2 - 2.2.19-3ubuntu2.2 No subscription required Medium CVE-2022-34903 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions, obtain sensitive information, bypass the HTML sanitizer, or execute arbitrary code. (CVE-2022-2200, CVE-2022-34468, CVE-2022-34470, CVE-2022-34473, CVE-2022-34474, CVE-2022-34475, CVE-2022-34476, CVE-2022-34477, CVE-2022-34479, CVE-2022-34480, CVE-2022-34481, CVE-2022-34484, CVE-2022-34485) It was discovered that Firefox could be made to save an image with an executable extension in the filename when dragging and dropping an image in some circumstances. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to trick the user into executing arbitrary code. (CVE-2022-34482, CVE-2022-34483) It was discovered that a compromised server could trick Firefox into an addon downgrade in some circumstances. An attacker could potentially exploit this to trick the browser into downgrading an addon to a prior version. (CVE-2022-34471) It was discovered that an unavailable PAC file caused OCSP requests to be blocked, resulting in incorrect error pages being displayed. (CVE-2022-34472) Update Instructions: Run `sudo pro fix USN-5504-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 102.0+build2-0ubuntu0.20.04.1 firefox - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 102.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 102.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 102.0+build2-0ubuntu0.20.04.1 firefox-dev - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 102.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 102.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2200 CVE-2022-34468 CVE-2022-34470 CVE-2022-34471 CVE-2022-34472 CVE-2022-34473 CVE-2022-34474 CVE-2022-34475 CVE-2022-34476 CVE-2022-34477 CVE-2022-34479 CVE-2022-34480 CVE-2022-34481 CVE-2022-34482 CVE-2022-34483 CVE-2022-34484 CVE-2022-34485 Ubuntu 20.04 LTS Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-22747) Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-34480) Update Instructions: Run `sudo pro fix USN-5506-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.8 libnss3 - 2:3.49.1-1ubuntu1.8 libnss3-tools - 2:3.49.1-1ubuntu1.8 No subscription required Medium CVE-2022-22747 CVE-2022-34480 Ubuntu 20.04 LTS It was discovered that Python LDAP incorrectly handled certain regular expressions. An remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pyldap - 3.2.0-4ubuntu2.1 python3-ldap - 3.2.0-4ubuntu2.1 No subscription required Medium CVE-2021-46823 Ubuntu 20.04 LTS Julian Brook discovered that Dovecot incorrectly handled multiple passdb configuration entries. In certain configurations, a remote attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-5509-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.6 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.6 dovecot-mysql - 1:2.3.7.2-1ubuntu3.6 dovecot-core - 1:2.3.7.2-1ubuntu3.6 dovecot-sieve - 1:2.3.7.2-1ubuntu3.6 dovecot-ldap - 1:2.3.7.2-1ubuntu3.6 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.6 dovecot-dev - 1:2.3.7.2-1ubuntu3.6 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.6 dovecot-imapd - 1:2.3.7.2-1ubuntu3.6 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.6 dovecot-lucene - 1:2.3.7.2-1ubuntu3.6 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.6 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.6 dovecot-solr - 1:2.3.7.2-1ubuntu3.6 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.6 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.6 No subscription required Medium CVE-2022-30550 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. Update Instructions: Run `sudo pro fix USN-5510-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.3 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.3 xwayland - 2:1.20.13-1ubuntu1~20.04.3 xdmx - 2:1.20.13-1ubuntu1~20.04.3 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.3 xvfb - 2:1.20.13-1ubuntu1~20.04.3 xnest - 2:1.20.13-1ubuntu1~20.04.3 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.3 xserver-common - 2:1.20.13-1ubuntu1~20.04.3 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.3 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.3 No subscription required Medium CVE-2022-2319 CVE-2022-2320 Ubuntu 20.04 LTS Carlo Marcelo Arenas Belón discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator. (CVE-2022-29187) Update Instructions: Run `sudo pro fix USN-5511-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.5 gitweb - 1:2.25.1-1ubuntu3.5 git-all - 1:2.25.1-1ubuntu3.5 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.5 git-el - 1:2.25.1-1ubuntu3.5 gitk - 1:2.25.1-1ubuntu3.5 git-gui - 1:2.25.1-1ubuntu3.5 git-mediawiki - 1:2.25.1-1ubuntu3.5 git-daemon-run - 1:2.25.1-1ubuntu3.5 git-man - 1:2.25.1-1ubuntu3.5 git-doc - 1:2.25.1-1ubuntu3.5 git-svn - 1:2.25.1-1ubuntu3.5 git-cvs - 1:2.25.1-1ubuntu3.5 git-email - 1:2.25.1-1ubuntu3.5 No subscription required Medium CVE-2022-29187 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute arbitrary code. (CVE-2022-2200, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31744, CVE-2022-31747, CVE-2022-34468, CVE-2022-34470, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484) It was discovered that an unavailable PAC file caused OCSP requests to be blocked, resulting in incorrect error pages being displayed. (CVE-2022-34472) It was discovered that the Braille space character could be used to cause Thunderbird to display the wrong sender address for signed messages. An attacker could potentially exploit this to trick the user into believing a message had been sent from somebody they trusted. (CVE-2022-1834) It was discovered that Thunderbird would consider an email with a mismatched OpenPGP signature date as valid. An attacker could potentially exploit this by replaying an older message in order to trick the user into believing that the statements in the message are current. (CVE-2022-2226) Update Instructions: Run `sudo pro fix USN-5512-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:91.11.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:91.11.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:91.11.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:91.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:91.11.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-1834 CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31747 CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484 CVE-2022-2226 Ubuntu 20.04 LTS It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1195) Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1199) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel during device detach operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1204) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205) Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1789) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-33981) Update Instructions: Run `sudo pro fix USN-5514-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1029-ibm - 5.4.0-1029.33 linux-ibm-headers-5.4.0-1029 - 5.4.0-1029.33 linux-tools-5.4.0-1029-ibm - 5.4.0-1029.33 linux-modules-5.4.0-1029-ibm - 5.4.0-1029.33 linux-buildinfo-5.4.0-1029-ibm - 5.4.0-1029.33 linux-image-5.4.0-1029-ibm - 5.4.0-1029.33 linux-ibm-tools-common - 5.4.0-1029.33 linux-ibm-tools-5.4.0-1029 - 5.4.0-1029.33 linux-ibm-source-5.4.0 - 5.4.0-1029.33 linux-ibm-cloud-tools-common - 5.4.0-1029.33 linux-headers-5.4.0-1029-ibm - 5.4.0-1029.33 linux-modules-extra-5.4.0-1029-ibm - 5.4.0-1029.33 No subscription required linux-cloud-tools-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-image-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-modules-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-headers-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-gkeop-tools-5.4.0-1049 - 5.4.0-1049.52 linux-gkeop-cloud-tools-5.4.0-1049 - 5.4.0-1049.52 linux-tools-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-modules-extra-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-gkeop-source-5.4.0 - 5.4.0-1049.52 linux-image-unsigned-5.4.0-1049-gkeop - 5.4.0-1049.52 linux-gkeop-headers-5.4.0-1049 - 5.4.0-1049.52 linux-buildinfo-5.4.0-1049-gkeop - 5.4.0-1049.52 No subscription required linux-raspi-headers-5.4.0-1066 - 5.4.0-1066.76 linux-tools-5.4.0-1066-raspi - 5.4.0-1066.76 linux-raspi-tools-5.4.0-1066 - 5.4.0-1066.76 linux-modules-5.4.0-1066-raspi - 5.4.0-1066.76 linux-buildinfo-5.4.0-1066-raspi - 5.4.0-1066.76 linux-image-5.4.0-1066-raspi - 5.4.0-1066.76 linux-headers-5.4.0-1066-raspi - 5.4.0-1066.76 No subscription required linux-kvm-tools-5.4.0-1071 - 5.4.0-1071.76 linux-tools-5.4.0-1071-kvm - 5.4.0-1071.76 linux-kvm-headers-5.4.0-1071 - 5.4.0-1071.76 linux-buildinfo-5.4.0-1071-kvm - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-kvm - 5.4.0-1071.76 linux-modules-5.4.0-1071-kvm - 5.4.0-1071.76 linux-image-5.4.0-1071-kvm - 5.4.0-1071.76 linux-headers-5.4.0-1071-kvm - 5.4.0-1071.76 No subscription required linux-image-unsigned-5.4.0-1078-gke - 5.4.0-1078.84 linux-modules-5.4.0-1078-gke - 5.4.0-1078.84 linux-gke-headers-5.4.0-1078 - 5.4.0-1078.84 linux-image-5.4.0-1078-gke - 5.4.0-1078.84 linux-headers-5.4.0-1078-gke - 5.4.0-1078.84 linux-tools-5.4.0-1078-gke - 5.4.0-1078.84 linux-modules-extra-5.4.0-1078-gke - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-gke - 5.4.0-1078.84 linux-gke-tools-5.4.0-1078 - 5.4.0-1078.84 No subscription required linux-oracle-tools-5.4.0-1079 - 5.4.0-1079.87 linux-oracle-headers-5.4.0-1079 - 5.4.0-1079.87 linux-modules-extra-5.4.0-1079-oracle - 5.4.0-1079.87 linux-headers-5.4.0-1079-oracle - 5.4.0-1079.87 linux-image-unsigned-5.4.0-1079-oracle - 5.4.0-1079.87 linux-tools-5.4.0-1079-oracle - 5.4.0-1079.87 linux-image-5.4.0-1079-oracle - 5.4.0-1079.87 linux-modules-5.4.0-1079-oracle - 5.4.0-1079.87 linux-buildinfo-5.4.0-1079-oracle - 5.4.0-1079.87 No subscription required linux-aws-cloud-tools-5.4.0-1081 - 5.4.0-1081.88 linux-buildinfo-5.4.0-1081-aws - 5.4.0-1081.88 linux-modules-5.4.0-1081-aws - 5.4.0-1081.88 linux-modules-extra-5.4.0-1081-aws - 5.4.0-1081.88 linux-aws-tools-5.4.0-1081 - 5.4.0-1081.88 linux-tools-5.4.0-1081-aws - 5.4.0-1081.88 linux-aws-headers-5.4.0-1081 - 5.4.0-1081.88 linux-image-5.4.0-1081-aws - 5.4.0-1081.88 linux-headers-5.4.0-1081-aws - 5.4.0-1081.88 linux-image-unsigned-5.4.0-1081-aws - 5.4.0-1081.88 linux-cloud-tools-5.4.0-1081-aws - 5.4.0-1081.88 No subscription required linux-tools-5.4.0-1084-gcp - 5.4.0-1084.92 linux-modules-5.4.0-1084-gcp - 5.4.0-1084.92 linux-image-5.4.0-1084-gcp - 5.4.0-1084.92 linux-gcp-headers-5.4.0-1084 - 5.4.0-1084.92 linux-headers-5.4.0-1084-gcp - 5.4.0-1084.92 linux-image-unsigned-5.4.0-1084-gcp - 5.4.0-1084.92 linux-gcp-tools-5.4.0-1084 - 5.4.0-1084.92 linux-modules-extra-5.4.0-1084-gcp - 5.4.0-1084.92 linux-buildinfo-5.4.0-1084-gcp - 5.4.0-1084.92 No subscription required linux-modules-5.4.0-1086-azure - 5.4.0-1086.91 linux-modules-extra-5.4.0-1086-azure - 5.4.0-1086.91 linux-image-unsigned-5.4.0-1086-azure - 5.4.0-1086.91 linux-image-5.4.0-1086-azure - 5.4.0-1086.91 linux-azure-tools-5.4.0-1086 - 5.4.0-1086.91 linux-azure-headers-5.4.0-1086 - 5.4.0-1086.91 linux-tools-5.4.0-1086-azure - 5.4.0-1086.91 linux-buildinfo-5.4.0-1086-azure - 5.4.0-1086.91 linux-cloud-tools-5.4.0-1086-azure - 5.4.0-1086.91 linux-headers-5.4.0-1086-azure - 5.4.0-1086.91 linux-azure-cloud-tools-5.4.0-1086 - 5.4.0-1086.91 No subscription required linux-image-5.4.0-1086-azure-fde - 5.4.0-1086.91+cvm1.1 linux-image-unsigned-5.4.0-1086-azure-fde - 5.4.0-1086.91+cvm1.1 No subscription required linux-tools-common - 5.4.0-122.138 linux-headers-5.4.0-122 - 5.4.0-122.138 linux-image-unsigned-5.4.0-122-lowlatency - 5.4.0-122.138 linux-tools-host - 5.4.0-122.138 linux-doc - 5.4.0-122.138 linux-headers-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-cloud-tools-5.4.0-122 - 5.4.0-122.138 linux-tools-5.4.0-122 - 5.4.0-122.138 linux-source-5.4.0 - 5.4.0-122.138 linux-image-5.4.0-122-generic - 5.4.0-122.138 linux-tools-5.4.0-122-lowlatency - 5.4.0-122.138 linux-headers-5.4.0-122-generic - 5.4.0-122.138 linux-modules-5.4.0-122-generic - 5.4.0-122.138 linux-cloud-tools-5.4.0-122-lowlatency - 5.4.0-122.138 linux-modules-5.4.0-122-lowlatency - 5.4.0-122.138 linux-buildinfo-5.4.0-122-generic - 5.4.0-122.138 linux-modules-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-cloud-tools-5.4.0-122-generic - 5.4.0-122.138 linux-cloud-tools-common - 5.4.0-122.138 linux-modules-extra-5.4.0-122-generic - 5.4.0-122.138 linux-buildinfo-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-image-5.4.0-122-lowlatency - 5.4.0-122.138 linux-buildinfo-5.4.0-122-lowlatency - 5.4.0-122.138 linux-tools-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-image-5.4.0-122-generic-lpae - 5.4.0-122.138 linux-libc-dev - 5.4.0-122.138 linux-tools-5.4.0-122-generic - 5.4.0-122.138 linux-image-unsigned-5.4.0-122-generic - 5.4.0-122.138 linux-headers-5.4.0-122-lowlatency - 5.4.0-122.138 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1029.58 linux-image-ibm - 5.4.0.1029.58 linux-headers-ibm-lts-20.04 - 5.4.0.1029.58 linux-tools-ibm - 5.4.0.1029.58 linux-image-ibm-lts-20.04 - 5.4.0.1029.58 linux-ibm-lts-20.04 - 5.4.0.1029.58 linux-modules-extra-ibm - 5.4.0.1029.58 linux-ibm - 5.4.0.1029.58 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1029.58 linux-headers-ibm - 5.4.0.1029.58 No subscription required linux-headers-gkeop - 5.4.0.1049.50 linux-cloud-tools-gkeop-5.4 - 5.4.0.1049.50 linux-image-gkeop - 5.4.0.1049.50 linux-gkeop-5.4 - 5.4.0.1049.50 linux-image-gkeop-5.4 - 5.4.0.1049.50 linux-tools-gkeop - 5.4.0.1049.50 linux-gkeop - 5.4.0.1049.50 linux-cloud-tools-gkeop - 5.4.0.1049.50 linux-modules-extra-gkeop-5.4 - 5.4.0.1049.50 linux-headers-gkeop-5.4 - 5.4.0.1049.50 linux-modules-extra-gkeop - 5.4.0.1049.50 linux-tools-gkeop-5.4 - 5.4.0.1049.50 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-raspi2 - 5.4.0.1066.99 linux-headers-raspi2 - 5.4.0.1066.99 linux-image-raspi-hwe-18.04 - 5.4.0.1066.99 linux-image-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-tools-raspi - 5.4.0.1066.99 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-headers-raspi-hwe-18.04 - 5.4.0.1066.99 linux-headers-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-headers-raspi - 5.4.0.1066.99 linux-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-raspi-hwe-18.04 - 5.4.0.1066.99 linux-tools-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-raspi2-hwe-18.04 - 5.4.0.1066.99 linux-image-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-image-raspi2 - 5.4.0.1066.99 linux-tools-raspi-hwe-18.04 - 5.4.0.1066.99 linux-raspi-hwe-18.04-edge - 5.4.0.1066.99 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1066.99 linux-image-raspi - 5.4.0.1066.99 linux-tools-raspi2 - 5.4.0.1066.99 linux-raspi - 5.4.0.1066.99 No subscription required linux-kvm - 5.4.0.1071.68 linux-headers-kvm - 5.4.0.1071.68 linux-image-kvm - 5.4.0.1071.68 linux-tools-kvm - 5.4.0.1071.68 No subscription required linux-modules-extra-gke - 5.4.0.1078.86 linux-headers-gke-5.4 - 5.4.0.1078.86 linux-modules-extra-gke-5.4 - 5.4.0.1078.86 linux-gke-5.4 - 5.4.0.1078.86 linux-tools-gke - 5.4.0.1078.86 linux-gke - 5.4.0.1078.86 linux-headers-gke - 5.4.0.1078.86 linux-image-gke - 5.4.0.1078.86 linux-image-gke-5.4 - 5.4.0.1078.86 linux-tools-gke-5.4 - 5.4.0.1078.86 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1079.76 linux-oracle-lts-20.04 - 5.4.0.1079.76 linux-headers-oracle-lts-20.04 - 5.4.0.1079.76 linux-image-oracle-lts-20.04 - 5.4.0.1079.76 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1081.81 linux-image-aws-lts-20.04 - 5.4.0.1081.81 linux-headers-aws-lts-20.04 - 5.4.0.1081.81 linux-tools-aws-lts-20.04 - 5.4.0.1081.81 linux-aws-lts-20.04 - 5.4.0.1081.81 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1084.89 linux-gcp-lts-20.04 - 5.4.0.1084.89 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1084.89 linux-headers-gcp-lts-20.04 - 5.4.0.1084.89 linux-image-gcp-lts-20.04 - 5.4.0.1084.89 No subscription required linux-azure-lts-20.04 - 5.4.0.1086.83 linux-image-azure-lts-20.04 - 5.4.0.1086.83 linux-modules-extra-azure-lts-20.04 - 5.4.0.1086.83 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1086.83 linux-tools-azure-lts-20.04 - 5.4.0.1086.83 linux-headers-azure-lts-20.04 - 5.4.0.1086.83 No subscription required linux-tools-azure-fde - 5.4.0.1086.91+cvm1.27 linux-azure-fde - 5.4.0.1086.91+cvm1.27 linux-image-azure-fde - 5.4.0.1086.91+cvm1.27 linux-modules-extra-azure-fde - 5.4.0.1086.91+cvm1.27 linux-cloud-tools-azure-fde - 5.4.0.1086.91+cvm1.27 linux-headers-azure-fde - 5.4.0.1086.91+cvm1.27 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-image-generic-hwe-18.04 - 5.4.0.122.123 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-headers-generic-lpae - 5.4.0.122.123 linux-headers-generic - 5.4.0.122.123 linux-image-virtual - 5.4.0.122.123 linux-oem-osp1-tools-host - 5.4.0.122.123 linux-image-generic - 5.4.0.122.123 linux-tools-lowlatency - 5.4.0.122.123 linux-image-oem - 5.4.0.122.123 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.122.123 linux-headers-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-image-extra-virtual-hwe-18.04 - 5.4.0.122.123 linux-oem - 5.4.0.122.123 linux-image-oem-osp1 - 5.4.0.122.123 linux-image-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-crashdump - 5.4.0.122.123 linux-tools-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-hwe-18.04 - 5.4.0.122.123 linux-headers-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-source - 5.4.0.122.123 linux-lowlatency - 5.4.0.122.123 linux-tools-generic-lpae - 5.4.0.122.123 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-tools-virtual - 5.4.0.122.123 linux-virtual - 5.4.0.122.123 linux-headers-virtual-hwe-18.04 - 5.4.0.122.123 linux-tools-generic - 5.4.0.122.123 linux-virtual-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-cloud-tools-generic - 5.4.0.122.123 linux-tools-oem - 5.4.0.122.123 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-generic-lpae - 5.4.0.122.123 linux-headers-oem - 5.4.0.122.123 linux-generic - 5.4.0.122.123 linux-tools-oem-osp1 - 5.4.0.122.123 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-image-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-image-virtual-hwe-18.04 - 5.4.0.122.123 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-oem-tools-host - 5.4.0.122.123 linux-headers-lowlatency - 5.4.0.122.123 linux-generic-hwe-18.04-edge - 5.4.0.122.123 linux-tools-generic-hwe-18.04-edge - 5.4.0.122.123 linux-cloud-tools-virtual - 5.4.0.122.123 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.122.123 linux-image-extra-virtual - 5.4.0.122.123 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-cloud-tools-lowlatency - 5.4.0.122.123 linux-headers-oem-osp1 - 5.4.0.122.123 linux-tools-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-tools-generic-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-hwe-18.04-edge - 5.4.0.122.123 linux-generic-lpae-hwe-18.04-edge - 5.4.0.122.123 linux-oem-osp1 - 5.4.0.122.123 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.122.123 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-image-lowlatency-hwe-18.04 - 5.4.0.122.123 linux-virtual-hwe-18.04-edge - 5.4.0.122.123 linux-headers-virtual - 5.4.0.122.123 linux-tools-virtual-hwe-18.04 - 5.4.0.122.123 linux-generic-hwe-18.04 - 5.4.0.122.123 linux-image-generic-lpae - 5.4.0.122.123 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.122.123 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.122.123 linux-image-generic-hwe-18.04-edge - 5.4.0.122.123 linux-image-lowlatency - 5.4.0.122.123 No subscription required Medium CVE-2022-1195 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1789 CVE-2022-33981 Ubuntu 20.04 LTS It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494) Update Instructions: Run `sudo pro fix USN-5517-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.14.0-1045-oem - 5.14.0-1045.51 linux-oem-5.14-tools-5.14.0-1045 - 5.14.0-1045.51 linux-buildinfo-5.14.0-1045-oem - 5.14.0-1045.51 linux-image-unsigned-5.14.0-1045-oem - 5.14.0-1045.51 linux-tools-5.14.0-1045-oem - 5.14.0-1045.51 linux-modules-5.14.0-1045-oem - 5.14.0-1045.51 linux-image-5.14.0-1045-oem - 5.14.0-1045.51 linux-oem-5.14-headers-5.14.0-1045 - 5.14.0-1045.51 linux-headers-5.14.0-1045-oem - 5.14.0-1045.51 linux-oem-5.14-tools-host - 5.14.0-1045.51 No subscription required linux-image-oem-20.04c - 5.14.0.1045.41 linux-image-oem-20.04b - 5.14.0.1045.41 linux-image-oem-20.04d - 5.14.0.1045.41 linux-tools-oem-20.04d - 5.14.0.1045.41 linux-tools-oem-20.04c - 5.14.0.1045.41 linux-tools-oem-20.04b - 5.14.0.1045.41 linux-oem-20.04 - 5.14.0.1045.41 linux-image-oem-20.04 - 5.14.0.1045.41 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1045.41 linux-oem-20.04d - 5.14.0.1045.41 linux-oem-20.04c - 5.14.0.1045.41 linux-oem-20.04b - 5.14.0.1045.41 linux-headers-oem-20.04 - 5.14.0.1045.41 linux-headers-oem-20.04b - 5.14.0.1045.41 linux-headers-oem-20.04c - 5.14.0.1045.41 linux-headers-oem-20.04d - 5.14.0.1045.41 linux-tools-oem-20.04 - 5.14.0.1045.41 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1045.41 No subscription required Medium CVE-2022-1679 CVE-2022-34494 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5519-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python2.7-dev - 2.7.18-1~20.04.3 python2.7-doc - 2.7.18-1~20.04.3 python2.7-examples - 2.7.18-1~20.04.3 libpython2.7-stdlib - 2.7.18-1~20.04.3 libpython2.7-minimal - 2.7.18-1~20.04.3 libpython2.7 - 2.7.18-1~20.04.3 libpython2.7-testsuite - 2.7.18-1~20.04.3 python2.7 - 2.7.18-1~20.04.3 idle-python2.7 - 2.7.18-1~20.04.3 libpython2.7-dev - 2.7.18-1~20.04.3 python2.7-minimal - 2.7.18-1~20.04.3 No subscription required python3.8-full - 3.8.10-0ubuntu1~20.04.5 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.5 python3.8-venv - 3.8.10-0ubuntu1~20.04.5 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.5 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.5 idle-python3.8 - 3.8.10-0ubuntu1~20.04.5 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.5 python3.8 - 3.8.10-0ubuntu1~20.04.5 python3.8-doc - 3.8.10-0ubuntu1~20.04.5 python3.8-minimal - 3.8.10-0ubuntu1~20.04.5 python3.8-examples - 3.8.10-0ubuntu1~20.04.5 python3.8-dev - 3.8.10-0ubuntu1~20.04.5 libpython3.8 - 3.8.10-0ubuntu1~20.04.5 No subscription required Low CVE-2015-20107 Ubuntu 20.04 LTS It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. Update Instructions: Run `sudo pro fix USN-5520-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhttp-daemon-perl - 6.06-1ubuntu0.1 No subscription required Medium CVE-2022-31081 Ubuntu 20.04 LTS Several security issues were discovered in WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5522-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.4-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.4-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.4-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.4-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-22677 CVE-2022-26710 Ubuntu 20.04 LTS USN-5523-1 fixed several vulnerabilities in LibTIFF. This update provides the fixes for CVE-2022-0907, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844 for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that LibTIFF was not properly perf orming checks to guarantee that allocated memory space existed, which could lead to a NULL pointer dereference via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0907, CVE-2022-0908) It was discovered that LibTIFF was not properly performing checks to avoid division calculations where the denominator value was zero, which could lead to an undefined behavior situation via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0909) It was discovered that LibTIFF was not properly performing bounds checks, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2022-0924) It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bounds checking operations, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2020-19144) It was discovered that LibTIFF was not properly performing checks when setting the value for data later used as reference during memory access, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. (CVE-2022-22844) Update Instructions: Run `sudo pro fix USN-5523-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.4 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.4 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.4 No subscription required Medium CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844 Ubuntu 20.04 LTS It was discovered that HarfBuzz incorrectly handled certain glyph sizes. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5524-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-harfbuzz-0.0 - 2.6.4-1ubuntu4.2 libharfbuzz-gobject0 - 2.6.4-1ubuntu4.2 libharfbuzz-dev - 2.6.4-1ubuntu4.2 libharfbuzz-icu0 - 2.6.4-1ubuntu4.2 libharfbuzz0b - 2.6.4-1ubuntu4.2 libharfbuzz-bin - 2.6.4-1ubuntu4.2 libharfbuzz-doc - 2.6.4-1ubuntu4.2 No subscription required Medium CVE-2022-33068 Ubuntu 20.04 LTS It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information. Update Instructions: Run `sudo pro fix USN-5525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml-security-java-doc - 2.0.10-2+deb11u1build0.20.04.1 libxml-security-java - 2.0.10-2+deb11u1build0.20.04.1 No subscription required Medium CVE-2021-40690 Ubuntu 20.04 LTS Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature. Update Instructions: Run `sudo pro fix USN-5526-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-jwt - 1.7.1-2ubuntu2.1 No subscription required Medium CVE-2022-29217 Ubuntu 20.04 LTS It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5528-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freetype2-doc - 2.10.1-2ubuntu0.2 libfreetype6-dev - 2.10.1-2ubuntu0.2 libfreetype-dev - 2.10.1-2ubuntu0.2 freetype2-demos - 2.10.1-2ubuntu0.2 libfreetype6 - 2.10.1-2ubuntu0.2 No subscription required Medium CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 CVE-2022-31782 Ubuntu 20.04 LTS Pietro Borrello discovered that protobuf-c contained an invalid arithmetic shift. This vulnerability allowed attackers to cause a denial of service (system crash) via unspecified vectors (CVE-2022-33070). It was discovered that protobuf-c contained an unsigned integer overflow. This vulnerability allowed attackers to cause a denial of service (system crash) via unspecified vectors. Todd Miller discovered that protobuf-c contained a possible NULL dereference. This could cause a vulnerability that allowed attackers to cause a denial of service (system crash) via unspecified vectors. Update Instructions: Run `sudo pro fix USN-5531-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libprotobuf-c-dev - 1.3.3-1ubuntu0.1 protobuf-c-compiler - 1.3.3-1ubuntu0.1 libprotobuf-c1 - 1.3.3-1ubuntu0.1 No subscription required Medium CVE-2022-33070 Ubuntu 20.04 LTS It was discovered that Bottle incorrectly handled errors during early request binding. An attacker could possibly use this issue to disclose sensitive information. (CVE-2022-31799) Update Instructions: Run `sudo pro fix USN-5532-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-bottle - 0.12.15-2.1ubuntu0.2 python-bottle-doc - 0.12.15-2.1ubuntu0.2 No subscription required Medium CVE-2022-31799 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5536-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 103.0+build1-0ubuntu0.20.04.1 firefox - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 103.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 103.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 103.0+build1-0ubuntu0.20.04.1 firefox-dev - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 103.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 103.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2505 CVE-2022-36315 CVE-2022-36316 CVE-2022-36318 CVE-2022-36319 CVE-2022-36320 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-39.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-30.html https://www.oracle.com/security-alerts/cpujul2022.html Update Instructions: Run `sudo pro fix USN-5537-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.30-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.30-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-router - 8.0.30-0ubuntu0.20.04.2 mysql-server - 8.0.30-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.30-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-testsuite - 8.0.30-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.30-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.30-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-21509 CVE-2022-21515 CVE-2022-21517 CVE-2022-21522 CVE-2022-21525 CVE-2022-21526 CVE-2022-21527 CVE-2022-21528 CVE-2022-21529 CVE-2022-21530 CVE-2022-21531 CVE-2022-21534 CVE-2022-21537 CVE-2022-21538 CVE-2022-21539 CVE-2022-21547 CVE-2022-21553 CVE-2022-21569 Ubuntu 20.04 LTS It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtirpc3 - 1.2.5-1ubuntu0.1 libtirpc-common - 1.2.5-1ubuntu0.1 libtirpc-dev - 1.2.5-1ubuntu0.1 No subscription required Medium CVE-2021-46828 Ubuntu 20.04 LTS It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1195) Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1199) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel during device detach operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1204) Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205) Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1789) It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28388) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-33981) Update Instructions: Run `sudo pro fix USN-5539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-headers-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-bluefield-headers-5.4.0-1042 - 5.4.0-1042.47 linux-tools-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-image-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-buildinfo-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-image-unsigned-5.4.0-1042-bluefield - 5.4.0-1042.47 linux-bluefield-tools-5.4.0-1042 - 5.4.0-1042.47 No subscription required linux-bluefield - 5.4.0.1042.41 linux-tools-bluefield - 5.4.0.1042.41 linux-image-bluefield - 5.4.0.1042.41 linux-headers-bluefield - 5.4.0.1042.41 No subscription required Medium CVE-2022-1195 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1789 CVE-2022-28388 CVE-2022-33981 Ubuntu 20.04 LTS It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3670) Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges. (CVE-2022-2031) Luca Moro discovered that Samba incorrectly handled certain SMB1 communications. A remote attacker could possibly use this issue to obtain sensitive memory contents. (CVE-2022-32742) Joseph Sutton discovered that Samba incorrectly handled certain password change requests. A remote attacker could use this issue to change passwords of other users, resulting in privilege escalation. (CVE-2022-32744) Joseph Sutton discovered that Samba incorrectly handled certain LDAP add or modify requests. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-32745) Joseph Sutton and Andrew Bartlett discovered that Samba incorrectly handled certain LDAP add or modify requests. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-32746) Update Instructions: Run `sudo pro fix USN-5542-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-testsuite - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba - 2:4.13.17~dfsg-0ubuntu1.20.04.1 registry-tools - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libpam-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.1 winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.1 smbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libwbclient0 - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-common-bin - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libsmbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.1 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-common - 2:4.13.17~dfsg-0ubuntu1.20.04.1 ctdb - 2:4.13.17~dfsg-0ubuntu1.20.04.1 samba-libs - 2:4.13.17~dfsg-0ubuntu1.20.04.1 python3-samba - 2:4.13.17~dfsg-0ubuntu1.20.04.1 No subscription required Medium CVE-2021-3670 CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 Ubuntu 20.04 LTS Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.4 libsnmp-dev - 5.8+dfsg-2ubuntu2.4 libsnmp-base - 5.8+dfsg-2ubuntu2.4 snmp - 5.8+dfsg-2ubuntu2.4 libsnmp-perl - 5.8+dfsg-2ubuntu2.4 tkmib - 5.8+dfsg-2ubuntu2.4 snmpd - 5.8+dfsg-2ubuntu2.4 libsnmp35 - 5.8+dfsg-2ubuntu2.4 No subscription required Medium CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809 CVE-2022-24810 Ubuntu 20.04 LTS It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) Update Instructions: Run `sudo pro fix USN-5544-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-hwe-5.15-headers-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-hwe-5.15-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-43.46~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-43.46~20.04.1 linux-cloud-tools-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-modules-extra-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-image-unsigned-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-modules-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-modules-iwlwifi-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-generic-64k - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-modules-iwlwifi-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-43.46~20.04.1 linux-cloud-tools-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-tools-5.15.0-43-lowlatency-64k - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-generic - 5.15.0-43.46~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-43.46~20.04.1 linux-headers-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-43 - 5.15.0-43.46~20.04.1 linux-image-5.15.0-43-lowlatency - 5.15.0-43.46~20.04.1 linux-buildinfo-5.15.0-43-generic-lpae - 5.15.0-43.46~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-43.46~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-image-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-lowlatency-64k-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-tools-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-lowlatency-hwe-20.04 - 5.15.0.43.46~20.04.13 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.13 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-extra-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-headers-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-tools-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-lpae-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-tools-generic-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-headers-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-lpae-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-tools-virtual-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-image-generic-hwe-20.04-edge - 5.15.0.43.46~20.04.14 linux-generic-64k-hwe-20.04 - 5.15.0.43.46~20.04.14 linux-headers-virtual-hwe-20.04 - 5.15.0.43.46~20.04.14 No subscription required High CVE-2022-1652 CVE-2022-1679 CVE-2022-28893 CVE-2022-34918 Ubuntu 20.04 LTS Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Update Instructions: Run `sudo pro fix USN-5545-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1046 - 5.14.0-1046.53 linux-buildinfo-5.14.0-1046-oem - 5.14.0-1046.53 linux-tools-5.14.0-1046-oem - 5.14.0-1046.53 linux-oem-5.14-headers-5.14.0-1046 - 5.14.0-1046.53 linux-image-5.14.0-1046-oem - 5.14.0-1046.53 linux-modules-iwlwifi-5.14.0-1046-oem - 5.14.0-1046.53 linux-headers-5.14.0-1046-oem - 5.14.0-1046.53 linux-image-unsigned-5.14.0-1046-oem - 5.14.0-1046.53 linux-modules-5.14.0-1046-oem - 5.14.0-1046.53 linux-oem-5.14-tools-host - 5.14.0-1046.53 No subscription required linux-image-oem-20.04c - 5.14.0.1046.42 linux-image-oem-20.04b - 5.14.0.1046.42 linux-image-oem-20.04d - 5.14.0.1046.42 linux-headers-oem-20.04 - 5.14.0.1046.42 linux-tools-oem-20.04c - 5.14.0.1046.42 linux-tools-oem-20.04b - 5.14.0.1046.42 linux-oem-20.04 - 5.14.0.1046.42 linux-image-oem-20.04 - 5.14.0.1046.42 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1046.42 linux-oem-20.04d - 5.14.0.1046.42 linux-oem-20.04c - 5.14.0.1046.42 linux-oem-20.04b - 5.14.0.1046.42 linux-tools-oem-20.04d - 5.14.0.1046.42 linux-headers-oem-20.04b - 5.14.0.1046.42 linux-headers-oem-20.04c - 5.14.0.1046.42 linux-headers-oem-20.04d - 5.14.0.1046.42 linux-tools-oem-20.04 - 5.14.0.1046.42 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1046.42 No subscription required High CVE-2022-34918 Ubuntu 20.04 LTS Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. (CVE-2022-21449) It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21426) It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21434) It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21443) It was discovered that OpenJDK incorrectly validated certain paths. An attacker could possibly use this issue to bypass the secure validation feature and expose sensitive information in XML files. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21476) It was discovered that OpenJDK incorrectly parsed certain URI strings. An attacker could possibly use this issue to make applications accept invalid of malformed URI strings. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17. (CVE-2022-21496) It was discovered that OpenJDK incorrectly generated class code in the Hotspot component. An attacker could possibly use this issue to obtain sensitive information. (CVE-2022-21540) It was dicovered that OpenJDK incorrectly restricted access to the invokeBasic() method in the Hotspot component. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2022-21541) It was discovered that OpenJDK incorrectly computed exponentials. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17. (CVE-2022-21549) It was discovered that OpenJDK includes a copy of Xalan that incorrectly handled integer truncation. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-34169) Update Instructions: Run `sudo pro fix USN-5546-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jdk - 11.0.16+8-0ubuntu1~20.04 openjdk-11-source - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.16+8-0ubuntu1~20.04 openjdk-11-demo - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.16+8-0ubuntu1~20.04 openjdk-11-jre - 11.0.16+8-0ubuntu1~20.04 No subscription required openjdk-17-jdk-headless - 17.0.4+8-1~20.04 openjdk-17-jre-headless - 17.0.4+8-1~20.04 openjdk-17-jre - 17.0.4+8-1~20.04 openjdk-17-jdk - 17.0.4+8-1~20.04 openjdk-17-jre-zero - 17.0.4+8-1~20.04 openjdk-17-source - 17.0.4+8-1~20.04 openjdk-17-demo - 17.0.4+8-1~20.04 openjdk-17-doc - 17.0.4+8-1~20.04 No subscription required openjdk-8-doc - 8u342-b07-0ubuntu1~20.04 openjdk-8-jre-headless - 8u342-b07-0ubuntu1~20.04 openjdk-8-jre - 8u342-b07-0ubuntu1~20.04 openjdk-8-demo - 8u342-b07-0ubuntu1~20.04 openjdk-8-jre-zero - 8u342-b07-0ubuntu1~20.04 openjdk-8-jdk - 8u342-b07-0ubuntu1~20.04 openjdk-8-source - 8u342-b07-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u342-b07-0ubuntu1~20.04 No subscription required High CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21449 CVE-2022-21476 CVE-2022-21496 CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-34169 Ubuntu 20.04 LTS Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-31607) Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled certain memory operations, leading to a null-pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2022-31615) Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic Boost D-Bus component did not properly restrict access to its endpoint. When enabled in non-default configurations, a local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-31608) Update Instructions: Run `sudo pro fix USN-5547-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nvidia-compute-utils-390 - 390.154-0ubuntu0.20.04.1 nvidia-kernel-common-390 - 390.154-0ubuntu0.20.04.1 libnvidia-decode-390 - 390.154-0ubuntu0.20.04.1 nvidia-utils-390 - 390.154-0ubuntu0.20.04.1 libnvidia-gl-390 - 390.154-0ubuntu0.20.04.1 libnvidia-compute-390 - 390.154-0ubuntu0.20.04.1 nvidia-384-dev - 390.154-0ubuntu0.20.04.1 nvidia-headless-no-dkms-390 - 390.154-0ubuntu0.20.04.1 libcuda1-384 - 390.154-0ubuntu0.20.04.1 nvidia-384 - 390.154-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-390 - 390.154-0ubuntu0.20.04.1 libnvidia-encode-390 - 390.154-0ubuntu0.20.04.1 nvidia-opencl-icd-384 - 390.154-0ubuntu0.20.04.1 libnvidia-common-390 - 390.154-0ubuntu0.20.04.1 nvidia-dkms-390 - 390.154-0ubuntu0.20.04.1 nvidia-libopencl1-384 - 390.154-0ubuntu0.20.04.1 libnvidia-fbc1-390 - 390.154-0ubuntu0.20.04.1 nvidia-driver-390 - 390.154-0ubuntu0.20.04.1 nvidia-kernel-source-390 - 390.154-0ubuntu0.20.04.1 libnvidia-cfg1-390 - 390.154-0ubuntu0.20.04.1 nvidia-headless-390 - 390.154-0ubuntu0.20.04.1 libnvidia-ifr1-390 - 390.154-0ubuntu0.20.04.1 No subscription required libnvidia-compute-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-ifr1-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-driver-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-decode-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-gl-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-common-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-common-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-extra-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-utils-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-utils-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-cfg1-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-common-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-encode-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-dkms-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-source-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-encode-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-driver-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-compute-utils-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-cfg1-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-fbc1-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-common-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-440-server - 450.203.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-dkms-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-ifr1-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-gl-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-fbc1-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-450-server - 450.203.03-0ubuntu0.20.04.1 nvidia-compute-utils-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-compute-440-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-decode-450-server - 450.203.03-0ubuntu0.20.04.1 libnvidia-extra-440-server - 450.203.03-0ubuntu0.20.04.1 nvidia-kernel-source-440-server - 450.203.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450-server - 450.203.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-gl-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-465 - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-460 - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-compute-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-460-server - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-460 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-dkms-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-extra-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-compute-utils-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-460 - 470.141.03-0ubuntu0.20.04.1 nvidia-utils-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-driver-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-encode-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-fbc1-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-common-470-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-470-server - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-470 - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-465 - 470.141.03-0ubuntu0.20.04.1 libnvidia-common-470 - 470.141.03-0ubuntu0.20.04.1 libnvidia-cfg1-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-decode-470 - 470.141.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460-server - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-460 - 470.141.03-0ubuntu0.20.04.1 libnvidia-ifr1-465 - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-no-dkms-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-kernel-source-460-server - 470.141.03-0ubuntu0.20.04.1 nvidia-headless-470-server - 470.141.03-0ubuntu0.20.04.1 No subscription required libnvidia-common-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-fbc1-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-common-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-utils-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-decode-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-common-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-compute-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-cfg1-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-source-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-encode-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-driver-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-common-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-dkms-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-extra-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-gl-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-fbc1-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-driver-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-510-server - 510.85.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-510-server - 510.85.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-compute-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-source-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-gl-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-utils-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-fbc1-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-cfg1-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-encode-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-compute-utils-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-decode-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-source-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-common-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-decode-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-encode-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-kernel-common-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-no-dkms-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-dkms-510-server - 510.85.02-0ubuntu0.20.04.1 libnvidia-extra-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-compute-utils-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-utils-510-server - 510.85.02-0ubuntu0.20.04.1 nvidia-compute-utils-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-compute-510 - 510.85.02-0ubuntu0.20.04.1 nvidia-dkms-510 - 510.85.02-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-495 - 510.85.02-0ubuntu0.20.04.1 libnvidia-extra-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-gl-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-driver-495 - 510.85.02-0ubuntu0.20.04.1 nvidia-headless-510 - 510.85.02-0ubuntu0.20.04.1 libnvidia-cfg1-495 - 510.85.02-0ubuntu0.20.04.1 No subscription required nvidia-dkms-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-fbc1-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-compute-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-utils-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-common-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-cfg1-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-encode-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-encode-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-decode-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-driver-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-common-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-cfg1-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-utils-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-extra-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-common-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-compute-utils-515-server - 515.65.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-source-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-dkms-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-kernel-source-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-gl-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-compute-utils-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-no-dkms-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-decode-515 - 515.65.01-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-gl-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-compute-515 - 515.65.01-0ubuntu0.20.04.1 libnvidia-fbc1-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-common-515-server - 515.65.01-0ubuntu0.20.04.1 nvidia-driver-515-server - 515.65.01-0ubuntu0.20.04.1 libnvidia-extra-515 - 515.65.01-0ubuntu0.20.04.1 nvidia-headless-515 - 515.65.01-0ubuntu0.20.04.1 No subscription required High CVE-2022-31607 CVE-2022-31608 CVE-2022-31615 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5548-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.4 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.4 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.4 No subscription required Medium CVE-2016-3709 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine. Update Instructions: Run `sudo pro fix USN-5549-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.13 python-django-doc - 2:2.2.12-1ubuntu0.13 No subscription required Medium CVE-2022-36359 Ubuntu 20.04 LTS It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-4209) It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-2509) Update Instructions: Run `sudo pro fix USN-5550-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.7 libgnutls28-dev - 3.6.13-2ubuntu1.7 libgnutls-openssl27 - 3.6.13-2ubuntu1.7 libgnutls30 - 3.6.13-2ubuntu1.7 libgnutls-dane0 - 3.6.13-2ubuntu1.7 gnutls-bin - 3.6.13-2ubuntu1.7 guile-gnutls - 3.6.13-2ubuntu1.7 libgnutlsxx28 - 3.6.13-2ubuntu1.7 No subscription required Medium CVE-2021-4209 CVE-2022-2509 Ubuntu 20.04 LTS It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations. Update Instructions: Run `sudo pro fix USN-5551-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-wsgi - 4.6.8-1ubuntu3.1 libapache2-mod-wsgi-py3 - 4.6.8-1ubuntu3.1 No subscription required Medium CVE-2022-2255 Ubuntu 20.04 LTS It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-5552-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: phpliteadmin-themes - 1.9.8.2-1ubuntu0.20.04.1 phpliteadmin - 1.9.8.2-1ubuntu0.20.04.1 No subscription required Medium CVE-2021-46709 Ubuntu 20.04 LTS Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5554-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.3 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.3 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.3 No subscription required Medium CVE-2021-46829 Ubuntu 20.04 LTS It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-1920, CVE-2022-1921) It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122) Update Instructions: Run `sudo pro fix USN-5555-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.3-0ubuntu1.1 gstreamer1.0-pulseaudio - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-good-doc - 1.16.3-0ubuntu1.1 libgstreamer-plugins-good1.0-dev - 1.16.3-0ubuntu1.1 libgstreamer-plugins-good1.0-0 - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-good - 1.16.3-0ubuntu1.1 gstreamer1.0-qt5 - 1.16.3-0ubuntu1.1 No subscription required Medium CVE-2022-1920 CVE-2022-1921 CVE-2022-1922 CVE-2022-1923 CVE-2022-1924 CVE-2022-1925 CVE-2022-2122 Ubuntu 20.04 LTS It was discovered that Booth incorrectly handled user authentication. An attacker could use this vulnerability to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5556-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: booth - 1.0-174-gce9f821-1ubuntu0.2 booth-pacemaker - 1.0-174-gce9f821-1ubuntu0.2 No subscription required Medium CVE-2022-2553 Ubuntu 20.04 LTS It was discovered that Moment.js incorrectly handled certain input paths. An attacker could possibly use this issue to cause a loss of integrity by changing the correct path to one of their choice. (CVE-2022-24785) It was discovered that Moment.js incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31129) Update Instructions: Run `sudo pro fix USN-5559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-moment - 2.24.0+ds-2ubuntu0.1 libjs-moment - 2.24.0+ds-2ubuntu0.1 No subscription required Medium CVE-2022-24785 CVE-2022-31129 Ubuntu 20.04 LTS It was discovered that GNOME Web incorrectly filtered certain strings. A remote attacker could use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-45085, CVE-2021-45086, CVE-2021-45087) It was discovered that GNOME Web incorrectly handled certain long page titles. A remote attacker could use this issue to cause GNOME Web to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-29536) Update Instructions: Run `sudo pro fix USN-5561-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: epiphany-browser - 3.36.4-0ubuntu2 epiphany-browser-data - 3.36.4-0ubuntu2 No subscription required Medium CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2022-29536 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0494) Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1734) Duoming Zhou discovered a race condition in the NFC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1974) Duoming Zhou discovered that the NFC subsystem in the Linux kernel did not properly prevent context switches from occurring during certain atomic context operations. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2022-1975) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Update Instructions: Run `sudo pro fix USN-5562-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1031-ibm - 5.4.0-1031.35 linux-ibm-headers-5.4.0-1031 - 5.4.0-1031.35 linux-headers-5.4.0-1031-ibm - 5.4.0-1031.35 linux-modules-extra-5.4.0-1031-ibm - 5.4.0-1031.35 linux-image-5.4.0-1031-ibm - 5.4.0-1031.35 linux-ibm-tools-common - 5.4.0-1031.35 linux-ibm-tools-5.4.0-1031 - 5.4.0-1031.35 linux-image-unsigned-5.4.0-1031-ibm - 5.4.0-1031.35 linux-buildinfo-5.4.0-1031-ibm - 5.4.0-1031.35 linux-ibm-source-5.4.0 - 5.4.0-1031.35 linux-ibm-cloud-tools-common - 5.4.0-1031.35 linux-modules-5.4.0-1031-ibm - 5.4.0-1031.35 No subscription required linux-headers-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-bluefield-tools-5.4.0-1044 - 5.4.0-1044.49 linux-bluefield-headers-5.4.0-1044 - 5.4.0-1044.49 linux-modules-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-tools-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-image-unsigned-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-buildinfo-5.4.0-1044-bluefield - 5.4.0-1044.49 linux-image-5.4.0-1044-bluefield - 5.4.0-1044.49 No subscription required linux-gkeop-cloud-tools-5.4.0-1051 - 5.4.0-1051.54 linux-image-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-gkeop-source-5.4.0 - 5.4.0-1051.54 linux-cloud-tools-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-buildinfo-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-headers-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-modules-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-modules-extra-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-gkeop-tools-5.4.0-1051 - 5.4.0-1051.54 linux-tools-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-image-unsigned-5.4.0-1051-gkeop - 5.4.0-1051.54 linux-gkeop-headers-5.4.0-1051 - 5.4.0-1051.54 No subscription required linux-image-5.4.0-1068-raspi - 5.4.0-1068.78 linux-headers-5.4.0-1068-raspi - 5.4.0-1068.78 linux-tools-5.4.0-1068-raspi - 5.4.0-1068.78 linux-raspi-tools-5.4.0-1068 - 5.4.0-1068.78 linux-buildinfo-5.4.0-1068-raspi - 5.4.0-1068.78 linux-modules-5.4.0-1068-raspi - 5.4.0-1068.78 linux-raspi-headers-5.4.0-1068 - 5.4.0-1068.78 No subscription required linux-kvm-tools-5.4.0-1073 - 5.4.0-1073.78 linux-kvm-headers-5.4.0-1073 - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-kvm - 5.4.0-1073.78 linux-headers-5.4.0-1073-kvm - 5.4.0-1073.78 linux-image-5.4.0-1073-kvm - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-kvm - 5.4.0-1073.78 linux-tools-5.4.0-1073-kvm - 5.4.0-1073.78 linux-modules-5.4.0-1073-kvm - 5.4.0-1073.78 No subscription required linux-tools-5.4.0-1080-gke - 5.4.0-1080.86 linux-headers-5.4.0-1080-gke - 5.4.0-1080.86 linux-gke-tools-5.4.0-1080 - 5.4.0-1080.86 linux-image-5.4.0-1080-gke - 5.4.0-1080.86 linux-gke-headers-5.4.0-1080 - 5.4.0-1080.86 linux-buildinfo-5.4.0-1080-gke - 5.4.0-1080.86 linux-modules-extra-5.4.0-1080-gke - 5.4.0-1080.86 linux-image-unsigned-5.4.0-1080-gke - 5.4.0-1080.86 linux-modules-5.4.0-1080-gke - 5.4.0-1080.86 No subscription required linux-oracle-headers-5.4.0-1081 - 5.4.0-1081.89 linux-buildinfo-5.4.0-1081-oracle - 5.4.0-1081.89 linux-tools-5.4.0-1081-oracle - 5.4.0-1081.89 linux-image-5.4.0-1081-oracle - 5.4.0-1081.89 linux-headers-5.4.0-1081-oracle - 5.4.0-1081.89 linux-image-unsigned-5.4.0-1081-oracle - 5.4.0-1081.89 linux-oracle-tools-5.4.0-1081 - 5.4.0-1081.89 linux-modules-5.4.0-1081-oracle - 5.4.0-1081.89 linux-modules-extra-5.4.0-1081-oracle - 5.4.0-1081.89 No subscription required linux-aws-cloud-tools-5.4.0-1083 - 5.4.0-1083.90 linux-modules-5.4.0-1083-aws - 5.4.0-1083.90 linux-tools-5.4.0-1083-aws - 5.4.0-1083.90 linux-buildinfo-5.4.0-1083-aws - 5.4.0-1083.90 linux-aws-tools-5.4.0-1083 - 5.4.0-1083.90 linux-aws-headers-5.4.0-1083 - 5.4.0-1083.90 linux-cloud-tools-5.4.0-1083-aws - 5.4.0-1083.90 linux-image-5.4.0-1083-aws - 5.4.0-1083.90 linux-headers-5.4.0-1083-aws - 5.4.0-1083.90 linux-image-unsigned-5.4.0-1083-aws - 5.4.0-1083.90 linux-modules-extra-5.4.0-1083-aws - 5.4.0-1083.90 No subscription required linux-headers-5.4.0-1086-gcp - 5.4.0-1086.94 linux-image-5.4.0-1086-gcp - 5.4.0-1086.94 linux-gcp-tools-5.4.0-1086 - 5.4.0-1086.94 linux-modules-extra-5.4.0-1086-gcp - 5.4.0-1086.94 linux-image-unsigned-5.4.0-1086-gcp - 5.4.0-1086.94 linux-tools-5.4.0-1086-gcp - 5.4.0-1086.94 linux-modules-5.4.0-1086-gcp - 5.4.0-1086.94 linux-gcp-headers-5.4.0-1086 - 5.4.0-1086.94 linux-buildinfo-5.4.0-1086-gcp - 5.4.0-1086.94 No subscription required linux-buildinfo-5.4.0-1089-azure - 5.4.0-1089.94 linux-image-unsigned-5.4.0-1089-azure - 5.4.0-1089.94 linux-azure-cloud-tools-5.4.0-1089 - 5.4.0-1089.94 linux-cloud-tools-5.4.0-1089-azure - 5.4.0-1089.94 linux-modules-extra-5.4.0-1089-azure - 5.4.0-1089.94 linux-modules-5.4.0-1089-azure - 5.4.0-1089.94 linux-azure-headers-5.4.0-1089 - 5.4.0-1089.94 linux-headers-5.4.0-1089-azure - 5.4.0-1089.94 linux-azure-tools-5.4.0-1089 - 5.4.0-1089.94 linux-image-5.4.0-1089-azure - 5.4.0-1089.94 linux-tools-5.4.0-1089-azure - 5.4.0-1089.94 No subscription required linux-tools-common - 5.4.0-124.140 linux-headers-5.4.0-124 - 5.4.0-124.140 linux-tools-host - 5.4.0-124.140 linux-image-unsigned-5.4.0-124-generic - 5.4.0-124.140 linux-doc - 5.4.0-124.140 linux-buildinfo-5.4.0-124-generic - 5.4.0-124.140 linux-tools-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-cloud-tools-5.4.0-124 - 5.4.0-124.140 linux-image-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-libc-dev - 5.4.0-124.140 linux-source-5.4.0 - 5.4.0-124.140 linux-tools-5.4.0-124-generic - 5.4.0-124.140 linux-buildinfo-5.4.0-124-lowlatency - 5.4.0-124.140 linux-tools-5.4.0-124 - 5.4.0-124.140 linux-headers-5.4.0-124-lowlatency - 5.4.0-124.140 linux-cloud-tools-5.4.0-124-lowlatency - 5.4.0-124.140 linux-cloud-tools-5.4.0-124-generic - 5.4.0-124.140 linux-headers-5.4.0-124-generic - 5.4.0-124.140 linux-modules-5.4.0-124-lowlatency - 5.4.0-124.140 linux-headers-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-buildinfo-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-cloud-tools-common - 5.4.0-124.140 linux-image-5.4.0-124-generic - 5.4.0-124.140 linux-image-5.4.0-124-lowlatency - 5.4.0-124.140 linux-tools-5.4.0-124-lowlatency - 5.4.0-124.140 linux-modules-5.4.0-124-generic-lpae - 5.4.0-124.140 linux-modules-extra-5.4.0-124-generic - 5.4.0-124.140 linux-modules-5.4.0-124-generic - 5.4.0-124.140 linux-image-unsigned-5.4.0-124-lowlatency - 5.4.0-124.140 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1031.60 linux-modules-extra-ibm - 5.4.0.1031.60 linux-headers-ibm-lts-20.04 - 5.4.0.1031.60 linux-tools-ibm - 5.4.0.1031.60 linux-image-ibm-lts-20.04 - 5.4.0.1031.60 linux-ibm-lts-20.04 - 5.4.0.1031.60 linux-image-ibm - 5.4.0.1031.60 linux-ibm - 5.4.0.1031.60 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1031.60 linux-headers-ibm - 5.4.0.1031.60 No subscription required linux-image-bluefield - 5.4.0.1044.43 linux-headers-bluefield - 5.4.0.1044.43 linux-tools-bluefield - 5.4.0.1044.43 linux-bluefield - 5.4.0.1044.43 No subscription required linux-headers-gkeop - 5.4.0.1051.52 linux-cloud-tools-gkeop-5.4 - 5.4.0.1051.52 linux-image-gkeop - 5.4.0.1051.52 linux-gkeop-5.4 - 5.4.0.1051.52 linux-headers-gkeop-5.4 - 5.4.0.1051.52 linux-image-gkeop-5.4 - 5.4.0.1051.52 linux-gkeop - 5.4.0.1051.52 linux-cloud-tools-gkeop - 5.4.0.1051.52 linux-modules-extra-gkeop-5.4 - 5.4.0.1051.52 linux-modules-extra-gkeop - 5.4.0.1051.52 linux-tools-gkeop - 5.4.0.1051.52 linux-tools-gkeop-5.4 - 5.4.0.1051.52 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-raspi2 - 5.4.0.1068.101 linux-image-raspi - 5.4.0.1068.101 linux-image-raspi-hwe-18.04 - 5.4.0.1068.101 linux-image-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi - 5.4.0.1068.101 linux-headers-raspi2 - 5.4.0.1068.101 linux-headers-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi - 5.4.0.1068.101 linux-raspi-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-raspi2-hwe-18.04 - 5.4.0.1068.101 linux-image-raspi-hwe-18.04-edge - 5.4.0.1068.101 linux-image-raspi2 - 5.4.0.1068.101 linux-tools-raspi-hwe-18.04 - 5.4.0.1068.101 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-headers-raspi-hwe-18.04 - 5.4.0.1068.101 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1068.101 linux-tools-raspi2 - 5.4.0.1068.101 linux-raspi - 5.4.0.1068.101 No subscription required linux-kvm - 5.4.0.1073.70 linux-headers-kvm - 5.4.0.1073.70 linux-tools-kvm - 5.4.0.1073.70 linux-image-kvm - 5.4.0.1073.70 No subscription required linux-modules-extra-gke - 5.4.0.1080.88 linux-headers-gke-5.4 - 5.4.0.1080.88 linux-tools-gke-5.4 - 5.4.0.1080.88 linux-modules-extra-gke-5.4 - 5.4.0.1080.88 linux-gke-5.4 - 5.4.0.1080.88 linux-image-gke-5.4 - 5.4.0.1080.88 linux-tools-gke - 5.4.0.1080.88 linux-gke - 5.4.0.1080.88 linux-headers-gke - 5.4.0.1080.88 linux-image-gke - 5.4.0.1080.88 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1081.78 linux-headers-oracle-lts-20.04 - 5.4.0.1081.78 linux-oracle-lts-20.04 - 5.4.0.1081.78 linux-image-oracle-lts-20.04 - 5.4.0.1081.78 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1083.83 linux-image-aws-lts-20.04 - 5.4.0.1083.83 linux-headers-aws-lts-20.04 - 5.4.0.1083.83 linux-tools-aws-lts-20.04 - 5.4.0.1083.83 linux-aws-lts-20.04 - 5.4.0.1083.83 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1086.91 linux-gcp-lts-20.04 - 5.4.0.1086.91 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1086.91 linux-headers-gcp-lts-20.04 - 5.4.0.1086.91 linux-image-gcp-lts-20.04 - 5.4.0.1086.91 No subscription required linux-azure-lts-20.04 - 5.4.0.1089.86 linux-image-azure-lts-20.04 - 5.4.0.1089.86 linux-modules-extra-azure-lts-20.04 - 5.4.0.1089.86 linux-tools-azure-lts-20.04 - 5.4.0.1089.86 linux-headers-azure-lts-20.04 - 5.4.0.1089.86 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1089.86 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-cloud-tools-virtual - 5.4.0.124.125 linux-headers-virtual-hwe-18.04 - 5.4.0.124.125 linux-image-generic-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-headers-generic-lpae - 5.4.0.124.125 linux-image-virtual - 5.4.0.124.125 linux-image-generic - 5.4.0.124.125 linux-tools-lowlatency - 5.4.0.124.125 linux-image-oem - 5.4.0.124.125 linux-headers-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-image-extra-virtual-hwe-18.04 - 5.4.0.124.125 linux-image-oem-osp1 - 5.4.0.124.125 linux-image-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-crashdump - 5.4.0.124.125 linux-tools-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-headers-generic-hwe-18.04 - 5.4.0.124.125 linux-source - 5.4.0.124.125 linux-lowlatency - 5.4.0.124.125 linux-tools-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-tools-generic-lpae - 5.4.0.124.125 linux-cloud-tools-generic - 5.4.0.124.125 linux-virtual - 5.4.0.124.125 linux-headers-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-virtual-hwe-18.04 - 5.4.0.124.125 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-tools-virtual - 5.4.0.124.125 linux-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-generic-lpae - 5.4.0.124.125 linux-headers-oem - 5.4.0.124.125 linux-tools-oem-osp1 - 5.4.0.124.125 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-tools-generic-hwe-18.04-edge - 5.4.0.124.125 linux-oem - 5.4.0.124.125 linux-image-virtual-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-lowlatency - 5.4.0.124.125 linux-headers-lowlatency - 5.4.0.124.125 linux-generic-hwe-18.04-edge - 5.4.0.124.125 linux-generic - 5.4.0.124.125 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.124.125 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-oem-osp1 - 5.4.0.124.125 linux-image-extra-virtual - 5.4.0.124.125 linux-oem-tools-host - 5.4.0.124.125 linux-tools-generic - 5.4.0.124.125 linux-oem-osp1-tools-host - 5.4.0.124.125 linux-tools-oem - 5.4.0.124.125 linux-headers-oem-osp1 - 5.4.0.124.125 linux-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-headers-generic-hwe-18.04-edge - 5.4.0.124.125 linux-headers-generic - 5.4.0.124.125 linux-tools-generic-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.124.125 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-image-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.124.125 linux-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-headers-virtual - 5.4.0.124.125 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-tools-virtual-hwe-18.04 - 5.4.0.124.125 linux-lowlatency-hwe-18.04 - 5.4.0.124.125 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.124.125 linux-generic-hwe-18.04 - 5.4.0.124.125 linux-image-generic-lpae - 5.4.0.124.125 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.124.125 linux-image-virtual-hwe-18.04-edge - 5.4.0.124.125 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.124.125 linux-image-generic-hwe-18.04-edge - 5.4.0.124.125 linux-image-lowlatency - 5.4.0.124.125 No subscription required High CVE-2022-0494 CVE-2022-1048 CVE-2022-1652 CVE-2022-1679 CVE-2022-1734 CVE-2022-1974 CVE-2022-1975 CVE-2022-2586 CVE-2022-2588 CVE-2022-28893 CVE-2022-34918 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585) Johannes Wikner and Kaveh Razavi discovered that for some AMD x86-64 processors, the branch predictor could by mis-trained for return instructions in certain circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29900) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Update Instructions: Run `sudo pro fix USN-5565-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-hwe-5.15-headers-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-hwe-5.15-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-46.49~20.04.1 linux-modules-extra-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-headers-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-cloud-tools-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-cloud-tools-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-image-unsigned-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-modules-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-generic-64k - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-lowlatency-64k - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-46.49~20.04.1 linux-tools-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-modules-iwlwifi-5.15.0-46-generic - 5.15.0-46.49~20.04.1 linux-image-5.15.0-46-generic-lpae - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-46.49~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-46 - 5.15.0-46.49~20.04.1 linux-modules-iwlwifi-5.15.0-46-lowlatency - 5.15.0-46.49~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-46.49~20.04.1 linux-buildinfo-5.15.0-46-generic - 5.15.0-46.49~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-image-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-lowlatency-64k-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-tools-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-lowlatency-hwe-20.04 - 5.15.0.46.49~20.04.15 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.15 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-extra-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-tools-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-lpae-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-tools-generic-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-headers-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-lpae-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-tools-virtual-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-image-generic-hwe-20.04-edge - 5.15.0.46.49~20.04.16 linux-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-image-generic-64k-hwe-20.04 - 5.15.0.46.49~20.04.16 linux-headers-virtual-hwe-20.04 - 5.15.0.46.49~20.04.16 No subscription required High CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-29900 CVE-2022-29901 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Johannes Wikner and Kaveh Razavi discovered that for some AMD x86-64 processors, the branch predictor could by mis-trained for return instructions in certain circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29900) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Update Instructions: Run `sudo pro fix USN-5566-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-tools-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-image-unsigned-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-gke-5.15-headers-5.15.0-1014 - 5.15.0-1014.17~20.04.1 linux-headers-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-modules-extra-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-buildinfo-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-modules-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 linux-gke-5.15-tools-5.15.0-1014 - 5.15.0-1014.17~20.04.1 linux-image-5.15.0-1014-gke - 5.15.0-1014.17~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1016 - 5.15.0-1016.21~20.04.1 linux-headers-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-modules-iwlwifi-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-image-unsigned-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-modules-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-image-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-gcp-5.15-tools-5.15.0-1016 - 5.15.0-1016.21~20.04.1 linux-tools-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-buildinfo-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 linux-modules-extra-5.15.0-1016-gcp - 5.15.0-1016.21~20.04.1 No subscription required linux-headers-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-cloud-tools-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-buildinfo-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-tools-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-image-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-image-unsigned-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1017 - 5.15.0-1017.20~20.04.1 linux-azure-5.15-headers-5.15.0-1017 - 5.15.0-1017.20~20.04.1 linux-modules-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-modules-extra-5.15.0-1017-azure - 5.15.0-1017.20~20.04.1 linux-azure-5.15-tools-5.15.0-1017 - 5.15.0-1017.20~20.04.1 No subscription required linux-image-unsigned-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-tools-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-headers-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-buildinfo-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-modules-extra-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-modules-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-aws-5.15-headers-5.15.0-1017 - 5.15.0-1017.21~20.04.1 linux-cloud-tools-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-aws-5.15-tools-5.15.0-1017 - 5.15.0-1017.21~20.04.1 linux-image-5.15.0-1017-aws - 5.15.0-1017.21~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1017 - 5.15.0-1017.21~20.04.1 No subscription required linux-tools-gke-edge - 5.15.0.1014.17~20.04.1 linux-gke-edge - 5.15.0.1014.17~20.04.1 linux-headers-gke-5.15 - 5.15.0.1014.17~20.04.1 linux-tools-gke-5.15 - 5.15.0.1014.17~20.04.1 linux-image-gke-edge - 5.15.0.1014.17~20.04.1 linux-headers-gke-edge - 5.15.0.1014.17~20.04.1 linux-gke-5.15 - 5.15.0.1014.17~20.04.1 linux-image-gke-5.15 - 5.15.0.1014.17~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1016.21~20.04.1 linux-tools-gcp - 5.15.0.1016.21~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1016.21~20.04.1 linux-headers-gcp-edge - 5.15.0.1016.21~20.04.1 linux-gcp - 5.15.0.1016.21~20.04.1 linux-headers-gcp - 5.15.0.1016.21~20.04.1 linux-image-gcp-edge - 5.15.0.1016.21~20.04.1 linux-image-gcp - 5.15.0.1016.21~20.04.1 linux-modules-extra-gcp - 5.15.0.1016.21~20.04.1 linux-gcp-edge - 5.15.0.1016.21~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1017.20~20.04.10 linux-azure - 5.15.0.1017.20~20.04.10 linux-image-azure - 5.15.0.1017.20~20.04.10 linux-cloud-tools-azure - 5.15.0.1017.20~20.04.10 linux-tools-azure - 5.15.0.1017.20~20.04.10 linux-headers-azure-edge - 5.15.0.1017.20~20.04.10 linux-image-azure-edge - 5.15.0.1017.20~20.04.10 linux-modules-extra-azure - 5.15.0.1017.20~20.04.10 linux-cloud-tools-azure-edge - 5.15.0.1017.20~20.04.10 linux-azure-edge - 5.15.0.1017.20~20.04.10 linux-modules-extra-azure-edge - 5.15.0.1017.20~20.04.10 linux-headers-azure - 5.15.0.1017.20~20.04.10 No subscription required linux-modules-extra-aws - 5.15.0.1017.21~20.04.9 linux-tools-aws - 5.15.0.1017.21~20.04.9 linux-modules-extra-aws-edge - 5.15.0.1017.21~20.04.9 linux-image-aws-edge - 5.15.0.1017.21~20.04.9 linux-headers-aws-edge - 5.15.0.1017.21~20.04.9 linux-tools-aws-edge - 5.15.0.1017.21~20.04.9 linux-aws-edge - 5.15.0.1017.21~20.04.9 linux-aws - 5.15.0.1017.21~20.04.9 linux-headers-aws - 5.15.0.1017.21~20.04.9 linux-image-aws - 5.15.0.1017.21~20.04.9 No subscription required High CVE-2022-1652 CVE-2022-1679 CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-28893 CVE-2022-29900 CVE-2022-29901 CVE-2022-34918 Ubuntu 20.04 LTS Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585) Update Instructions: Run `sudo pro fix USN-5567-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1048 - 5.14.0-1048.55 linux-headers-5.14.0-1048-oem - 5.14.0-1048.55 linux-buildinfo-5.14.0-1048-oem - 5.14.0-1048.55 linux-modules-5.14.0-1048-oem - 5.14.0-1048.55 linux-oem-5.14-headers-5.14.0-1048 - 5.14.0-1048.55 linux-image-5.14.0-1048-oem - 5.14.0-1048.55 linux-tools-5.14.0-1048-oem - 5.14.0-1048.55 linux-oem-5.14-tools-host - 5.14.0-1048.55 linux-modules-iwlwifi-5.14.0-1048-oem - 5.14.0-1048.55 linux-image-unsigned-5.14.0-1048-oem - 5.14.0-1048.55 No subscription required linux-image-oem-20.04c - 5.14.0.1048.44 linux-image-oem-20.04b - 5.14.0.1048.44 linux-image-oem-20.04d - 5.14.0.1048.44 linux-headers-oem-20.04 - 5.14.0.1048.44 linux-tools-oem-20.04c - 5.14.0.1048.44 linux-tools-oem-20.04b - 5.14.0.1048.44 linux-oem-20.04 - 5.14.0.1048.44 linux-image-oem-20.04 - 5.14.0.1048.44 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1048.44 linux-oem-20.04d - 5.14.0.1048.44 linux-oem-20.04c - 5.14.0.1048.44 linux-oem-20.04b - 5.14.0.1048.44 linux-tools-oem-20.04d - 5.14.0.1048.44 linux-headers-oem-20.04b - 5.14.0.1048.44 linux-headers-oem-20.04c - 5.14.0.1048.44 linux-headers-oem-20.04d - 5.14.0.1048.44 linux-tools-oem-20.04 - 5.14.0.1048.44 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1048.44 No subscription required High CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2294 CVE-2022-32792 CVE-2022-32816 Ubuntu 20.04 LTS Xiang Li discovered that Unbound incorrectly handled delegation caching. A remote attacker could use this issue to keep rogue domain names resolvable long after they have been revoked. Update Instructions: Run `sudo pro fix USN-5569-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.3 python3-unbound - 1.9.4-2ubuntu1.3 libunbound8 - 1.9.4-2ubuntu1.3 python-unbound - 1.9.4-2ubuntu1.3 unbound-anchor - 1.9.4-2ubuntu1.3 unbound-host - 1.9.4-2ubuntu1.3 libunbound-dev - 1.9.4-2ubuntu1.3 No subscription required Medium CVE-2022-30698 CVE-2022-30699 Ubuntu 20.04 LTS USN-5570-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5570-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx32z1-dev - 1:1.2.11.dfsg-2ubuntu1.5 lib64z1 - 1:1.2.11.dfsg-2ubuntu1.5 libx32z1 - 1:1.2.11.dfsg-2ubuntu1.5 lib64z1-dev - 1:1.2.11.dfsg-2ubuntu1.5 lib32z1 - 1:1.2.11.dfsg-2ubuntu1.5 zlib1g - 1:1.2.11.dfsg-2ubuntu1.5 lib32z1-dev - 1:1.2.11.dfsg-2ubuntu1.5 zlib1g-dev - 1:1.2.11.dfsg-2ubuntu1.5 No subscription required Medium CVE-2022-37434 Ubuntu 20.04 LTS Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated. Update Instructions: Run `sudo pro fix USN-5571-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.12-0ubuntu0.20.04.1 libecpg-dev - 12.12-0ubuntu0.20.04.1 libpq-dev - 12.12-0ubuntu0.20.04.1 libecpg6 - 12.12-0ubuntu0.20.04.1 libpq5 - 12.12-0ubuntu0.20.04.1 libpgtypes3 - 12.12-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.12-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.12-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.12-0ubuntu0.20.04.1 postgresql-doc-12 - 12.12-0ubuntu0.20.04.1 postgresql-12 - 12.12-0ubuntu0.20.04.1 postgresql-client-12 - 12.12-0ubuntu0.20.04.1 libecpg-compat3 - 12.12-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2625 Ubuntu 20.04 LTS Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5573-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.4 No subscription required Medium CVE-2022-37434 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5574-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.6 eximon4 - 4.93-13ubuntu1.6 exim4 - 4.93-13ubuntu1.6 exim4-daemon-light - 4.93-13ubuntu1.6 exim4-config - 4.93-13ubuntu1.6 exim4-daemon-heavy - 4.93-13ubuntu1.6 exim4-base - 4.93-13ubuntu1.6 No subscription required Medium CVE-2022-37452 Ubuntu 20.04 LTS Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-5815) Alexey Neyman incorrectly handled certain HTML pages. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2021-30560) Update Instructions: Run `sudo pro fix USN-5575-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxslt1-dev - 1.1.34-4ubuntu0.20.04.1 libxslt1.1 - 1.1.34-4ubuntu0.20.04.1 xsltproc - 1.1.34-4ubuntu0.20.04.1 No subscription required Medium CVE-2019-5815 CVE-2021-30560 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Update Instructions: Run `sudo pro fix USN-5577-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-tools-5.14.0-1049 - 5.14.0-1049.56 linux-modules-iwlwifi-5.14.0-1049-oem - 5.14.0-1049.56 linux-image-5.14.0-1049-oem - 5.14.0-1049.56 linux-image-unsigned-5.14.0-1049-oem - 5.14.0-1049.56 linux-headers-5.14.0-1049-oem - 5.14.0-1049.56 linux-oem-5.14-headers-5.14.0-1049 - 5.14.0-1049.56 linux-modules-5.14.0-1049-oem - 5.14.0-1049.56 linux-buildinfo-5.14.0-1049-oem - 5.14.0-1049.56 linux-tools-5.14.0-1049-oem - 5.14.0-1049.56 linux-oem-5.14-tools-host - 5.14.0-1049.56 No subscription required linux-image-oem-20.04c - 5.14.0.1049.45 linux-image-oem-20.04b - 5.14.0.1049.45 linux-image-oem-20.04d - 5.14.0.1049.45 linux-headers-oem-20.04 - 5.14.0.1049.45 linux-tools-oem-20.04c - 5.14.0.1049.45 linux-tools-oem-20.04b - 5.14.0.1049.45 linux-oem-20.04 - 5.14.0.1049.45 linux-image-oem-20.04 - 5.14.0.1049.45 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1049.45 linux-oem-20.04d - 5.14.0.1049.45 linux-oem-20.04c - 5.14.0.1049.45 linux-oem-20.04b - 5.14.0.1049.45 linux-tools-oem-20.04d - 5.14.0.1049.45 linux-headers-oem-20.04b - 5.14.0.1049.45 linux-headers-oem-20.04c - 5.14.0.1049.45 linux-headers-oem-20.04d - 5.14.0.1049.45 linux-tools-oem-20.04 - 5.14.0.1049.45 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1049.45 No subscription required Medium CVE-2021-33061 CVE-2021-33655 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine. Update Instructions: Run `sudo pro fix USN-5578-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.3 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.3 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.3 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.3 No subscription required Medium CVE-2022-31676 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5581-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 104.0+build3-0ubuntu0.20.04.1 firefox - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 104.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 104.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 104.0+build3-0ubuntu0.20.04.1 firefox-dev - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 104.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 104.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-38472 CVE-2022-38473 CVE-2022-38475 CVE-2022-38477 CVE-2022-38478 Ubuntu 20.04 LTS Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the block layer subsystem in the Linux kernel did not properly initialize memory in some situations. A privileged local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-0494) Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1734) Duoming Zhou discovered a race condition in the NFC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1974) Duoming Zhou discovered that the NFC subsystem in the Linux kernel did not properly prevent context switches from occurring during certain atomic context operations. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2022-1975) Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893) Update Instructions: Run `sudo pro fix USN-5582-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1089-azure-fde - 5.4.0-1089.94+cvm1.2 linux-image-5.4.0-1089-azure-fde - 5.4.0-1089.94+cvm1.2 No subscription required linux-azure-fde - 5.4.0.1089.94+cvm1.29 linux-modules-extra-azure-fde - 5.4.0.1089.94+cvm1.29 linux-image-azure-fde - 5.4.0.1089.94+cvm1.29 linux-cloud-tools-azure-fde - 5.4.0.1089.94+cvm1.29 linux-tools-azure-fde - 5.4.0.1089.94+cvm1.29 linux-headers-azure-fde - 5.4.0.1089.94+cvm1.29 No subscription required High CVE-2022-0494 CVE-2022-1048 CVE-2022-1652 CVE-2022-1679 CVE-2022-1734 CVE-2022-1974 CVE-2022-1975 CVE-2022-2586 CVE-2022-2588 CVE-2022-28893 CVE-2022-34918 Ubuntu 20.04 LTS It was discovered that Schroot incorrectly handled certain Schroot names. An attacker could possibly use this issue to break schroot's internal state causing a denial of service. Update Instructions: Run `sudo pro fix USN-5584-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: schroot - 1.6.10-9ubuntu0.1 schroot-common - 1.6.10-9ubuntu0.1 No subscription required Medium CVE-2022-2787 Ubuntu 20.04 LTS It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting (XSS) attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-19351) It was discovered that Jupyter Notebook incorrectly handled certain SVG documents. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-21030) It was discovered that Jupyter Notebook incorrectly filtered certain URLs on the login page. An attacker could possibly use this issue to perform open-redirect attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-10255) It was discovered that Jupyter Notebook had an incomplete fix for CVE-2019-10255. An attacker could possibly use this issue to perform open-redirect attack using empty netloc. (CVE-2019-10856) It was discovered that Jupyter Notebook incorrectly handled the inclusion of remote pages on Jupyter server. An attacker could possibly use this issue to perform cross-site script inclusion (XSSI) attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-9644) It was discovered that Jupyter Notebook incorrectly filtered certain URLs to a notebook. An attacker could possibly use this issue to perform open-redirect attack. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-26215) It was discovered that Jupyter Notebook server access logs were not protected. An attacker having access to the notebook server could possibly use this issue to get access to steal sensitive information such as auth/cookies. (CVE-2022-24758) It was discovered that Jupyter Notebook incorrectly configured hidden files on the server. An authenticated attacker could possibly use this issue to see unwanted sensitive hidden files from the server which may result in getting full access to the server. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-29238) Update Instructions: Run `sudo pro fix USN-5585-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-notebook - 6.0.3-2ubuntu0.1 python-notebook-doc - 6.0.3-2ubuntu0.1 jupyter-notebook - 6.0.3-2ubuntu0.1 No subscription required Medium CVE-2018-19351 CVE-2018-21030 CVE-2019-10255 CVE-2019-10856 CVE-2019-9644 CVE-2020-26215 CVE-2022-24758 CVE-2022-29238 Ubuntu 20.04 LTS Axel Chong discovered that when curl accepted and sent back cookies containing control bytes that a HTTP(S) server might return a 400 (Bad Request Error) response. A malicious cookie host could possibly use this to cause denial-of-service. Update Instructions: Run `sudo pro fix USN-5587-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.13 libcurl4-openssl-dev - 7.68.0-1ubuntu2.13 libcurl3-gnutls - 7.68.0-1ubuntu2.13 libcurl4-doc - 7.68.0-1ubuntu2.13 libcurl3-nss - 7.68.0-1ubuntu2.13 libcurl4-nss-dev - 7.68.0-1ubuntu2.13 libcurl4 - 7.68.0-1ubuntu2.13 curl - 7.68.0-1ubuntu2.13 No subscription required Low CVE-2022-35252 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656) Update Instructions: Run `sudo pro fix USN-5589-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-headers-5.4.0-1069 - 5.4.0-1069.79 linux-modules-5.4.0-1069-raspi - 5.4.0-1069.79 linux-raspi-tools-5.4.0-1069 - 5.4.0-1069.79 linux-buildinfo-5.4.0-1069-raspi - 5.4.0-1069.79 linux-tools-5.4.0-1069-raspi - 5.4.0-1069.79 linux-image-5.4.0-1069-raspi - 5.4.0-1069.79 linux-headers-5.4.0-1069-raspi - 5.4.0-1069.79 No subscription required linux-modules-extra-5.4.0-125-generic - 5.4.0-125.141 linux-modules-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-tools-host - 5.4.0-125.141 linux-tools-common - 5.4.0-125.141 linux-doc - 5.4.0-125.141 linux-buildinfo-5.4.0-125-lowlatency - 5.4.0-125.141 linux-cloud-tools-5.4.0-125 - 5.4.0-125.141 linux-buildinfo-5.4.0-125-generic - 5.4.0-125.141 linux-tools-5.4.0-125 - 5.4.0-125.141 linux-image-unsigned-5.4.0-125-generic - 5.4.0-125.141 linux-libc-dev - 5.4.0-125.141 linux-source-5.4.0 - 5.4.0-125.141 linux-headers-5.4.0-125-lowlatency - 5.4.0-125.141 linux-modules-5.4.0-125-lowlatency - 5.4.0-125.141 linux-image-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-image-5.4.0-125-generic - 5.4.0-125.141 linux-tools-5.4.0-125-generic - 5.4.0-125.141 linux-image-unsigned-5.4.0-125-lowlatency - 5.4.0-125.141 linux-cloud-tools-5.4.0-125-generic - 5.4.0-125.141 linux-cloud-tools-5.4.0-125-lowlatency - 5.4.0-125.141 linux-headers-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-modules-5.4.0-125-generic - 5.4.0-125.141 linux-buildinfo-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-tools-5.4.0-125-generic-lpae - 5.4.0-125.141 linux-cloud-tools-common - 5.4.0-125.141 linux-headers-5.4.0-125 - 5.4.0-125.141 linux-image-5.4.0-125-lowlatency - 5.4.0-125.141 linux-headers-5.4.0-125-generic - 5.4.0-125.141 linux-tools-5.4.0-125-lowlatency - 5.4.0-125.141 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-raspi2 - 5.4.0.1069.102 linux-headers-raspi2 - 5.4.0.1069.102 linux-image-raspi-hwe-18.04 - 5.4.0.1069.102 linux-image-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-tools-raspi - 5.4.0.1069.102 linux-headers-raspi-hwe-18.04 - 5.4.0.1069.102 linux-headers-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-headers-raspi - 5.4.0.1069.102 linux-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-raspi-hwe-18.04 - 5.4.0.1069.102 linux-tools-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-raspi2-hwe-18.04 - 5.4.0.1069.102 linux-image-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-image-raspi2 - 5.4.0.1069.102 linux-tools-raspi-hwe-18.04 - 5.4.0.1069.102 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-raspi-hwe-18.04-edge - 5.4.0.1069.102 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1069.102 linux-image-raspi - 5.4.0.1069.102 linux-tools-raspi2 - 5.4.0.1069.102 linux-raspi - 5.4.0.1069.102 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-cloud-tools-virtual - 5.4.0.125.126 linux-image-generic-hwe-18.04 - 5.4.0.125.126 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-headers-generic-lpae - 5.4.0.125.126 linux-image-virtual - 5.4.0.125.126 linux-oem-osp1-tools-host - 5.4.0.125.126 linux-image-generic - 5.4.0.125.126 linux-tools-lowlatency - 5.4.0.125.126 linux-image-oem - 5.4.0.125.126 linux-headers-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-image-extra-virtual-hwe-18.04 - 5.4.0.125.126 linux-image-oem-osp1 - 5.4.0.125.126 linux-image-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-crashdump - 5.4.0.125.126 linux-tools-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-hwe-18.04 - 5.4.0.125.126 linux-headers-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-source - 5.4.0.125.126 linux-lowlatency - 5.4.0.125.126 linux-tools-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-lpae - 5.4.0.125.126 linux-cloud-tools-generic - 5.4.0.125.126 linux-virtual - 5.4.0.125.126 linux-headers-virtual-hwe-18.04 - 5.4.0.125.126 linux-virtual-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-tools-virtual - 5.4.0.125.126 linux-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-generic-lpae - 5.4.0.125.126 linux-headers-oem - 5.4.0.125.126 linux-generic - 5.4.0.125.126 linux-tools-oem-osp1 - 5.4.0.125.126 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-hwe-18.04-edge - 5.4.0.125.126 linux-image-virtual-hwe-18.04 - 5.4.0.125.126 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-cloud-tools-lowlatency - 5.4.0.125.126 linux-headers-lowlatency - 5.4.0.125.126 linux-image-generic-hwe-18.04-edge - 5.4.0.125.126 linux-generic-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.125.126 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-oem - 5.4.0.125.126 linux-tools-generic - 5.4.0.125.126 linux-image-extra-virtual - 5.4.0.125.126 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-oem-tools-host - 5.4.0.125.126 linux-tools-oem - 5.4.0.125.126 linux-headers-oem-osp1 - 5.4.0.125.126 linux-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-hwe-18.04-edge - 5.4.0.125.126 linux-headers-generic - 5.4.0.125.126 linux-oem-osp1 - 5.4.0.125.126 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.125.126 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-image-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.125.126 linux-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-headers-virtual - 5.4.0.125.126 linux-tools-virtual-hwe-18.04 - 5.4.0.125.126 linux-lowlatency-hwe-18.04 - 5.4.0.125.126 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.125.126 linux-generic-hwe-18.04 - 5.4.0.125.126 linux-image-generic-lpae - 5.4.0.125.126 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.125.126 linux-image-virtual-hwe-18.04-edge - 5.4.0.125.126 linux-tools-generic-hwe-18.04 - 5.4.0.125.126 linux-image-lowlatency - 5.4.0.125.126 No subscription required Medium CVE-2021-33061 CVE-2021-33656 Ubuntu 20.04 LTS Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). Update Instructions: Run `sudo pro fix USN-5590-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-headers-5.14.0-1050 - 5.14.0-1050.57 linux-modules-iwlwifi-5.14.0-1050-oem - 5.14.0-1050.57 linux-modules-5.14.0-1050-oem - 5.14.0-1050.57 linux-headers-5.14.0-1050-oem - 5.14.0-1050.57 linux-image-unsigned-5.14.0-1050-oem - 5.14.0-1050.57 linux-oem-5.14-tools-5.14.0-1050 - 5.14.0-1050.57 linux-tools-5.14.0-1050-oem - 5.14.0-1050.57 linux-oem-5.14-tools-host - 5.14.0-1050.57 linux-image-5.14.0-1050-oem - 5.14.0-1050.57 linux-buildinfo-5.14.0-1050-oem - 5.14.0-1050.57 No subscription required linux-image-oem-20.04c - 5.14.0.1050.46 linux-image-oem-20.04b - 5.14.0.1050.46 linux-image-oem-20.04d - 5.14.0.1050.46 linux-headers-oem-20.04 - 5.14.0.1050.46 linux-tools-oem-20.04c - 5.14.0.1050.46 linux-tools-oem-20.04b - 5.14.0.1050.46 linux-oem-20.04 - 5.14.0.1050.46 linux-image-oem-20.04 - 5.14.0.1050.46 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1050.46 linux-oem-20.04d - 5.14.0.1050.46 linux-oem-20.04c - 5.14.0.1050.46 linux-oem-20.04b - 5.14.0.1050.46 linux-tools-oem-20.04d - 5.14.0.1050.46 linux-headers-oem-20.04b - 5.14.0.1050.46 linux-headers-oem-20.04c - 5.14.0.1050.46 linux-headers-oem-20.04d - 5.14.0.1050.46 linux-tools-oem-20.04 - 5.14.0.1050.46 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1050.46 No subscription required Medium CVE-2022-36946 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656) Update Instructions: Run `sudo pro fix USN-5592-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-headers-5.4.0-1032 - 5.4.0-1032.36 linux-tools-5.4.0-1032-ibm - 5.4.0-1032.36 linux-headers-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-tools-common - 5.4.0-1032.36 linux-ibm-cloud-tools-common - 5.4.0-1032.36 linux-modules-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-tools-5.4.0-1032 - 5.4.0-1032.36 linux-buildinfo-5.4.0-1032-ibm - 5.4.0-1032.36 linux-ibm-source-5.4.0 - 5.4.0-1032.36 linux-modules-extra-5.4.0-1032-ibm - 5.4.0-1032.36 linux-image-unsigned-5.4.0-1032-ibm - 5.4.0-1032.36 No subscription required linux-image-unsigned-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-bluefield-tools-5.4.0-1045 - 5.4.0-1045.50 linux-headers-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-bluefield-headers-5.4.0-1045 - 5.4.0-1045.50 linux-modules-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-image-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-tools-5.4.0-1045-bluefield - 5.4.0-1045.50 linux-buildinfo-5.4.0-1045-bluefield - 5.4.0-1045.50 No subscription required linux-headers-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-gkeop-cloud-tools-5.4.0-1052 - 5.4.0-1052.55 linux-gkeop-tools-5.4.0-1052 - 5.4.0-1052.55 linux-modules-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-gkeop-source-5.4.0 - 5.4.0-1052.55 linux-tools-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-buildinfo-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-cloud-tools-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-image-unsigned-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-modules-extra-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-image-5.4.0-1052-gkeop - 5.4.0-1052.55 linux-gkeop-headers-5.4.0-1052 - 5.4.0-1052.55 No subscription required linux-kvm-tools-5.4.0-1074 - 5.4.0-1074.79 linux-kvm-headers-5.4.0-1074 - 5.4.0-1074.79 linux-buildinfo-5.4.0-1074-kvm - 5.4.0-1074.79 linux-tools-5.4.0-1074-kvm - 5.4.0-1074.79 linux-image-unsigned-5.4.0-1074-kvm - 5.4.0-1074.79 linux-headers-5.4.0-1074-kvm - 5.4.0-1074.79 linux-image-5.4.0-1074-kvm - 5.4.0-1074.79 linux-modules-5.4.0-1074-kvm - 5.4.0-1074.79 No subscription required linux-image-5.4.0-1081-gke - 5.4.0-1081.87 linux-headers-5.4.0-1081-gke - 5.4.0-1081.87 linux-buildinfo-5.4.0-1081-gke - 5.4.0-1081.87 linux-image-unsigned-5.4.0-1081-gke - 5.4.0-1081.87 linux-gke-headers-5.4.0-1081 - 5.4.0-1081.87 linux-tools-5.4.0-1081-gke - 5.4.0-1081.87 linux-modules-5.4.0-1081-gke - 5.4.0-1081.87 linux-modules-extra-5.4.0-1081-gke - 5.4.0-1081.87 linux-gke-tools-5.4.0-1081 - 5.4.0-1081.87 No subscription required linux-headers-5.4.0-1082-oracle - 5.4.0-1082.90 linux-tools-5.4.0-1082-oracle - 5.4.0-1082.90 linux-modules-extra-5.4.0-1082-oracle - 5.4.0-1082.90 linux-buildinfo-5.4.0-1082-oracle - 5.4.0-1082.90 linux-image-unsigned-5.4.0-1082-oracle - 5.4.0-1082.90 linux-image-5.4.0-1082-oracle - 5.4.0-1082.90 linux-oracle-headers-5.4.0-1082 - 5.4.0-1082.90 linux-oracle-tools-5.4.0-1082 - 5.4.0-1082.90 linux-modules-5.4.0-1082-oracle - 5.4.0-1082.90 No subscription required linux-aws-cloud-tools-5.4.0-1084 - 5.4.0-1084.91 linux-aws-headers-5.4.0-1084 - 5.4.0-1084.91 linux-buildinfo-5.4.0-1084-aws - 5.4.0-1084.91 linux-tools-5.4.0-1084-aws - 5.4.0-1084.91 linux-cloud-tools-5.4.0-1084-aws - 5.4.0-1084.91 linux-modules-extra-5.4.0-1084-aws - 5.4.0-1084.91 linux-aws-tools-5.4.0-1084 - 5.4.0-1084.91 linux-headers-5.4.0-1084-aws - 5.4.0-1084.91 linux-image-5.4.0-1084-aws - 5.4.0-1084.91 linux-image-unsigned-5.4.0-1084-aws - 5.4.0-1084.91 linux-modules-5.4.0-1084-aws - 5.4.0-1084.91 No subscription required linux-modules-5.4.0-1087-gcp - 5.4.0-1087.95 linux-buildinfo-5.4.0-1087-gcp - 5.4.0-1087.95 linux-tools-5.4.0-1087-gcp - 5.4.0-1087.95 linux-gcp-tools-5.4.0-1087 - 5.4.0-1087.95 linux-gcp-headers-5.4.0-1087 - 5.4.0-1087.95 linux-image-unsigned-5.4.0-1087-gcp - 5.4.0-1087.95 linux-headers-5.4.0-1087-gcp - 5.4.0-1087.95 linux-modules-extra-5.4.0-1087-gcp - 5.4.0-1087.95 linux-image-5.4.0-1087-gcp - 5.4.0-1087.95 No subscription required linux-buildinfo-5.4.0-1090-azure - 5.4.0-1090.95 linux-cloud-tools-5.4.0-1090-azure - 5.4.0-1090.95 linux-image-unsigned-5.4.0-1090-azure - 5.4.0-1090.95 linux-modules-extra-5.4.0-1090-azure - 5.4.0-1090.95 linux-headers-5.4.0-1090-azure - 5.4.0-1090.95 linux-azure-tools-5.4.0-1090 - 5.4.0-1090.95 linux-image-5.4.0-1090-azure - 5.4.0-1090.95 linux-modules-5.4.0-1090-azure - 5.4.0-1090.95 linux-tools-5.4.0-1090-azure - 5.4.0-1090.95 linux-azure-cloud-tools-5.4.0-1090 - 5.4.0-1090.95 linux-azure-headers-5.4.0-1090 - 5.4.0-1090.95 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1032.61 linux-headers-ibm-lts-20.04 - 5.4.0.1032.61 linux-tools-ibm - 5.4.0.1032.61 linux-modules-extra-ibm - 5.4.0.1032.61 linux-image-ibm-lts-20.04 - 5.4.0.1032.61 linux-ibm-lts-20.04 - 5.4.0.1032.61 linux-image-ibm - 5.4.0.1032.61 linux-ibm - 5.4.0.1032.61 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1032.61 linux-headers-ibm - 5.4.0.1032.61 No subscription required linux-image-bluefield - 5.4.0.1045.44 linux-headers-bluefield - 5.4.0.1045.44 linux-tools-bluefield - 5.4.0.1045.44 linux-bluefield - 5.4.0.1045.44 No subscription required linux-headers-gkeop - 5.4.0.1052.53 linux-cloud-tools-gkeop-5.4 - 5.4.0.1052.53 linux-image-gkeop - 5.4.0.1052.53 linux-modules-extra-gkeop-5.4 - 5.4.0.1052.53 linux-image-gkeop-5.4 - 5.4.0.1052.53 linux-gkeop - 5.4.0.1052.53 linux-cloud-tools-gkeop - 5.4.0.1052.53 linux-tools-gkeop-5.4 - 5.4.0.1052.53 linux-headers-gkeop-5.4 - 5.4.0.1052.53 linux-modules-extra-gkeop - 5.4.0.1052.53 linux-tools-gkeop - 5.4.0.1052.53 linux-gkeop-5.4 - 5.4.0.1052.53 No subscription required linux-kvm - 5.4.0.1074.71 linux-headers-kvm - 5.4.0.1074.71 linux-image-kvm - 5.4.0.1074.71 linux-tools-kvm - 5.4.0.1074.71 No subscription required linux-modules-extra-gke - 5.4.0.1081.89 linux-headers-gke-5.4 - 5.4.0.1081.89 linux-tools-gke-5.4 - 5.4.0.1081.89 linux-modules-extra-gke-5.4 - 5.4.0.1081.89 linux-gke-5.4 - 5.4.0.1081.89 linux-tools-gke - 5.4.0.1081.89 linux-gke - 5.4.0.1081.89 linux-image-gke - 5.4.0.1081.89 linux-headers-gke - 5.4.0.1081.89 linux-image-gke-5.4 - 5.4.0.1081.89 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1082.79 linux-headers-oracle-lts-20.04 - 5.4.0.1082.79 linux-oracle-lts-20.04 - 5.4.0.1082.79 linux-image-oracle-lts-20.04 - 5.4.0.1082.79 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1084.84 linux-headers-aws-lts-20.04 - 5.4.0.1084.84 linux-tools-aws-lts-20.04 - 5.4.0.1084.84 linux-modules-extra-aws-lts-20.04 - 5.4.0.1084.84 linux-aws-lts-20.04 - 5.4.0.1084.84 No subscription required linux-gcp-lts-20.04 - 5.4.0.1087.92 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1087.92 linux-headers-gcp-lts-20.04 - 5.4.0.1087.92 linux-image-gcp-lts-20.04 - 5.4.0.1087.92 linux-tools-gcp-lts-20.04 - 5.4.0.1087.92 No subscription required linux-azure-lts-20.04 - 5.4.0.1090.87 linux-image-azure-lts-20.04 - 5.4.0.1090.87 linux-modules-extra-azure-lts-20.04 - 5.4.0.1090.87 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1090.87 linux-tools-azure-lts-20.04 - 5.4.0.1090.87 linux-headers-azure-lts-20.04 - 5.4.0.1090.87 No subscription required Medium CVE-2021-33061 CVE-2021-33656 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle an illegal instruction in a guest, resulting in a null pointer dereference. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1852) It was discovered that the UDF file system implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1943) Gerald Lee discovered that the NTFS file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2022-1973) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Zheyu Ma discovered that the Intel iSMT SMBus host controller driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2873) Selim Enes Karaduman discovered that a race condition existed in the pipe buffers implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly escalate privileges. (CVE-2022-2959) Update Instructions: Run `sudo pro fix USN-5594-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-tools-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-modules-extra-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-image-unsigned-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-gke-5.15-headers-5.15.0-1015 - 5.15.0-1015.18~20.04.1 linux-buildinfo-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-headers-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-modules-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-modules-iwlwifi-5.15.0-1015-gke - 5.15.0-1015.18~20.04.1 linux-gke-5.15-tools-5.15.0-1015 - 5.15.0-1015.18~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1017 - 5.15.0-1017.23~20.04.2 linux-tools-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-modules-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-headers-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-image-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-gcp-5.15-tools-5.15.0-1017 - 5.15.0-1017.23~20.04.2 linux-modules-extra-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-buildinfo-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-image-unsigned-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 linux-modules-iwlwifi-5.15.0-1017-gcp - 5.15.0-1017.23~20.04.2 No subscription required linux-image-unsigned-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-aws-5.15-headers-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-modules-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-image-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-headers-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-tools-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-modules-extra-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-aws-5.15-tools-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-cloud-tools-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-buildinfo-5.15.0-1019-aws - 5.15.0-1019.23~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1019 - 5.15.0-1019.24~20.04.1 linux-modules-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-headers-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-image-unsigned-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-azure-5.15-headers-5.15.0-1019 - 5.15.0-1019.24~20.04.1 linux-cloud-tools-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-image-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-azure-5.15-tools-5.15.0-1019 - 5.15.0-1019.24~20.04.1 linux-buildinfo-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-tools-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 linux-modules-extra-5.15.0-1019-azure - 5.15.0-1019.24~20.04.1 No subscription required linux-gke-edge - 5.15.0.1015.18~20.04.1 linux-headers-gke-5.15 - 5.15.0.1015.18~20.04.1 linux-tools-gke-5.15 - 5.15.0.1015.18~20.04.1 linux-image-gke-edge - 5.15.0.1015.18~20.04.1 linux-tools-gke-edge - 5.15.0.1015.18~20.04.1 linux-gke-5.15 - 5.15.0.1015.18~20.04.1 linux-headers-gke-edge - 5.15.0.1015.18~20.04.1 linux-image-gke-5.15 - 5.15.0.1015.18~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1017.23~20.04.1 linux-modules-extra-gcp - 5.15.0.1017.23~20.04.1 linux-tools-gcp - 5.15.0.1017.23~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1017.23~20.04.1 linux-headers-gcp-edge - 5.15.0.1017.23~20.04.1 linux-gcp - 5.15.0.1017.23~20.04.1 linux-headers-gcp - 5.15.0.1017.23~20.04.1 linux-image-gcp - 5.15.0.1017.23~20.04.1 linux-gcp-edge - 5.15.0.1017.23~20.04.1 linux-image-gcp-edge - 5.15.0.1017.23~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1019.22~20.04.12 linux-azure - 5.15.0.1019.22~20.04.12 linux-image-azure - 5.15.0.1019.22~20.04.12 linux-cloud-tools-azure - 5.15.0.1019.22~20.04.12 linux-cloud-tools-azure-edge - 5.15.0.1019.22~20.04.12 linux-tools-azure - 5.15.0.1019.22~20.04.12 linux-headers-azure-edge - 5.15.0.1019.22~20.04.12 linux-image-azure-edge - 5.15.0.1019.22~20.04.12 linux-modules-extra-azure - 5.15.0.1019.22~20.04.12 linux-modules-extra-azure-edge - 5.15.0.1019.22~20.04.12 linux-azure-edge - 5.15.0.1019.22~20.04.12 linux-headers-azure - 5.15.0.1019.22~20.04.12 No subscription required linux-modules-extra-aws - 5.15.0.1019.23~20.04.11 linux-tools-aws - 5.15.0.1019.23~20.04.11 linux-modules-extra-aws-edge - 5.15.0.1019.23~20.04.11 linux-tools-aws-edge - 5.15.0.1019.23~20.04.11 linux-image-aws-edge - 5.15.0.1019.23~20.04.11 linux-headers-aws-edge - 5.15.0.1019.23~20.04.11 linux-aws-edge - 5.15.0.1019.23~20.04.11 linux-aws - 5.15.0.1019.23~20.04.11 linux-headers-aws - 5.15.0.1019.23~20.04.11 linux-image-aws - 5.15.0.1019.23~20.04.11 No subscription required Medium CVE-2021-33061 CVE-2022-1012 CVE-2022-1729 CVE-2022-1852 CVE-2022-1943 CVE-2022-1973 CVE-2022-2503 CVE-2022-2873 CVE-2022-2959 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656) Update Instructions: Run `sudo pro fix USN-5605-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1090-azure-fde - 5.4.0-1090.95+cvm1.1 linux-image-unsigned-5.4.0-1090-azure-fde - 5.4.0-1090.95+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1090.95+cvm1.30 linux-modules-extra-azure-fde - 5.4.0.1090.95+cvm1.30 linux-image-azure-fde - 5.4.0.1090.95+cvm1.30 linux-headers-azure-fde - 5.4.0.1090.95+cvm1.30 linux-cloud-tools-azure-fde - 5.4.0.1090.95+cvm1.30 linux-tools-azure-fde - 5.4.0.1090.95+cvm1.30 No subscription required Medium CVE-2021-33061 CVE-2021-33656 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5606-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpoppler97 - 0.86.1-0ubuntu1.1 poppler-utils - 0.86.1-0ubuntu1.1 libpoppler-cpp-dev - 0.86.1-0ubuntu1.1 libpoppler-glib-doc - 0.86.1-0ubuntu1.1 gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.1 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.1 libpoppler-glib8 - 0.86.1-0ubuntu1.1 libpoppler-private-dev - 0.86.1-0ubuntu1.1 libpoppler-glib-dev - 0.86.1-0ubuntu1.1 libpoppler-dev - 0.86.1-0ubuntu1.1 libpoppler-qt5-dev - 0.86.1-0ubuntu1.1 libpoppler-qt5-1 - 0.86.1-0ubuntu1.1 No subscription required Medium CVE-2022-38784 Ubuntu 20.04 LTS It was discovered that GDK-PixBuf incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-5607-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.4 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.4 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.4 No subscription required Medium CVE-2021-44648 Ubuntu 20.04 LTS It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5608-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librte-pmd-octeontx-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-memif20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk-igb-uio-dkms - 19.11.13-0ubuntu0.20.04.1 librte-pmd-iavf20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-enic20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-af-packet20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-netvsc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx2-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-ifpga20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-dpaa2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-stack0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-e1000-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bbdev-null20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pipeline20.0 - 19.11.13-0ubuntu0.20.04.1 librte-sched20.0 - 19.11.13-0ubuntu0.20.04.1 librte-distributor20.0 - 19.11.13-0ubuntu0.20.04.1 librte-efd20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ark20.0 - 19.11.13-0ubuntu0.20.04.1 librte-gro20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-sfc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-failsafe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-pcap20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-meter20.0 - 19.11.13-0ubuntu0.20.04.1 librte-hash20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ring20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-octeontx20.0 - 19.11.13-0ubuntu0.20.04.1 librte-telemetry0.200 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-skeleton20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bond20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-ioat20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-skeleton-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-mlx5-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-dpaa2-cmdif20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-fm10k20.0 - 19.11.13-0ubuntu0.20.04.1 librte-cryptodev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-i40e20.0 - 19.11.13-0ubuntu0.20.04.1 librte-cmdline20.0 - 19.11.13-0ubuntu0.20.04.1 librte-jobstats20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk-dev - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ccp20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-atlantic20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-sw-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ip-frag20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-isal20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dsw-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-nitrox20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-kni20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-bucket20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa2-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-gso20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-vdev-netvsc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-openssl20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bnx2x20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx-compress20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-hinic20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-dpaa20.0 - 19.11.13-0ubuntu0.20.04.1 librte-latencystats20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-octeontx2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-kvargs20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-fslmc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-avp20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pdump20.0 - 19.11.13-0ubuntu0.20.04.1 librte-metrics20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bbdev0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa-sec20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-vmbus20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bnxt20.0 - 19.11.13-0ubuntu0.20.04.1 librte-timer20.0 - 19.11.13-0ubuntu0.20.04.1 librte-cfgfile20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rcu0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-qat20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool20.0 - 19.11.13-0ubuntu0.20.04.1 libdpdk-dev - 19.11.13-0ubuntu0.20.04.1 librte-pmd-null20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-virtio20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-axgbe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-port20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-aesni-mb20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-ntb20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-softnic20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk-doc - 19.11.13-0ubuntu0.20.04.1 librte-pmd-mlx4-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-net20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bbdev-fpga-lte-fec20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-null-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ena20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ice20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-dpaax20.0 - 19.11.13-0ubuntu0.20.04.1 librte-member20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-pci20.0 - 19.11.13-0ubuntu0.20.04.1 librte-kni20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-thunderx20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-octeontx20.0 - 19.11.13-0ubuntu0.20.04.1 dpdk - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ifc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-opdl-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pci20.0 - 19.11.13-0ubuntu0.20.04.1 librte-eal20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-bbdev-turbo-sw20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ethdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-table20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-hns3-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-ipsec0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-zlib20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bitratestats20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa2-sec20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-caam-jr20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-octeontx2-dma20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mbuf20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-stack20.0 - 19.11.13-0ubuntu0.20.04.1 librte-power20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-liquidio20.0 - 19.11.13-0ubuntu0.20.04.1 librte-vhost20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-vhost20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-virtio-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-reorder20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-qede20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-pfe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-flow-classify0.200 - 19.11.13-0ubuntu0.20.04.1 librte-rib0.200 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-cxgbe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-mempool-ring20.0 - 19.11.13-0ubuntu0.20.04.1 librte-acl20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-cpt20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-aesni-gcm20.0 - 19.11.13-0ubuntu0.20.04.1 librte-rawdev-dpaa2-qdma20.0 - 19.11.13-0ubuntu0.20.04.1 librte-lpm20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-tap20.0 - 19.11.13-0ubuntu0.20.04.1 librte-eventdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-nfp20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-dpaa20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ring20.0 - 19.11.13-0ubuntu0.20.04.1 librte-bus-vdev20.0 - 19.11.13-0ubuntu0.20.04.1 librte-common-octeontx2-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-ixgbe20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-vmxnet3-20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-crypto-scheduler20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-enetc20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-dpaa-event20.0 - 19.11.13-0ubuntu0.20.04.1 librte-pmd-octeontx2-crypto20.0 - 19.11.13-0ubuntu0.20.04.1 librte-security20.0 - 19.11.13-0ubuntu0.20.04.1 librte-compressdev0.200 - 19.11.13-0ubuntu0.20.04.1 librte-fib0.200 - 19.11.13-0ubuntu0.20.04.1 librte-bpf0.200 - 19.11.13-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2132 Ubuntu 20.04 LTS Addison Crump discovered that rust-regex did not properly limit the complexity of the regular expressions (regex) it parses. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5610-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librust-regex-dev - 1.2.1-3ubuntu0.1 No subscription required Medium CVE-2022-24713 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.7-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.7-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.7-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.7-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.7-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.7-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-32893 Ubuntu 20.04 LTS Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves. Update Instructions: Run `sudo pro fix USN-5612-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20220809.0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21233 Ubuntu 20.04 LTS It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0943) It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution. (CVE-2022-1154) It was discovered that Vim was not properly performing checks on name of lambda functions. An attacker could possibly use this issue to cause a denial of service. This issue affected only Ubuntu 22.04 LTS. (CVE-2022-1420) It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing characters in Ex mode. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1616) It was discovered that Vim was not properly processing latin1 data when issuing Ex commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1619) It was discovered that Vim was not properly performing memory management when dealing with invalid regular expression patterns in buffers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-1620) It was discovered that Vim was not properly processing invalid bytes when performing spell check operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1621) Update Instructions: Run `sudo pro fix USN-5613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.8 vim-athena - 2:8.1.2269-1ubuntu5.8 vim-tiny - 2:8.1.2269-1ubuntu5.8 vim-gtk - 2:8.1.2269-1ubuntu5.8 vim-gui-common - 2:8.1.2269-1ubuntu5.8 vim - 2:8.1.2269-1ubuntu5.8 vim-doc - 2:8.1.2269-1ubuntu5.8 xxd - 2:8.1.2269-1ubuntu5.8 vim-runtime - 2:8.1.2269-1ubuntu5.8 vim-gtk3 - 2:8.1.2269-1ubuntu5.8 vim-nox - 2:8.1.2269-1ubuntu5.8 No subscription required Medium CVE-2022-0943 CVE-2022-1154 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 Ubuntu 20.04 LTS USN-5613-1 fixed vulnerabilities in Vim. Unfortunately that update failed to include binary packages for some architectures. This update fixes that regression. We apologize for the inconvenience. Original advisory details: It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0943) It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution. (CVE-2022-1154) It was discovered that Vim was not properly performing checks on name of lambda functions. An attacker could possibly use this issue to cause a denial of service. This issue affected only Ubuntu 22.04 LTS. (CVE-2022-1420) It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing characters in Ex mode. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1616) It was discovered that Vim was not properly processing latin1 data when issuing Ex commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1619) It was discovered that Vim was not properly performing memory management when dealing with invalid regular expression patterns in buffers. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-1620) It was discovered that Vim was not properly processing invalid bytes when performing spell check operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1621) Update Instructions: Run `sudo pro fix USN-5613-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.9 vim-athena - 2:8.1.2269-1ubuntu5.9 vim-tiny - 2:8.1.2269-1ubuntu5.9 vim-gtk - 2:8.1.2269-1ubuntu5.9 vim-gui-common - 2:8.1.2269-1ubuntu5.9 vim - 2:8.1.2269-1ubuntu5.9 vim-doc - 2:8.1.2269-1ubuntu5.9 xxd - 2:8.1.2269-1ubuntu5.9 vim-runtime - 2:8.1.2269-1ubuntu5.9 vim-gtk3 - 2:8.1.2269-1ubuntu5.9 vim-nox - 2:8.1.2269-1ubuntu5.9 No subscription required Medium CVE-2022-0943 CVE-2022-1154 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 https://launchpad.net/bugs/1989973 Ubuntu 20.04 LTS It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwayland-egl1 - 1.18.0-1ubuntu0.1 libwayland-bin - 1.18.0-1ubuntu0.1 libwayland-dev - 1.18.0-1ubuntu0.1 libwayland-cursor0 - 1.18.0-1ubuntu0.1 libwayland-egl-backend-dev - 1.18.0-1ubuntu0.1 libwayland-server0 - 1.18.0-1ubuntu0.1 libwayland-doc - 1.18.0-1ubuntu0.1 libwayland-client0 - 1.18.0-1ubuntu0.1 No subscription required Medium CVE-2021-3782 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-35525) It was discovered that SQLite incorrectly handled ALTER TABLE for views that have a nested FROM clause. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS. (CVE-2020-35527) It was discovered that SQLite incorrectly handled embedded null characters when tokenizing certain unicode strings. This issue could result in incorrect results. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20223) Update Instructions: Run `sudo pro fix USN-5615-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.4 sqlite3-doc - 3.31.1-4ubuntu0.4 libsqlite3-0 - 3.31.1-4ubuntu0.4 libsqlite3-tcl - 3.31.1-4ubuntu0.4 sqlite3 - 3.31.1-4ubuntu0.4 libsqlite3-dev - 3.31.1-4ubuntu0.4 No subscription required Medium CVE-2020-35525 CVE-2020-35527 Ubuntu 20.04 LTS It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) Julien Grall discovered that Xen incorrectly handled memory barriers on ARM-based systems. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or escalate privileges. (CVE-2020-11739) Ilja Van Sprundel discovered that Xen incorrectly handled profiling of guests. An unprivileged attacker could use this issue to obtain sensitive information from other guests, cause a denial of service or possibly gain privileges. (CVE-2020-11740, CVE-2020-11741) It was discovered that Xen incorrectly handled grant tables. A malicious guest could possibly use this issue to cause a denial of service. (CVE-2020-11742, CVE-2020-11743) Jan Beulich discovered that Xen incorrectly handled certain code paths. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15563) Julien Grall discovered that Xen incorrectly verified memory addresses provided by the guest on ARM-based systems. A malicious guest administrator could possibly use this issue to cause a denial of service. (CVE-2020-15564) Roger Pau Monné discovered that Xen incorrectly handled caching on x86 Intel systems. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15565) It was discovered that Xen incorrectly handled error in event-channel port allocation. A malicious guest could possibly use this issue to cause a denial of service. (CVE-2020-15566) Jan Beulich discovered that Xen incorrectly handled certain EPT (Extended Page Tables). An attacker could possibly use this issue to cause a denial of service, data corruption or privilege escalation. (CVE-2020-15567) Andrew Cooper discovered that Xen incorrectly handled PCI passthrough. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25595) Andrew Cooper discovered that Xen incorrectly sanitized path injections. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25596) Jan Beulich discovered that Xen incorrectly handled validation of event channels. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25597) Julien Grall and Jan Beulich discovered that Xen incorrectly handled resetting event channels. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2020-25599) Julien Grall discovered that Xen incorrectly handled event channels memory allocation on 32-bits domains. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25600) Jan Beulich discovered that Xen incorrectly handled resetting or cleaning up event channels. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25601) Andrew Cooper discovered that Xen incorrectly handled certain Intel specific MSR (Model Specific Registers). An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25602) Julien Grall discovered that Xen incorrectly handled accessing/allocating event channels. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information of privilege escalation. (CVE-2020-25603) Igor Druzhinin discovered that Xen incorrectly handled locks. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-25604) Update Instructions: Run `sudo pro fix USN-5617-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxencall1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxengnttab1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxentoollog1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-common - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-system-arm64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.11-armhf - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenstore3.0 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.9-armhf - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-system-amd64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenmisc4.11 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxendevicemodel1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xenstore-utils - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxentoolcore1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-utils-4.11 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenforeignmemory1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-doc - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.9-amd64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.11-arm64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.9-arm64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-utils-common - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxen-dev - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-hypervisor-4.11-amd64 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 libxenevtchn1 - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 xen-system-armhf - 4.11.3+24-g14b62ab3e5-1ubuntu2.3 No subscription required Medium CVE-2020-0543 CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-11743 CVE-2020-15563 CVE-2020-15564 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25602 CVE-2020-25603 CVE-2020-25604 Ubuntu 20.04 LTS It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19144) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TIFF file using tiffinfo tool, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1354) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TIFF file using tiffcp tool, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-1355) It was discovered that LibTIFF was not properly performing checks to avoid division calculations where the denominator value was zero, which could lead to an undefined behaviour situation via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) Update Instructions: Run `sudo pro fix USN-5619-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.5 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.5 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.5 No subscription required Medium CVE-2020-19131 CVE-2020-19144 CVE-2022-1354 CVE-2022-1355 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 Ubuntu 20.04 LTS It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. (CVE-2021-3598, CVE-2021-3605, CVE-2021-20296, CVE-2021-23215, CVE-2021-26260) It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2021-3933) It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash. (CVE-2021-3941) Update Instructions: Run `sudo pro fix USN-5620-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenexr-dev - 2.3.0-6ubuntu0.5+esm1 openexr - 2.3.0-6ubuntu0.5+esm1 libopenexr24 - 2.3.0-6ubuntu0.5+esm1 openexr-doc - 2.3.0-6ubuntu0.5+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-20296 CVE-2021-23215 CVE-2021-26260 CVE-2021-3598 CVE-2021-3605 CVE-2021-3933 CVE-2021-3941 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1033-ibm - 5.4.0-1033.37 linux-tools-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-headers-5.4.0-1033 - 5.4.0-1033.37 linux-buildinfo-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-source-5.4.0 - 5.4.0-1033.37 linux-ibm-cloud-tools-common - 5.4.0-1033.37 linux-headers-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-tools-5.4.0-1033 - 5.4.0-1033.37 linux-image-unsigned-5.4.0-1033-ibm - 5.4.0-1033.37 linux-modules-5.4.0-1033-ibm - 5.4.0-1033.37 linux-image-5.4.0-1033-ibm - 5.4.0-1033.37 linux-ibm-tools-common - 5.4.0-1033.37 No subscription required linux-image-unsigned-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-bluefield-tools-5.4.0-1046 - 5.4.0-1046.51 linux-bluefield-headers-5.4.0-1046 - 5.4.0-1046.51 linux-headers-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-modules-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-tools-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-image-5.4.0-1046-bluefield - 5.4.0-1046.51 linux-buildinfo-5.4.0-1046-bluefield - 5.4.0-1046.51 No subscription required linux-gkeop-cloud-tools-5.4.0-1053 - 5.4.0-1053.56 linux-gkeop-tools-5.4.0-1053 - 5.4.0-1053.56 linux-gkeop-source-5.4.0 - 5.4.0-1053.56 linux-image-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-cloud-tools-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-headers-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-modules-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-buildinfo-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-modules-extra-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-tools-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-image-unsigned-5.4.0-1053-gkeop - 5.4.0-1053.56 linux-gkeop-headers-5.4.0-1053 - 5.4.0-1053.56 No subscription required linux-raspi-headers-5.4.0-1070 - 5.4.0-1070.80 linux-headers-5.4.0-1070-raspi - 5.4.0-1070.80 linux-buildinfo-5.4.0-1070-raspi - 5.4.0-1070.80 linux-tools-5.4.0-1070-raspi - 5.4.0-1070.80 linux-modules-5.4.0-1070-raspi - 5.4.0-1070.80 linux-raspi-tools-5.4.0-1070 - 5.4.0-1070.80 linux-image-5.4.0-1070-raspi - 5.4.0-1070.80 No subscription required linux-image-5.4.0-1075-kvm - 5.4.0-1075.80 linux-kvm-tools-5.4.0-1075 - 5.4.0-1075.80 linux-kvm-headers-5.4.0-1075 - 5.4.0-1075.80 linux-tools-5.4.0-1075-kvm - 5.4.0-1075.80 linux-headers-5.4.0-1075-kvm - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-kvm - 5.4.0-1075.80 linux-buildinfo-5.4.0-1075-kvm - 5.4.0-1075.80 linux-modules-5.4.0-1075-kvm - 5.4.0-1075.80 No subscription required linux-buildinfo-5.4.0-1083-oracle - 5.4.0-1083.91 linux-headers-5.4.0-1083-oracle - 5.4.0-1083.91 linux-image-unsigned-5.4.0-1083-oracle - 5.4.0-1083.91 linux-modules-extra-5.4.0-1083-oracle - 5.4.0-1083.91 linux-tools-5.4.0-1083-oracle - 5.4.0-1083.91 linux-oracle-headers-5.4.0-1083 - 5.4.0-1083.91 linux-modules-5.4.0-1083-oracle - 5.4.0-1083.91 linux-image-5.4.0-1083-oracle - 5.4.0-1083.91 linux-oracle-tools-5.4.0-1083 - 5.4.0-1083.91 No subscription required linux-aws-cloud-tools-5.4.0-1085 - 5.4.0-1085.92 linux-cloud-tools-5.4.0-1085-aws - 5.4.0-1085.92 linux-buildinfo-5.4.0-1085-aws - 5.4.0-1085.92 linux-aws-headers-5.4.0-1085 - 5.4.0-1085.92 linux-tools-5.4.0-1085-aws - 5.4.0-1085.92 linux-image-5.4.0-1085-aws - 5.4.0-1085.92 linux-aws-tools-5.4.0-1085 - 5.4.0-1085.92 linux-modules-5.4.0-1085-aws - 5.4.0-1085.92 linux-headers-5.4.0-1085-aws - 5.4.0-1085.92 linux-image-unsigned-5.4.0-1085-aws - 5.4.0-1085.92 linux-modules-extra-5.4.0-1085-aws - 5.4.0-1085.92 No subscription required linux-buildinfo-5.4.0-1091-azure - 5.4.0-1091.96 linux-tools-5.4.0-1091-azure - 5.4.0-1091.96 linux-image-unsigned-5.4.0-1091-azure - 5.4.0-1091.96 linux-cloud-tools-5.4.0-1091-azure - 5.4.0-1091.96 linux-azure-headers-5.4.0-1091 - 5.4.0-1091.96 linux-modules-5.4.0-1091-azure - 5.4.0-1091.96 linux-azure-cloud-tools-5.4.0-1091 - 5.4.0-1091.96 linux-azure-tools-5.4.0-1091 - 5.4.0-1091.96 linux-modules-extra-5.4.0-1091-azure - 5.4.0-1091.96 linux-image-5.4.0-1091-azure - 5.4.0-1091.96 linux-headers-5.4.0-1091-azure - 5.4.0-1091.96 No subscription required linux-modules-extra-5.4.0-126-generic - 5.4.0-126.142 linux-tools-common - 5.4.0-126.142 linux-buildinfo-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-headers-5.4.0-126 - 5.4.0-126.142 linux-tools-host - 5.4.0-126.142 linux-cloud-tools-5.4.0-126 - 5.4.0-126.142 linux-tools-5.4.0-126 - 5.4.0-126.142 linux-libc-dev - 5.4.0-126.142 linux-source-5.4.0 - 5.4.0-126.142 linux-modules-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-headers-5.4.0-126-lowlatency - 5.4.0-126.142 linux-modules-5.4.0-126-lowlatency - 5.4.0-126.142 linux-headers-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-tools-5.4.0-126-lowlatency - 5.4.0-126.142 linux-modules-5.4.0-126-generic - 5.4.0-126.142 linux-tools-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-buildinfo-5.4.0-126-generic - 5.4.0-126.142 linux-doc - 5.4.0-126.142 linux-image-unsigned-5.4.0-126-generic - 5.4.0-126.142 linux-cloud-tools-5.4.0-126-lowlatency - 5.4.0-126.142 linux-image-5.4.0-126-lowlatency - 5.4.0-126.142 linux-image-5.4.0-126-generic - 5.4.0-126.142 linux-buildinfo-5.4.0-126-lowlatency - 5.4.0-126.142 linux-headers-5.4.0-126-generic - 5.4.0-126.142 linux-image-5.4.0-126-generic-lpae - 5.4.0-126.142 linux-cloud-tools-common - 5.4.0-126.142 linux-cloud-tools-5.4.0-126-generic - 5.4.0-126.142 linux-image-unsigned-5.4.0-126-lowlatency - 5.4.0-126.142 linux-tools-5.4.0-126-generic - 5.4.0-126.142 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1033.62 linux-tools-ibm - 5.4.0.1033.62 linux-headers-ibm - 5.4.0.1033.62 linux-image-ibm-lts-20.04 - 5.4.0.1033.62 linux-image-ibm - 5.4.0.1033.62 linux-ibm-lts-20.04 - 5.4.0.1033.62 linux-modules-extra-ibm - 5.4.0.1033.62 linux-ibm - 5.4.0.1033.62 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1033.62 linux-tools-ibm-lts-20.04 - 5.4.0.1033.62 No subscription required linux-headers-bluefield - 5.4.0.1046.45 linux-bluefield - 5.4.0.1046.45 linux-image-bluefield - 5.4.0.1046.45 linux-tools-bluefield - 5.4.0.1046.45 No subscription required linux-headers-gkeop - 5.4.0.1053.54 linux-cloud-tools-gkeop-5.4 - 5.4.0.1053.54 linux-modules-extra-gkeop-5.4 - 5.4.0.1053.54 linux-image-gkeop - 5.4.0.1053.54 linux-gkeop-5.4 - 5.4.0.1053.54 linux-image-gkeop-5.4 - 5.4.0.1053.54 linux-gkeop - 5.4.0.1053.54 linux-cloud-tools-gkeop - 5.4.0.1053.54 linux-headers-gkeop-5.4 - 5.4.0.1053.54 linux-modules-extra-gkeop - 5.4.0.1053.54 linux-tools-gkeop - 5.4.0.1053.54 linux-tools-gkeop-5.4 - 5.4.0.1053.54 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-raspi2 - 5.4.0.1070.103 linux-headers-raspi2 - 5.4.0.1070.103 linux-image-raspi-hwe-18.04 - 5.4.0.1070.103 linux-image-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-tools-raspi - 5.4.0.1070.103 linux-headers-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-headers-raspi-hwe-18.04 - 5.4.0.1070.103 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-headers-raspi - 5.4.0.1070.103 linux-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-raspi-hwe-18.04 - 5.4.0.1070.103 linux-tools-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-raspi2-hwe-18.04 - 5.4.0.1070.103 linux-image-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-image-raspi2 - 5.4.0.1070.103 linux-tools-raspi-hwe-18.04 - 5.4.0.1070.103 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-raspi-hwe-18.04-edge - 5.4.0.1070.103 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1070.103 linux-image-raspi - 5.4.0.1070.103 linux-tools-raspi2 - 5.4.0.1070.103 linux-raspi - 5.4.0.1070.103 No subscription required linux-kvm - 5.4.0.1075.72 linux-headers-kvm - 5.4.0.1075.72 linux-image-kvm - 5.4.0.1075.72 linux-tools-kvm - 5.4.0.1075.72 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1083.80 linux-oracle-lts-20.04 - 5.4.0.1083.80 linux-image-oracle-lts-20.04 - 5.4.0.1083.80 linux-tools-oracle-lts-20.04 - 5.4.0.1083.80 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1085.85 linux-image-aws-lts-20.04 - 5.4.0.1085.85 linux-headers-aws-lts-20.04 - 5.4.0.1085.85 linux-tools-aws-lts-20.04 - 5.4.0.1085.85 linux-aws-lts-20.04 - 5.4.0.1085.85 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1091.88 linux-azure-lts-20.04 - 5.4.0.1091.88 linux-image-azure-lts-20.04 - 5.4.0.1091.88 linux-modules-extra-azure-lts-20.04 - 5.4.0.1091.88 linux-tools-azure-lts-20.04 - 5.4.0.1091.88 linux-headers-azure-lts-20.04 - 5.4.0.1091.88 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-virtual - 5.4.0.126.127 linux-image-generic-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-lpae - 5.4.0.126.127 linux-crashdump - 5.4.0.126.127 linux-generic-hwe-18.04-edge - 5.4.0.126.127 linux-oem-osp1-tools-host - 5.4.0.126.127 linux-image-generic - 5.4.0.126.127 linux-tools-lowlatency - 5.4.0.126.127 linux-image-oem - 5.4.0.126.127 linux-virtual - 5.4.0.126.127 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-headers-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-headers-virtual-hwe-18.04 - 5.4.0.126.127 linux-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-image-extra-virtual-hwe-18.04 - 5.4.0.126.127 linux-oem - 5.4.0.126.127 linux-image-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-image-oem-osp1 - 5.4.0.126.127 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-tools-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-hwe-18.04 - 5.4.0.126.127 linux-headers-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.126.127 linux-source - 5.4.0.126.127 linux-lowlatency - 5.4.0.126.127 linux-tools-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-tools-generic-lpae - 5.4.0.126.127 linux-cloud-tools-generic - 5.4.0.126.127 linux-virtual-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-tools-virtual - 5.4.0.126.127 linux-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-generic-lpae - 5.4.0.126.127 linux-headers-oem - 5.4.0.126.127 linux-generic - 5.4.0.126.127 linux-tools-oem-osp1 - 5.4.0.126.127 linux-image-virtual - 5.4.0.126.127 linux-tools-generic-hwe-18.04-edge - 5.4.0.126.127 linux-image-virtual-hwe-18.04 - 5.4.0.126.127 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-cloud-tools-lowlatency - 5.4.0.126.127 linux-headers-lowlatency - 5.4.0.126.127 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-tools-generic - 5.4.0.126.127 linux-image-extra-virtual - 5.4.0.126.127 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-oem-tools-host - 5.4.0.126.127 linux-tools-oem - 5.4.0.126.127 linux-headers-oem-osp1 - 5.4.0.126.127 linux-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-headers-generic-hwe-18.04-edge - 5.4.0.126.127 linux-headers-generic - 5.4.0.126.127 linux-oem-osp1 - 5.4.0.126.127 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.126.127 linux-image-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.126.127 linux-virtual-hwe-18.04-edge - 5.4.0.126.127 linux-headers-virtual - 5.4.0.126.127 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.126.127 linux-tools-virtual-hwe-18.04 - 5.4.0.126.127 linux-lowlatency-hwe-18.04 - 5.4.0.126.127 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.126.127 linux-generic-hwe-18.04 - 5.4.0.126.127 linux-image-generic-lpae - 5.4.0.126.127 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.126.127 linux-image-lowlatency - 5.4.0.126.127 linux-tools-generic-hwe-18.04 - 5.4.0.126.127 linux-image-generic-hwe-18.04-edge - 5.4.0.126.127 linux-image-virtual-hwe-18.04-edge - 5.4.0.126.127 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061) It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle an illegal instruction in a guest, resulting in a null pointer dereference. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1852) It was discovered that the UDF file system implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1943) Gerald Lee discovered that the NTFS file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2022-1973) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Zheyu Ma discovered that the Intel iSMT SMBus host controller driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2873) Selim Enes Karaduman discovered that a race condition existed in the pipe buffers implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly escalate privileges. (CVE-2022-2959) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-cloud-tools-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-hwe-5.15-headers-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-hwe-5.15-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-48.54~20.04.1 linux-cloud-tools-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-48.54~20.04.1 linux-modules-extra-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-image-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-lowlatency-64k - 5.15.0-48.54~20.04.1 linux-image-unsigned-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-48.54~20.04.1 linux-modules-iwlwifi-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-generic-lpae - 5.15.0-48.54~20.04.1 linux-modules-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-lowlatency - 5.15.0-48.54~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-modules-iwlwifi-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-buildinfo-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-48 - 5.15.0-48.54~20.04.1 linux-headers-5.15.0-48-generic-64k - 5.15.0-48.54~20.04.1 linux-tools-5.15.0-48-generic - 5.15.0-48.54~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-48.54~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-image-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-lowlatency-64k-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-tools-lowlatency-hwe-20.04 - 5.15.0.48.54~20.04.16 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.16 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-image-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-image-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-extra-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-headers-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-tools-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-generic-lpae-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-tools-generic-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-headers-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-lpae-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-tools-virtual-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-hwe-20.04-edge - 5.15.0.48.54~20.04.18 linux-image-generic-64k-hwe-20.04 - 5.15.0.48.54~20.04.18 linux-headers-virtual-hwe-20.04 - 5.15.0.48.54~20.04.18 No subscription required Medium CVE-2021-33061 CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-1852 CVE-2022-1943 CVE-2022-1973 CVE-2022-2318 CVE-2022-2503 CVE-2022-26365 CVE-2022-2873 CVE-2022-2959 CVE-2022-32296 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5624-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-buildinfo-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-tools-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-image-unsigned-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-modules-extra-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-cloud-tools-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1020 - 5.15.0-1020.24~20.04.1 linux-image-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-aws-5.15-tools-5.15.0-1020 - 5.15.0-1020.24~20.04.1 linux-headers-5.15.0-1020-aws - 5.15.0-1020.24~20.04.1 linux-aws-5.15-headers-5.15.0-1020 - 5.15.0-1020.24~20.04.1 No subscription required linux-headers-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-modules-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-azure-5.15-headers-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-buildinfo-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-azure-5.15-tools-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-modules-extra-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-image-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-cloud-tools-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-image-unsigned-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 linux-tools-5.15.0-1020-azure - 5.15.0-1020.25~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1020.24~20.04.12 linux-modules-extra-aws-edge - 5.15.0.1020.24~20.04.12 linux-tools-aws - 5.15.0.1020.24~20.04.12 linux-image-aws-edge - 5.15.0.1020.24~20.04.12 linux-headers-aws-edge - 5.15.0.1020.24~20.04.12 linux-aws-edge - 5.15.0.1020.24~20.04.12 linux-tools-aws-edge - 5.15.0.1020.24~20.04.12 linux-aws - 5.15.0.1020.24~20.04.12 linux-headers-aws - 5.15.0.1020.24~20.04.12 linux-image-aws - 5.15.0.1020.24~20.04.12 No subscription required linux-azure - 5.15.0.1020.25~20.04.13 linux-tools-azure-edge - 5.15.0.1020.25~20.04.13 linux-image-azure - 5.15.0.1020.25~20.04.13 linux-cloud-tools-azure - 5.15.0.1020.25~20.04.13 linux-cloud-tools-azure-edge - 5.15.0.1020.25~20.04.13 linux-tools-azure - 5.15.0.1020.25~20.04.13 linux-headers-azure-edge - 5.15.0.1020.25~20.04.13 linux-image-azure-edge - 5.15.0.1020.25~20.04.13 linux-modules-extra-azure - 5.15.0.1020.25~20.04.13 linux-azure-edge - 5.15.0.1020.25~20.04.13 linux-modules-extra-azure-edge - 5.15.0.1020.25~20.04.13 linux-headers-azure - 5.15.0.1020.25~20.04.13 No subscription required Medium CVE-2021-33655 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5625-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-mako - 1.1.0+ds1-1ubuntu2.1 python-mako-doc - 1.1.0+ds1-1ubuntu2.1 python3-mako - 1.1.0+ds1-1ubuntu2.1 No subscription required Medium CVE-2022-40023 Ubuntu 20.04 LTS Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. (CVE-2022-2795) It was discovered that Bind incorrectly handled statistics requests. A remote attacker could possibly use this issue to obtain sensitive memory contents, or cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2881) It was discovered that Bind incorrectly handled memory when processing certain Diffie-Hellman key exchanges. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2906) Maksym Odinintsev discovered that Bind incorrectly handled answers from cache when configured with a zero stale-answer-timeout. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3080) It was discovered that Bind incorrectly handled memory when processing ECDSA DNSSEC verification. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-38177) It was discovered that Bind incorrectly handled memory when processing EDDSA DNSSEC verification. A remote attacker could use this issue to consume resources, leading to a denial of service. (CVE-2022-38178) Update Instructions: Run `sudo pro fix USN-5626-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.11 bind9-libs - 1:9.16.1-0ubuntu2.11 bind9utils - 1:9.16.1-0ubuntu2.11 bind9-doc - 1:9.16.1-0ubuntu2.11 bind9-utils - 1:9.16.1-0ubuntu2.11 bind9 - 1:9.16.1-0ubuntu2.11 bind9-dnsutils - 1:9.16.1-0ubuntu2.11 bind9-host - 1:9.16.1-0ubuntu2.11 No subscription required Medium CVE-2022-2795 CVE-2022-2881 CVE-2022-2906 CVE-2022-3080 CVE-2022-38177 CVE-2022-38178 Ubuntu 20.04 LTS It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5627-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpcre2-16-0 - 10.34-7ubuntu0.1 libpcre2-32-0 - 10.34-7ubuntu0.1 libpcre2-posix2 - 10.34-7ubuntu0.1 pcre2-utils - 10.34-7ubuntu0.1 libpcre2-dev - 10.34-7ubuntu0.1 libpcre2-8-0 - 10.34-7ubuntu0.1 No subscription required Low CVE-2022-1586 CVE-2022-1587 Ubuntu 20.04 LTS It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15106, CVE-2020-15112) It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that exists already. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-15113) It was discovered that etcd incorrectly handled endpoint setup. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15114) Update Instructions: Run `sudo pro fix USN-5628-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: etcd-server - 3.2.26+dfsg-6ubuntu0.1 golang-etcd-server-dev - 3.2.26+dfsg-6ubuntu0.1 etcd-client - 3.2.26+dfsg-6ubuntu0.1 etcd - 3.2.26+dfsg-6ubuntu0.1 No subscription required Medium CVE-2020-15106 CVE-2020-15112 CVE-2020-15113 CVE-2020-15114 Ubuntu 20.04 LTS It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-11813) It was discovered that libjpeg-turbo incorrectly handled certain malformed jpeg files. An attacker could possibly use this issue to cause libjpeg-turbo to crash, resulting in a denial of service. (CVE-2020-17541, CVE-2020-35538) It was discovered that libjpeg-turbo incorrectly handled certain malformed PPM files. An attacker could use this issue to cause libjpeg-turbo to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-46822) Update Instructions: Run `sudo pro fix USN-5631-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libturbojpeg0-dev - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo8-dev - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo-progs - 2.0.3-0ubuntu1.20.04.3 libturbojpeg - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo8 - 2.0.3-0ubuntu1.20.04.3 libjpeg-turbo-test - 2.0.3-0ubuntu1.20.04.3 No subscription required Medium CVE-2018-11813 CVE-2020-17541 CVE-2020-35538 CVE-2021-46822 Ubuntu 20.04 LTS It was discovered that SoS incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-5636-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sosreport - 4.3-1ubuntu0.20.04.2 No subscription required Medium CVE-2022-2806 Ubuntu 20.04 LTS USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Expat incorrectly handled memory in out-of-memory situations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-43680) Original advisory details: Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5638-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.5 libexpat1-dev - 2.2.9-1ubuntu0.5 libexpat1 - 2.2.9-1ubuntu0.5 No subscription required Medium CVE-2022-40674 CVE-2022-43680 Ubuntu 20.04 LTS USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-43680) This update also fixes a minor regression introduced in Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5638-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.6 libexpat1-dev - 2.2.9-1ubuntu0.6 libexpat1 - 2.2.9-1ubuntu0.6 No subscription required Medium CVE-2022-43680 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5639-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1091-azure-fde - 5.4.0-1091.96+cvm1.1 linux-image-5.4.0-1091-azure-fde - 5.4.0-1091.96+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1091.96+cvm1.31 linux-modules-extra-azure-fde - 5.4.0.1091.96+cvm1.31 linux-image-azure-fde - 5.4.0.1091.96+cvm1.31 linux-cloud-tools-azure-fde - 5.4.0.1091.96+cvm1.31 linux-tools-azure-fde - 5.4.0.1091.96+cvm1.31 linux-headers-azure-fde - 5.4.0.1091.96+cvm1.31 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-41317) It was discovered that Squid incorrectly handled SSPI and SMB authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-41318) Update Instructions: Run `sudo pro fix USN-5641-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.7 squidclient - 4.10-1ubuntu1.7 squid - 4.10-1ubuntu1.7 squid-cgi - 4.10-1ubuntu1.7 squid-purge - 4.10-1ubuntu1.7 No subscription required Medium CVE-2022-41317 CVE-2022-41318 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5642-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.36.8-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.36.8-0ubuntu0.20.04.1 webkit2gtk-driver - 2.36.8-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.36.8-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.36.8-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.36.8-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.36.8-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-32886 Ubuntu 20.04 LTS It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27792) It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2085) Update Instructions: Run `sudo pro fix USN-5643-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.6 ghostscript-x - 9.50~dfsg-5ubuntu4.6 libgs-dev - 9.50~dfsg-5ubuntu4.6 ghostscript-doc - 9.50~dfsg-5ubuntu4.6 libgs9 - 9.50~dfsg-5ubuntu4.6 libgs9-common - 9.50~dfsg-5ubuntu4.6 No subscription required Medium CVE-2020-27792 CVE-2022-2085 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5644-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-gcp-5.15-tools-5.15.0-1018 - 5.15.0-1018.24~20.04.1 linux-image-unsigned-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-buildinfo-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-modules-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-gcp-5.15-headers-5.15.0-1018 - 5.15.0-1018.24~20.04.1 linux-headers-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-modules-extra-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-image-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 linux-tools-5.15.0-1018-gcp - 5.15.0-1018.24~20.04.1 No subscription required linux-headers-gcp-edge - 5.15.0.1018.24~20.04.1 linux-tools-gcp - 5.15.0.1018.24~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1018.24~20.04.1 linux-image-gcp-edge - 5.15.0.1018.24~20.04.1 linux-gcp-edge - 5.15.0.1018.24~20.04.1 linux-image-gcp - 5.15.0.1018.24~20.04.1 linux-tools-gcp-edge - 5.15.0.1018.24~20.04.1 linux-modules-extra-gcp - 5.15.0.1018.24~20.04.1 linux-gcp - 5.15.0.1018.24~20.04.1 linux-headers-gcp - 5.15.0.1018.24~20.04.1 No subscription required Medium CVE-2021-33655 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5647-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1089-gcp - 5.4.0-1089.97 linux-image-5.4.0-1089-gcp - 5.4.0-1089.97 linux-headers-5.4.0-1089-gcp - 5.4.0-1089.97 linux-image-unsigned-5.4.0-1089-gcp - 5.4.0-1089.97 linux-modules-extra-5.4.0-1089-gcp - 5.4.0-1089.97 linux-gcp-headers-5.4.0-1089 - 5.4.0-1089.97 linux-buildinfo-5.4.0-1089-gcp - 5.4.0-1089.97 linux-gcp-tools-5.4.0-1089 - 5.4.0-1089.97 linux-modules-5.4.0-1089-gcp - 5.4.0-1089.97 No subscription required linux-image-gcp-lts-20.04 - 5.4.0.1089.94 linux-tools-gcp-lts-20.04 - 5.4.0.1089.94 linux-headers-gcp-lts-20.04 - 5.4.0.1089.94 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1089.94 linux-gcp-lts-20.04 - 5.4.0.1089.94 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5648-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-5.15-headers-5.15.0-1016 - 5.15.0-1016.19~20.04.1 linux-modules-iwlwifi-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-image-unsigned-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-gke-5.15-tools-5.15.0-1016 - 5.15.0-1016.19~20.04.1 linux-modules-extra-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-modules-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-buildinfo-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-tools-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-headers-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 linux-image-5.15.0-1016-gke - 5.15.0-1016.19~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1016.19~20.04.1 linux-gke-edge - 5.15.0.1016.19~20.04.1 linux-headers-gke-5.15 - 5.15.0.1016.19~20.04.1 linux-tools-gke-edge - 5.15.0.1016.19~20.04.1 linux-image-gke-5.15 - 5.15.0.1016.19~20.04.1 linux-tools-gke-5.15 - 5.15.0.1016.19~20.04.1 linux-headers-gke-edge - 5.15.0.1016.19~20.04.1 linux-gke-5.15 - 5.15.0.1016.19~20.04.1 No subscription required Medium CVE-2021-33655 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-34494 CVE-2022-34495 CVE-2022-36946 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy (CSP) or other security restrictions, conduct session fixation attacks, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5649-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 105.0+build2-0ubuntu0.20.04.1 firefox - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 105.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 105.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 105.0+build2-0ubuntu0.20.04.1 firefox-dev - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 105.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 105.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-3266 CVE-2022-40959 CVE-2022-40960 CVE-2022-40958 CVE-2022-40956 CVE-2022-40957 CVE-2022-40962 Ubuntu 20.04 LTS Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points (CDP) in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack. Update Instructions: Run `sudo pro fix USN-5651-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.5 strongswan-scepclient - 5.8.2-1ubuntu3.5 libcharon-extra-plugins - 5.8.2-1ubuntu3.5 libcharon-standard-plugins - 5.8.2-1ubuntu3.5 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.5 strongswan-tnc-pdp - 5.8.2-1ubuntu3.5 strongswan-charon - 5.8.2-1ubuntu3.5 libstrongswan - 5.8.2-1ubuntu3.5 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.5 libcharon-extauth-plugins - 5.8.2-1ubuntu3.5 charon-systemd - 5.8.2-1ubuntu3.5 strongswan - 5.8.2-1ubuntu3.5 strongswan-tnc-server - 5.8.2-1ubuntu3.5 strongswan-tnc-client - 5.8.2-1ubuntu3.5 strongswan-tnc-base - 5.8.2-1ubuntu3.5 charon-cmd - 5.8.2-1ubuntu3.5 strongswan-libcharon - 5.8.2-1ubuntu3.5 strongswan-pki - 5.8.2-1ubuntu3.5 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.5 strongswan-starter - 5.8.2-1ubuntu3.5 strongswan-swanctl - 5.8.2-1ubuntu3.5 No subscription required Medium CVE-2022-40617 Ubuntu 20.04 LTS Benjamin Balder Bach discovered that Django incorrectly handled certain internationalized URLs. A remote attacker could possibly use this issue to cause Django to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5653-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.14 python-django-doc - 2:2.2.12-1ubuntu0.14 No subscription required Medium CVE-2022-41323 Ubuntu 20.04 LTS It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012, CVE-2022-32296) Norbert Slusarek discovered that a race condition existed in the perf subsystem in the Linux kernel, resulting in a use-after-free vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1729) It was discovered that the device-mapper verity (dm-verity) driver in the Linux kernel did not properly verify targets being loaded into the device- mapper table. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2503) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update Instructions: Run `sudo pro fix USN-5654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-headers-5.4.0-1083 - 5.4.0-1083.89 linux-modules-extra-5.4.0-1083-gke - 5.4.0-1083.89 linux-modules-5.4.0-1083-gke - 5.4.0-1083.89 linux-gke-tools-5.4.0-1083 - 5.4.0-1083.89 linux-headers-5.4.0-1083-gke - 5.4.0-1083.89 linux-image-5.4.0-1083-gke - 5.4.0-1083.89 linux-buildinfo-5.4.0-1083-gke - 5.4.0-1083.89 linux-image-unsigned-5.4.0-1083-gke - 5.4.0-1083.89 linux-tools-5.4.0-1083-gke - 5.4.0-1083.89 No subscription required linux-modules-extra-gke - 5.4.0.1083.91 linux-image-gke - 5.4.0.1083.91 linux-gke-5.4 - 5.4.0.1083.91 linux-image-gke-5.4 - 5.4.0.1083.91 linux-tools-gke-5.4 - 5.4.0.1083.91 linux-modules-extra-gke-5.4 - 5.4.0.1083.91 linux-gke - 5.4.0.1083.91 linux-headers-gke-5.4 - 5.4.0.1083.91 linux-tools-gke - 5.4.0.1083.91 linux-headers-gke - 5.4.0.1083.91 No subscription required Medium CVE-2021-33655 CVE-2022-1012 CVE-2022-1729 CVE-2022-2503 CVE-2022-32296 CVE-2022-36946 Ubuntu 20.04 LTS It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. (CVE-2022-2928) It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service. (CVE-2022-2929) Update Instructions: Run `sudo pro fix USN-5658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isc-dhcp-dev - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-client-ddns - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-relay - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-client - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-common - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-server - 4.4.1-2.1ubuntu5.20.04.4 isc-dhcp-server-ldap - 4.4.1-2.1ubuntu5.20.04.4 No subscription required Medium CVE-2022-2928 CVE-2022-2929 Ubuntu 20.04 LTS Stephane Chauveau discovered that kitty incorrectly handled image filenames with special characters in error messages. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-35605) Carter Sande discovered that kitty incorrectly handled escape sequences in desktop notifications. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-41322) Update Instructions: Run `sudo pro fix USN-5659-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kitty-terminfo - 0.15.0-1ubuntu0.2 kitty - 0.15.0-1ubuntu0.2 kitty-doc - 0.15.0-1ubuntu0.2 No subscription required Medium CVE-2020-35605 CVE-2022-41322 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. (CVE-2022-26305) It was discovered that Libreoffice incorrectly handled encrypting the master key provided by the user for storing passwords for web connections. A local attacker could possibly use this issue to obtain access to passwords stored in the user's configuration data. (CVE-2022-26306, CVE-2022-26307) Update Instructions: Run `sudo pro fix USN-5661-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.5 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.5 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.5 libreoffice - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.5 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.5 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.5 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.5 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.5 libridl-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.5 python3-access2base - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.5 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.5 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.5 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.5 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.5 libunoil-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.5 python3-uno - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.5 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.5 libjurt-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.5 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.5 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.5 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.5 ure - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.5 libjuh-java - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.5 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.5 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.5 No subscription required Medium CVE-2022-26305 CVE-2022-26306 CVE-2022-26307 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, obtain sensitive information, spoof the contents of the addressbar, bypass security restrictions, or execute arbitrary code. (CVE-2022-2505, CVE-2022-36318, CVE-2022-36319, CVE-2022-38472, CVE-2022-38473, CVE-2022-38476 CVE-2022-38477, CVE-2022-38478) Multiple security issues were discovered in Thunderbird. An attacker could potentially exploit these in order to determine when a user opens a specially crafted message. (CVE-2022-3032, CVE-2022-3034) It was discovered that Thunderbird did not correctly handle HTML messages that contain a meta tag in some circumstances. If a user were tricked into replying to a specially crafted message, an attacker could potentially exploit this to obtain sensitive information. (CVE-2022-3033) A security issue was discovered with the Matrix SDK in Thunderbird. An attacker sharing a room with a user could potentially exploit this to cause a denial of service. (CVE-2022-36059) Update Instructions: Run `sudo pro fix USN-5663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.2.2+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.2.2+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.2.2+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.2.2+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.2.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-2505 CVE-2022-3032 CVE-2022-3033 CVE-2022-3034 CVE-2022-36059 CVE-2022-36318 CVE-2022-36319 CVE-2022-38472 CVE-2022-38473 CVE-2022-38476 CVE-2022-38477 CVE-2022-38478 Ubuntu 20.04 LTS Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1882) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Jann Horn discovered that the KVM subsystem in the Linux kernel did not properly handle TLB flush operations in some situations. A local attacker in a guest VM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code in the guest kernel. (CVE-2022-39189) Update Instructions: Run `sudo pro fix USN-5667-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-headers-5.15.0-1021 - 5.15.0-1021.25~20.04.1 linux-image-unsigned-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-buildinfo-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-tools-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-modules-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1021 - 5.15.0-1021.25~20.04.1 linux-modules-extra-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-image-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-aws-5.15-tools-5.15.0-1021 - 5.15.0-1021.25~20.04.1 linux-cloud-tools-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 linux-headers-5.15.0-1021-aws - 5.15.0-1021.25~20.04.1 No subscription required linux-tools-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-buildinfo-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-image-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-modules-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-headers-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-azure-5.15-headers-5.15.0-1021 - 5.15.0-1021.26~20.04.1 linux-modules-extra-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-cloud-tools-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1021 - 5.15.0-1021.26~20.04.1 linux-image-unsigned-5.15.0-1021-azure - 5.15.0-1021.26~20.04.1 linux-azure-5.15-tools-5.15.0-1021 - 5.15.0-1021.26~20.04.1 No subscription required linux-headers-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-hwe-5.15-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-50.56~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-modules-iwlwifi-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-modules-iwlwifi-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-cloud-tools-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-modules-extra-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-generic-lpae - 5.15.0-50.56~20.04.1 linux-tools-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-image-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-generic - 5.15.0-50.56~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-50.56~20.04.1 linux-cloud-tools-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-image-unsigned-5.15.0-50-generic-64k - 5.15.0-50.56~20.04.1 linux-headers-5.15.0-50-lowlatency-64k - 5.15.0-50.56~20.04.1 linux-hwe-5.15-headers-5.15.0-50 - 5.15.0-50.56~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-50.56~20.04.1 linux-buildinfo-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 linux-modules-5.15.0-50-lowlatency - 5.15.0-50.56~20.04.1 No subscription required linux-headers-aws - 5.15.0.1021.25~20.04.13 linux-image-aws - 5.15.0.1021.25~20.04.13 linux-modules-extra-aws-edge - 5.15.0.1021.25~20.04.13 linux-image-aws-edge - 5.15.0.1021.25~20.04.13 linux-aws-edge - 5.15.0.1021.25~20.04.13 linux-aws - 5.15.0.1021.25~20.04.13 linux-headers-aws-edge - 5.15.0.1021.25~20.04.13 linux-modules-extra-aws - 5.15.0.1021.25~20.04.13 linux-tools-aws - 5.15.0.1021.25~20.04.13 linux-tools-aws-edge - 5.15.0.1021.25~20.04.13 No subscription required linux-tools-azure-edge - 5.15.0.1021.26~20.04.14 linux-cloud-tools-azure - 5.15.0.1021.26~20.04.14 linux-tools-azure - 5.15.0.1021.26~20.04.14 linux-image-azure-edge - 5.15.0.1021.26~20.04.14 linux-cloud-tools-azure-edge - 5.15.0.1021.26~20.04.14 linux-modules-extra-azure - 5.15.0.1021.26~20.04.14 linux-azure - 5.15.0.1021.26~20.04.14 linux-image-azure - 5.15.0.1021.26~20.04.14 linux-headers-azure-edge - 5.15.0.1021.26~20.04.14 linux-azure-edge - 5.15.0.1021.26~20.04.14 linux-modules-extra-azure-edge - 5.15.0.1021.26~20.04.14 linux-headers-azure - 5.15.0.1021.26~20.04.14 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-image-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-lowlatency-64k-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-tools-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-lowlatency-hwe-20.04 - 5.15.0.50.56~20.04.17 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.17 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-extra-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-tools-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-lpae-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-tools-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-generic-lpae-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-generic-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-tools-virtual-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-image-generic-hwe-20.04-edge - 5.15.0.50.56~20.04.19 linux-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-image-generic-64k-hwe-20.04 - 5.15.0.50.56~20.04.19 linux-headers-virtual-hwe-20.04 - 5.15.0.50.56~20.04.19 No subscription required High CVE-2022-1882 CVE-2022-26373 CVE-2022-3176 CVE-2022-36879 CVE-2022-39189 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Update Instructions: Run `sudo pro fix USN-5668-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1034 - 5.4.0-1034.38 linux-modules-extra-5.4.0-1034-ibm - 5.4.0-1034.38 linux-headers-5.4.0-1034-ibm - 5.4.0-1034.38 linux-modules-5.4.0-1034-ibm - 5.4.0-1034.38 linux-tools-5.4.0-1034-ibm - 5.4.0-1034.38 linux-ibm-tools-5.4.0-1034 - 5.4.0-1034.38 linux-image-5.4.0-1034-ibm - 5.4.0-1034.38 linux-ibm-source-5.4.0 - 5.4.0-1034.38 linux-ibm-cloud-tools-common - 5.4.0-1034.38 linux-ibm-tools-common - 5.4.0-1034.38 linux-buildinfo-5.4.0-1034-ibm - 5.4.0-1034.38 linux-image-unsigned-5.4.0-1034-ibm - 5.4.0-1034.38 No subscription required linux-bluefield-tools-5.4.0-1047 - 5.4.0-1047.52 linux-image-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-image-unsigned-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-bluefield-headers-5.4.0-1047 - 5.4.0-1047.52 linux-headers-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-modules-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-tools-5.4.0-1047-bluefield - 5.4.0-1047.52 linux-buildinfo-5.4.0-1047-bluefield - 5.4.0-1047.52 No subscription required linux-image-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-buildinfo-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-tools-5.4.0-1054 - 5.4.0-1054.57 linux-tools-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-source-5.4.0 - 5.4.0-1054.57 linux-modules-extra-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-cloud-tools-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-image-unsigned-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-gkeop-cloud-tools-5.4.0-1054 - 5.4.0-1054.57 linux-gkeop-headers-5.4.0-1054 - 5.4.0-1054.57 linux-modules-5.4.0-1054-gkeop - 5.4.0-1054.57 linux-headers-5.4.0-1054-gkeop - 5.4.0-1054.57 No subscription required linux-buildinfo-5.4.0-1076-kvm - 5.4.0-1076.81 linux-kvm-headers-5.4.0-1076 - 5.4.0-1076.81 linux-kvm-tools-5.4.0-1076 - 5.4.0-1076.81 linux-tools-5.4.0-1076-kvm - 5.4.0-1076.81 linux-image-unsigned-5.4.0-1076-kvm - 5.4.0-1076.81 linux-headers-5.4.0-1076-kvm - 5.4.0-1076.81 linux-image-5.4.0-1076-kvm - 5.4.0-1076.81 linux-modules-5.4.0-1076-kvm - 5.4.0-1076.81 No subscription required linux-image-unsigned-5.4.0-1084-gke - 5.4.0-1084.90 linux-modules-5.4.0-1084-gke - 5.4.0-1084.90 linux-headers-5.4.0-1084-gke - 5.4.0-1084.90 linux-modules-extra-5.4.0-1084-gke - 5.4.0-1084.90 linux-image-5.4.0-1084-gke - 5.4.0-1084.90 linux-buildinfo-5.4.0-1084-gke - 5.4.0-1084.90 linux-gke-headers-5.4.0-1084 - 5.4.0-1084.90 linux-tools-5.4.0-1084-gke - 5.4.0-1084.90 linux-gke-tools-5.4.0-1084 - 5.4.0-1084.90 No subscription required linux-modules-5.4.0-1084-oracle - 5.4.0-1084.92 linux-headers-5.4.0-1084-oracle - 5.4.0-1084.92 linux-modules-extra-5.4.0-1084-oracle - 5.4.0-1084.92 linux-image-5.4.0-1084-oracle - 5.4.0-1084.92 linux-buildinfo-5.4.0-1084-oracle - 5.4.0-1084.92 linux-oracle-tools-5.4.0-1084 - 5.4.0-1084.92 linux-oracle-headers-5.4.0-1084 - 5.4.0-1084.92 linux-tools-5.4.0-1084-oracle - 5.4.0-1084.92 linux-image-unsigned-5.4.0-1084-oracle - 5.4.0-1084.92 No subscription required linux-aws-cloud-tools-5.4.0-1086 - 5.4.0-1086.93 linux-image-unsigned-5.4.0-1086-aws - 5.4.0-1086.93 linux-modules-5.4.0-1086-aws - 5.4.0-1086.93 linux-tools-5.4.0-1086-aws - 5.4.0-1086.93 linux-aws-headers-5.4.0-1086 - 5.4.0-1086.93 linux-cloud-tools-5.4.0-1086-aws - 5.4.0-1086.93 linux-image-5.4.0-1086-aws - 5.4.0-1086.93 linux-headers-5.4.0-1086-aws - 5.4.0-1086.93 linux-aws-tools-5.4.0-1086 - 5.4.0-1086.93 linux-buildinfo-5.4.0-1086-aws - 5.4.0-1086.93 linux-modules-extra-5.4.0-1086-aws - 5.4.0-1086.93 No subscription required linux-tools-common - 5.4.0-128.144 linux-headers-5.4.0-128-generic - 5.4.0-128.144 linux-headers-5.4.0-128 - 5.4.0-128.144 linux-image-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-tools-host - 5.4.0-128.144 linux-image-5.4.0-128-generic - 5.4.0-128.144 linux-doc - 5.4.0-128.144 linux-image-5.4.0-128-lowlatency - 5.4.0-128.144 linux-buildinfo-5.4.0-128-lowlatency - 5.4.0-128.144 linux-cloud-tools-5.4.0-128 - 5.4.0-128.144 linux-tools-5.4.0-128 - 5.4.0-128.144 linux-buildinfo-5.4.0-128-generic - 5.4.0-128.144 linux-libc-dev - 5.4.0-128.144 linux-source-5.4.0 - 5.4.0-128.144 linux-headers-5.4.0-128-lowlatency - 5.4.0-128.144 linux-image-unsigned-5.4.0-128-generic - 5.4.0-128.144 linux-headers-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-modules-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-buildinfo-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-image-unsigned-5.4.0-128-lowlatency - 5.4.0-128.144 linux-modules-5.4.0-128-lowlatency - 5.4.0-128.144 linux-cloud-tools-5.4.0-128-generic - 5.4.0-128.144 linux-cloud-tools-common - 5.4.0-128.144 linux-tools-5.4.0-128-generic - 5.4.0-128.144 linux-cloud-tools-5.4.0-128-lowlatency - 5.4.0-128.144 linux-tools-5.4.0-128-lowlatency - 5.4.0-128.144 linux-tools-5.4.0-128-generic-lpae - 5.4.0-128.144 linux-modules-5.4.0-128-generic - 5.4.0-128.144 linux-modules-extra-5.4.0-128-generic - 5.4.0-128.144 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1034.63 linux-image-ibm - 5.4.0.1034.63 linux-headers-ibm-lts-20.04 - 5.4.0.1034.63 linux-tools-ibm - 5.4.0.1034.63 linux-ibm-lts-20.04 - 5.4.0.1034.63 linux-image-ibm-lts-20.04 - 5.4.0.1034.63 linux-modules-extra-ibm - 5.4.0.1034.63 linux-ibm - 5.4.0.1034.63 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1034.63 linux-headers-ibm - 5.4.0.1034.63 No subscription required linux-image-bluefield - 5.4.0.1047.46 linux-headers-bluefield - 5.4.0.1047.46 linux-tools-bluefield - 5.4.0.1047.46 linux-bluefield - 5.4.0.1047.46 No subscription required linux-headers-gkeop - 5.4.0.1054.55 linux-cloud-tools-gkeop-5.4 - 5.4.0.1054.55 linux-image-gkeop - 5.4.0.1054.55 linux-modules-extra-gkeop-5.4 - 5.4.0.1054.55 linux-gkeop-5.4 - 5.4.0.1054.55 linux-image-gkeop-5.4 - 5.4.0.1054.55 linux-headers-gkeop-5.4 - 5.4.0.1054.55 linux-gkeop - 5.4.0.1054.55 linux-cloud-tools-gkeop - 5.4.0.1054.55 linux-modules-extra-gkeop - 5.4.0.1054.55 linux-tools-gkeop - 5.4.0.1054.55 linux-tools-gkeop-5.4 - 5.4.0.1054.55 No subscription required linux-kvm - 5.4.0.1076.73 linux-headers-kvm - 5.4.0.1076.73 linux-image-kvm - 5.4.0.1076.73 linux-tools-kvm - 5.4.0.1076.73 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1084.81 linux-headers-oracle-lts-20.04 - 5.4.0.1084.81 linux-oracle-lts-20.04 - 5.4.0.1084.81 linux-image-oracle-lts-20.04 - 5.4.0.1084.81 No subscription required linux-modules-extra-gke - 5.4.0.1084.92 linux-headers-gke-5.4 - 5.4.0.1084.92 linux-tools-gke-5.4 - 5.4.0.1084.92 linux-modules-extra-gke-5.4 - 5.4.0.1084.92 linux-gke-5.4 - 5.4.0.1084.92 linux-tools-gke - 5.4.0.1084.92 linux-gke - 5.4.0.1084.92 linux-image-gke - 5.4.0.1084.92 linux-headers-gke - 5.4.0.1084.92 linux-image-gke-5.4 - 5.4.0.1084.92 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1086.86 linux-headers-aws-lts-20.04 - 5.4.0.1086.86 linux-tools-aws-lts-20.04 - 5.4.0.1086.86 linux-modules-extra-aws-lts-20.04 - 5.4.0.1086.86 linux-aws-lts-20.04 - 5.4.0.1086.86 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-virtual - 5.4.0.128.129 linux-image-generic-hwe-18.04 - 5.4.0.128.129 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-headers-generic-lpae - 5.4.0.128.129 linux-oem-osp1-tools-host - 5.4.0.128.129 linux-image-generic - 5.4.0.128.129 linux-tools-lowlatency - 5.4.0.128.129 linux-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-image-oem - 5.4.0.128.129 linux-tools-virtual-hwe-18.04 - 5.4.0.128.129 linux-oem-osp1 - 5.4.0.128.129 linux-headers-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-oem - 5.4.0.128.129 linux-image-oem-osp1 - 5.4.0.128.129 linux-image-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-crashdump - 5.4.0.128.129 linux-tools-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-headers-generic-hwe-18.04 - 5.4.0.128.129 linux-headers-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-source - 5.4.0.128.129 linux-lowlatency - 5.4.0.128.129 linux-tools-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-generic - 5.4.0.128.129 linux-virtual - 5.4.0.128.129 linux-headers-virtual-hwe-18.04 - 5.4.0.128.129 linux-tools-generic-lpae - 5.4.0.128.129 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-tools-virtual - 5.4.0.128.129 linux-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-generic-lpae - 5.4.0.128.129 linux-headers-oem - 5.4.0.128.129 linux-image-extra-virtual-hwe-18.04 - 5.4.0.128.129 linux-generic - 5.4.0.128.129 linux-tools-oem-osp1 - 5.4.0.128.129 linux-image-virtual - 5.4.0.128.129 linux-tools-generic-hwe-18.04-edge - 5.4.0.128.129 linux-tools-generic - 5.4.0.128.129 linux-image-virtual-hwe-18.04 - 5.4.0.128.129 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-oem-tools-host - 5.4.0.128.129 linux-headers-lowlatency - 5.4.0.128.129 linux-image-generic-hwe-18.04-edge - 5.4.0.128.129 linux-generic-hwe-18.04-edge - 5.4.0.128.129 linux-tools-generic-hwe-18.04 - 5.4.0.128.129 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-image-extra-virtual - 5.4.0.128.129 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-headers-oem-osp1 - 5.4.0.128.129 linux-cloud-tools-lowlatency - 5.4.0.128.129 linux-tools-oem - 5.4.0.128.129 linux-virtual-hwe-18.04 - 5.4.0.128.129 linux-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-headers-generic-hwe-18.04-edge - 5.4.0.128.129 linux-headers-generic - 5.4.0.128.129 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.128.129 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-image-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.128.129 linux-headers-virtual - 5.4.0.128.129 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.128.129 linux-lowlatency-hwe-18.04 - 5.4.0.128.129 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.128.129 linux-generic-hwe-18.04 - 5.4.0.128.129 linux-image-generic-lpae - 5.4.0.128.129 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.128.129 linux-image-virtual-hwe-18.04-edge - 5.4.0.128.129 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.128.129 linux-image-lowlatency - 5.4.0.128.129 No subscription required Medium CVE-2021-4159 CVE-2022-20369 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3176 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 Ubuntu 20.04 LTS It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could possibly use this issue to cause applications using GMP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5672-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgmp10-doc - 2:6.2.0+dfsg-4ubuntu0.1 libgmpxx4ldbl - 2:6.2.0+dfsg-4ubuntu0.1 libgmp3-dev - 2:6.2.0+dfsg-4ubuntu0.1 libgmp10 - 2:6.2.0+dfsg-4ubuntu0.1 libgmp-dev - 2:6.2.0+dfsg-4ubuntu0.1 No subscription required Low CVE-2021-43618 Ubuntu 20.04 LTS It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-4217) It was discovered that unzip did not properly perform bounds checking while converting wide strings to local strings. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0529, CVE-2022-0530) Update Instructions: Run `sudo pro fix USN-5673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unzip - 6.0-25ubuntu1.1 No subscription required Medium CVE-2021-4217 CVE-2022-0529 CVE-2022-0530 https://launchpad.net/bugs/1957077 Ubuntu 20.04 LTS Isaac Boukris and Andrew Bartlett discovered that Heimdal's KDC was not properly performing checksum algorithm verifications in the S4U2Self extension module. An attacker could possibly use this issue to perform a machine-in-the-middle attack and request S4U2Self tickets for any user known by the application. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-16860) It was discovered that Heimdal was not properly handling the verification of key exchanges when an anonymous PKINIT was being used. An attacker could possibly use this issue to perform a machine-in-the-middle attack and expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-12098) Joseph Sutton discovered that Heimdal was not properly handling memory management operations when dealing with TGS-REQ tickets that were missing information. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-3671) Michał Kępień discovered that Heimdal was not properly handling logical conditions that related to memory management operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3116) Update Instructions: Run `sudo pro fix USN-5675-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.1 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.1 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.1 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.1 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.1 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.1 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.1 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.1 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-servers - 7.7.0+dfsg-1ubuntu1.1 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-docs - 7.7.0+dfsg-1ubuntu1.1 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.1 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.1 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-dev - 7.7.0+dfsg-1ubuntu1.1 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.1 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.1 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.1 heimdal-clients - 7.7.0+dfsg-1ubuntu1.1 No subscription required Medium CVE-2018-16860 CVE-2019-12098 CVE-2021-3671 CVE-2022-3116 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Update Instructions: Run `sudo pro fix USN-5677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1071-raspi - 5.4.0-1071.81 linux-image-5.4.0-1071-raspi - 5.4.0-1071.81 linux-modules-5.4.0-1071-raspi - 5.4.0-1071.81 linux-raspi-tools-5.4.0-1071 - 5.4.0-1071.81 linux-raspi-headers-5.4.0-1071 - 5.4.0-1071.81 linux-buildinfo-5.4.0-1071-raspi - 5.4.0-1071.81 linux-tools-5.4.0-1071-raspi - 5.4.0-1071.81 No subscription required linux-modules-extra-5.4.0-1090-gcp - 5.4.0-1090.98 linux-image-unsigned-5.4.0-1090-gcp - 5.4.0-1090.98 linux-tools-5.4.0-1090-gcp - 5.4.0-1090.98 linux-buildinfo-5.4.0-1090-gcp - 5.4.0-1090.98 linux-headers-5.4.0-1090-gcp - 5.4.0-1090.98 linux-image-5.4.0-1090-gcp - 5.4.0-1090.98 linux-modules-5.4.0-1090-gcp - 5.4.0-1090.98 linux-gcp-headers-5.4.0-1090 - 5.4.0-1090.98 linux-gcp-tools-5.4.0-1090 - 5.4.0-1090.98 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-raspi-hwe-18.04 - 5.4.0.1071.104 linux-tools-raspi - 5.4.0.1071.104 linux-image-raspi - 5.4.0.1071.104 linux-tools-raspi2-hwe-18.04 - 5.4.0.1071.104 linux-raspi2-hwe-18.04 - 5.4.0.1071.104 linux-image-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-raspi2 - 5.4.0.1071.104 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-headers-raspi2 - 5.4.0.1071.104 linux-headers-raspi2-hwe-18.04 - 5.4.0.1071.104 linux-image-raspi2 - 5.4.0.1071.104 linux-tools-raspi-hwe-18.04 - 5.4.0.1071.104 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1071.104 linux-tools-raspi2 - 5.4.0.1071.104 linux-image-raspi-hwe-18.04 - 5.4.0.1071.104 linux-raspi - 5.4.0.1071.104 linux-headers-raspi - 5.4.0.1071.104 linux-headers-raspi-hwe-18.04 - 5.4.0.1071.104 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1071.104 linux-image-raspi2-hwe-18.04 - 5.4.0.1071.104 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1090.95 linux-image-gcp-lts-20.04 - 5.4.0.1090.95 linux-tools-gcp-lts-20.04 - 5.4.0.1090.95 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1090.95 linux-gcp-lts-20.04 - 5.4.0.1090.95 No subscription required Medium CVE-2021-4159 CVE-2022-20369 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3176 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 Ubuntu 20.04 LTS It was discovered that gThumb did not properly managed memory when processing certain image files. If a user were tricked into opening a specially crafted JPEG file, an attacker could possibly use this issue to cause gThumb to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-20326) It was discovered that gThumb did not properly handled certain malformed image files. If a user were tricked into opening a specially crafted JPEG file, an attacker could possibly use this issue to cause gThumb to crash, resulting in a denial of service. (CVE-2020-36427) Update Instructions: Run `sudo pro fix USN-5680-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gthumb-dev - 3:3.8.0-2.1ubuntu0.1 gthumb-data - 3:3.8.0-2.1ubuntu0.1 gthumb - 3:3.8.0-2.1ubuntu0.1 No subscription required Medium CVE-2019-20326 CVE-2020-36427 Ubuntu 20.04 LTS Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour. (CVE-2022-39253) Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to arbitrary code execution. (CVE-2022-39260) Update Instructions: Run `sudo pro fix USN-5686-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.6 gitweb - 1:2.25.1-1ubuntu3.6 git-gui - 1:2.25.1-1ubuntu3.6 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.6 git-el - 1:2.25.1-1ubuntu3.6 gitk - 1:2.25.1-1ubuntu3.6 git-all - 1:2.25.1-1ubuntu3.6 git-mediawiki - 1:2.25.1-1ubuntu3.6 git-daemon-run - 1:2.25.1-1ubuntu3.6 git-man - 1:2.25.1-1ubuntu3.6 git-doc - 1:2.25.1-1ubuntu3.6 git-svn - 1:2.25.1-1ubuntu3.6 git-cvs - 1:2.25.1-1ubuntu3.6 git-email - 1:2.25.1-1ubuntu3.6 No subscription required Medium CVE-2022-39253 CVE-2022-39260 Ubuntu 20.04 LTS It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service (application crash) or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5688-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libksba-mingw-w64-dev - 1.3.5-2ubuntu0.20.04.1 libksba8 - 1.3.5-2ubuntu0.20.04.1 libksba-dev - 1.3.5-2ubuntu0.20.04.1 No subscription required High CVE-2022-3515 Ubuntu 20.04 LTS It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification. Update Instructions: Run `sudo pro fix USN-5689-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.3 libperl-dev - 5.30.0-9ubuntu0.3 perl-doc - 5.30.0-9ubuntu0.3 perl - 5.30.0-9ubuntu0.3 perl-base - 5.30.0-9ubuntu0.3 libperl5.30 - 5.30.0-9ubuntu0.3 perl-debug - 5.30.0-9ubuntu0.3 No subscription required Medium CVE-2020-16156 Ubuntu 20.04 LTS David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2602) Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721) Update Instructions: Run `sudo pro fix USN-5691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1036-ibm - 5.4.0-1036.41 linux-modules-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-headers-5.4.0-1036 - 5.4.0-1036.41 linux-buildinfo-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-source-5.4.0 - 5.4.0-1036.41 linux-image-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-tools-common - 5.4.0-1036.41 linux-ibm-tools-5.4.0-1036 - 5.4.0-1036.41 linux-tools-5.4.0-1036-ibm - 5.4.0-1036.41 linux-modules-extra-5.4.0-1036-ibm - 5.4.0-1036.41 linux-ibm-cloud-tools-common - 5.4.0-1036.41 linux-headers-5.4.0-1036-ibm - 5.4.0-1036.41 No subscription required linux-buildinfo-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-modules-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-bluefield-tools-5.4.0-1049 - 5.4.0-1049.55 linux-tools-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-bluefield-headers-5.4.0-1049 - 5.4.0-1049.55 linux-image-unsigned-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-image-5.4.0-1049-bluefield - 5.4.0-1049.55 linux-headers-5.4.0-1049-bluefield - 5.4.0-1049.55 No subscription required linux-gkeop-cloud-tools-5.4.0-1056 - 5.4.0-1056.60 linux-gkeop-tools-5.4.0-1056 - 5.4.0-1056.60 linux-image-unsigned-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-headers-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-buildinfo-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-image-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-tools-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-modules-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-cloud-tools-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-modules-extra-5.4.0-1056-gkeop - 5.4.0-1056.60 linux-gkeop-headers-5.4.0-1056 - 5.4.0-1056.60 linux-gkeop-source-5.4.0 - 5.4.0-1056.60 No subscription required linux-raspi-tools-5.4.0-1073 - 5.4.0-1073.84 linux-raspi-headers-5.4.0-1073 - 5.4.0-1073.84 linux-buildinfo-5.4.0-1073-raspi - 5.4.0-1073.84 linux-headers-5.4.0-1073-raspi - 5.4.0-1073.84 linux-image-5.4.0-1073-raspi - 5.4.0-1073.84 linux-modules-5.4.0-1073-raspi - 5.4.0-1073.84 linux-tools-5.4.0-1073-raspi - 5.4.0-1073.84 No subscription required linux-kvm-tools-5.4.0-1078 - 5.4.0-1078.84 linux-image-5.4.0-1078-kvm - 5.4.0-1078.84 linux-kvm-headers-5.4.0-1078 - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-kvm - 5.4.0-1078.84 linux-headers-5.4.0-1078-kvm - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-kvm - 5.4.0-1078.84 linux-modules-5.4.0-1078-kvm - 5.4.0-1078.84 linux-tools-5.4.0-1078-kvm - 5.4.0-1078.84 No subscription required linux-image-5.4.0-1086-gke - 5.4.0-1086.93 linux-modules-5.4.0-1086-gke - 5.4.0-1086.93 linux-modules-extra-5.4.0-1086-gke - 5.4.0-1086.93 linux-tools-5.4.0-1086-gke - 5.4.0-1086.93 linux-gke-headers-5.4.0-1086 - 5.4.0-1086.93 linux-buildinfo-5.4.0-1086-gke - 5.4.0-1086.93 linux-headers-5.4.0-1086-gke - 5.4.0-1086.93 linux-gke-tools-5.4.0-1086 - 5.4.0-1086.93 linux-image-unsigned-5.4.0-1086-gke - 5.4.0-1086.93 No subscription required linux-image-5.4.0-1086-oracle - 5.4.0-1086.95 linux-tools-5.4.0-1086-oracle - 5.4.0-1086.95 linux-headers-5.4.0-1086-oracle - 5.4.0-1086.95 linux-image-unsigned-5.4.0-1086-oracle - 5.4.0-1086.95 linux-oracle-tools-5.4.0-1086 - 5.4.0-1086.95 linux-modules-5.4.0-1086-oracle - 5.4.0-1086.95 linux-oracle-headers-5.4.0-1086 - 5.4.0-1086.95 linux-buildinfo-5.4.0-1086-oracle - 5.4.0-1086.95 linux-modules-extra-5.4.0-1086-oracle - 5.4.0-1086.95 No subscription required linux-aws-cloud-tools-5.4.0-1088 - 5.4.0-1088.96 linux-aws-headers-5.4.0-1088 - 5.4.0-1088.96 linux-image-5.4.0-1088-aws - 5.4.0-1088.96 linux-headers-5.4.0-1088-aws - 5.4.0-1088.96 linux-modules-extra-5.4.0-1088-aws - 5.4.0-1088.96 linux-aws-tools-5.4.0-1088 - 5.4.0-1088.96 linux-image-unsigned-5.4.0-1088-aws - 5.4.0-1088.96 linux-tools-5.4.0-1088-aws - 5.4.0-1088.96 linux-modules-5.4.0-1088-aws - 5.4.0-1088.96 linux-buildinfo-5.4.0-1088-aws - 5.4.0-1088.96 linux-cloud-tools-5.4.0-1088-aws - 5.4.0-1088.96 No subscription required linux-modules-5.4.0-1092-gcp - 5.4.0-1092.101 linux-gcp-tools-5.4.0-1092 - 5.4.0-1092.101 linux-image-unsigned-5.4.0-1092-gcp - 5.4.0-1092.101 linux-image-5.4.0-1092-gcp - 5.4.0-1092.101 linux-buildinfo-5.4.0-1092-gcp - 5.4.0-1092.101 linux-modules-extra-5.4.0-1092-gcp - 5.4.0-1092.101 linux-headers-5.4.0-1092-gcp - 5.4.0-1092.101 linux-gcp-headers-5.4.0-1092 - 5.4.0-1092.101 linux-tools-5.4.0-1092-gcp - 5.4.0-1092.101 No subscription required linux-modules-5.4.0-1094-azure - 5.4.0-1094.100 linux-image-5.4.0-1094-azure - 5.4.0-1094.100 linux-tools-5.4.0-1094-azure - 5.4.0-1094.100 linux-modules-extra-5.4.0-1094-azure - 5.4.0-1094.100 linux-azure-cloud-tools-5.4.0-1094 - 5.4.0-1094.100 linux-azure-headers-5.4.0-1094 - 5.4.0-1094.100 linux-headers-5.4.0-1094-azure - 5.4.0-1094.100 linux-cloud-tools-5.4.0-1094-azure - 5.4.0-1094.100 linux-buildinfo-5.4.0-1094-azure - 5.4.0-1094.100 linux-azure-tools-5.4.0-1094 - 5.4.0-1094.100 linux-image-unsigned-5.4.0-1094-azure - 5.4.0-1094.100 No subscription required linux-tools-common - 5.4.0-131.147 linux-tools-host - 5.4.0-131.147 linux-image-5.4.0-131-lowlatency - 5.4.0-131.147 linux-modules-5.4.0-131-lowlatency - 5.4.0-131.147 linux-tools-5.4.0-131 - 5.4.0-131.147 linux-headers-5.4.0-131-lowlatency - 5.4.0-131.147 linux-tools-5.4.0-131-lowlatency - 5.4.0-131.147 linux-headers-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-tools-5.4.0-131-generic - 5.4.0-131.147 linux-modules-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-libc-dev - 5.4.0-131.147 linux-image-unsigned-5.4.0-131-generic - 5.4.0-131.147 linux-modules-extra-5.4.0-131-generic - 5.4.0-131.147 linux-buildinfo-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-headers-5.4.0-131-generic - 5.4.0-131.147 linux-buildinfo-5.4.0-131-lowlatency - 5.4.0-131.147 linux-doc - 5.4.0-131.147 linux-image-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-tools-5.4.0-131-generic-lpae - 5.4.0-131.147 linux-modules-5.4.0-131-generic - 5.4.0-131.147 linux-cloud-tools-5.4.0-131-lowlatency - 5.4.0-131.147 linux-image-5.4.0-131-generic - 5.4.0-131.147 linux-cloud-tools-common - 5.4.0-131.147 linux-source-5.4.0 - 5.4.0-131.147 linux-buildinfo-5.4.0-131-generic - 5.4.0-131.147 linux-image-unsigned-5.4.0-131-lowlatency - 5.4.0-131.147 linux-headers-5.4.0-131 - 5.4.0-131.147 linux-cloud-tools-5.4.0-131 - 5.4.0-131.147 linux-cloud-tools-5.4.0-131-generic - 5.4.0-131.147 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1036.64 linux-headers-ibm-lts-20.04 - 5.4.0.1036.64 linux-headers-ibm - 5.4.0.1036.64 linux-ibm - 5.4.0.1036.64 linux-ibm-lts-20.04 - 5.4.0.1036.64 linux-image-ibm-lts-20.04 - 5.4.0.1036.64 linux-image-ibm - 5.4.0.1036.64 linux-modules-extra-ibm - 5.4.0.1036.64 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1036.64 linux-tools-ibm - 5.4.0.1036.64 No subscription required linux-headers-bluefield - 5.4.0.1049.47 linux-image-bluefield - 5.4.0.1049.47 linux-bluefield - 5.4.0.1049.47 linux-tools-bluefield - 5.4.0.1049.47 No subscription required linux-headers-gkeop - 5.4.0.1056.56 linux-cloud-tools-gkeop-5.4 - 5.4.0.1056.56 linux-image-gkeop - 5.4.0.1056.56 linux-gkeop-5.4 - 5.4.0.1056.56 linux-image-gkeop-5.4 - 5.4.0.1056.56 linux-tools-gkeop - 5.4.0.1056.56 linux-gkeop - 5.4.0.1056.56 linux-cloud-tools-gkeop - 5.4.0.1056.56 linux-modules-extra-gkeop-5.4 - 5.4.0.1056.56 linux-headers-gkeop-5.4 - 5.4.0.1056.56 linux-modules-extra-gkeop - 5.4.0.1056.56 linux-tools-gkeop-5.4 - 5.4.0.1056.56 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-image-raspi-hwe-18.04 - 5.4.0.1073.105 linux-image-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-tools-raspi - 5.4.0.1073.105 linux-headers-raspi-hwe-18.04 - 5.4.0.1073.105 linux-headers-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-headers-raspi - 5.4.0.1073.105 linux-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-raspi-hwe-18.04 - 5.4.0.1073.105 linux-tools-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-raspi2-hwe-18.04 - 5.4.0.1073.105 linux-image-raspi2 - 5.4.0.1073.105 linux-tools-raspi-hwe-18.04 - 5.4.0.1073.105 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-image-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-raspi-hwe-18.04-edge - 5.4.0.1073.105 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1073.105 linux-image-raspi - 5.4.0.1073.105 linux-raspi2 - 5.4.0.1073.105 linux-tools-raspi2 - 5.4.0.1073.105 linux-raspi - 5.4.0.1073.105 linux-headers-raspi2 - 5.4.0.1073.105 No subscription required linux-kvm - 5.4.0.1078.74 linux-headers-kvm - 5.4.0.1078.74 linux-image-kvm - 5.4.0.1078.74 linux-tools-kvm - 5.4.0.1078.74 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1086.82 linux-headers-oracle-lts-20.04 - 5.4.0.1086.82 linux-oracle-lts-20.04 - 5.4.0.1086.82 linux-image-oracle-lts-20.04 - 5.4.0.1086.82 No subscription required linux-modules-extra-gke - 5.4.0.1086.93 linux-headers-gke-5.4 - 5.4.0.1086.93 linux-tools-gke-5.4 - 5.4.0.1086.93 linux-modules-extra-gke-5.4 - 5.4.0.1086.93 linux-gke-5.4 - 5.4.0.1086.93 linux-tools-gke - 5.4.0.1086.93 linux-gke - 5.4.0.1086.93 linux-headers-gke - 5.4.0.1086.93 linux-image-gke-5.4 - 5.4.0.1086.93 linux-image-gke - 5.4.0.1086.93 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1088.87 linux-tools-aws-lts-20.04 - 5.4.0.1088.87 linux-image-aws-lts-20.04 - 5.4.0.1088.87 linux-headers-aws-lts-20.04 - 5.4.0.1088.87 linux-aws-lts-20.04 - 5.4.0.1088.87 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1092.96 linux-gcp-lts-20.04 - 5.4.0.1092.96 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1092.96 linux-headers-gcp-lts-20.04 - 5.4.0.1092.96 linux-image-gcp-lts-20.04 - 5.4.0.1092.96 No subscription required linux-azure-lts-20.04 - 5.4.0.1094.90 linux-image-azure-lts-20.04 - 5.4.0.1094.90 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1094.90 linux-modules-extra-azure-lts-20.04 - 5.4.0.1094.90 linux-tools-azure-lts-20.04 - 5.4.0.1094.90 linux-headers-azure-lts-20.04 - 5.4.0.1094.90 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-virtual - 5.4.0.131.131 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-headers-generic-lpae - 5.4.0.131.131 linux-headers-generic - 5.4.0.131.131 linux-oem-osp1-tools-host - 5.4.0.131.131 linux-tools-lowlatency - 5.4.0.131.131 linux-image-oem - 5.4.0.131.131 linux-tools-virtual-hwe-18.04 - 5.4.0.131.131 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.131.131 linux-image-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-headers-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-image-extra-virtual-hwe-18.04 - 5.4.0.131.131 linux-oem - 5.4.0.131.131 linux-image-oem-osp1 - 5.4.0.131.131 linux-image-generic-hwe-18.04 - 5.4.0.131.131 linux-image-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-crashdump - 5.4.0.131.131 linux-tools-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-headers-generic-hwe-18.04 - 5.4.0.131.131 linux-tools-oem - 5.4.0.131.131 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-source - 5.4.0.131.131 linux-lowlatency - 5.4.0.131.131 linux-tools-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-tools-generic-lpae - 5.4.0.131.131 linux-cloud-tools-generic - 5.4.0.131.131 linux-virtual - 5.4.0.131.131 linux-headers-virtual-hwe-18.04 - 5.4.0.131.131 linux-headers-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-tools-virtual - 5.4.0.131.131 linux-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-generic-lpae - 5.4.0.131.131 linux-image-generic-hwe-18.04-edge - 5.4.0.131.131 linux-headers-oem - 5.4.0.131.131 linux-generic - 5.4.0.131.131 linux-tools-oem-osp1 - 5.4.0.131.131 linux-image-virtual - 5.4.0.131.131 linux-image-virtual-hwe-18.04 - 5.4.0.131.131 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-oem-tools-host - 5.4.0.131.131 linux-headers-lowlatency - 5.4.0.131.131 linux-generic-hwe-18.04-edge - 5.4.0.131.131 linux-tools-generic-hwe-18.04-edge - 5.4.0.131.131 linux-image-extra-virtual - 5.4.0.131.131 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-lowlatency - 5.4.0.131.131 linux-headers-oem-osp1 - 5.4.0.131.131 linux-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-tools-generic - 5.4.0.131.131 linux-tools-generic-hwe-18.04 - 5.4.0.131.131 linux-headers-generic-hwe-18.04-edge - 5.4.0.131.131 linux-image-generic - 5.4.0.131.131 linux-oem-osp1 - 5.4.0.131.131 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.131.131 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.131.131 linux-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-headers-virtual - 5.4.0.131.131 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.131.131 linux-virtual-hwe-18.04 - 5.4.0.131.131 linux-lowlatency-hwe-18.04 - 5.4.0.131.131 linux-generic-hwe-18.04 - 5.4.0.131.131 linux-image-generic-lpae - 5.4.0.131.131 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.131.131 linux-image-virtual-hwe-18.04-edge - 5.4.0.131.131 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.131.131 linux-image-lowlatency - 5.4.0.131.131 No subscription required High CVE-2022-2602 CVE-2022-41674 CVE-2022-42720 CVE-2022-42721 Ubuntu 20.04 LTS David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2602) Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721) Sönke Huster discovered that the WiFi driver stack in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-42722) Update Instructions: Run `sudo pro fix USN-5692-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.14.0-1054-oem - 5.14.0-1054.61 linux-buildinfo-5.14.0-1054-oem - 5.14.0-1054.61 linux-headers-5.14.0-1054-oem - 5.14.0-1054.61 linux-modules-iwlwifi-5.14.0-1054-oem - 5.14.0-1054.61 linux-oem-5.14-tools-host - 5.14.0-1054.61 linux-image-5.14.0-1054-oem - 5.14.0-1054.61 linux-oem-5.14-headers-5.14.0-1054 - 5.14.0-1054.61 linux-modules-5.14.0-1054-oem - 5.14.0-1054.61 linux-tools-5.14.0-1054-oem - 5.14.0-1054.61 linux-oem-5.14-tools-5.14.0-1054 - 5.14.0-1054.61 No subscription required linux-headers-oem-20.04 - 5.14.0.1054.52 linux-image-oem-20.04b - 5.14.0.1054.52 linux-image-oem-20.04d - 5.14.0.1054.52 linux-tools-oem-20.04c - 5.14.0.1054.52 linux-tools-oem-20.04b - 5.14.0.1054.52 linux-tools-oem-20.04d - 5.14.0.1054.52 linux-image-oem-20.04c - 5.14.0.1054.52 linux-oem-20.04 - 5.14.0.1054.52 linux-image-oem-20.04 - 5.14.0.1054.52 linux-oem-20.04d - 5.14.0.1054.52 linux-oem-20.04c - 5.14.0.1054.52 linux-oem-20.04b - 5.14.0.1054.52 linux-tools-oem-20.04 - 5.14.0.1054.52 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1054.52 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1054.52 linux-headers-oem-20.04b - 5.14.0.1054.52 linux-headers-oem-20.04c - 5.14.0.1054.52 linux-headers-oem-20.04d - 5.14.0.1054.52 No subscription required linux-modules-extra-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-gke-5.15-headers-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-gke-5.15-tools-5.15.0-1019 - 5.15.0-1019.23~20.04.1 linux-image-unsigned-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-buildinfo-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-tools-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-image-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-headers-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-modules-iwlwifi-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 linux-modules-5.15.0-1019-gke - 5.15.0-1019.23~20.04.1 No subscription required linux-headers-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-modules-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-modules-extra-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-gcp-5.15-headers-5.15.0-1021 - 5.15.0-1021.28~20.04.1 linux-buildinfo-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-image-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-tools-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-gcp-5.15-tools-5.15.0-1021 - 5.15.0-1021.28~20.04.1 linux-modules-iwlwifi-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 linux-image-unsigned-5.15.0-1021-gcp - 5.15.0-1021.28~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1022 - 5.15.0-1022.26~20.04.1 linux-modules-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-buildinfo-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1022 - 5.15.0-1022.26~20.04.1 linux-headers-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-tools-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-image-unsigned-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-cloud-tools-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-aws-5.15-tools-5.15.0-1022 - 5.15.0-1022.26~20.04.1 linux-image-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 linux-modules-extra-5.15.0-1022-aws - 5.15.0-1022.26~20.04.1 No subscription required linux-cloud-tools-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-image-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-buildinfo-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-azure-5.15-headers-5.15.0-1022 - 5.15.0-1022.27~20.04.1 linux-modules-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-modules-extra-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-image-unsigned-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1022 - 5.15.0-1022.27~20.04.1 linux-headers-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 linux-azure-5.15-tools-5.15.0-1022 - 5.15.0-1022.27~20.04.1 linux-tools-5.15.0-1022-azure - 5.15.0-1022.27~20.04.1 No subscription required linux-headers-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-modules-extra-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-cloud-tools-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-hwe-5.15-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-modules-iwlwifi-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-52.58~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-buildinfo-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-modules-5.15.0-52-generic-64k - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-headers-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-image-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-tools-5.15.0-52-generic-lpae - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-generic - 5.15.0-52.58~20.04.1 linux-image-unsigned-5.15.0-52-lowlatency-64k - 5.15.0-52.58~20.04.1 linux-modules-iwlwifi-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-52.58~20.04.1 linux-cloud-tools-5.15.0-52-lowlatency - 5.15.0-52.58~20.04.1 linux-hwe-5.15-headers-5.15.0-52 - 5.15.0-52.58~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-52.58~20.04.1 No subscription required linux-gke-5.15 - 5.15.0.1019.23~20.04.1 linux-tools-gke-5.15 - 5.15.0.1019.23~20.04.1 linux-headers-gke-edge - 5.15.0.1019.23~20.04.1 linux-image-gke-5.15 - 5.15.0.1019.23~20.04.1 linux-tools-gke-edge - 5.15.0.1019.23~20.04.1 linux-image-gke-edge - 5.15.0.1019.23~20.04.1 linux-gke-edge - 5.15.0.1019.23~20.04.1 linux-headers-gke-5.15 - 5.15.0.1019.23~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1021.28~20.04.1 linux-headers-gcp-edge - 5.15.0.1021.28~20.04.1 linux-modules-extra-gcp - 5.15.0.1021.28~20.04.1 linux-tools-gcp - 5.15.0.1021.28~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1021.28~20.04.1 linux-gcp - 5.15.0.1021.28~20.04.1 linux-tools-gcp-edge - 5.15.0.1021.28~20.04.1 linux-headers-gcp - 5.15.0.1021.28~20.04.1 linux-image-gcp - 5.15.0.1021.28~20.04.1 linux-gcp-edge - 5.15.0.1021.28~20.04.1 No subscription required linux-headers-aws-edge - 5.15.0.1022.26~20.04.14 linux-headers-aws - 5.15.0.1022.26~20.04.14 linux-image-aws - 5.15.0.1022.26~20.04.14 linux-modules-extra-aws-edge - 5.15.0.1022.26~20.04.14 linux-aws-edge - 5.15.0.1022.26~20.04.14 linux-aws - 5.15.0.1022.26~20.04.14 linux-modules-extra-aws - 5.15.0.1022.26~20.04.14 linux-tools-aws - 5.15.0.1022.26~20.04.14 linux-tools-aws-edge - 5.15.0.1022.26~20.04.14 linux-image-aws-edge - 5.15.0.1022.26~20.04.14 No subscription required linux-tools-azure-edge - 5.15.0.1022.27~20.04.15 linux-cloud-tools-azure - 5.15.0.1022.27~20.04.15 linux-tools-azure - 5.15.0.1022.27~20.04.15 linux-image-azure-edge - 5.15.0.1022.27~20.04.15 linux-cloud-tools-azure-edge - 5.15.0.1022.27~20.04.15 linux-modules-extra-azure - 5.15.0.1022.27~20.04.15 linux-image-azure - 5.15.0.1022.27~20.04.15 linux-headers-azure-edge - 5.15.0.1022.27~20.04.15 linux-azure-edge - 5.15.0.1022.27~20.04.15 linux-modules-extra-azure-edge - 5.15.0.1022.27~20.04.15 linux-azure - 5.15.0.1022.27~20.04.15 linux-headers-azure - 5.15.0.1022.27~20.04.15 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-image-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-lowlatency-64k-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-tools-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-lowlatency-hwe-20.04 - 5.15.0.52.58~20.04.18 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.18 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-headers-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-headers-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-extra-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-tools-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-generic-lpae-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-tools-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-tools-virtual-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-image-generic-hwe-20.04-edge - 5.15.0.52.58~20.04.20 linux-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-image-generic-64k-hwe-20.04 - 5.15.0.52.58~20.04.20 linux-headers-virtual-hwe-20.04 - 5.15.0.52.58~20.04.20 No subscription required High CVE-2022-2602 CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled links using the Office URI Schemes. If a user were tricked into opening a specially crafted document, a remote attacker could use this issue to execute arbitrary scripts. (CVE-2022-3140) Thomas Florian discovered that LibreOffice incorrectly handled crashes when an encrypted document is open. If the document is recovered upon restarting LibreOffice, subsequent saves of the document were unencrypted. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-12801) Jens Müller discovered that LibreOffice incorrectly handled certain documents containing forms. If a user were tricked into opening a specially crafted document, a remote attacker could overwrite arbitrary files when the form was submitted. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-12803) It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-26305) It was discovered that Libreoffice incorrectly handled encrypting the master key provided by the user for storing passwords for web connections. A local attacker could possibly use this issue to obtain access to passwords stored in the user’s configuration data. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-26306, CVE-2022-26307) Update Instructions: Run `sudo pro fix USN-5694-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.6 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.6 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.6 libreoffice - 1:6.4.7-0ubuntu0.20.04.6 libjuh-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.6 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.6 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.6 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.6 libridl-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.6 python3-access2base - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.6 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.6 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.6 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.6 libunoil-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.6 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.6 libjurt-java - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.6 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.6 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.6 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.6 ure - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.6 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.6 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.6 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.6 python3-uno - 1:6.4.7-0ubuntu0.20.04.6 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.6 No subscription required Medium CVE-2020-12801 CVE-2020-12803 CVE-2022-26305 CVE-2022-26306 CVE-2022-26307 CVE-2022-3140 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-40.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-31.html https://www.oracle.com/security-alerts/cpuoct2022.html Update Instructions: Run `sudo pro fix USN-5696-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.31-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.31-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.31-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-router - 8.0.31-0ubuntu0.20.04.1 mysql-server - 8.0.31-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.31-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-testsuite - 8.0.31-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.31-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.31-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21589 CVE-2022-21592 CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21637 CVE-2022-21640 CVE-2022-39400 CVE-2022-39408 CVE-2022-39410 Ubuntu 20.04 LTS Douglas Mendizabal discovered that Barbican incorrectly handled certain query strings. A remote attacker could possibly use this issue to bypass the access policy. Update Instructions: Run `sudo pro fix USN-5697-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: barbican-keystone-listener - 1:10.1.0-0ubuntu2.2 barbican-api - 1:10.1.0-0ubuntu2.2 barbican-worker - 1:10.1.0-0ubuntu2.2 barbican-common - 1:10.1.0-0ubuntu2.2 python3-barbican - 1:10.1.0-0ubuntu2.2 barbican-doc - 1:10.1.0-0ubuntu2.2 No subscription required Medium CVE-2022-3100 Ubuntu 20.04 LTS Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. (CVE-2022-32221) Hiroki Kurosawa discovered that curl incorrectly handled parsing .netrc files. If an attacker were able to provide a specially crafted .netrc file, this issue could cause curl to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-35260) It was discovered that curl incorrectly handled certain HTTP proxy return codes. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-42915) Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-42916) Update Instructions: Run `sudo pro fix USN-5702-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.14 libcurl4-openssl-dev - 7.68.0-1ubuntu2.14 libcurl3-gnutls - 7.68.0-1ubuntu2.14 libcurl4-doc - 7.68.0-1ubuntu2.14 libcurl3-nss - 7.68.0-1ubuntu2.14 libcurl4-nss-dev - 7.68.0-1ubuntu2.14 libcurl4 - 7.68.0-1ubuntu2.14 curl - 7.68.0-1ubuntu2.14 No subscription required Medium CVE-2022-32221 CVE-2022-35260 CVE-2022-42915 CVE-2022-42916 Ubuntu 20.04 LTS It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. (CVE-2022-42010) It was discovered that DBus was incorrectly validating the length of arrays of fixed-length items. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. (CVE-2022-42011) It was discovered that DBus incorrectly handled the body DBus message with attached file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. (CVE-2022-42012) Update Instructions: Run `sudo pro fix USN-5704-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dbus-1-doc - 1.12.16-2ubuntu2.3 dbus - 1.12.16-2ubuntu2.3 libdbus-1-dev - 1.12.16-2ubuntu2.3 dbus-user-session - 1.12.16-2ubuntu2.3 dbus-x11 - 1.12.16-2ubuntu2.3 dbus-tests - 1.12.16-2ubuntu2.3 libdbus-1-3 - 1.12.16-2ubuntu2.3 No subscription required Medium CVE-2022-42010 CVE-2022-42011 CVE-2022-42012 Ubuntu 20.04 LTS It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741, CVE-2022-33742) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) Update Instructions: Run `sudo pro fix USN-5706-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1092-azure-fde - 5.4.0-1092.97+cvm1.1 linux-image-5.4.0-1092-azure-fde - 5.4.0-1092.97+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1092.97+cvm1.32 linux-image-azure-fde - 5.4.0.1092.97+cvm1.32 linux-cloud-tools-azure-fde - 5.4.0.1092.97+cvm1.32 linux-modules-extra-azure-fde - 5.4.0.1092.97+cvm1.32 linux-tools-azure-fde - 5.4.0.1092.97+cvm1.32 linux-headers-azure-fde - 5.4.0.1092.97+cvm1.32 No subscription required Medium CVE-2021-4159 CVE-2022-20369 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3176 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 Ubuntu 20.04 LTS Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721) Sönke Huster discovered that the WiFi driver stack in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A physically proximate attacker could use this to cause a denial of service (system crash). This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.10. (CVE-2022-42722) Update Instructions: Run `sudo pro fix USN-5708-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: backport-iwlwifi-dkms - 8324-0ubuntu3~20.04.5 No subscription required Medium CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 https://launchpad.net/bugs/1994525 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, CVE-2022-42932) It was discovered that Firefox saved usernames to a plaintext file. A local user could potentially exploit this to obtain sensitive information. (CVE-2022-42931) Update Instructions: Run `sudo pro fix USN-5709-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 106.0.2+build1-0ubuntu0.20.04.1 firefox - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 106.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 106.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 106.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 106.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 106.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-42927 CVE-2022-42928 CVE-2022-42929 CVE-2022-42930 CVE-2022-42931 CVE-2022-42932 Ubuntu 20.04 LTS USN-5709-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, CVE-2022-42932) It was discovered that Firefox saved usernames to a plaintext file. A local user could potentially exploit this to obtain sensitive information. (CVE-2022-42931) Update Instructions: Run `sudo pro fix USN-5709-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-nn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ne - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-nb - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fa - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fi - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-fy - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-or - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-kab - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-oc - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-cs - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ga - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gd - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-gu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-pa - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-pl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-cy - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-pt - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-szl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hi - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ms - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-he - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hy - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-as - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ar - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ia - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-az - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-id - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mai - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-af - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-is - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-vi - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-an - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-bs - 106.0.5+build1-0ubuntu0.20.04.1 firefox - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ro - 106.0.5+build1-0ubuntu0.20.04.1 firefox-geckodriver - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ja - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ru - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-br - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-bn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-be - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-bg - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sl - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-si - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sw - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sv - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-sq - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ko - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-kn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-km - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-kk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ka - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-xh - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ca - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ku - 106.0.5+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-lv - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-lt - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-th - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 106.0.5+build1-0ubuntu0.20.04.1 firefox-dev - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-te - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-cak - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ta - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-lg - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-csb - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-tr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-nso - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-de - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-da - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-uk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mr - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-my - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-uz - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ml - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mn - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-mk - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ur - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-eu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-et - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-es - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-it - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-el - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-eo - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-en - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-zu - 106.0.5+build1-0ubuntu0.20.04.1 firefox-locale-ast - 106.0.5+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1996178 Ubuntu 20.04 LTS Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated certain NTFS metadata. A local attacker could possibly use this issue to gain privileges. Update Instructions: Run `sudo pro fix USN-5711-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ntfs-3g - 1:2017.3.23AR.3-3ubuntu1.3 libntfs-3g883 - 1:2017.3.23AR.3-3ubuntu1.3 ntfs-3g-dev - 1:2017.3.23AR.3-3ubuntu1.3 No subscription required Medium CVE-2022-40284 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2953) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2867, CVE-2022-2868, CVE-2022-2869) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffsplit. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-34526) Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions when using tiffcrop. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3570) It was discovered that LibTIFF incorrectly handled memory in certain conditions when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff file and potentially use this issue to cause a denial of service. This issue only affected to Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3598) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. (CVE-2022-3599) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 22.10. (CVE-2022-3597, CVE-2022-3626, CVE-2022-3627) Update Instructions: Run `sudo pro fix USN-5714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.6 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.6 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.6 No subscription required Medium CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-34526 CVE-2022-3570 CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627 Ubuntu 20.04 LTS It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-doc - 0.19.5-1ubuntu1.1 libraw-bin - 0.19.5-1ubuntu1.1 libraw19 - 0.19.5-1ubuntu1.1 libraw-dev - 0.19.5-1ubuntu1.1 No subscription required Medium CVE-2020-15503 CVE-2020-35530 CVE-2020-35531 CVE-2020-35532 CVE-2020-35533 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5716-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.5 sqlite3-doc - 3.31.1-4ubuntu0.5 libsqlite3-0 - 3.31.1-4ubuntu0.5 libsqlite3-tcl - 3.31.1-4ubuntu0.5 sqlite3 - 3.31.1-4ubuntu0.5 libsqlite3-dev - 3.31.1-4ubuntu0.5 No subscription required Medium CVE-2022-35737 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31628) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data (CVE-2022-31629) It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-31630) Nicky Mouha discovered that PHP incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-37454) Update Instructions: Run `sudo pro fix USN-5717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.15 php7.4-readline - 7.4.3-4ubuntu2.15 php7.4-dba - 7.4.3-4ubuntu2.15 php7.4-common - 7.4.3-4ubuntu2.15 php7.4-xmlrpc - 7.4.3-4ubuntu2.15 php7.4-intl - 7.4.3-4ubuntu2.15 php7.4-phpdbg - 7.4.3-4ubuntu2.15 php7.4-ldap - 7.4.3-4ubuntu2.15 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.15 php7.4-soap - 7.4.3-4ubuntu2.15 php7.4-xsl - 7.4.3-4ubuntu2.15 php7.4-pgsql - 7.4.3-4ubuntu2.15 php7.4-pspell - 7.4.3-4ubuntu2.15 php7.4-zip - 7.4.3-4ubuntu2.15 php7.4-curl - 7.4.3-4ubuntu2.15 php7.4-odbc - 7.4.3-4ubuntu2.15 php7.4-json - 7.4.3-4ubuntu2.15 php7.4-mbstring - 7.4.3-4ubuntu2.15 php7.4-imap - 7.4.3-4ubuntu2.15 php7.4-bz2 - 7.4.3-4ubuntu2.15 php7.4-cgi - 7.4.3-4ubuntu2.15 php7.4 - 7.4.3-4ubuntu2.15 php7.4-bcmath - 7.4.3-4ubuntu2.15 php7.4-dev - 7.4.3-4ubuntu2.15 php7.4-interbase - 7.4.3-4ubuntu2.15 php7.4-tidy - 7.4.3-4ubuntu2.15 php7.4-gmp - 7.4.3-4ubuntu2.15 php7.4-sqlite3 - 7.4.3-4ubuntu2.15 php7.4-fpm - 7.4.3-4ubuntu2.15 php7.4-sybase - 7.4.3-4ubuntu2.15 php7.4-cli - 7.4.3-4ubuntu2.15 libphp7.4-embed - 7.4.3-4ubuntu2.15 php7.4-enchant - 7.4.3-4ubuntu2.15 php7.4-mysql - 7.4.3-4ubuntu2.15 php7.4-snmp - 7.4.3-4ubuntu2.15 php7.4-xml - 7.4.3-4ubuntu2.15 php7.4-opcache - 7.4.3-4ubuntu2.15 No subscription required Medium CVE-2022-31628 CVE-2022-31629 CVE-2022-31630 CVE-2022-37454 Ubuntu 20.04 LTS Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5718-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpixman-1-0 - 0.38.4-0ubuntu2.1 libpixman-1-dev - 0.38.4-0ubuntu2.1 No subscription required Medium CVE-2022-44638 Ubuntu 20.04 LTS It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. (CVE-2022-21619) It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this issue to perform spoofing attacks. (CVE-2022-21624) It was discovered that OpenJDK did not limit the number of connections accepted from HTTP clients. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-21628) It was discovered that OpenJDK incorrectly handled X.509 certificates. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 8 and OpenJDK 11. (CVE-2022-21626) It was discovered that OpenJDK incorrectly handled cached server connections. An attacker could possibly use this issue to perform spoofing attacks. This issue only affected OpenJDK 11, OpenJDK 17 and OpenJDK 19. (CVE-2022-39399) It was discovered that OpenJDK incorrectly handled byte conversions. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11, OpenJDK 17 and OpenJDK 19. (CVE-2022-21618) Update Instructions: Run `sudo pro fix USN-5719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jdk - 11.0.17+8-1ubuntu2~20.04 openjdk-11-source - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jdk-headless - 11.0.17+8-1ubuntu2~20.04 openjdk-11-demo - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre-zero - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre-headless - 11.0.17+8-1ubuntu2~20.04 openjdk-11-jre - 11.0.17+8-1ubuntu2~20.04 No subscription required openjdk-17-jdk-headless - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre-headless - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jdk - 17.0.5+8-2ubuntu1~20.04 openjdk-17-jre-zero - 17.0.5+8-2ubuntu1~20.04 openjdk-17-source - 17.0.5+8-2ubuntu1~20.04 openjdk-17-demo - 17.0.5+8-2ubuntu1~20.04 openjdk-17-doc - 17.0.5+8-2ubuntu1~20.04 No subscription required openjdk-8-doc - 8u352-ga-1~20.04 openjdk-8-jre-headless - 8u352-ga-1~20.04 openjdk-8-jre - 8u352-ga-1~20.04 openjdk-8-demo - 8u352-ga-1~20.04 openjdk-8-jre-zero - 8u352-ga-1~20.04 openjdk-8-jdk - 8u352-ga-1~20.04 openjdk-8-source - 8u352-ga-1~20.04 openjdk-8-jdk-headless - 8u352-ga-1~20.04 No subscription required Medium CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-39399 CVE-2022-21618 Ubuntu 20.04 LTS It was discovered that nginx incorrectly handled certain memory operations in the ngx_http_mp4_module module. A local attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. (CVE-2022-41741, CVE-2022-41742) Update Instructions: Run `sudo pro fix USN-5722-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-stream - 1.18.0-0ubuntu1.4 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.4 nginx-doc - 1.18.0-0ubuntu1.4 libnginx-mod-mail - 1.18.0-0ubuntu1.4 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.4 libnginx-mod-http-echo - 1.18.0-0ubuntu1.4 libnginx-mod-nchan - 1.18.0-0ubuntu1.4 nginx-common - 1.18.0-0ubuntu1.4 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.4 libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.4 nginx-light - 1.18.0-0ubuntu1.4 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.4 nginx-extras - 1.18.0-0ubuntu1.4 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.4 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.4 libnginx-mod-http-lua - 1.18.0-0ubuntu1.4 libnginx-mod-http-perl - 1.18.0-0ubuntu1.4 nginx-core - 1.18.0-0ubuntu1.4 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.4 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.4 nginx - 1.18.0-0ubuntu1.4 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.4 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.4 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.4 nginx-full - 1.18.0-0ubuntu1.4 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.4 libnginx-mod-rtmp - 1.18.0-0ubuntu1.4 No subscription required Medium CVE-2022-41741 CVE-2022-41742 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy (CSP) or other security restrictions, or execute arbitrary code. These issues only affect Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3266, CVE-2022-40956, CVE-2022-40957, CVE-2022-40958, CVE-2022-40959, CVE-2022-40960, CVE-2022-40962) Multiple security issues were discovered in the Matrix SDK bundled with Thunderbird. An attacker could potentially exploit these in order to impersonate another user. These issues only affect Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39236, CVE-2022-39249, CVE-2022-39250, CVE-2022-39251) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932) Update Instructions: Run `sudo pro fix USN-5724-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.4.2+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.4.2+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.4.2+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.4.2+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.4.2+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959 CVE-2022-40960 CVE-2022-40962 CVE-2022-39236 CVE-2022-39249 CVE-2022-39250 CVE-2022-39251 CVE-2022-42927 CVE-2022-42928 CVE-2022-42929 CVE-2022-42932 Ubuntu 20.04 LTS Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to cause Go applications to hang or crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5725-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.13-doc - 1.13.8-1ubuntu1.1 golang-1.13-src - 1.13.8-1ubuntu1.1 golang-1.13 - 1.13.8-1ubuntu1.1 golang-1.13-go - 1.13.8-1ubuntu1.1 No subscription required Low CVE-2020-16845 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, cross-site tracing or execute arbitrary code. (CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45407, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45413, CVE-2022-40674, CVE-2022-45418, CVE-2022-45419, CVE-2022-45420, CVE-2022-45421) Armin Ebert discovered that Firefox did not properly manage while resolving file symlink. If a user were tricked into opening a specially crafted weblink, an attacker could potentially exploit these to cause a denial of service. (CVE-2022-45412) Jefferson Scher and Jayateertha Guruprasad discovered that Firefox did not properly sanitize the HTML download file extension under certain circumstances. If a user were tricked into downloading and executing malicious content, a remote attacker could execute arbitrary code with the privileges of the user invoking the programs. (CVE-2022-45415) Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that Firefox incorrectly handled keyboard events. An attacker could possibly use this issue to perform a timing side-channel attack and possibly figure out which keys are being pressed. (CVE-2022-45416) Kagami discovered that Firefox did not detect Private Browsing Mode correctly. An attacker could possibly use this issue to obtain sensitive information about Private Browsing Mode. (CVE-2022-45417) Update Instructions: Run `sudo pro fix USN-5726-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 107.0+build2-0ubuntu0.20.04.1 firefox - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 107.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 107.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 107.0+build2-0ubuntu0.20.04.1 firefox-dev - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 107.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 107.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45407 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45413 CVE-2022-40674 CVE-2022-45415 CVE-2022-45416 CVE-2022-45417 CVE-2022-45418 CVE-2022-45419 CVE-2022-45420 CVE-2022-45421 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41222) It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-2153) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Update Instructions: Run `sudo pro fix USN-5728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-headers-5.4.0-1037 - 5.4.0-1037.42 linux-modules-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-source-5.4.0 - 5.4.0-1037.42 linux-ibm-tools-common - 5.4.0-1037.42 linux-tools-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-tools-5.4.0-1037 - 5.4.0-1037.42 linux-headers-5.4.0-1037-ibm - 5.4.0-1037.42 linux-buildinfo-5.4.0-1037-ibm - 5.4.0-1037.42 linux-ibm-cloud-tools-common - 5.4.0-1037.42 linux-modules-extra-5.4.0-1037-ibm - 5.4.0-1037.42 linux-image-unsigned-5.4.0-1037-ibm - 5.4.0-1037.42 No subscription required linux-modules-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-tools-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-bluefield-headers-5.4.0-1050 - 5.4.0-1050.56 linux-image-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-image-unsigned-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-buildinfo-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-headers-5.4.0-1050-bluefield - 5.4.0-1050.56 linux-bluefield-tools-5.4.0-1050 - 5.4.0-1050.56 No subscription required linux-raspi-headers-5.4.0-1074 - 5.4.0-1074.85 linux-image-5.4.0-1074-raspi - 5.4.0-1074.85 linux-tools-5.4.0-1074-raspi - 5.4.0-1074.85 linux-buildinfo-5.4.0-1074-raspi - 5.4.0-1074.85 linux-headers-5.4.0-1074-raspi - 5.4.0-1074.85 linux-raspi-tools-5.4.0-1074 - 5.4.0-1074.85 linux-modules-5.4.0-1074-raspi - 5.4.0-1074.85 No subscription required linux-kvm-headers-5.4.0-1079 - 5.4.0-1079.85 linux-kvm-tools-5.4.0-1079 - 5.4.0-1079.85 linux-image-unsigned-5.4.0-1079-kvm - 5.4.0-1079.85 linux-headers-5.4.0-1079-kvm - 5.4.0-1079.85 linux-tools-5.4.0-1079-kvm - 5.4.0-1079.85 linux-buildinfo-5.4.0-1079-kvm - 5.4.0-1079.85 linux-modules-5.4.0-1079-kvm - 5.4.0-1079.85 linux-image-5.4.0-1079-kvm - 5.4.0-1079.85 No subscription required linux-image-5.4.0-1087-oracle - 5.4.0-1087.96 linux-headers-5.4.0-1087-oracle - 5.4.0-1087.96 linux-modules-5.4.0-1087-oracle - 5.4.0-1087.96 linux-modules-extra-5.4.0-1087-oracle - 5.4.0-1087.96 linux-image-unsigned-5.4.0-1087-oracle - 5.4.0-1087.96 linux-buildinfo-5.4.0-1087-oracle - 5.4.0-1087.96 linux-oracle-headers-5.4.0-1087 - 5.4.0-1087.96 linux-tools-5.4.0-1087-oracle - 5.4.0-1087.96 linux-oracle-tools-5.4.0-1087 - 5.4.0-1087.96 No subscription required linux-buildinfo-5.4.0-1089-aws - 5.4.0-1089.97 linux-aws-cloud-tools-5.4.0-1089 - 5.4.0-1089.97 linux-aws-headers-5.4.0-1089 - 5.4.0-1089.97 linux-modules-extra-5.4.0-1089-aws - 5.4.0-1089.97 linux-cloud-tools-5.4.0-1089-aws - 5.4.0-1089.97 linux-headers-5.4.0-1089-aws - 5.4.0-1089.97 linux-aws-tools-5.4.0-1089 - 5.4.0-1089.97 linux-modules-5.4.0-1089-aws - 5.4.0-1089.97 linux-image-5.4.0-1089-aws - 5.4.0-1089.97 linux-image-unsigned-5.4.0-1089-aws - 5.4.0-1089.97 linux-tools-5.4.0-1089-aws - 5.4.0-1089.97 No subscription required linux-image-unsigned-5.4.0-1093-gcp - 5.4.0-1093.102 linux-gcp-tools-5.4.0-1093 - 5.4.0-1093.102 linux-image-5.4.0-1093-gcp - 5.4.0-1093.102 linux-modules-extra-5.4.0-1093-gcp - 5.4.0-1093.102 linux-modules-5.4.0-1093-gcp - 5.4.0-1093.102 linux-buildinfo-5.4.0-1093-gcp - 5.4.0-1093.102 linux-headers-5.4.0-1093-gcp - 5.4.0-1093.102 linux-tools-5.4.0-1093-gcp - 5.4.0-1093.102 linux-gcp-headers-5.4.0-1093 - 5.4.0-1093.102 No subscription required linux-image-5.4.0-1095-azure - 5.4.0-1095.101 linux-modules-extra-5.4.0-1095-azure - 5.4.0-1095.101 linux-image-unsigned-5.4.0-1095-azure - 5.4.0-1095.101 linux-azure-headers-5.4.0-1095 - 5.4.0-1095.101 linux-modules-5.4.0-1095-azure - 5.4.0-1095.101 linux-azure-cloud-tools-5.4.0-1095 - 5.4.0-1095.101 linux-azure-tools-5.4.0-1095 - 5.4.0-1095.101 linux-tools-5.4.0-1095-azure - 5.4.0-1095.101 linux-headers-5.4.0-1095-azure - 5.4.0-1095.101 linux-buildinfo-5.4.0-1095-azure - 5.4.0-1095.101 linux-cloud-tools-5.4.0-1095-azure - 5.4.0-1095.101 No subscription required linux-cloud-tools-5.4.0-132-lowlatency - 5.4.0-132.148 linux-tools-common - 5.4.0-132.148 linux-modules-5.4.0-132-lowlatency - 5.4.0-132.148 linux-tools-5.4.0-132-lowlatency - 5.4.0-132.148 linux-buildinfo-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-tools-host - 5.4.0-132.148 linux-doc - 5.4.0-132.148 linux-buildinfo-5.4.0-132-lowlatency - 5.4.0-132.148 linux-headers-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-tools-5.4.0-132 - 5.4.0-132.148 linux-modules-5.4.0-132-generic - 5.4.0-132.148 linux-libc-dev - 5.4.0-132.148 linux-source-5.4.0 - 5.4.0-132.148 linux-cloud-tools-5.4.0-132 - 5.4.0-132.148 linux-headers-5.4.0-132-lowlatency - 5.4.0-132.148 linux-modules-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-tools-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-headers-5.4.0-132 - 5.4.0-132.148 linux-cloud-tools-5.4.0-132-generic - 5.4.0-132.148 linux-headers-5.4.0-132-generic - 5.4.0-132.148 linux-image-5.4.0-132-generic-lpae - 5.4.0-132.148 linux-image-5.4.0-132-generic - 5.4.0-132.148 linux-cloud-tools-common - 5.4.0-132.148 linux-tools-5.4.0-132-generic - 5.4.0-132.148 linux-modules-extra-5.4.0-132-generic - 5.4.0-132.148 linux-image-unsigned-5.4.0-132-generic - 5.4.0-132.148 linux-image-unsigned-5.4.0-132-lowlatency - 5.4.0-132.148 linux-image-5.4.0-132-lowlatency - 5.4.0-132.148 linux-buildinfo-5.4.0-132-generic - 5.4.0-132.148 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1037.65 linux-image-ibm-lts-20.04 - 5.4.0.1037.65 linux-modules-extra-ibm - 5.4.0.1037.65 linux-headers-ibm-lts-20.04 - 5.4.0.1037.65 linux-ibm-lts-20.04 - 5.4.0.1037.65 linux-image-ibm - 5.4.0.1037.65 linux-ibm - 5.4.0.1037.65 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1037.65 linux-headers-ibm - 5.4.0.1037.65 linux-tools-ibm - 5.4.0.1037.65 No subscription required linux-image-bluefield - 5.4.0.1050.48 linux-headers-bluefield - 5.4.0.1050.48 linux-tools-bluefield - 5.4.0.1050.48 linux-bluefield - 5.4.0.1050.48 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi2 - 5.4.0.1074.106 linux-headers-raspi2 - 5.4.0.1074.106 linux-image-raspi-hwe-18.04 - 5.4.0.1074.106 linux-image-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-tools-raspi - 5.4.0.1074.106 linux-headers-raspi-hwe-18.04 - 5.4.0.1074.106 linux-headers-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-headers-raspi - 5.4.0.1074.106 linux-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi-hwe-18.04 - 5.4.0.1074.106 linux-tools-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi2-hwe-18.04 - 5.4.0.1074.106 linux-image-raspi-hwe-18.04-edge - 5.4.0.1074.106 linux-image-raspi2 - 5.4.0.1074.106 linux-tools-raspi-hwe-18.04 - 5.4.0.1074.106 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-raspi - 5.4.0.1074.106 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1074.106 linux-image-raspi - 5.4.0.1074.106 linux-tools-raspi2 - 5.4.0.1074.106 No subscription required linux-kvm - 5.4.0.1079.75 linux-headers-kvm - 5.4.0.1079.75 linux-image-kvm - 5.4.0.1079.75 linux-tools-kvm - 5.4.0.1079.75 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1087.83 linux-oracle-lts-20.04 - 5.4.0.1087.83 linux-tools-oracle-lts-20.04 - 5.4.0.1087.83 linux-image-oracle-lts-20.04 - 5.4.0.1087.83 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1089.88 linux-modules-extra-aws-lts-20.04 - 5.4.0.1089.88 linux-tools-aws-lts-20.04 - 5.4.0.1089.88 linux-image-aws-lts-20.04 - 5.4.0.1089.88 linux-aws-lts-20.04 - 5.4.0.1089.88 No subscription required linux-gcp-lts-20.04 - 5.4.0.1093.97 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1093.97 linux-headers-gcp-lts-20.04 - 5.4.0.1093.97 linux-image-gcp-lts-20.04 - 5.4.0.1093.97 linux-tools-gcp-lts-20.04 - 5.4.0.1093.97 No subscription required linux-azure-lts-20.04 - 5.4.0.1095.91 linux-image-azure-lts-20.04 - 5.4.0.1095.91 linux-modules-extra-azure-lts-20.04 - 5.4.0.1095.91 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1095.91 linux-tools-azure-lts-20.04 - 5.4.0.1095.91 linux-headers-azure-lts-20.04 - 5.4.0.1095.91 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-virtual - 5.4.0.132.132 linux-image-generic-hwe-18.04 - 5.4.0.132.132 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-headers-generic-lpae - 5.4.0.132.132 linux-oem-osp1-tools-host - 5.4.0.132.132 linux-image-generic - 5.4.0.132.132 linux-tools-lowlatency - 5.4.0.132.132 linux-image-oem - 5.4.0.132.132 linux-headers-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-image-extra-virtual-hwe-18.04 - 5.4.0.132.132 linux-image-oem-osp1 - 5.4.0.132.132 linux-image-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-crashdump - 5.4.0.132.132 linux-tools-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-hwe-18.04 - 5.4.0.132.132 linux-headers-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-source - 5.4.0.132.132 linux-lowlatency - 5.4.0.132.132 linux-tools-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-tools-generic-lpae - 5.4.0.132.132 linux-tools-virtual - 5.4.0.132.132 linux-virtual - 5.4.0.132.132 linux-headers-virtual-hwe-18.04 - 5.4.0.132.132 linux-virtual-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-generic - 5.4.0.132.132 linux-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-headers-oem - 5.4.0.132.132 linux-headers-oem-osp1 - 5.4.0.132.132 linux-generic - 5.4.0.132.132 linux-tools-oem-osp1 - 5.4.0.132.132 linux-image-virtual - 5.4.0.132.132 linux-image-lowlatency - 5.4.0.132.132 linux-tools-generic-hwe-18.04-edge - 5.4.0.132.132 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-cloud-tools-lowlatency - 5.4.0.132.132 linux-headers-lowlatency - 5.4.0.132.132 linux-image-generic-hwe-18.04-edge - 5.4.0.132.132 linux-generic-hwe-18.04-edge - 5.4.0.132.132 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-oem - 5.4.0.132.132 linux-tools-generic - 5.4.0.132.132 linux-image-extra-virtual - 5.4.0.132.132 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-oem-tools-host - 5.4.0.132.132 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.132.132 linux-tools-oem - 5.4.0.132.132 linux-generic-lpae - 5.4.0.132.132 linux-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-hwe-18.04-edge - 5.4.0.132.132 linux-headers-generic - 5.4.0.132.132 linux-oem-osp1 - 5.4.0.132.132 linux-image-virtual-hwe-18.04 - 5.4.0.132.132 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.132.132 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-image-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.132.132 linux-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-headers-virtual - 5.4.0.132.132 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.132.132 linux-tools-virtual-hwe-18.04 - 5.4.0.132.132 linux-lowlatency-hwe-18.04 - 5.4.0.132.132 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.132.132 linux-generic-hwe-18.04 - 5.4.0.132.132 linux-image-generic-lpae - 5.4.0.132.132 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.132.132 linux-image-virtual-hwe-18.04-edge - 5.4.0.132.132 linux-tools-generic-hwe-18.04 - 5.4.0.132.132 No subscription required High CVE-2022-20422 CVE-2022-2153 CVE-2022-2978 CVE-2022-29901 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-40768 CVE-2022-41222 CVE-2022-42703 CVE-2022-42719 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41222) It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-2153) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42719) Update Instructions: Run `sudo pro fix USN-5728-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-gkeop-headers-5.4.0-1057 - 5.4.0-1057.61 linux-image-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-gkeop-source-5.4.0 - 5.4.0-1057.61 linux-gkeop-cloud-tools-5.4.0-1057 - 5.4.0-1057.61 linux-gkeop-tools-5.4.0-1057 - 5.4.0-1057.61 linux-image-unsigned-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-headers-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-modules-extra-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-buildinfo-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-cloud-tools-5.4.0-1057-gkeop - 5.4.0-1057.61 linux-modules-5.4.0-1057-gkeop - 5.4.0-1057.61 No subscription required linux-gke-headers-5.4.0-1087 - 5.4.0-1087.94 linux-headers-5.4.0-1087-gke - 5.4.0-1087.94 linux-image-unsigned-5.4.0-1087-gke - 5.4.0-1087.94 linux-modules-extra-5.4.0-1087-gke - 5.4.0-1087.94 linux-gke-tools-5.4.0-1087 - 5.4.0-1087.94 linux-image-5.4.0-1087-gke - 5.4.0-1087.94 linux-buildinfo-5.4.0-1087-gke - 5.4.0-1087.94 linux-modules-5.4.0-1087-gke - 5.4.0-1087.94 linux-tools-5.4.0-1087-gke - 5.4.0-1087.94 No subscription required linux-image-unsigned-5.4.0-1095-azure-fde - 5.4.0-1095.101+cvm1.1 linux-image-5.4.0-1095-azure-fde - 5.4.0-1095.101+cvm1.1 No subscription required linux-image-gkeop-5.4 - 5.4.0.1057.57 linux-modules-extra-gkeop - 5.4.0.1057.57 linux-headers-gkeop - 5.4.0.1057.57 linux-gkeop-5.4 - 5.4.0.1057.57 linux-cloud-tools-gkeop-5.4 - 5.4.0.1057.57 linux-image-gkeop - 5.4.0.1057.57 linux-modules-extra-gkeop-5.4 - 5.4.0.1057.57 linux-gkeop - 5.4.0.1057.57 linux-cloud-tools-gkeop - 5.4.0.1057.57 linux-tools-gkeop - 5.4.0.1057.57 linux-tools-gkeop-5.4 - 5.4.0.1057.57 linux-headers-gkeop-5.4 - 5.4.0.1057.57 No subscription required linux-modules-extra-gke - 5.4.0.1087.94 linux-gke-5.4 - 5.4.0.1087.94 linux-tools-gke - 5.4.0.1087.94 linux-gke - 5.4.0.1087.94 linux-image-gke - 5.4.0.1087.94 linux-headers-gke-5.4 - 5.4.0.1087.94 linux-image-gke-5.4 - 5.4.0.1087.94 linux-tools-gke-5.4 - 5.4.0.1087.94 linux-headers-gke - 5.4.0.1087.94 linux-modules-extra-gke-5.4 - 5.4.0.1087.94 No subscription required linux-image-azure-fde - 5.4.0.1095.101+cvm1.33 linux-cloud-tools-azure-fde - 5.4.0.1095.101+cvm1.33 linux-modules-extra-azure-fde - 5.4.0.1095.101+cvm1.33 linux-azure-fde - 5.4.0.1095.101+cvm1.33 linux-tools-azure-fde - 5.4.0.1095.101+cvm1.33 linux-headers-azure-fde - 5.4.0.1095.101+cvm1.33 No subscription required High CVE-2022-20422 CVE-2022-2153 CVE-2022-2978 CVE-2022-29901 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-40768 CVE-2022-41222 CVE-2022-42703 CVE-2022-42719 Ubuntu 20.04 LTS It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-2905) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Gwangun Jung discovered that the netfilter subsystem in the Linux kernel did not properly prevent binding to an already bound chain. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-39190) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Update Instructions: Run `sudo pro fix USN-5729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-oracle-5.15-tools-5.15.0-1022 - 5.15.0-1022.28~20.04.1 linux-tools-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-image-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-oracle-5.15-headers-5.15.0-1022 - 5.15.0-1022.28~20.04.1 linux-image-unsigned-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-buildinfo-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-modules-extra-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 linux-headers-5.15.0-1022-oracle - 5.15.0-1022.28~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1023 - 5.15.0-1023.27~20.04.1 linux-buildinfo-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-headers-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-cloud-tools-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1023 - 5.15.0-1023.27~20.04.1 linux-tools-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-modules-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-modules-extra-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-image-unsigned-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 linux-aws-5.15-tools-5.15.0-1023 - 5.15.0-1023.27~20.04.1 linux-image-5.15.0-1023-aws - 5.15.0-1023.27~20.04.1 No subscription required linux-headers-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-tools-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-azure-5.15-headers-5.15.0-1023 - 5.15.0-1023.29~20.04.1 linux-image-unsigned-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-image-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-modules-extra-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1023 - 5.15.0-1023.29~20.04.1 linux-cloud-tools-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-azure-5.15-tools-5.15.0-1023 - 5.15.0-1023.29~20.04.1 linux-modules-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 linux-buildinfo-5.15.0-1023-azure - 5.15.0-1023.29~20.04.1 No subscription required linux-buildinfo-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-modules-extra-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-cloud-tools-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-modules-iwlwifi-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-hwe-5.15-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-cloud-tools-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-modules-iwlwifi-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-53.59~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-image-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-image-unsigned-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-headers-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-generic-lpae - 5.15.0-53.59~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-lowlatency-64k - 5.15.0-53.59~20.04.1 linux-modules-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-buildinfo-5.15.0-53-lowlatency - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-generic-64k - 5.15.0-53.59~20.04.1 linux-tools-5.15.0-53-generic - 5.15.0-53.59~20.04.1 linux-hwe-5.15-headers-5.15.0-53 - 5.15.0-53.59~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-53.59~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1022.28~20.04.1 linux-tools-oracle-edge - 5.15.0.1022.28~20.04.1 linux-oracle-edge - 5.15.0.1022.28~20.04.1 linux-image-oracle-edge - 5.15.0.1022.28~20.04.1 linux-headers-oracle-edge - 5.15.0.1022.28~20.04.1 linux-image-oracle - 5.15.0.1022.28~20.04.1 linux-tools-oracle - 5.15.0.1022.28~20.04.1 linux-oracle - 5.15.0.1022.28~20.04.1 No subscription required linux-image-aws - 5.15.0.1023.27~20.04.15 linux-modules-extra-aws-edge - 5.15.0.1023.27~20.04.15 linux-image-aws-edge - 5.15.0.1023.27~20.04.15 linux-aws-edge - 5.15.0.1023.27~20.04.15 linux-aws - 5.15.0.1023.27~20.04.15 linux-tools-aws - 5.15.0.1023.27~20.04.15 linux-headers-aws-edge - 5.15.0.1023.27~20.04.15 linux-modules-extra-aws - 5.15.0.1023.27~20.04.15 linux-headers-aws - 5.15.0.1023.27~20.04.15 linux-tools-aws-edge - 5.15.0.1023.27~20.04.15 No subscription required linux-tools-azure-edge - 5.15.0.1023.29~20.04.16 linux-cloud-tools-azure - 5.15.0.1023.29~20.04.16 linux-tools-azure - 5.15.0.1023.29~20.04.16 linux-image-azure-edge - 5.15.0.1023.29~20.04.16 linux-cloud-tools-azure-edge - 5.15.0.1023.29~20.04.16 linux-modules-extra-azure - 5.15.0.1023.29~20.04.16 linux-azure - 5.15.0.1023.29~20.04.16 linux-image-azure - 5.15.0.1023.29~20.04.16 linux-headers-azure-edge - 5.15.0.1023.29~20.04.16 linux-azure-edge - 5.15.0.1023.29~20.04.16 linux-modules-extra-azure-edge - 5.15.0.1023.29~20.04.16 linux-headers-azure - 5.15.0.1023.29~20.04.16 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-image-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-lowlatency-64k-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-tools-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-lowlatency-hwe-20.04 - 5.15.0.53.59~20.04.19 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.53.59~20.04.19 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.19 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-extra-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-headers-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-tools-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-lpae-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-generic-lpae-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-tools-virtual-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-image-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-image-generic-64k-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 linux-headers-virtual-hwe-20.04 - 5.15.0.53.59~20.04.21 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.53.59~20.04.21 No subscription required Medium CVE-2022-20422 CVE-2022-2905 CVE-2022-2978 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-39190 CVE-2022-40768 Ubuntu 20.04 LTS It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422) Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-2905) Hao Sun and Jiacheng Xu discovered that the NILFS file system implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2978) Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3028) It was discovered that the Netlink device interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3625) It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-3635) Gwangun Jung discovered that the netfilter subsystem in the Linux kernel did not properly prevent binding to an already bound chain. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-39190) Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX storage controller driver in the Linux kernel did not properly handle certain structures. A local attacker could potentially use this to expose sensitive information (kernel memory). (CVE-2022-40768) Update Instructions: Run `sudo pro fix USN-5729-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-image-unsigned-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-gke-5.15-headers-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-modules-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-modules-iwlwifi-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-gke-5.15-tools-5.15.0-1020 - 5.15.0-1020.25~20.04.1 linux-headers-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-tools-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-modules-extra-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 linux-image-5.15.0-1020-gke - 5.15.0-1020.25~20.04.1 No subscription required linux-buildinfo-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-gcp-5.15-headers-5.15.0-1022 - 5.15.0-1022.29~20.04.1 linux-modules-iwlwifi-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-gcp-5.15-tools-5.15.0-1022 - 5.15.0-1022.29~20.04.1 linux-modules-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-headers-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-modules-extra-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-image-unsigned-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-image-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 linux-tools-5.15.0-1022-gcp - 5.15.0-1022.29~20.04.1 No subscription required linux-tools-gke-edge - 5.15.0.1020.25~20.04.1 linux-gke-edge - 5.15.0.1020.25~20.04.1 linux-headers-gke-5.15 - 5.15.0.1020.25~20.04.1 linux-tools-gke-5.15 - 5.15.0.1020.25~20.04.1 linux-headers-gke-edge - 5.15.0.1020.25~20.04.1 linux-image-gke-edge - 5.15.0.1020.25~20.04.1 linux-gke-5.15 - 5.15.0.1020.25~20.04.1 linux-image-gke-5.15 - 5.15.0.1020.25~20.04.1 No subscription required linux-gcp - 5.15.0.1022.29~20.04.1 linux-headers-gcp - 5.15.0.1022.29~20.04.1 linux-tools-gcp - 5.15.0.1022.29~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1022.29~20.04.1 linux-headers-gcp-edge - 5.15.0.1022.29~20.04.1 linux-tools-gcp-edge - 5.15.0.1022.29~20.04.1 linux-image-gcp-edge - 5.15.0.1022.29~20.04.1 linux-image-gcp - 5.15.0.1022.29~20.04.1 linux-modules-extra-gcp - 5.15.0.1022.29~20.04.1 linux-gcp-edge - 5.15.0.1022.29~20.04.1 No subscription required Medium CVE-2022-20422 CVE-2022-2905 CVE-2022-2978 CVE-2022-3028 CVE-2022-3625 CVE-2022-3635 CVE-2022-39190 CVE-2022-40768 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5730-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.2-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.2-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.2-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.2-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-32888 CVE-2022-32923 CVE-2022-42799 CVE-2022-42823 CVE-2022-42824 Ubuntu 20.04 LTS It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41973) It was discovered that multipath-tools incorrectly handled access controls. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. (CVE-2022-41974) Update Instructions: Run `sudo pro fix USN-5731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kpartx-boot - 0.8.3-1ubuntu2.1 multipath-tools-boot - 0.8.3-1ubuntu2.1 kpartx - 0.8.3-1ubuntu2.1 multipath-tools - 0.8.3-1ubuntu2.1 No subscription required Medium CVE-2022-41973 CVE-2022-41974 Ubuntu 20.04 LTS It was discovered that Unbound incorrectly handled delegations with a large number of non-responsive nameservers. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5732-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.4 python3-unbound - 1.9.4-2ubuntu1.4 libunbound8 - 1.9.4-2ubuntu1.4 python-unbound - 1.9.4-2ubuntu1.4 unbound-anchor - 1.9.4-2ubuntu1.4 unbound-host - 1.9.4-2ubuntu1.4 libunbound-dev - 1.9.4-2ubuntu1.4 No subscription required Medium CVE-2022-3204 Ubuntu 20.04 LTS It was discovered that FLAC was not properly performing memory management operations, which could result in a memory leak. An attacker could possibly use this issue to cause FLAC to consume resources, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2017-6888) It was discovered that FLAC was not properly performing bounds checking operations when decoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-0499) It was discovered that FLAC was not properly performing bounds checking operations when encoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. (CVE-2021-0561) Update Instructions: Run `sudo pro fix USN-5733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflac-doc - 1.3.3-1ubuntu0.1 libflac-dev - 1.3.3-1ubuntu0.1 libflac++-dev - 1.3.3-1ubuntu0.1 flac - 1.3.3-1ubuntu0.1 libflac++6v5 - 1.3.3-1ubuntu0.1 libflac8 - 1.3.3-1ubuntu0.1 No subscription required Low CVE-2017-6888 CVE-2020-0499 CVE-2021-0561 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-39282, CVE-2022-39283) It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320) It was discovered that FreeRDP incorrectly handled certain path checks. A malicious server could use this issue to cause FreeRDP clients to read files outside of the shared directory. (CVE-2022-39347) Update Instructions: Run `sudo pro fix USN-5734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.4 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.4 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.4 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.4 No subscription required Medium CVE-2022-39282 CVE-2022-39283 CVE-2022-39316 CVE-2022-39317 CVE-2022-39318 CVE-2022-39319 CVE-2022-39320 CVE-2022-39347 Ubuntu 20.04 LTS USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu 22.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20243) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20244) It was discovered that ImageMagick could be made to divide by zero when processing crafted files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20245) It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20246) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20309) It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image data. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20312) It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed. This issue only affected Ubuntu 22.10. (CVE-2021-20313) It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file using the convert command, an attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-3574) It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module policy. An attacker could use this issue to read and write certain restricted files. This issue only affected Ubuntu 22.10. (CVE-2021-39212) It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-4219) It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted DICOM file, an attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or expose sensitive information. This issue only affected Ubuntu 22.10. (CVE-2022-1114) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.10. (CVE-2022-28463) It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32545, CVE-2022-32546) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32547) Update Instructions: Run `sudo pro fix USN-5736-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-20224 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-3574 CVE-2021-39212 CVE-2021-4219 CVE-2022-1114 CVE-2022-28463 CVE-2022-32545 CVE-2022-32546 CVE-2022-32547 Ubuntu 20.04 LTS Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.37 in Ubuntu 20.04 LTS and to 10.6.11 in Ubuntu 22.04 LTS and Ubuntu 22.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-5739-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.37-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.37-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.37-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.37-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.37-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.37-0ubuntu0.20.04.1 mariadb-client - 1:10.3.37-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.37-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.37-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.37-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.37-0ubuntu0.20.04.1 mariadb-server - 1:10.3.37-0ubuntu0.20.04.1 mariadb-common - 1:10.3.37-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.37-0ubuntu0.20.04.1 mariadb-test - 1:10.3.37-0ubuntu0.20.04.1 No subscription required Medium CVE-2018-25032 CVE-2021-46669 CVE-2022-21427 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-32081 CVE-2022-32082 CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32086 CVE-2022-32087 CVE-2022-32088 CVE-2022-32089 CVE-2022-32091 Ubuntu 20.04 LTS USN-5739-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: MariaDB has been updated to 10.3.38 in Ubuntu 20.04 LTS and to 10.6.12 in Ubuntu 22.04 LTS and Ubuntu 22.10. Update Instructions: Run `sudo pro fix USN-5739-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.38-0ubuntu0.20.04.1 mariadb-backup - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-connect - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-spider - 1:10.3.38-0ubuntu0.20.04.1 libmariadbclient-dev - 1:10.3.38-0ubuntu0.20.04.1 libmariadb-dev - 1:10.3.38-0ubuntu0.20.04.1 libmariadb3 - 1:10.3.38-0ubuntu0.20.04.1 libmariadbd19 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-client-core-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-tokudb - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-mroonga - 1:10.3.38-0ubuntu0.20.04.1 mariadb-client - 1:10.3.38-0ubuntu0.20.04.1 mariadb-server-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-server-core-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-test-data - 1:10.3.38-0ubuntu0.20.04.1 mariadb-client-10.3 - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-rocksdb - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-gssapi-client - 1:10.3.38-0ubuntu0.20.04.1 libmariadbd-dev - 1:10.3.38-0ubuntu0.20.04.1 libmariadb-dev-compat - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-gssapi-server - 1:10.3.38-0ubuntu0.20.04.1 mariadb-server - 1:10.3.38-0ubuntu0.20.04.1 mariadb-common - 1:10.3.38-0ubuntu0.20.04.1 mariadb-plugin-oqgraph - 1:10.3.38-0ubuntu0.20.04.1 mariadb-test - 1:10.3.38-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2006882 Ubuntu 20.04 LTS It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5740-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.4 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.4 xwayland - 2:1.20.13-1ubuntu1~20.04.4 xdmx - 2:1.20.13-1ubuntu1~20.04.4 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.4 xvfb - 2:1.20.13-1ubuntu1~20.04.4 xnest - 2:1.20.13-1ubuntu1~20.04.4 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.4 xserver-common - 2:1.20.13-1ubuntu1~20.04.4 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.4 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.4 No subscription required Medium CVE-2022-3550 CVE-2022-3551 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain regular expressions. An attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5741-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.7 eximon4 - 4.93-13ubuntu1.7 exim4 - 4.93-13ubuntu1.7 exim4-base - 4.93-13ubuntu1.7 exim4-config - 4.93-13ubuntu1.7 exim4-daemon-heavy - 4.93-13ubuntu1.7 exim4-daemon-light - 4.93-13ubuntu1.7 No subscription required Medium CVE-2022-3559 Ubuntu 20.04 LTS It was discovered that JBIG-KIT incorrectly handled decoding certain large image files. If a user or automated system using JBIG-KIT were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5742-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jbigkit-bin - 2.1-3.1ubuntu0.20.04.1 libjbig-dev - 2.1-3.1ubuntu0.20.04.1 libjbig0 - 2.1-3.1ubuntu0.20.04.1 No subscription required Negligible CVE-2017-9937 Ubuntu 20.04 LTS USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Update Instructions: Run `sudo pro fix USN-5743-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.7 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.7 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.7 No subscription required Medium CVE-2022-3970 Ubuntu 20.04 LTS Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization. Update Instructions: Run `sudo pro fix USN-5745-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: passwd - 1:4.8.1-1ubuntu5.20.04.3 login - 1:4.8.1-1ubuntu5.20.04.3 uidmap - 1:4.8.1-1ubuntu5.20.04.3 No subscription required Low CVE-2013-4235 Ubuntu 20.04 LTS USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization. Update Instructions: Run `sudo pro fix USN-5745-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: passwd - 1:4.8.1-1ubuntu5.20.04.4 login - 1:4.8.1-1ubuntu5.20.04.4 uidmap - 1:4.8.1-1ubuntu5.20.04.4 No subscription required None https://launchpad.net/bugs/1998169 Ubuntu 20.04 LTS It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5748-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isag - 12.2.0-2ubuntu0.2 sysstat - 12.2.0-2ubuntu0.2 No subscription required Medium CVE-2022-39377 Ubuntu 20.04 LTS The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5753-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.57.5+20.04ubuntu0.1 ubuntu-core-launcher - 2.57.5+20.04ubuntu0.1 snap-confine - 2.57.5+20.04ubuntu0.1 ubuntu-snappy-cli - 2.57.5+20.04ubuntu0.1 golang-github-snapcore-snapd-dev - 2.57.5+20.04ubuntu0.1 snapd-xdg-open - 2.57.5+20.04ubuntu0.1 snapd - 2.57.5+20.04ubuntu0.1 golang-github-ubuntu-core-snappy-dev - 2.57.5+20.04ubuntu0.1 ubuntu-snappy - 2.57.5+20.04ubuntu0.1 No subscription required High CVE-2022-3328 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.15-headers-5.15.0-1025 - 5.15.0-1025.31~20.04.2 linux-oracle-5.15-tools-5.15.0-1025 - 5.15.0-1025.31~20.04.2 linux-tools-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-modules-extra-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-buildinfo-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-headers-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-modules-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-image-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 linux-image-unsigned-5.15.0-1025-oracle - 5.15.0-1025.31~20.04.2 No subscription required linux-aws-5.15-headers-5.15.0-1026 - 5.15.0-1026.30~20.04.2 linux-tools-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-image-unsigned-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-buildinfo-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-image-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-headers-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-aws-5.15-cloud-tools-5.15.0-1026 - 5.15.0-1026.30~20.04.2 linux-modules-extra-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-aws-5.15-tools-5.15.0-1026 - 5.15.0-1026.30~20.04.2 linux-modules-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 linux-cloud-tools-5.15.0-1026-aws - 5.15.0-1026.30~20.04.2 No subscription required linux-modules-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-cloud-tools-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-modules-extra-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-hwe-5.15-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-56.62~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-cloud-tools-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-buildinfo-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-modules-iwlwifi-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-generic - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-tools-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-modules-iwlwifi-5.15.0-56-lowlatency - 5.15.0-56.62~20.04.1 linux-hwe-5.15-headers-5.15.0-56 - 5.15.0-56.62~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-56.62~20.04.1 linux-image-unsigned-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-headers-5.15.0-56-lowlatency-64k - 5.15.0-56.62~20.04.1 linux-image-5.15.0-56-generic-64k - 5.15.0-56.62~20.04.1 linux-modules-5.15.0-56-generic-lpae - 5.15.0-56.62~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1025.31~20.04.1 linux-tools-oracle - 5.15.0.1025.31~20.04.1 linux-tools-oracle-edge - 5.15.0.1025.31~20.04.1 linux-oracle-edge - 5.15.0.1025.31~20.04.1 linux-image-oracle-edge - 5.15.0.1025.31~20.04.1 linux-headers-oracle-edge - 5.15.0.1025.31~20.04.1 linux-image-oracle - 5.15.0.1025.31~20.04.1 linux-oracle - 5.15.0.1025.31~20.04.1 No subscription required linux-headers-aws - 5.15.0.1026.30~20.04.16 linux-image-aws - 5.15.0.1026.30~20.04.16 linux-modules-extra-aws-edge - 5.15.0.1026.30~20.04.16 linux-image-aws-edge - 5.15.0.1026.30~20.04.16 linux-aws-edge - 5.15.0.1026.30~20.04.16 linux-aws - 5.15.0.1026.30~20.04.16 linux-tools-aws - 5.15.0.1026.30~20.04.16 linux-headers-aws-edge - 5.15.0.1026.30~20.04.16 linux-modules-extra-aws - 5.15.0.1026.30~20.04.16 linux-tools-aws-edge - 5.15.0.1026.30~20.04.16 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-lowlatency-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.56.62~20.04.20 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.20 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.56.62~20.04.20 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-image-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-image-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-extra-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-headers-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-tools-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-generic-lpae-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-tools-generic-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-lpae-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-tools-virtual-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-image-generic-64k-hwe-20.04 - 5.15.0.56.62~20.04.22 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.56.62~20.04.22 linux-headers-virtual-hwe-20.04 - 5.15.0.56.62~20.04.22 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5755-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-headers-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-gke-5.15-headers-5.15.0-1023 - 5.15.0-1023.28~20.04.2 linux-buildinfo-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-modules-iwlwifi-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-modules-extra-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-image-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-gke-5.15-tools-5.15.0-1023 - 5.15.0-1023.28~20.04.2 linux-tools-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 linux-image-unsigned-5.15.0-1023-gke - 5.15.0-1023.28~20.04.2 No subscription required linux-headers-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-image-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-modules-iwlwifi-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-gcp-5.15-tools-5.15.0-1025 - 5.15.0-1025.32~20.04.2 linux-tools-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-image-unsigned-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-gcp-5.15-headers-5.15.0-1025 - 5.15.0-1025.32~20.04.2 linux-buildinfo-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-modules-extra-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 linux-modules-5.15.0-1025-gcp - 5.15.0-1025.32~20.04.2 No subscription required linux-tools-gke-edge - 5.15.0.1023.28~20.04.1 linux-gke-edge - 5.15.0.1023.28~20.04.1 linux-headers-gke-5.15 - 5.15.0.1023.28~20.04.1 linux-tools-gke-5.15 - 5.15.0.1023.28~20.04.1 linux-headers-gke-edge - 5.15.0.1023.28~20.04.1 linux-image-gke-edge - 5.15.0.1023.28~20.04.1 linux-gke-5.15 - 5.15.0.1023.28~20.04.1 linux-image-gke-5.15 - 5.15.0.1023.28~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1025.32~20.04.1 linux-tools-gcp - 5.15.0.1025.32~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1025.32~20.04.1 linux-headers-gcp-edge - 5.15.0.1025.32~20.04.1 linux-gcp - 5.15.0.1025.32~20.04.1 linux-headers-gcp - 5.15.0.1025.32~20.04.1 linux-image-gcp-edge - 5.15.0.1025.32~20.04.1 linux-image-gcp - 5.15.0.1025.32~20.04.1 linux-modules-extra-gcp - 5.15.0.1025.32~20.04.1 linux-gcp-edge - 5.15.0.1025.32~20.04.1 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1040-ibm - 5.4.0-1040.45 linux-modules-5.4.0-1040-ibm - 5.4.0-1040.45 linux-image-unsigned-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-source-5.4.0 - 5.4.0-1040.45 linux-tools-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-tools-common - 5.4.0-1040.45 linux-ibm-cloud-tools-common - 5.4.0-1040.45 linux-buildinfo-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-headers-5.4.0-1040 - 5.4.0-1040.45 linux-headers-5.4.0-1040-ibm - 5.4.0-1040.45 linux-modules-extra-5.4.0-1040-ibm - 5.4.0-1040.45 linux-ibm-tools-5.4.0-1040 - 5.4.0-1040.45 No subscription required linux-modules-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-gkeop-source-5.4.0 - 5.4.0-1060.64 linux-image-unsigned-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-gkeop-headers-5.4.0-1060 - 5.4.0-1060.64 linux-gkeop-tools-5.4.0-1060 - 5.4.0-1060.64 linux-image-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-cloud-tools-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-headers-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-modules-extra-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-tools-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-buildinfo-5.4.0-1060-gkeop - 5.4.0-1060.64 linux-gkeop-cloud-tools-5.4.0-1060 - 5.4.0-1060.64 No subscription required linux-headers-5.4.0-1077-raspi - 5.4.0-1077.88 linux-raspi-headers-5.4.0-1077 - 5.4.0-1077.88 linux-tools-5.4.0-1077-raspi - 5.4.0-1077.88 linux-modules-5.4.0-1077-raspi - 5.4.0-1077.88 linux-buildinfo-5.4.0-1077-raspi - 5.4.0-1077.88 linux-raspi-tools-5.4.0-1077 - 5.4.0-1077.88 linux-image-5.4.0-1077-raspi - 5.4.0-1077.88 No subscription required linux-image-5.4.0-1082-kvm - 5.4.0-1082.88 linux-kvm-headers-5.4.0-1082 - 5.4.0-1082.88 linux-modules-5.4.0-1082-kvm - 5.4.0-1082.88 linux-buildinfo-5.4.0-1082-kvm - 5.4.0-1082.88 linux-kvm-tools-5.4.0-1082 - 5.4.0-1082.88 linux-image-unsigned-5.4.0-1082-kvm - 5.4.0-1082.88 linux-tools-5.4.0-1082-kvm - 5.4.0-1082.88 linux-headers-5.4.0-1082-kvm - 5.4.0-1082.88 No subscription required linux-oracle-headers-5.4.0-1090 - 5.4.0-1090.99 linux-modules-5.4.0-1090-oracle - 5.4.0-1090.99 linux-buildinfo-5.4.0-1090-oracle - 5.4.0-1090.99 linux-headers-5.4.0-1090-oracle - 5.4.0-1090.99 linux-tools-5.4.0-1090-oracle - 5.4.0-1090.99 linux-image-unsigned-5.4.0-1090-oracle - 5.4.0-1090.99 linux-oracle-tools-5.4.0-1090 - 5.4.0-1090.99 linux-image-5.4.0-1090-oracle - 5.4.0-1090.99 linux-modules-extra-5.4.0-1090-oracle - 5.4.0-1090.99 No subscription required linux-image-unsigned-5.4.0-1092-aws - 5.4.0-1092.100 linux-headers-5.4.0-1092-aws - 5.4.0-1092.100 linux-buildinfo-5.4.0-1092-aws - 5.4.0-1092.100 linux-aws-cloud-tools-5.4.0-1092 - 5.4.0-1092.100 linux-cloud-tools-5.4.0-1092-aws - 5.4.0-1092.100 linux-aws-tools-5.4.0-1092 - 5.4.0-1092.100 linux-image-5.4.0-1092-aws - 5.4.0-1092.100 linux-tools-5.4.0-1092-aws - 5.4.0-1092.100 linux-modules-5.4.0-1092-aws - 5.4.0-1092.100 linux-modules-extra-5.4.0-1092-aws - 5.4.0-1092.100 linux-aws-headers-5.4.0-1092 - 5.4.0-1092.100 No subscription required linux-modules-extra-5.4.0-1096-gcp - 5.4.0-1096.105 linux-image-5.4.0-1096-gcp - 5.4.0-1096.105 linux-gcp-tools-5.4.0-1096 - 5.4.0-1096.105 linux-modules-5.4.0-1096-gcp - 5.4.0-1096.105 linux-buildinfo-5.4.0-1096-gcp - 5.4.0-1096.105 linux-image-unsigned-5.4.0-1096-gcp - 5.4.0-1096.105 linux-headers-5.4.0-1096-gcp - 5.4.0-1096.105 linux-tools-5.4.0-1096-gcp - 5.4.0-1096.105 linux-gcp-headers-5.4.0-1096 - 5.4.0-1096.105 No subscription required linux-tools-common - 5.4.0-135.152 linux-headers-5.4.0-135-generic - 5.4.0-135.152 linux-tools-host - 5.4.0-135.152 linux-doc - 5.4.0-135.152 linux-image-unsigned-5.4.0-135-lowlatency - 5.4.0-135.152 linux-cloud-tools-5.4.0-135-generic - 5.4.0-135.152 linux-modules-extra-5.4.0-135-generic - 5.4.0-135.152 linux-image-5.4.0-135-generic - 5.4.0-135.152 linux-tools-5.4.0-135-generic - 5.4.0-135.152 linux-libc-dev - 5.4.0-135.152 linux-source-5.4.0 - 5.4.0-135.152 linux-image-5.4.0-135-lowlatency - 5.4.0-135.152 linux-cloud-tools-5.4.0-135 - 5.4.0-135.152 linux-tools-5.4.0-135 - 5.4.0-135.152 linux-headers-5.4.0-135-lowlatency - 5.4.0-135.152 linux-modules-5.4.0-135-lowlatency - 5.4.0-135.152 linux-modules-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-buildinfo-5.4.0-135-generic - 5.4.0-135.152 linux-tools-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-headers-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-tools-5.4.0-135-lowlatency - 5.4.0-135.152 linux-cloud-tools-common - 5.4.0-135.152 linux-image-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-buildinfo-5.4.0-135-lowlatency - 5.4.0-135.152 linux-modules-5.4.0-135-generic - 5.4.0-135.152 linux-cloud-tools-5.4.0-135-lowlatency - 5.4.0-135.152 linux-headers-5.4.0-135 - 5.4.0-135.152 linux-buildinfo-5.4.0-135-generic-lpae - 5.4.0-135.152 linux-image-unsigned-5.4.0-135-generic - 5.4.0-135.152 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1040.66 linux-image-ibm - 5.4.0.1040.66 linux-headers-ibm-lts-20.04 - 5.4.0.1040.66 linux-tools-ibm - 5.4.0.1040.66 linux-image-ibm-lts-20.04 - 5.4.0.1040.66 linux-ibm-lts-20.04 - 5.4.0.1040.66 linux-modules-extra-ibm - 5.4.0.1040.66 linux-ibm - 5.4.0.1040.66 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1040.66 linux-headers-ibm - 5.4.0.1040.66 No subscription required linux-headers-gkeop - 5.4.0.1060.58 linux-cloud-tools-gkeop-5.4 - 5.4.0.1060.58 linux-image-gkeop - 5.4.0.1060.58 linux-modules-extra-gkeop-5.4 - 5.4.0.1060.58 linux-gkeop-5.4 - 5.4.0.1060.58 linux-image-gkeop-5.4 - 5.4.0.1060.58 linux-gkeop - 5.4.0.1060.58 linux-cloud-tools-gkeop - 5.4.0.1060.58 linux-headers-gkeop-5.4 - 5.4.0.1060.58 linux-modules-extra-gkeop - 5.4.0.1060.58 linux-tools-gkeop - 5.4.0.1060.58 linux-tools-gkeop-5.4 - 5.4.0.1060.58 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-raspi2 - 5.4.0.1077.107 linux-headers-raspi2 - 5.4.0.1077.107 linux-image-raspi-hwe-18.04 - 5.4.0.1077.107 linux-image-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-tools-raspi - 5.4.0.1077.107 linux-headers-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-headers-raspi-hwe-18.04 - 5.4.0.1077.107 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-headers-raspi - 5.4.0.1077.107 linux-image-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-raspi-hwe-18.04 - 5.4.0.1077.107 linux-tools-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-raspi2-hwe-18.04 - 5.4.0.1077.107 linux-image-raspi2 - 5.4.0.1077.107 linux-tools-raspi-hwe-18.04 - 5.4.0.1077.107 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-raspi-hwe-18.04-edge - 5.4.0.1077.107 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1077.107 linux-image-raspi - 5.4.0.1077.107 linux-tools-raspi2 - 5.4.0.1077.107 linux-raspi - 5.4.0.1077.107 No subscription required linux-kvm - 5.4.0.1082.76 linux-headers-kvm - 5.4.0.1082.76 linux-image-kvm - 5.4.0.1082.76 linux-tools-kvm - 5.4.0.1082.76 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1090.84 linux-headers-oracle-lts-20.04 - 5.4.0.1090.84 linux-oracle-lts-20.04 - 5.4.0.1090.84 linux-image-oracle-lts-20.04 - 5.4.0.1090.84 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1092.89 linux-image-aws-lts-20.04 - 5.4.0.1092.89 linux-headers-aws-lts-20.04 - 5.4.0.1092.89 linux-tools-aws-lts-20.04 - 5.4.0.1092.89 linux-aws-lts-20.04 - 5.4.0.1092.89 No subscription required linux-gcp-lts-20.04 - 5.4.0.1096.98 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1096.98 linux-headers-gcp-lts-20.04 - 5.4.0.1096.98 linux-image-gcp-lts-20.04 - 5.4.0.1096.98 linux-tools-gcp-lts-20.04 - 5.4.0.1096.98 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-virtual - 5.4.0.135.133 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-headers-generic-lpae - 5.4.0.135.133 linux-image-virtual - 5.4.0.135.133 linux-oem-osp1-tools-host - 5.4.0.135.133 linux-image-generic - 5.4.0.135.133 linux-tools-lowlatency - 5.4.0.135.133 linux-image-oem - 5.4.0.135.133 linux-headers-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.135.133 linux-headers-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-image-extra-virtual-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-oem - 5.4.0.135.133 linux-image-oem-osp1 - 5.4.0.135.133 linux-image-generic-hwe-18.04 - 5.4.0.135.133 linux-image-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-crashdump - 5.4.0.135.133 linux-tools-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-hwe-18.04 - 5.4.0.135.133 linux-source - 5.4.0.135.133 linux-lowlatency - 5.4.0.135.133 linux-tools-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic-lpae - 5.4.0.135.133 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-generic - 5.4.0.135.133 linux-virtual - 5.4.0.135.133 linux-headers-virtual-hwe-18.04 - 5.4.0.135.133 linux-tools-virtual - 5.4.0.135.133 linux-virtual-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-headers-virtual - 5.4.0.135.133 linux-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-generic-lpae - 5.4.0.135.133 linux-headers-oem - 5.4.0.135.133 linux-generic - 5.4.0.135.133 linux-tools-oem-osp1 - 5.4.0.135.133 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic-hwe-18.04-edge - 5.4.0.135.133 linux-image-virtual-hwe-18.04 - 5.4.0.135.133 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-cloud-tools-lowlatency - 5.4.0.135.133 linux-image-generic-hwe-18.04-edge - 5.4.0.135.133 linux-generic-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.135.133 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.135.133 linux-tools-generic - 5.4.0.135.133 linux-image-extra-virtual - 5.4.0.135.133 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-oem-tools-host - 5.4.0.135.133 linux-tools-oem - 5.4.0.135.133 linux-headers-oem-osp1 - 5.4.0.135.133 linux-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.135.133 linux-headers-generic-hwe-18.04-edge - 5.4.0.135.133 linux-headers-generic - 5.4.0.135.133 linux-oem-osp1 - 5.4.0.135.133 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.135.133 linux-headers-lowlatency - 5.4.0.135.133 linux-tools-virtual-hwe-18.04 - 5.4.0.135.133 linux-image-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-virtual-hwe-18.04-edge - 5.4.0.135.133 linux-lowlatency-hwe-18.04 - 5.4.0.135.133 linux-generic-hwe-18.04 - 5.4.0.135.133 linux-image-generic-lpae - 5.4.0.135.133 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.135.133 linux-image-lowlatency - 5.4.0.135.133 linux-tools-generic-hwe-18.04 - 5.4.0.135.133 linux-image-virtual-hwe-18.04-edge - 5.4.0.135.133 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5756-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1090-gke - 5.4.0-1090.97 linux-headers-5.4.0-1090-gke - 5.4.0-1090.97 linux-gke-headers-5.4.0-1090 - 5.4.0-1090.97 linux-gke-tools-5.4.0-1090 - 5.4.0-1090.97 linux-image-5.4.0-1090-gke - 5.4.0-1090.97 linux-buildinfo-5.4.0-1090-gke - 5.4.0-1090.97 linux-modules-extra-5.4.0-1090-gke - 5.4.0-1090.97 linux-tools-5.4.0-1090-gke - 5.4.0-1090.97 linux-modules-5.4.0-1090-gke - 5.4.0-1090.97 No subscription required linux-modules-extra-gke - 5.4.0.1090.95 linux-image-gke - 5.4.0.1090.95 linux-gke-5.4 - 5.4.0.1090.95 linux-headers-gke-5.4 - 5.4.0.1090.95 linux-image-gke-5.4 - 5.4.0.1090.95 linux-tools-gke-5.4 - 5.4.0.1090.95 linux-modules-extra-gke-5.4 - 5.4.0.1090.95 linux-headers-gke - 5.4.0.1090.95 linux-gke - 5.4.0.1090.95 linux-tools-gke - 5.4.0.1090.95 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 Ubuntu 20.04 LTS Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5756-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-headers-5.4.0-1098 - 5.4.0-1098.104 linux-image-5.4.0-1098-azure - 5.4.0-1098.104 linux-modules-extra-5.4.0-1098-azure - 5.4.0-1098.104 linux-modules-5.4.0-1098-azure - 5.4.0-1098.104 linux-cloud-tools-5.4.0-1098-azure - 5.4.0-1098.104 linux-image-unsigned-5.4.0-1098-azure - 5.4.0-1098.104 linux-headers-5.4.0-1098-azure - 5.4.0-1098.104 linux-azure-cloud-tools-5.4.0-1098 - 5.4.0-1098.104 linux-tools-5.4.0-1098-azure - 5.4.0-1098.104 linux-azure-tools-5.4.0-1098 - 5.4.0-1098.104 linux-buildinfo-5.4.0-1098-azure - 5.4.0-1098.104 No subscription required linux-tools-azure-lts-20.04 - 5.4.0.1098.92 linux-image-azure-lts-20.04 - 5.4.0.1098.92 linux-azure-lts-20.04 - 5.4.0.1098.92 linux-headers-azure-lts-20.04 - 5.4.0.1098.92 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1098.92 linux-modules-extra-azure-lts-20.04 - 5.4.0.1098.92 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 Ubuntu 20.04 LTS USN-5759-1 fixed vulnerabilities in LibBPF. This update provides the corresponding updates for Ubuntu 20.04 ESM. Original advisory details: It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.10. (CVE-2021-45940, CVE-2021-45941, CVE-2022-3533) It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606) Update Instructions: Run `sudo pro fix USN-5759-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbpf-dev - 1:0.5.0-1~ubuntu20.04.1+esm1 libbpf0 - 1:0.5.0-1~ubuntu20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-3534 CVE-2022-3606 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. (CVE-2022-2309) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2022-40303) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-40304) Update Instructions: Run `sudo pro fix USN-5760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.5 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.5 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.5 No subscription required Medium CVE-2022-2309 CVE-2022-40303 CVE-2022-40304 Ubuntu 20.04 LTS Due to security concerns, the TrustCor certificate authority has been marked as distrusted in Mozilla's root store. This update removes the TrustCor CA certificates from the ca-certificates package. Update Instructions: Run `sudo pro fix USN-5761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20211016ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/1998785 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5762-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.4 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.4 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.4 binutils-ia64-linux-gnu - 2.34-6ubuntu1.4 binutils-multiarch - 2.34-6ubuntu1.4 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.4 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.4 binutils-m68k-linux-gnu - 2.34-6ubuntu1.4 binutils-for-build - 2.34-6ubuntu1.4 binutils-s390x-linux-gnu - 2.34-6ubuntu1.4 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.4 binutils-multiarch-dev - 2.34-6ubuntu1.4 binutils-for-host - 2.34-6ubuntu1.4 libctf-nobfd0 - 2.34-6ubuntu1.4 binutils-i686-gnu - 2.34-6ubuntu1.4 binutils-doc - 2.34-6ubuntu1.4 binutils-sh4-linux-gnu - 2.34-6ubuntu1.4 libctf0 - 2.34-6ubuntu1.4 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.4 binutils-source - 2.34-6ubuntu1.4 binutils-i686-linux-gnu - 2.34-6ubuntu1.4 binutils-common - 2.34-6ubuntu1.4 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.4 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.4 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.4 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.4 binutils-hppa-linux-gnu - 2.34-6ubuntu1.4 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.4 libbinutils - 2.34-6ubuntu1.4 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.4 binutils-alpha-linux-gnu - 2.34-6ubuntu1.4 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.4 binutils - 2.34-6ubuntu1.4 No subscription required Medium CVE-2022-38533 Ubuntu 20.04 LTS It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-33430) It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service. (CVE-2021-34141) It was discovered that NumPy did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service. (CVE-2021-41495, CVE-2021-41496) Update Instructions: Run `sudo pro fix USN-5763-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-numpy-doc - 1:1.17.4-5ubuntu3.1 python3-numpy - 1:1.17.4-5ubuntu3.1 No subscription required Medium CVE-2021-33430 CVE-2021-34141 CVE-2021-41495 CVE-2021-41496 Ubuntu 20.04 LTS It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-2347) Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled certain fragmented IP packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-30552, CVE-2022-30790) It was discovered that U-Boot incorrectly handled certain NFS lookup replies. A remote attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-30767) Jincheng Wang discovered that U-Boot incorrectly handled certain SquashFS structures. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-33103) Tatsuhiko Yasumatsu discovered that U-Boot incorrectly handled certain SquashFS structures. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-33967) It was discovered that U-Boot incorrectly handled the i2c command. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-34835) Update Instructions: Run `sudo pro fix USN-5764-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: u-boot - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-qemu - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-sifive - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-amlogic - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-tools - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-imx - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-tegra - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-sunxi - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-qcom - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-rpi - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-omap - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-mvebu - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-rockchip - 2021.01+dfsg-3ubuntu0~20.04.5 u-boot-exynos - 2021.01+dfsg-3ubuntu0~20.04.5 No subscription required Medium CVE-2022-2347 CVE-2022-30552 CVE-2022-30767 CVE-2022-30790 CVE-2022-33103 CVE-2022-33967 CVE-2022-34835 Ubuntu 20.04 LTS It was discovered that Heimdal did not properly manage memory when normalizing Unicode. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5766-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.2 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.2 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.2 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.2 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.2 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.2 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.2 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.2 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-servers - 7.7.0+dfsg-1ubuntu1.2 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-docs - 7.7.0+dfsg-1ubuntu1.2 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.2 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.2 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-dev - 7.7.0+dfsg-1ubuntu1.2 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.2 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.2 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.2 heimdal-clients - 7.7.0+dfsg-1ubuntu1.2 No subscription required Medium CVE-2022-41916 Ubuntu 20.04 LTS Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-37454) It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash. (CVE-2022-45061) Update Instructions: Run `sudo pro fix USN-5767-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.6 python3.8-full - 3.8.10-0ubuntu1~20.04.6 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.6 python3.8-examples - 3.8.10-0ubuntu1~20.04.6 python3.8-dev - 3.8.10-0ubuntu1~20.04.6 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.6 python3.8-venv - 3.8.10-0ubuntu1~20.04.6 libpython3.8 - 3.8.10-0ubuntu1~20.04.6 idle-python3.8 - 3.8.10-0ubuntu1~20.04.6 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.6 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.6 python3.8 - 3.8.10-0ubuntu1~20.04.6 python3.8-doc - 3.8.10-0ubuntu1~20.04.6 No subscription required Medium CVE-2022-37454 CVE-2022-45061 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2021-3682) It was discovered that QEMU did not properly manage memory when it transfers the USB packets. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-3750) It was discovered that the QEMU SCSI device emulation incorrectly handled certain MODE SELECT commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2021-3930) It was discovered that QEMU did not properly manage memory when it processing repeated messages to cancel the current SCSI request. A malicious privileged guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2022-0216) It was discovered that QEMU did not properly manage memory when it using Tulip device emulation. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-2962) It was discovered that QEMU did not properly manage memory when processing ClientCutText messages. A attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3165) Update Instructions: Run `sudo pro fix USN-5772-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.24 qemu-user-static - 1:4.2-3ubuntu6.24 qemu-system-s390x - 1:4.2-3ubuntu6.24 qemu-block-extra - 1:4.2-3ubuntu6.24 qemu-system-misc - 1:4.2-3ubuntu6.24 qemu-user - 1:4.2-3ubuntu6.24 qemu-system-gui - 1:4.2-3ubuntu6.24 qemu-guest-agent - 1:4.2-3ubuntu6.24 qemu - 1:4.2-3ubuntu6.24 qemu-system - 1:4.2-3ubuntu6.24 qemu-utils - 1:4.2-3ubuntu6.24 qemu-system-data - 1:4.2-3ubuntu6.24 qemu-kvm - 1:4.2-3ubuntu6.24 qemu-user-binfmt - 1:4.2-3ubuntu6.24 qemu-system-x86 - 1:4.2-3ubuntu6.24 qemu-system-arm - 1:4.2-3ubuntu6.24 qemu-system-sparc - 1:4.2-3ubuntu6.24 qemu-system-x86-microvm - 1:4.2-3ubuntu6.24 qemu-system-ppc - 1:4.2-3ubuntu6.24 qemu-system-mips - 1:4.2-3ubuntu6.24 qemu-system-x86-xen - 1:4.2-3ubuntu6.24 No subscription required Medium CVE-2021-3682 CVE-2021-3750 CVE-2021-3930 CVE-2022-0216 CVE-2022-2962 CVE-2022-3165 Ubuntu 20.04 LTS It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. (CVE-2022-23471, CVE-2022-31030) It was discovered that containerd incorrectly set up inheritable file capabilities. An attacker could possibly use this issue to escalate privileges inside a container. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24769) It was discovered that containerd incorrectly handled access to encrypted container images when using imgcrypt library. A remote attacker could possibly use this issue to access encrypted images from other users. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24778) Update Instructions: Run `sudo pro fix USN-5776-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.5.9-0ubuntu1~20.04.6 golang-github-containerd-containerd-dev - 1.5.9-0ubuntu1~20.04.6 No subscription required Medium CVE-2022-23471 CVE-2022-24769 CVE-2022-24778 CVE-2022-31030 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198) Update Instructions: Run `sudo pro fix USN-5777-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.7 python-pil-doc - 7.0.0-4ubuntu0.7 python3-pil - 7.0.0-4ubuntu0.7 No subscription required Low CVE-2022-24303 CVE-2022-45198 Ubuntu 20.04 LTS USN-5777-1 fixed vulnerabilities in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198) Update Instructions: Run `sudo pro fix USN-5777-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil - 6.2.1-3ubuntu0.1~esm1 python-pil.imagetk - 6.2.1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2022-24303 CVE-2022-45198 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges. Update Instructions: Run `sudo pro fix USN-5778-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.5 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.5 xwayland - 2:1.20.13-1ubuntu1~20.04.5 xdmx - 2:1.20.13-1ubuntu1~20.04.5 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.5 xvfb - 2:1.20.13-1ubuntu1~20.04.5 xnest - 2:1.20.13-1ubuntu1~20.04.5 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.5 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.5 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.5 xserver-common - 2:1.20.13-1ubuntu1~20.04.5 No subscription required Medium CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5779-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-azure-5.15-headers-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-image-unsigned-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-headers-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-buildinfo-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-tools-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-azure-5.15-tools-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-image-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-modules-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 linux-modules-extra-5.15.0-1029-azure - 5.15.0-1029.36~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1029.36~20.04.19 linux-azure - 5.15.0.1029.36~20.04.19 linux-image-azure - 5.15.0.1029.36~20.04.19 linux-cloud-tools-azure - 5.15.0.1029.36~20.04.19 linux-cloud-tools-azure-edge - 5.15.0.1029.36~20.04.19 linux-tools-azure - 5.15.0.1029.36~20.04.19 linux-headers-azure-edge - 5.15.0.1029.36~20.04.19 linux-image-azure-edge - 5.15.0.1029.36~20.04.19 linux-modules-extra-azure - 5.15.0.1029.36~20.04.19 linux-azure-edge - 5.15.0.1029.36~20.04.19 linux-modules-extra-azure-edge - 5.15.0.1029.36~20.04.19 linux-headers-azure - 5.15.0.1029.36~20.04.19 No subscription required High CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Firefox was not handling fullscreen notifications when the browser window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-46878, CVE-2022-46879) Update Instructions: Run `sudo pro fix USN-5782-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 108.0+build2-0ubuntu0.20.04.1 firefox - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 108.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 108.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 108.0+build2-0ubuntu0.20.04.1 firefox-dev - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 108.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 108.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-46871 CVE-2022-46872 CVE-2022-46873 CVE-2022-46874 CVE-2022-46877 CVE-2022-46878 CVE-2022-46879 Ubuntu 20.04 LTS USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Firefox was not handling fullscreen notifications when the browser window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-46878, CVE-2022-46879) Update Instructions: Run `sudo pro fix USN-5782-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 108.0.1+build1-0ubuntu0.20.04.1 firefox - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 108.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 108.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 108.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 108.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 108.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2001921 Ubuntu 20.04 LTS USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Firefox was not handling fullscreen notifications when the browser window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2022-46878, CVE-2022-46879) Update Instructions: Run `sudo pro fix USN-5782-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 108.0.2+build1-0ubuntu0.20.04.1 firefox - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 108.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 108.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 108.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 108.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 108.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2002377 Ubuntu 20.04 LTS It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An attacker could possibly use this issue to cause applications using usbredir to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5784-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libusbredirparser-dev - 0.8.0-1ubuntu0.1 libusbredirhost-dev - 0.8.0-1ubuntu0.1 usbredirserver - 0.8.0-1ubuntu0.1 libusbredirhost1 - 0.8.0-1ubuntu0.1 libusbredirparser1 - 0.8.0-1ubuntu0.1 No subscription required Low CVE-2021-3700 Ubuntu 20.04 LTS It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17185) Shane Guan discovered that FreeRADIUS incorrectly handled memory when checking unknown SIM option sent by EAP-SIM supplicant. An attacker could possibly use this issue to cause a denial of service on the server. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-41860) It was discovered that FreeRADIUS incorrectly handled memory when processing certain abinary attributes. An attacker could possibly use this issue to cause a denial of service on the server. (CVE-2022-41861) Update Instructions: Run `sudo pro fix USN-5785-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freeradius-ldap - 3.0.20+dfsg-3ubuntu0.2 freeradius-redis - 3.0.20+dfsg-3ubuntu0.2 libfreeradius3 - 3.0.20+dfsg-3ubuntu0.2 freeradius-yubikey - 3.0.20+dfsg-3ubuntu0.2 freeradius-memcached - 3.0.20+dfsg-3ubuntu0.2 freeradius-postgresql - 3.0.20+dfsg-3ubuntu0.2 freeradius-mysql - 3.0.20+dfsg-3ubuntu0.2 libfreeradius-dev - 3.0.20+dfsg-3ubuntu0.2 freeradius-dhcp - 3.0.20+dfsg-3ubuntu0.2 freeradius-python3 - 3.0.20+dfsg-3ubuntu0.2 freeradius - 3.0.20+dfsg-3ubuntu0.2 freeradius-iodbc - 3.0.20+dfsg-3ubuntu0.2 freeradius-common - 3.0.20+dfsg-3ubuntu0.2 freeradius-rest - 3.0.20+dfsg-3ubuntu0.2 freeradius-utils - 3.0.20+dfsg-3ubuntu0.2 freeradius-config - 3.0.20+dfsg-3ubuntu0.2 freeradius-krb5 - 3.0.20+dfsg-3ubuntu0.2 No subscription required Medium CVE-2019-17185 CVE-2022-41860 CVE-2022-41861 Ubuntu 20.04 LTS It was discovered that GNOME Files incorrectly handled certain filenames. An attacker could possibly use this issue to cause GNOME Files to crash, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5786-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nautilus-data - 1:3.36.3-0ubuntu1.20.04.2 gir1.2-nautilus-3.0 - 1:3.36.3-0ubuntu1.20.04.2 nautilus - 1:3.36.3-0ubuntu1.20.04.2 libnautilus-extension-dev - 1:3.36.3-0ubuntu1.20.04.2 libnautilus-extension1a - 1:3.36.3-0ubuntu1.20.04.2 No subscription required Medium CVE-2022-37290 Ubuntu 20.04 LTS It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5787-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libksba-mingw-w64-dev - 1.3.5-2ubuntu0.20.04.2 libksba8 - 1.3.5-2ubuntu0.20.04.2 libksba-dev - 1.3.5-2ubuntu0.20.04.2 No subscription required Medium CVE-2022-47629 Ubuntu 20.04 LTS Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43551) It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-43552) Update Instructions: Run `sudo pro fix USN-5788-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.15 libcurl4-openssl-dev - 7.68.0-1ubuntu2.15 libcurl3-gnutls - 7.68.0-1ubuntu2.15 libcurl4-doc - 7.68.0-1ubuntu2.15 libcurl3-nss - 7.68.0-1ubuntu2.15 libcurl4-nss-dev - 7.68.0-1ubuntu2.15 libcurl4 - 7.68.0-1ubuntu2.15 curl - 7.68.0-1ubuntu2.15 No subscription required Medium CVE-2022-43551 CVE-2022-43552 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621) Update Instructions: Run `sudo pro fix USN-5789-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.14.0-1055-oem - 5.14.0-1055.62 linux-tools-5.14.0-1055-oem - 5.14.0-1055.62 linux-oem-5.14-headers-5.14.0-1055 - 5.14.0-1055.62 linux-image-5.14.0-1055-oem - 5.14.0-1055.62 linux-image-unsigned-5.14.0-1055-oem - 5.14.0-1055.62 linux-modules-5.14.0-1055-oem - 5.14.0-1055.62 linux-headers-5.14.0-1055-oem - 5.14.0-1055.62 linux-oem-5.14-tools-5.14.0-1055 - 5.14.0-1055.62 linux-buildinfo-5.14.0-1055-oem - 5.14.0-1055.62 linux-oem-5.14-tools-host - 5.14.0-1055.62 No subscription required linux-image-oem-20.04c - 5.14.0.1055.53 linux-image-oem-20.04b - 5.14.0.1055.53 linux-headers-oem-20.04 - 5.14.0.1055.53 linux-tools-oem-20.04c - 5.14.0.1055.53 linux-tools-oem-20.04b - 5.14.0.1055.53 linux-oem-20.04 - 5.14.0.1055.53 linux-image-oem-20.04 - 5.14.0.1055.53 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1055.53 linux-oem-20.04d - 5.14.0.1055.53 linux-oem-20.04c - 5.14.0.1055.53 linux-oem-20.04b - 5.14.0.1055.53 linux-image-oem-20.04d - 5.14.0.1055.53 linux-tools-oem-20.04d - 5.14.0.1055.53 linux-headers-oem-20.04b - 5.14.0.1055.53 linux-headers-oem-20.04c - 5.14.0.1055.53 linux-headers-oem-20.04d - 5.14.0.1055.53 linux-tools-oem-20.04 - 5.14.0.1055.53 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1055.53 No subscription required High CVE-2022-26365 CVE-2022-33743 CVE-2022-3524 CVE-2022-3564 CVE-2022-3566 CVE-2022-3567 CVE-2022-3594 CVE-2022-3621 CVE-2022-42703 CVE-2022-43945 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5791-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1041-ibm - 5.4.0-1041.46 linux-modules-5.4.0-1041-ibm - 5.4.0-1041.46 linux-image-unsigned-5.4.0-1041-ibm - 5.4.0-1041.46 linux-ibm-headers-5.4.0-1041 - 5.4.0-1041.46 linux-modules-extra-5.4.0-1041-ibm - 5.4.0-1041.46 linux-buildinfo-5.4.0-1041-ibm - 5.4.0-1041.46 linux-ibm-source-5.4.0 - 5.4.0-1041.46 linux-ibm-cloud-tools-common - 5.4.0-1041.46 linux-ibm-tools-common - 5.4.0-1041.46 linux-image-5.4.0-1041-ibm - 5.4.0-1041.46 linux-headers-5.4.0-1041-ibm - 5.4.0-1041.46 linux-ibm-tools-5.4.0-1041 - 5.4.0-1041.46 No subscription required linux-tools-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-image-unsigned-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-modules-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-gkeop-source-5.4.0 - 5.4.0-1061.65 linux-cloud-tools-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-gkeop-headers-5.4.0-1061 - 5.4.0-1061.65 linux-gkeop-cloud-tools-5.4.0-1061 - 5.4.0-1061.65 linux-modules-extra-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-buildinfo-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-gkeop-tools-5.4.0-1061 - 5.4.0-1061.65 linux-image-5.4.0-1061-gkeop - 5.4.0-1061.65 linux-headers-5.4.0-1061-gkeop - 5.4.0-1061.65 No subscription required linux-buildinfo-5.4.0-1078-raspi - 5.4.0-1078.89 linux-raspi-headers-5.4.0-1078 - 5.4.0-1078.89 linux-tools-5.4.0-1078-raspi - 5.4.0-1078.89 linux-modules-5.4.0-1078-raspi - 5.4.0-1078.89 linux-raspi-tools-5.4.0-1078 - 5.4.0-1078.89 linux-headers-5.4.0-1078-raspi - 5.4.0-1078.89 linux-image-5.4.0-1078-raspi - 5.4.0-1078.89 No subscription required linux-modules-5.4.0-1083-kvm - 5.4.0-1083.89 linux-kvm-tools-5.4.0-1083 - 5.4.0-1083.89 linux-image-5.4.0-1083-kvm - 5.4.0-1083.89 linux-headers-5.4.0-1083-kvm - 5.4.0-1083.89 linux-tools-5.4.0-1083-kvm - 5.4.0-1083.89 linux-image-unsigned-5.4.0-1083-kvm - 5.4.0-1083.89 linux-buildinfo-5.4.0-1083-kvm - 5.4.0-1083.89 linux-kvm-headers-5.4.0-1083 - 5.4.0-1083.89 No subscription required linux-buildinfo-5.4.0-1091-oracle - 5.4.0-1091.100 linux-oracle-tools-5.4.0-1091 - 5.4.0-1091.100 linux-headers-5.4.0-1091-oracle - 5.4.0-1091.100 linux-image-unsigned-5.4.0-1091-oracle - 5.4.0-1091.100 linux-modules-extra-5.4.0-1091-oracle - 5.4.0-1091.100 linux-tools-5.4.0-1091-oracle - 5.4.0-1091.100 linux-modules-5.4.0-1091-oracle - 5.4.0-1091.100 linux-oracle-headers-5.4.0-1091 - 5.4.0-1091.100 linux-image-5.4.0-1091-oracle - 5.4.0-1091.100 No subscription required linux-gke-tools-5.4.0-1091 - 5.4.0-1091.98 linux-buildinfo-5.4.0-1091-gke - 5.4.0-1091.98 linux-tools-5.4.0-1091-gke - 5.4.0-1091.98 linux-headers-5.4.0-1091-gke - 5.4.0-1091.98 linux-image-5.4.0-1091-gke - 5.4.0-1091.98 linux-modules-extra-5.4.0-1091-gke - 5.4.0-1091.98 linux-modules-5.4.0-1091-gke - 5.4.0-1091.98 linux-gke-headers-5.4.0-1091 - 5.4.0-1091.98 linux-image-unsigned-5.4.0-1091-gke - 5.4.0-1091.98 No subscription required linux-modules-extra-5.4.0-1093-aws - 5.4.0-1093.101 linux-tools-5.4.0-1093-aws - 5.4.0-1093.101 linux-aws-cloud-tools-5.4.0-1093 - 5.4.0-1093.101 linux-cloud-tools-5.4.0-1093-aws - 5.4.0-1093.101 linux-image-5.4.0-1093-aws - 5.4.0-1093.101 linux-headers-5.4.0-1093-aws - 5.4.0-1093.101 linux-buildinfo-5.4.0-1093-aws - 5.4.0-1093.101 linux-image-unsigned-5.4.0-1093-aws - 5.4.0-1093.101 linux-aws-tools-5.4.0-1093 - 5.4.0-1093.101 linux-modules-5.4.0-1093-aws - 5.4.0-1093.101 linux-aws-headers-5.4.0-1093 - 5.4.0-1093.101 No subscription required linux-headers-5.4.0-1097-gcp - 5.4.0-1097.106 linux-gcp-tools-5.4.0-1097 - 5.4.0-1097.106 linux-modules-5.4.0-1097-gcp - 5.4.0-1097.106 linux-buildinfo-5.4.0-1097-gcp - 5.4.0-1097.106 linux-modules-extra-5.4.0-1097-gcp - 5.4.0-1097.106 linux-image-5.4.0-1097-gcp - 5.4.0-1097.106 linux-gcp-headers-5.4.0-1097 - 5.4.0-1097.106 linux-image-unsigned-5.4.0-1097-gcp - 5.4.0-1097.106 linux-tools-5.4.0-1097-gcp - 5.4.0-1097.106 No subscription required linux-tools-common - 5.4.0-136.153 linux-buildinfo-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-tools-host - 5.4.0-136.153 linux-tools-5.4.0-136-generic - 5.4.0-136.153 linux-doc - 5.4.0-136.153 linux-modules-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-modules-5.4.0-136-lowlatency - 5.4.0-136.153 linux-image-5.4.0-136-generic - 5.4.0-136.153 linux-source-5.4.0 - 5.4.0-136.153 linux-cloud-tools-5.4.0-136 - 5.4.0-136.153 linux-image-unsigned-5.4.0-136-lowlatency - 5.4.0-136.153 linux-tools-5.4.0-136 - 5.4.0-136.153 linux-tools-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-image-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-image-unsigned-5.4.0-136-generic - 5.4.0-136.153 linux-tools-5.4.0-136-lowlatency - 5.4.0-136.153 linux-cloud-tools-common - 5.4.0-136.153 linux-cloud-tools-5.4.0-136-lowlatency - 5.4.0-136.153 linux-image-5.4.0-136-lowlatency - 5.4.0-136.153 linux-headers-5.4.0-136-lowlatency - 5.4.0-136.153 linux-modules-5.4.0-136-generic - 5.4.0-136.153 linux-cloud-tools-5.4.0-136-generic - 5.4.0-136.153 linux-buildinfo-5.4.0-136-lowlatency - 5.4.0-136.153 linux-buildinfo-5.4.0-136-generic - 5.4.0-136.153 linux-modules-extra-5.4.0-136-generic - 5.4.0-136.153 linux-libc-dev - 5.4.0-136.153 linux-headers-5.4.0-136 - 5.4.0-136.153 linux-headers-5.4.0-136-generic-lpae - 5.4.0-136.153 linux-headers-5.4.0-136-generic - 5.4.0-136.153 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1041.67 linux-modules-extra-ibm - 5.4.0.1041.67 linux-image-ibm - 5.4.0.1041.67 linux-headers-ibm-lts-20.04 - 5.4.0.1041.67 linux-tools-ibm - 5.4.0.1041.67 linux-headers-ibm - 5.4.0.1041.67 linux-ibm-lts-20.04 - 5.4.0.1041.67 linux-image-ibm-lts-20.04 - 5.4.0.1041.67 linux-ibm - 5.4.0.1041.67 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1041.67 No subscription required linux-headers-gkeop - 5.4.0.1061.59 linux-cloud-tools-gkeop-5.4 - 5.4.0.1061.59 linux-image-gkeop - 5.4.0.1061.59 linux-image-gkeop-5.4 - 5.4.0.1061.59 linux-gkeop - 5.4.0.1061.59 linux-cloud-tools-gkeop - 5.4.0.1061.59 linux-tools-gkeop-5.4 - 5.4.0.1061.59 linux-modules-extra-gkeop-5.4 - 5.4.0.1061.59 linux-headers-gkeop-5.4 - 5.4.0.1061.59 linux-modules-extra-gkeop - 5.4.0.1061.59 linux-tools-gkeop - 5.4.0.1061.59 linux-gkeop-5.4 - 5.4.0.1061.59 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-raspi2 - 5.4.0.1078.108 linux-headers-raspi2 - 5.4.0.1078.108 linux-image-raspi-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-tools-raspi - 5.4.0.1078.108 linux-headers-raspi-hwe-18.04 - 5.4.0.1078.108 linux-headers-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-headers-raspi - 5.4.0.1078.108 linux-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-image-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-tools-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-raspi-hwe-18.04-edge - 5.4.0.1078.108 linux-raspi2-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi2 - 5.4.0.1078.108 linux-tools-raspi-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1078.108 linux-raspi-hwe-18.04 - 5.4.0.1078.108 linux-image-raspi - 5.4.0.1078.108 linux-tools-raspi2 - 5.4.0.1078.108 linux-raspi - 5.4.0.1078.108 No subscription required linux-kvm - 5.4.0.1083.77 linux-headers-kvm - 5.4.0.1083.77 linux-tools-kvm - 5.4.0.1083.77 linux-image-kvm - 5.4.0.1083.77 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1091.84 linux-headers-oracle-lts-20.04 - 5.4.0.1091.84 linux-oracle-lts-20.04 - 5.4.0.1091.84 linux-image-oracle-lts-20.04 - 5.4.0.1091.84 No subscription required linux-modules-extra-gke - 5.4.0.1091.96 linux-headers-gke-5.4 - 5.4.0.1091.96 linux-modules-extra-gke-5.4 - 5.4.0.1091.96 linux-gke-5.4 - 5.4.0.1091.96 linux-tools-gke - 5.4.0.1091.96 linux-gke - 5.4.0.1091.96 linux-headers-gke - 5.4.0.1091.96 linux-image-gke - 5.4.0.1091.96 linux-image-gke-5.4 - 5.4.0.1091.96 linux-tools-gke-5.4 - 5.4.0.1091.96 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1093.90 linux-image-aws-lts-20.04 - 5.4.0.1093.90 linux-headers-aws-lts-20.04 - 5.4.0.1093.90 linux-tools-aws-lts-20.04 - 5.4.0.1093.90 linux-aws-lts-20.04 - 5.4.0.1093.90 No subscription required linux-gcp-lts-20.04 - 5.4.0.1097.99 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1097.99 linux-headers-gcp-lts-20.04 - 5.4.0.1097.99 linux-tools-gcp-lts-20.04 - 5.4.0.1097.99 linux-image-gcp-lts-20.04 - 5.4.0.1097.99 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-cloud-tools-virtual - 5.4.0.136.134 linux-image-generic-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-lpae - 5.4.0.136.134 linux-image-virtual - 5.4.0.136.134 linux-image-generic - 5.4.0.136.134 linux-tools-lowlatency - 5.4.0.136.134 linux-oem-osp1-tools-host - 5.4.0.136.134 linux-image-oem - 5.4.0.136.134 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-headers-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-image-extra-virtual-hwe-18.04 - 5.4.0.136.134 linux-image-oem-osp1 - 5.4.0.136.134 linux-image-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-crashdump - 5.4.0.136.134 linux-tools-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-hwe-18.04 - 5.4.0.136.134 linux-headers-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-source - 5.4.0.136.134 linux-lowlatency - 5.4.0.136.134 linux-tools-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-tools-generic-lpae - 5.4.0.136.134 linux-cloud-tools-generic - 5.4.0.136.134 linux-virtual - 5.4.0.136.134 linux-headers-virtual-hwe-18.04 - 5.4.0.136.134 linux-virtual-hwe-18.04 - 5.4.0.136.134 linux-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-tools-virtual - 5.4.0.136.134 linux-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-generic-lpae - 5.4.0.136.134 linux-headers-oem - 5.4.0.136.134 linux-generic - 5.4.0.136.134 linux-tools-oem-osp1 - 5.4.0.136.134 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-tools-generic - 5.4.0.136.134 linux-tools-generic-hwe-18.04-edge - 5.4.0.136.134 linux-image-virtual-hwe-18.04 - 5.4.0.136.134 linux-headers-lowlatency - 5.4.0.136.134 linux-image-generic-hwe-18.04-edge - 5.4.0.136.134 linux-generic-hwe-18.04-edge - 5.4.0.136.134 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.136.134 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-oem - 5.4.0.136.134 linux-image-extra-virtual - 5.4.0.136.134 linux-oem-tools-host - 5.4.0.136.134 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-headers-oem-osp1 - 5.4.0.136.134 linux-cloud-tools-lowlatency - 5.4.0.136.134 linux-tools-oem - 5.4.0.136.134 linux-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-tools-generic-hwe-18.04 - 5.4.0.136.134 linux-headers-generic-hwe-18.04-edge - 5.4.0.136.134 linux-headers-generic - 5.4.0.136.134 linux-oem-osp1 - 5.4.0.136.134 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.136.134 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-image-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.136.134 linux-headers-virtual - 5.4.0.136.134 linux-tools-virtual-hwe-18.04 - 5.4.0.136.134 linux-lowlatency-hwe-18.04 - 5.4.0.136.134 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.136.134 linux-image-virtual-hwe-18.04-edge - 5.4.0.136.134 linux-generic-hwe-18.04 - 5.4.0.136.134 linux-image-generic-lpae - 5.4.0.136.134 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.136.134 linux-image-lowlatency - 5.4.0.136.134 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.136.134 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5791-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1100 - 5.4.0-1100.106 linux-modules-5.4.0-1100-azure - 5.4.0-1100.106 linux-cloud-tools-5.4.0-1100-azure - 5.4.0-1100.106 linux-modules-extra-5.4.0-1100-azure - 5.4.0-1100.106 linux-azure-headers-5.4.0-1100 - 5.4.0-1100.106 linux-headers-5.4.0-1100-azure - 5.4.0-1100.106 linux-buildinfo-5.4.0-1100-azure - 5.4.0-1100.106 linux-azure-tools-5.4.0-1100 - 5.4.0-1100.106 linux-tools-5.4.0-1100-azure - 5.4.0-1100.106 linux-image-unsigned-5.4.0-1100-azure - 5.4.0-1100.106 linux-image-5.4.0-1100-azure - 5.4.0-1100.106 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1100.93 linux-tools-azure-lts-20.04 - 5.4.0.1100.93 linux-modules-extra-azure-lts-20.04 - 5.4.0.1100.93 linux-azure-lts-20.04 - 5.4.0.1100.93 linux-headers-azure-lts-20.04 - 5.4.0.1100.93 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1100.93 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5791-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1100-azure-fde - 5.4.0-1100.106+cvm1.1 linux-image-5.4.0-1100-azure-fde - 5.4.0-1100.106+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1100.106+cvm1.35 linux-modules-extra-azure-fde - 5.4.0.1100.106+cvm1.35 linux-image-azure-fde - 5.4.0.1100.106+cvm1.35 linux-cloud-tools-azure-fde - 5.4.0.1100.106+cvm1.35 linux-tools-azure-fde - 5.4.0.1100.106+cvm1.35 linux-headers-azure-fde - 5.4.0.1100.106+cvm1.35 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Update Instructions: Run `sudo pro fix USN-5792-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-image-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-headers-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-image-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-modules-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-headers-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-57.63~20.04.1 linux-buildinfo-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-buildinfo-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-57 - 5.15.0-57.63~20.04.1 linux-image-unsigned-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-buildinfo-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-modules-iwlwifi-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-tools-5.15.0-57-generic-lpae - 5.15.0-57.63~20.04.1 linux-headers-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-57.63~20.04.1 linux-image-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-tools-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-57.63~20.04.1 linux-hwe-5.15-headers-5.15.0-57 - 5.15.0-57.63~20.04.1 linux-modules-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-modules-5.15.0-57-generic-64k - 5.15.0-57.63~20.04.1 linux-tools-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-modules-extra-5.15.0-57-generic - 5.15.0-57.63~20.04.1 linux-hwe-5.15-tools-5.15.0-57 - 5.15.0-57.63~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-57.63~20.04.1 linux-cloud-tools-5.15.0-57-generic - 5.15.0-57.63~20.04.1 No subscription required linux-headers-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-tools-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-64k-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-headers-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-image-extra-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-tools-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.57.63~20.04.23 linux-generic-lpae-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-tools-generic-hwe-20.04 - 5.15.0.57.63~20.04.23 linux-virtual-hwe-20.04 - 5.15.0.57.63~20.04.23 No subscription required Medium CVE-2022-0171 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 Ubuntu 20.04 LTS Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Update Instructions: Run `sudo pro fix USN-5792-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-headers-5.15.0-1027 - 5.15.0-1027.31~20.04.1 linux-modules-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-modules-extra-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-headers-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-image-unsigned-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1027 - 5.15.0-1027.31~20.04.1 linux-cloud-tools-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-image-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-tools-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 linux-aws-5.15-tools-5.15.0-1027 - 5.15.0-1027.31~20.04.1 linux-buildinfo-5.15.0-1027-aws - 5.15.0-1027.31~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-image-unsigned-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-modules-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-modules-extra-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-buildinfo-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-tools-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-headers-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-image-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 linux-azure-5.15-headers-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-cloud-tools-5.15.0-1030-azure - 5.15.0-1030.37~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1027.31~20.04.16 linux-modules-extra-aws-edge - 5.15.0.1027.31~20.04.16 linux-tools-aws - 5.15.0.1027.31~20.04.16 linux-image-aws-edge - 5.15.0.1027.31~20.04.16 linux-headers-aws-edge - 5.15.0.1027.31~20.04.16 linux-tools-aws-edge - 5.15.0.1027.31~20.04.16 linux-aws-edge - 5.15.0.1027.31~20.04.16 linux-headers-aws - 5.15.0.1027.31~20.04.16 linux-image-aws - 5.15.0.1027.31~20.04.16 linux-aws - 5.15.0.1027.31~20.04.16 No subscription required linux-cloud-tools-azure - 5.15.0.1030.37~20.04.20 linux-tools-azure-edge - 5.15.0.1030.37~20.04.20 linux-azure - 5.15.0.1030.37~20.04.20 linux-image-azure - 5.15.0.1030.37~20.04.20 linux-cloud-tools-azure-edge - 5.15.0.1030.37~20.04.20 linux-tools-azure - 5.15.0.1030.37~20.04.20 linux-headers-azure-edge - 5.15.0.1030.37~20.04.20 linux-image-azure-edge - 5.15.0.1030.37~20.04.20 linux-headers-azure - 5.15.0.1030.37~20.04.20 linux-modules-extra-azure - 5.15.0.1030.37~20.04.20 linux-azure-edge - 5.15.0.1030.37~20.04.20 linux-modules-extra-azure-edge - 5.15.0.1030.37~20.04.20 No subscription required Medium CVE-2022-0171 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 Ubuntu 20.04 LTS It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5795-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: snmptrapd - 5.8+dfsg-2ubuntu2.6 libsnmp-dev - 5.8+dfsg-2ubuntu2.6 libsnmp-base - 5.8+dfsg-2ubuntu2.6 snmp - 5.8+dfsg-2ubuntu2.6 libsnmp-perl - 5.8+dfsg-2ubuntu2.6 tkmib - 5.8+dfsg-2ubuntu2.6 snmpd - 5.8+dfsg-2ubuntu2.6 libsnmp35 - 5.8+dfsg-2ubuntu2.6 No subscription required Medium CVE-2022-44792 CVE-2022-44793 Ubuntu 20.04 LTS It was discovered that w3m incorrectly handled certain HTML files. A remote attacker could use this issue to cause w3m to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5796-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: w3m-img - 0.5.3-37ubuntu0.1 w3m - 0.5.3-37ubuntu0.1 No subscription required Medium CVE-2022-38223 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5797-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.3-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.3-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.3-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.3-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.3-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-42852 CVE-2022-42856 CVE-2022-42867 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700 Ubuntu 20.04 LTS It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-44758) Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-3437) Greg Hudson discovered that Kerberos PAC implementation used in Heimdal incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-42898) It was discovered that Heimdal's KDC did not properly handle certain error conditions. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-44640) Update Instructions: Run `sudo pro fix USN-5800-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.3 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.3 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.3 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.3 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.3 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.3 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.3 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.3 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-servers - 7.7.0+dfsg-1ubuntu1.3 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-docs - 7.7.0+dfsg-1ubuntu1.3 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.3 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.3 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-dev - 7.7.0+dfsg-1ubuntu1.3 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.3 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.3 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.3 heimdal-clients - 7.7.0+dfsg-1ubuntu1.3 No subscription required Medium CVE-2021-44758 CVE-2022-3437 CVE-2022-42898 CVE-2022-44640 Ubuntu 20.04 LTS It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 (CVE-2022-0392) It was discovered that Vim makes illegal memory calls when making certain retab calls. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. (CVE-2022-0417) Update Instructions: Run `sudo pro fix USN-5801-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.11 vim-athena - 2:8.1.2269-1ubuntu5.11 xxd - 2:8.1.2269-1ubuntu5.11 vim-gtk - 2:8.1.2269-1ubuntu5.11 vim-gui-common - 2:8.1.2269-1ubuntu5.11 vim - 2:8.1.2269-1ubuntu5.11 vim-doc - 2:8.1.2269-1ubuntu5.11 vim-tiny - 2:8.1.2269-1ubuntu5.11 vim-runtime - 2:8.1.2269-1ubuntu5.11 vim-gtk3 - 2:8.1.2269-1ubuntu5.11 vim-nox - 2:8.1.2269-1ubuntu5.11 No subscription required Medium CVE-2022-0392 CVE-2022-0417 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5803-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-headers-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-image-unsigned-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-image-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-tools-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-gcp-5.15-headers-5.15.0-1027 - 5.15.0-1027.34~20.04.1 linux-modules-iwlwifi-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-buildinfo-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-modules-5.15.0-1027-gcp - 5.15.0-1027.34~20.04.1 linux-gcp-5.15-tools-5.15.0-1027 - 5.15.0-1027.34~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1028 - 5.15.0-1028.32~20.04.1 linux-buildinfo-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-tools-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1028 - 5.15.0-1028.32~20.04.1 linux-cloud-tools-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-headers-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-modules-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-image-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-aws-5.15-tools-5.15.0-1028 - 5.15.0-1028.32~20.04.1 linux-modules-extra-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 linux-image-unsigned-5.15.0-1028-aws - 5.15.0-1028.32~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-modules-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-tools-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-modules-extra-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-image-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-cloud-tools-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-image-unsigned-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-azure-5.15-headers-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-headers-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-buildinfo-5.15.0-1031-azure - 5.15.0-1031.38~20.04.1 No subscription required linux-modules-iwlwifi-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-cloud-tools-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-hwe-5.15-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-58.64~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-modules-extra-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-generic-lpae - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-generic-64k - 5.15.0-58.64~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-58.64~20.04.1 linux-hwe-5.15-headers-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-generic - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-generic - 5.15.0-58.64~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1027.34~20.04.1 linux-tools-gcp-edge - 5.15.0.1027.34~20.04.1 linux-headers-gcp-edge - 5.15.0.1027.34~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1027.34~20.04.1 linux-tools-gcp - 5.15.0.1027.34~20.04.1 linux-gcp - 5.15.0.1027.34~20.04.1 linux-headers-gcp - 5.15.0.1027.34~20.04.1 linux-image-gcp - 5.15.0.1027.34~20.04.1 linux-modules-extra-gcp - 5.15.0.1027.34~20.04.1 linux-gcp-edge - 5.15.0.1027.34~20.04.1 No subscription required linux-headers-aws - 5.15.0.1028.32~20.04.17 linux-image-aws - 5.15.0.1028.32~20.04.17 linux-modules-extra-aws-edge - 5.15.0.1028.32~20.04.17 linux-image-aws-edge - 5.15.0.1028.32~20.04.17 linux-aws-edge - 5.15.0.1028.32~20.04.17 linux-aws - 5.15.0.1028.32~20.04.17 linux-tools-aws - 5.15.0.1028.32~20.04.17 linux-headers-aws-edge - 5.15.0.1028.32~20.04.17 linux-modules-extra-aws - 5.15.0.1028.32~20.04.17 linux-tools-aws-edge - 5.15.0.1028.32~20.04.17 No subscription required linux-tools-azure-edge - 5.15.0.1031.38~20.04.21 linux-cloud-tools-azure - 5.15.0.1031.38~20.04.21 linux-tools-azure - 5.15.0.1031.38~20.04.21 linux-image-azure-edge - 5.15.0.1031.38~20.04.21 linux-azure - 5.15.0.1031.38~20.04.21 linux-cloud-tools-azure-edge - 5.15.0.1031.38~20.04.21 linux-modules-extra-azure - 5.15.0.1031.38~20.04.21 linux-image-azure - 5.15.0.1031.38~20.04.21 linux-headers-azure-edge - 5.15.0.1031.38~20.04.21 linux-azure-edge - 5.15.0.1031.38~20.04.21 linux-modules-extra-azure-edge - 5.15.0.1031.38~20.04.21 linux-headers-azure - 5.15.0.1031.38~20.04.21 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-extra-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-headers-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-tools-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-lpae-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-tools-generic-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-lpae-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-tools-virtual-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-image-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-image-generic-64k-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 linux-headers-virtual-hwe-20.04 - 5.15.0.58.64~20.04.24 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.58.64~20.04.24 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-4378 CVE-2022-45934 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5804-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1042-ibm - 5.4.0-1042.47 linux-headers-5.4.0-1042-ibm - 5.4.0-1042.47 linux-ibm-source-5.4.0 - 5.4.0-1042.47 linux-ibm-tools-common - 5.4.0-1042.47 linux-modules-5.4.0-1042-ibm - 5.4.0-1042.47 linux-image-unsigned-5.4.0-1042-ibm - 5.4.0-1042.47 linux-modules-extra-5.4.0-1042-ibm - 5.4.0-1042.47 linux-ibm-cloud-tools-common - 5.4.0-1042.47 linux-ibm-headers-5.4.0-1042 - 5.4.0-1042.47 linux-image-5.4.0-1042-ibm - 5.4.0-1042.47 linux-ibm-tools-5.4.0-1042 - 5.4.0-1042.47 linux-tools-5.4.0-1042-ibm - 5.4.0-1042.47 No subscription required linux-headers-5.4.0-1084-kvm - 5.4.0-1084.90 linux-kvm-headers-5.4.0-1084 - 5.4.0-1084.90 linux-buildinfo-5.4.0-1084-kvm - 5.4.0-1084.90 linux-image-unsigned-5.4.0-1084-kvm - 5.4.0-1084.90 linux-kvm-tools-5.4.0-1084 - 5.4.0-1084.90 linux-modules-5.4.0-1084-kvm - 5.4.0-1084.90 linux-tools-5.4.0-1084-kvm - 5.4.0-1084.90 linux-image-5.4.0-1084-kvm - 5.4.0-1084.90 No subscription required linux-modules-5.4.0-1092-oracle - 5.4.0-1092.101 linux-image-5.4.0-1092-oracle - 5.4.0-1092.101 linux-headers-5.4.0-1092-oracle - 5.4.0-1092.101 linux-tools-5.4.0-1092-oracle - 5.4.0-1092.101 linux-image-unsigned-5.4.0-1092-oracle - 5.4.0-1092.101 linux-oracle-tools-5.4.0-1092 - 5.4.0-1092.101 linux-oracle-headers-5.4.0-1092 - 5.4.0-1092.101 linux-buildinfo-5.4.0-1092-oracle - 5.4.0-1092.101 linux-modules-extra-5.4.0-1092-oracle - 5.4.0-1092.101 No subscription required linux-image-5.4.0-1094-aws - 5.4.0-1094.102 linux-aws-cloud-tools-5.4.0-1094 - 5.4.0-1094.102 linux-modules-extra-5.4.0-1094-aws - 5.4.0-1094.102 linux-buildinfo-5.4.0-1094-aws - 5.4.0-1094.102 linux-modules-5.4.0-1094-aws - 5.4.0-1094.102 linux-tools-5.4.0-1094-aws - 5.4.0-1094.102 linux-aws-tools-5.4.0-1094 - 5.4.0-1094.102 linux-headers-5.4.0-1094-aws - 5.4.0-1094.102 linux-cloud-tools-5.4.0-1094-aws - 5.4.0-1094.102 linux-image-unsigned-5.4.0-1094-aws - 5.4.0-1094.102 linux-aws-headers-5.4.0-1094 - 5.4.0-1094.102 No subscription required linux-tools-5.4.0-1098-gcp - 5.4.0-1098.107 linux-image-5.4.0-1098-gcp - 5.4.0-1098.107 linux-gcp-tools-5.4.0-1098 - 5.4.0-1098.107 linux-modules-5.4.0-1098-gcp - 5.4.0-1098.107 linux-gcp-headers-5.4.0-1098 - 5.4.0-1098.107 linux-headers-5.4.0-1098-gcp - 5.4.0-1098.107 linux-modules-extra-5.4.0-1098-gcp - 5.4.0-1098.107 linux-buildinfo-5.4.0-1098-gcp - 5.4.0-1098.107 linux-image-unsigned-5.4.0-1098-gcp - 5.4.0-1098.107 No subscription required linux-tools-common - 5.4.0-137.154 linux-modules-extra-5.4.0-137-generic - 5.4.0-137.154 linux-tools-host - 5.4.0-137.154 linux-headers-5.4.0-137-lowlatency - 5.4.0-137.154 linux-buildinfo-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-doc - 5.4.0-137.154 linux-image-5.4.0-137-generic - 5.4.0-137.154 linux-image-5.4.0-137-lowlatency - 5.4.0-137.154 linux-buildinfo-5.4.0-137-generic - 5.4.0-137.154 linux-libc-dev - 5.4.0-137.154 linux-source-5.4.0 - 5.4.0-137.154 linux-cloud-tools-5.4.0-137 - 5.4.0-137.154 linux-image-unsigned-5.4.0-137-lowlatency - 5.4.0-137.154 linux-tools-5.4.0-137 - 5.4.0-137.154 linux-tools-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-tools-5.4.0-137-lowlatency - 5.4.0-137.154 linux-cloud-tools-5.4.0-137-generic - 5.4.0-137.154 linux-buildinfo-5.4.0-137-lowlatency - 5.4.0-137.154 linux-headers-5.4.0-137-generic - 5.4.0-137.154 linux-cloud-tools-common - 5.4.0-137.154 linux-modules-5.4.0-137-generic - 5.4.0-137.154 linux-image-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-tools-5.4.0-137-generic - 5.4.0-137.154 linux-headers-5.4.0-137 - 5.4.0-137.154 linux-cloud-tools-5.4.0-137-lowlatency - 5.4.0-137.154 linux-modules-5.4.0-137-generic-lpae - 5.4.0-137.154 linux-image-unsigned-5.4.0-137-generic - 5.4.0-137.154 linux-modules-5.4.0-137-lowlatency - 5.4.0-137.154 linux-headers-5.4.0-137-generic-lpae - 5.4.0-137.154 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1042.68 linux-image-ibm - 5.4.0.1042.68 linux-headers-ibm-lts-20.04 - 5.4.0.1042.68 linux-tools-ibm - 5.4.0.1042.68 linux-modules-extra-ibm - 5.4.0.1042.68 linux-ibm-lts-20.04 - 5.4.0.1042.68 linux-image-ibm-lts-20.04 - 5.4.0.1042.68 linux-ibm - 5.4.0.1042.68 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1042.68 linux-headers-ibm - 5.4.0.1042.68 No subscription required linux-headers-kvm - 5.4.0.1084.78 linux-kvm - 5.4.0.1084.78 linux-image-kvm - 5.4.0.1084.78 linux-tools-kvm - 5.4.0.1084.78 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1092.85 linux-headers-oracle-lts-20.04 - 5.4.0.1092.85 linux-oracle-lts-20.04 - 5.4.0.1092.85 linux-image-oracle-lts-20.04 - 5.4.0.1092.85 No subscription required linux-aws-lts-20.04 - 5.4.0.1094.91 linux-modules-extra-aws-lts-20.04 - 5.4.0.1094.91 linux-image-aws-lts-20.04 - 5.4.0.1094.91 linux-headers-aws-lts-20.04 - 5.4.0.1094.91 linux-tools-aws-lts-20.04 - 5.4.0.1094.91 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1098.100 linux-gcp-lts-20.04 - 5.4.0.1098.100 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1098.100 linux-headers-gcp-lts-20.04 - 5.4.0.1098.100 linux-image-gcp-lts-20.04 - 5.4.0.1098.100 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-image-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-cloud-tools-virtual - 5.4.0.137.135 linux-image-generic-hwe-18.04 - 5.4.0.137.135 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-headers-generic-lpae - 5.4.0.137.135 linux-headers-generic - 5.4.0.137.135 linux-image-virtual - 5.4.0.137.135 linux-oem-osp1-tools-host - 5.4.0.137.135 linux-image-generic - 5.4.0.137.135 linux-tools-lowlatency - 5.4.0.137.135 linux-image-oem - 5.4.0.137.135 linux-tools-virtual-hwe-18.04 - 5.4.0.137.135 linux-headers-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-image-extra-virtual-hwe-18.04 - 5.4.0.137.135 linux-image-oem-osp1 - 5.4.0.137.135 linux-crashdump - 5.4.0.137.135 linux-tools-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-hwe-18.04 - 5.4.0.137.135 linux-headers-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.137.135 linux-source - 5.4.0.137.135 linux-lowlatency - 5.4.0.137.135 linux-tools-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-tools-generic-lpae - 5.4.0.137.135 linux-cloud-tools-generic - 5.4.0.137.135 linux-virtual - 5.4.0.137.135 linux-headers-virtual-hwe-18.04 - 5.4.0.137.135 linux-virtual-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-tools-virtual - 5.4.0.137.135 linux-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-generic-lpae - 5.4.0.137.135 linux-headers-oem - 5.4.0.137.135 linux-generic - 5.4.0.137.135 linux-tools-oem-osp1 - 5.4.0.137.135 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-tools-generic-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-image-virtual-hwe-18.04 - 5.4.0.137.135 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-cloud-tools-lowlatency - 5.4.0.137.135 linux-headers-lowlatency - 5.4.0.137.135 linux-image-generic-hwe-18.04-edge - 5.4.0.137.135 linux-generic-hwe-18.04-edge - 5.4.0.137.135 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.137.135 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-image-generic-lpae - 5.4.0.137.135 linux-oem - 5.4.0.137.135 linux-tools-generic - 5.4.0.137.135 linux-image-extra-virtual - 5.4.0.137.135 linux-oem-tools-host - 5.4.0.137.135 linux-tools-oem - 5.4.0.137.135 linux-headers-oem-osp1 - 5.4.0.137.135 linux-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-hwe-18.04-edge - 5.4.0.137.135 linux-oem-osp1 - 5.4.0.137.135 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.137.135 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-image-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.137.135 linux-virtual-hwe-18.04-edge - 5.4.0.137.135 linux-headers-virtual - 5.4.0.137.135 linux-lowlatency-hwe-18.04 - 5.4.0.137.135 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.137.135 linux-generic-hwe-18.04 - 5.4.0.137.135 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.137.135 linux-image-lowlatency - 5.4.0.137.135 linux-tools-generic-hwe-18.04 - 5.4.0.137.135 linux-image-virtual-hwe-18.04-edge - 5.4.0.137.135 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Original advisory details: Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. Update Instructions: Run `sudo pro fix USN-5806-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.8 ruby2.7-doc - 2.7.0-5ubuntu1.8 libruby2.7 - 2.7.0-5ubuntu1.8 ruby2.7-dev - 2.7.0-5ubuntu1.8 No subscription required Medium CVE-2021-33621 Ubuntu 20.04 LTS Martin Ettl discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. (CVE-2022-44617) Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. (CVE-2022-46285) Alan Coopersmith discovered that libXpm incorrectly handled calling external helper binaries. If libXpm was being used by a setuid binary, a local attacker could possibly use this issue to escalate privileges. (CVE-2022-4883) Update Instructions: Run `sudo pro fix USN-5807-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xpmutils - 1:3.5.12-1ubuntu0.20.04.1 libxpm-dev - 1:3.5.12-1ubuntu0.20.04.1 libxpm4 - 1:3.5.12-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-44617 CVE-2022-46285 CVE-2022-4883 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5809-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.14.0-1056-oem - 5.14.0-1056.63 linux-oem-5.14-headers-5.14.0-1056 - 5.14.0-1056.63 linux-modules-iwlwifi-5.14.0-1056-oem - 5.14.0-1056.63 linux-oem-5.14-tools-5.14.0-1056 - 5.14.0-1056.63 linux-buildinfo-5.14.0-1056-oem - 5.14.0-1056.63 linux-image-unsigned-5.14.0-1056-oem - 5.14.0-1056.63 linux-tools-5.14.0-1056-oem - 5.14.0-1056.63 linux-modules-5.14.0-1056-oem - 5.14.0-1056.63 linux-headers-5.14.0-1056-oem - 5.14.0-1056.63 linux-oem-5.14-tools-host - 5.14.0-1056.63 No subscription required linux-image-oem-20.04c - 5.14.0.1056.54 linux-image-oem-20.04b - 5.14.0.1056.54 linux-image-oem-20.04d - 5.14.0.1056.54 linux-headers-oem-20.04 - 5.14.0.1056.54 linux-tools-oem-20.04c - 5.14.0.1056.54 linux-tools-oem-20.04b - 5.14.0.1056.54 linux-oem-20.04 - 5.14.0.1056.54 linux-image-oem-20.04 - 5.14.0.1056.54 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1056.54 linux-oem-20.04d - 5.14.0.1056.54 linux-oem-20.04c - 5.14.0.1056.54 linux-oem-20.04b - 5.14.0.1056.54 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1056.54 linux-tools-oem-20.04d - 5.14.0.1056.54 linux-headers-oem-20.04b - 5.14.0.1056.54 linux-headers-oem-20.04c - 5.14.0.1056.54 linux-headers-oem-20.04d - 5.14.0.1056.54 linux-tools-oem-20.04 - 5.14.0.1056.54 No subscription required High CVE-2022-42896 CVE-2022-4378 CVE-2022-45934 Ubuntu 20.04 LTS Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903) Update Instructions: Run `sudo pro fix USN-5810-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.7 gitweb - 1:2.25.1-1ubuntu3.7 git-gui - 1:2.25.1-1ubuntu3.7 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.7 git-el - 1:2.25.1-1ubuntu3.7 gitk - 1:2.25.1-1ubuntu3.7 git-all - 1:2.25.1-1ubuntu3.7 git-mediawiki - 1:2.25.1-1ubuntu3.7 git-daemon-run - 1:2.25.1-1ubuntu3.7 git-man - 1:2.25.1-1ubuntu3.7 git-doc - 1:2.25.1-1ubuntu3.7 git-svn - 1:2.25.1-1ubuntu3.7 git-cvs - 1:2.25.1-1ubuntu3.7 git-email - 1:2.25.1-1ubuntu3.7 No subscription required Medium CVE-2022-23521 CVE-2022-41903 Ubuntu 20.04 LTS USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903) Update Instructions: Run `sudo pro fix USN-5810-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.8 gitweb - 1:2.25.1-1ubuntu3.8 git-all - 1:2.25.1-1ubuntu3.8 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.8 git-el - 1:2.25.1-1ubuntu3.8 gitk - 1:2.25.1-1ubuntu3.8 git-gui - 1:2.25.1-1ubuntu3.8 git-mediawiki - 1:2.25.1-1ubuntu3.8 git-daemon-run - 1:2.25.1-1ubuntu3.8 git-man - 1:2.25.1-1ubuntu3.8 git-doc - 1:2.25.1-1ubuntu3.8 git-svn - 1:2.25.1-1ubuntu3.8 git-cvs - 1:2.25.1-1ubuntu3.8 git-email - 1:2.25.1-1ubuntu3.8 No subscription required None https://launchpad.net/bugs/2003246 Ubuntu 20.04 LTS Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. (CVE-2023-22809) It was discovered that the Protobuf-c library, used by Sudo, incorrectly handled certain arithmetic shifts. An attacker could possibly use this issue to cause Sudo to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-33070) Update Instructions: Run `sudo pro fix USN-5811-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sudo-ldap - 1.8.31-1ubuntu1.4 sudo - 1.8.31-1ubuntu1.4 No subscription required Medium CVE-2022-33070 CVE-2023-22809 Ubuntu 20.04 LTS It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5812-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.2 No subscription required Low CVE-2021-33503 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5813-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-modules-extra-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-gkeop-source-5.4.0 - 5.4.0-1062.66 linux-cloud-tools-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-gkeop-headers-5.4.0-1062 - 5.4.0-1062.66 linux-buildinfo-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-modules-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-image-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-image-unsigned-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-headers-5.4.0-1062-gkeop - 5.4.0-1062.66 linux-gkeop-tools-5.4.0-1062 - 5.4.0-1062.66 linux-gkeop-cloud-tools-5.4.0-1062 - 5.4.0-1062.66 No subscription required linux-image-gkeop-5.4 - 5.4.0.1062.60 linux-headers-gkeop - 5.4.0.1062.60 linux-gkeop-5.4 - 5.4.0.1062.60 linux-cloud-tools-gkeop-5.4 - 5.4.0.1062.60 linux-image-gkeop - 5.4.0.1062.60 linux-modules-extra-gkeop-5.4 - 5.4.0.1062.60 linux-gkeop - 5.4.0.1062.60 linux-cloud-tools-gkeop - 5.4.0.1062.60 linux-modules-extra-gkeop - 5.4.0.1062.60 linux-tools-gkeop - 5.4.0.1062.60 linux-tools-gkeop-5.4 - 5.4.0.1062.60 linux-headers-gkeop-5.4 - 5.4.0.1062.60 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5814-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-oracle-5.15-headers-5.15.0-1027 - 5.15.0-1027.33~20.04.1 linux-headers-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-oracle-5.15-tools-5.15.0-1027 - 5.15.0-1027.33~20.04.1 linux-image-unsigned-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-buildinfo-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-modules-extra-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-tools-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 linux-image-5.15.0-1027-oracle - 5.15.0-1027.33~20.04.1 No subscription required linux-buildinfo-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-58.64~20.04.1 linux-cloud-tools-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-image-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-58.64~20.04.1 linux-buildinfo-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-modules-iwlwifi-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-headers-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-tools-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-58 - 5.15.0-58.64~20.04.1 linux-image-unsigned-5.15.0-58-lowlatency-64k - 5.15.0-58.64~20.04.1 linux-modules-5.15.0-58-lowlatency - 5.15.0-58.64~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-58 - 5.15.0-58.64~20.04.1 No subscription required linux-headers-oracle-edge - 5.15.0.1027.33~20.04.1 linux-image-oracle - 5.15.0.1027.33~20.04.1 linux-headers-oracle - 5.15.0.1027.33~20.04.1 linux-tools-oracle - 5.15.0.1027.33~20.04.1 linux-tools-oracle-edge - 5.15.0.1027.33~20.04.1 linux-oracle-edge - 5.15.0.1027.33~20.04.1 linux-image-oracle-edge - 5.15.0.1027.33~20.04.1 linux-oracle - 5.15.0.1027.33~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-image-lowlatency-hwe-20.04 - 5.15.0.58.64~20.04.21 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.58.64~20.04.21 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.58.64~20.04.21 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-4378 CVE-2022-45934 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Update Instructions: Run `sudo pro fix USN-5815-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-tools-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-headers-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-bluefield-headers-5.4.0-1054 - 5.4.0-1054.60 linux-image-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-image-unsigned-5.4.0-1054-bluefield - 5.4.0-1054.60 linux-bluefield-tools-5.4.0-1054 - 5.4.0-1054.60 linux-buildinfo-5.4.0-1054-bluefield - 5.4.0-1054.60 No subscription required linux-bluefield - 5.4.0.1054.50 linux-tools-bluefield - 5.4.0.1054.50 linux-image-bluefield - 5.4.0.1054.50 linux-headers-bluefield - 5.4.0.1054.50 No subscription required Medium CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3586 CVE-2022-3646 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-43750 CVE-2022-39188 Ubuntu 20.04 LTS Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23597) Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23598) Vadim discovered that Firefox was not properly sanitizing a curl command output when copying a network request from the developer tools panel. An attacker could potentially exploits this to hide and execute arbitrary commands. (CVE-2023-23599) Luan Herrera discovered that Firefox was not stopping navigation when dragging a URL from a cross-origin iframe into the same tab. An attacker potentially exploits this to spoof the user. (CVE-2023-23601) Dave Vandyke discovered that Firefox did not properly implement CSP policy when creating a WebSocket in a WebWorker. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2023-23602) Dan Veditz discovered that Firefox did not properly implement CSP policy on regular expression when using console.log. An attacker potentially exploits this to exfiltrate data from the browser. (CVE-2023-23603) Nika Layzell discovered that Firefox was not performing a validation check when parsing a non-system html document via DOMParser::ParseFromSafeString. An attacker potentially exploits this to bypass web security checks. (CVE-2023-23604) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-23605, CVE-2023-23606) Update Instructions: Run `sudo pro fix USN-5816-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 109.0+build2-0ubuntu0.20.04.1 firefox - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 109.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 109.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 109.0+build2-0ubuntu0.20.04.1 firefox-dev - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 109.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 109.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-23597 CVE-2023-23598 CVE-2023-23599 CVE-2023-23601 CVE-2023-23602 CVE-2023-23603 CVE-2023-23604 CVE-2023-23605 CVE-2023-23606 Ubuntu 20.04 LTS USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23597) Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23598) Vadim discovered that Firefox was not properly sanitizing a curl command output when copying a network request from the developer tools panel. An attacker could potentially exploits this to hide and execute arbitrary commands. (CVE-2023-23599) Luan Herrera discovered that Firefox was not stopping navigation when dragging a URL from a cross-origin iframe into the same tab. An attacker potentially exploits this to spoof the user. (CVE-2023-23601) Dave Vandyke discovered that Firefox did not properly implement CSP policy when creating a WebSocket in a WebWorker. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2023-23602) Dan Veditz discovered that Firefox did not properly implement CSP policy on regular expression when using console.log. An attacker potentially exploits this to exfiltrate data from the browser. (CVE-2023-23603) Nika Layzell discovered that Firefox was not performing a validation check when parsing a non-system html document via DOMParser::ParseFromSafeString. An attacker potentially exploits this to bypass web security checks. (CVE-2023-23604) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-23605, CVE-2023-23606) Update Instructions: Run `sudo pro fix USN-5816-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ne - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nb - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fa - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fi - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-fy - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-or - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kab - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-oc - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cs - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ga - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gd - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-gu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pa - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cy - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-pt - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-szl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hi - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ms - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-he - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hy - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-it - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-as - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ar - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ia - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-az - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-id - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mai - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-af - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-is - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-vi - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-an - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bs - 109.0.1+build1-0ubuntu0.20.04.2 firefox - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ro - 109.0.1+build1-0ubuntu0.20.04.2 firefox-geckodriver - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ja - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ru - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-br - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hant - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zh-hans - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-be - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-bg - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sl - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-si - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sw - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sv - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-sq - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ko - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-km - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-kk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ka - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-xh - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ca - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ku - 109.0.1+build1-0ubuntu0.20.04.2 firefox-mozsymbols - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lv - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lt - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-th - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-hsb - 109.0.1+build1-0ubuntu0.20.04.2 firefox-dev - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-te - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-cak - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ta - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-lg - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-tr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-nso - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-de - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-da - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mr - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-my - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-uz - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ml - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mn - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-mk - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ur - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-et - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-es - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-csb - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-el - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-eo - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-en - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-zu - 109.0.1+build1-0ubuntu0.20.04.2 firefox-locale-ast - 109.0.1+build1-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2006075 Ubuntu 20.04 LTS Sebastian Chnelik discovered that setuptools incorrectly handled certain regex inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5817-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-setuptools - 44.0.0-2ubuntu0.1 pypy-setuptools - 44.0.0-2ubuntu0.1 pypy-pkg-resources - 44.0.0-2ubuntu0.1 python-pkg-resources - 44.0.0-2ubuntu0.1 No subscription required python-setuptools-doc - 45.2.0-1ubuntu0.1 python3-pkg-resources - 45.2.0-1ubuntu0.1 python3-setuptools - 45.2.0-1ubuntu0.1 No subscription required Medium CVE-2022-40897 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5818-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.17 php7.4-readline - 7.4.3-4ubuntu2.17 php7.4-dba - 7.4.3-4ubuntu2.17 php7.4-common - 7.4.3-4ubuntu2.17 php7.4-xmlrpc - 7.4.3-4ubuntu2.17 php7.4-intl - 7.4.3-4ubuntu2.17 php7.4-phpdbg - 7.4.3-4ubuntu2.17 php7.4-ldap - 7.4.3-4ubuntu2.17 php7.4-soap - 7.4.3-4ubuntu2.17 php7.4-xsl - 7.4.3-4ubuntu2.17 php7.4-pgsql - 7.4.3-4ubuntu2.17 php7.4-pspell - 7.4.3-4ubuntu2.17 php7.4-zip - 7.4.3-4ubuntu2.17 php7.4-curl - 7.4.3-4ubuntu2.17 php7.4-odbc - 7.4.3-4ubuntu2.17 php7.4-json - 7.4.3-4ubuntu2.17 php7.4-mbstring - 7.4.3-4ubuntu2.17 php7.4-imap - 7.4.3-4ubuntu2.17 php7.4-bz2 - 7.4.3-4ubuntu2.17 php7.4-cgi - 7.4.3-4ubuntu2.17 php7.4 - 7.4.3-4ubuntu2.17 php7.4-bcmath - 7.4.3-4ubuntu2.17 php7.4-dev - 7.4.3-4ubuntu2.17 php7.4-interbase - 7.4.3-4ubuntu2.17 php7.4-tidy - 7.4.3-4ubuntu2.17 php7.4-gmp - 7.4.3-4ubuntu2.17 php7.4-sqlite3 - 7.4.3-4ubuntu2.17 php7.4-enchant - 7.4.3-4ubuntu2.17 php7.4-fpm - 7.4.3-4ubuntu2.17 php7.4-sybase - 7.4.3-4ubuntu2.17 php7.4-cli - 7.4.3-4ubuntu2.17 libphp7.4-embed - 7.4.3-4ubuntu2.17 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.17 php7.4-mysql - 7.4.3-4ubuntu2.17 php7.4-snmp - 7.4.3-4ubuntu2.17 php7.4-xml - 7.4.3-4ubuntu2.17 php7.4-opcache - 7.4.3-4ubuntu2.17 No subscription required Medium CVE-2022-31631 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-5819-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.29-0ubuntu1.1 haproxy-doc - 2.0.29-0ubuntu1.1 vim-haproxy - 2.0.29-0ubuntu1.1 No subscription required Medium CVE-2023-0056 Ubuntu 20.04 LTS Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution. Update Instructions: Run `sudo pro fix USN-5820-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exuberant-ctags - 1:5.9~svn20110310-12ubuntu0.1 No subscription required Medium CVE-2022-4515 Ubuntu 20.04 LTS Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5821-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-wheel-common - 0.34.2-1ubuntu0.1 python3-wheel - 0.34.2-1ubuntu0.1 No subscription required Medium CVE-2022-40898 Ubuntu 20.04 LTS USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We apologize for the inconvenience. Original advisory details: Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5821-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.8 python3-pip - 20.0.2-5ubuntu1.8 No subscription required Medium CVE-2022-40898 Ubuntu 20.04 LTS It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. (CVE-2021-20251) Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos keys. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-37966, CVE-2022-37967) It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-38023) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) WARNING: The fixes included in these updates introduce several important behavior changes which may cause compatibility problems interacting with systems still expecting the former behavior. Please see the following upstream advisories for more information: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html Update Instructions: Run `sudo pro fix USN-5822-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: registry-tools - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-testsuite - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libnss-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libpam-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.4 winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.4 smbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libwbclient0 - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-common-bin - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libsmbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.4 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-common - 2:4.13.17~dfsg-0ubuntu1.20.04.4 ctdb - 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba-libs - 2:4.13.17~dfsg-0ubuntu1.20.04.4 python3-samba - 2:4.13.17~dfsg-0ubuntu1.20.04.4 No subscription required Medium CVE-2021-20251 CVE-2022-3437 CVE-2022-37966 CVE-2022-37967 CVE-2022-38023 CVE-2022-42898 CVE-2022-45141 Ubuntu 20.04 LTS USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. We apologize for the inconvenience. Original advisory details: It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. (CVE-2021-20251) Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos keys. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-37966, CVE-2022-37967) It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-38023) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) WARNING: The fixes included in these updates introduce several important behavior changes which may cause compatibility problems interacting with systems still expecting the former behavior. Please see the following upstream advisories for more information: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html Update Instructions: Run `sudo pro fix USN-5822-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: samba-testsuite - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba - 2:4.13.17~dfsg-0ubuntu1.20.04.5 registry-tools - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libpam-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.5 winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.5 smbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libwbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libsmbclient - 2:4.13.17~dfsg-0ubuntu1.20.04.5 python3-samba - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-common-bin - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libwbclient0 - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-dsdb-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libsmbclient-dev - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-vfs-modules - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-common - 2:4.13.17~dfsg-0ubuntu1.20.04.5 ctdb - 2:4.13.17~dfsg-0ubuntu1.20.04.5 samba-libs - 2:4.13.17~dfsg-0ubuntu1.20.04.5 libnss-winbind - 2:4.13.17~dfsg-0ubuntu1.20.04.5 No subscription required None https://launchpad.net/bugs/2003867 https://launchpad.net/bugs/2003891 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html https://www.oracle.com/security-alerts/cpujan2023.html Update Instructions: Run `sudo pro fix USN-5823-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.32-0buntu0.20.04.1 libmysqlclient-dev - 8.0.32-0buntu0.20.04.1 mysql-testsuite-8.0 - 8.0.32-0buntu0.20.04.1 mysql-router - 8.0.32-0buntu0.20.04.1 mysql-server - 8.0.32-0buntu0.20.04.1 libmysqlclient21 - 8.0.32-0buntu0.20.04.1 mysql-client-core-8.0 - 8.0.32-0buntu0.20.04.1 mysql-server-core-8.0 - 8.0.32-0buntu0.20.04.1 mysql-server-8.0 - 8.0.32-0buntu0.20.04.1 mysql-testsuite - 8.0.32-0buntu0.20.04.1 mysql-client-8.0 - 8.0.32-0buntu0.20.04.1 mysql-source-8.0 - 8.0.32-0buntu0.20.04.1 No subscription required Medium CVE-2022-32221 CVE-2023-21836 CVE-2023-21840 CVE-2023-21863 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21873 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 Ubuntu 20.04 LTS USN-5823-1 fixed vulnerabilities in MySQL. Unfortunately, 8.0.32 introduced a regression in MySQL Router preventing connections from PyMySQL. This update reverts most of the changes in MySQL Router to 8.0.31 until a proper fix can be found. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html https://www.oracle.com/security-alerts/cpujan2023.html Update Instructions: Run `sudo pro fix USN-5823-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.32-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.32-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.32-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-router - 8.0.32-0ubuntu0.20.04.2 mysql-server - 8.0.32-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.32-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-testsuite - 8.0.32-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.32-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.32-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2003835 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45418, CVE-2022-45420, CVE-2022-45421, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882, CVE-2023-23605) Armin Ebert discovered that Thunderbird did not properly manage memory while resolving file symlink. If a user were tricked into opening a specially crafted weblink, an attacker could potentially exploit these to cause a denial of service. (CVE-2022-45412) Sarah Jamie Lewis discovered that Thunderbird did not properly manage network request while handling HTML emails with certain tags. If a user were tricked into opening a specially HTML email, an attacker could potentially exploit these issue and load remote content regardless of a configuration to block remote content. (CVE-2022-45414) Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that Thunderbird incorrectly handled keyboard events. An attacker could possibly use this issue to perform a timing side-channel attack and possibly figure out which keys are being pressed. (CVE-2022-45416) It was discovered that Thunderbird was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Thunderbird. (CVE-2022-46871) Nika Layzell discovered that Thunderbird was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Matthias Zoellner discovered that Thunderbird was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this issue to add a file with a malicious extension, leading to execute arbitrary code. (CVE-2022-46874) Hafiizh discovered that Thunderbird was not properly handling fullscreen notifications when the window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2022-46877) Tom Schuster discovered that Thunderbird was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-23598) Vadim discovered that Thunderbird was not properly sanitizing a curl command output when copying a network request from the developer tools panel. An attacker could potentially exploits this to hide and execute arbitrary commands. (CVE-2023-23599) Luan Herrera discovered that Thunderbird was not stopping navigation when dragging a URL from a cross-origin iframe into the same tab. An attacker potentially exploits this to spoof the user. (CVE-2023-23601) Dave Vandyke discovered that Thunderbird did not properly implement CSP policy when creating a WebSocket in a WebWorker. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2023-23602) Dan Veditz discovered that Thunderbird did not properly implement CSP policy on regular expression when using console.log. An attacker potentially exploits this to exfiltrate data. (CVE-2023-23603) It was discovered that Thunderbird did not properly check the Certificate OCSP revocation status when verifying S/Mime signatures. An attacker could possibly use this issue to bypass signature validation check by sending email signed with a revoked certificate. (CVE-2023-0430) Update Instructions: Run `sudo pro fix USN-5824-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.7.1+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.7.1+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.7.1+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.7.1+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.7.1+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420 CVE-2022-45421 CVE-2022-45414 CVE-2022-46880 CVE-2022-46872 CVE-2022-46881 CVE-2022-46882 CVE-2022-46878 CVE-2022-46874 CVE-2022-46871 CVE-2023-23598 CVE-2023-23599 CVE-2023-23601 CVE-2023-23602 CVE-2022-46877 CVE-2023-23603 CVE-2023-23605 CVE-2023-0430 Ubuntu 20.04 LTS It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication. Update Instructions: Run `sudo pro fix USN-5825-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-runtime - 1.3.1-5ubuntu4.4 libpam0g-dev - 1.3.1-5ubuntu4.4 libpam-modules - 1.3.1-5ubuntu4.4 libpam-modules-bin - 1.3.1-5ubuntu4.4 libpam-doc - 1.3.1-5ubuntu4.4 libpam-cracklib - 1.3.1-5ubuntu4.4 libpam0g - 1.3.1-5ubuntu4.4 No subscription required Negligible CVE-2022-28321 Ubuntu 20.04 LTS USN-5825-1 fixed vulnerabilities in PAM. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication. Update Instructions: Run `sudo pro fix USN-5825-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-runtime - 1.3.1-5ubuntu4.6 libpam0g-dev - 1.3.1-5ubuntu4.6 libpam-modules - 1.3.1-5ubuntu4.6 libpam-modules-bin - 1.3.1-5ubuntu4.6 libpam-doc - 1.3.1-5ubuntu4.6 libpam-cracklib - 1.3.1-5ubuntu4.6 libpam0g - 1.3.1-5ubuntu4.6 No subscription required Negligible CVE-2022-28321 https://launchpad.net/bugs/2006073 Ubuntu 20.04 LTS Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-44540) Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. (CVE-2021-44543) Update Instructions: Run `sudo pro fix USN-5826-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: privoxy - 3.0.28-2ubuntu0.2 No subscription required Medium CVE-2021-44540 CVE-2021-44543 Ubuntu 20.04 LTS Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. (CVE-2022-3094) Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3736) Maksym Odinintsev discovered that Bind incorrectly handled certain answers from stale cache. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3924) Update Instructions: Run `sudo pro fix USN-5827-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.12 bind9-libs - 1:9.16.1-0ubuntu2.12 bind9utils - 1:9.16.1-0ubuntu2.12 bind9-doc - 1:9.16.1-0ubuntu2.12 bind9-utils - 1:9.16.1-0ubuntu2.12 bind9 - 1:9.16.1-0ubuntu2.12 bind9-dnsutils - 1:9.16.1-0ubuntu2.12 bind9-host - 1:9.16.1-0ubuntu2.12 No subscription required Medium CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 Ubuntu 20.04 LTS It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-20217) Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-42898) Update Instructions: Run `sudo pro fix USN-5828-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-doc - 1.17-6ubuntu4.2 krb5-kpropd - 1.17-6ubuntu4.2 krb5-user - 1.17-6ubuntu4.2 libgssrpc4 - 1.17-6ubuntu4.2 libkrb5support0 - 1.17-6ubuntu4.2 libk5crypto3 - 1.17-6ubuntu4.2 libkrb5-dev - 1.17-6ubuntu4.2 krb5-pkinit - 1.17-6ubuntu4.2 libkrb5-3 - 1.17-6ubuntu4.2 krb5-kdc-ldap - 1.17-6ubuntu4.2 krb5-otp - 1.17-6ubuntu4.2 krb5-gss-samples - 1.17-6ubuntu4.2 libkdb5-9 - 1.17-6ubuntu4.2 krb5-locales - 1.17-6ubuntu4.2 libgssapi-krb5-2 - 1.17-6ubuntu4.2 krb5-kdc - 1.17-6ubuntu4.2 libkrad-dev - 1.17-6ubuntu4.2 krb5-k5tls - 1.17-6ubuntu4.2 libkrad0 - 1.17-6ubuntu4.2 krb5-multidev - 1.17-6ubuntu4.2 libkadm5srv-mit11 - 1.17-6ubuntu4.2 libkadm5clnt-mit11 - 1.17-6ubuntu4.2 krb5-admin-server - 1.17-6ubuntu4.2 No subscription required Medium CVE-2018-20217 CVE-2022-42898 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5829-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1079 - 5.4.0-1079.90 linux-tools-5.4.0-1079-raspi - 5.4.0-1079.90 linux-image-5.4.0-1079-raspi - 5.4.0-1079.90 linux-raspi-headers-5.4.0-1079 - 5.4.0-1079.90 linux-headers-5.4.0-1079-raspi - 5.4.0-1079.90 linux-modules-5.4.0-1079-raspi - 5.4.0-1079.90 linux-buildinfo-5.4.0-1079-raspi - 5.4.0-1079.90 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-raspi-hwe-18.04 - 5.4.0.1079.109 linux-tools-raspi - 5.4.0.1079.109 linux-image-raspi - 5.4.0.1079.109 linux-tools-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-raspi2 - 5.4.0.1079.109 linux-headers-raspi2 - 5.4.0.1079.109 linux-image-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-headers-raspi2-hwe-18.04 - 5.4.0.1079.109 linux-image-raspi2 - 5.4.0.1079.109 linux-image-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-tools-raspi-hwe-18.04 - 5.4.0.1079.109 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1079.109 linux-tools-raspi2 - 5.4.0.1079.109 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1079.109 linux-raspi - 5.4.0.1079.109 linux-headers-raspi - 5.4.0.1079.109 linux-headers-raspi-hwe-18.04 - 5.4.0.1079.109 linux-image-raspi-hwe-18.04 - 5.4.0.1079.109 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) Update Instructions: Run `sudo pro fix USN-5830-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1101-azure - 5.4.0-1101.107 linux-image-5.4.0-1101-azure - 5.4.0-1101.107 linux-modules-extra-5.4.0-1101-azure - 5.4.0-1101.107 linux-azure-headers-5.4.0-1101 - 5.4.0-1101.107 linux-modules-5.4.0-1101-azure - 5.4.0-1101.107 linux-azure-tools-5.4.0-1101 - 5.4.0-1101.107 linux-azure-cloud-tools-5.4.0-1101 - 5.4.0-1101.107 linux-image-unsigned-5.4.0-1101-azure - 5.4.0-1101.107 linux-headers-5.4.0-1101-azure - 5.4.0-1101.107 linux-tools-5.4.0-1101-azure - 5.4.0-1101.107 linux-buildinfo-5.4.0-1101-azure - 5.4.0-1101.107 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1101.94 linux-tools-azure-lts-20.04 - 5.4.0.1101.94 linux-azure-lts-20.04 - 5.4.0.1101.94 linux-headers-azure-lts-20.04 - 5.4.0.1101.94 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1101.94 linux-modules-extra-azure-lts-20.04 - 5.4.0.1101.94 No subscription required High CVE-2022-3643 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 Ubuntu 20.04 LTS Sebastian Chnelik discovered that python-future incorrectly handled certain HTTP header field. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5833-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-future-doc - 0.18.2-2ubuntu0.1 python3-future - 0.18.2-2ubuntu0.1 No subscription required Medium CVE-2022-40899 Ubuntu 20.04 LTS Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-backup - 2:16.4.2-0ubuntu2.1 cinder-api - 2:16.4.2-0ubuntu2.1 cinder-volume - 2:16.4.2-0ubuntu2.1 cinder-common - 2:16.4.2-0ubuntu2.1 python3-cinder - 2:16.4.2-0ubuntu2.1 cinder-scheduler - 2:16.4.2-0ubuntu2.1 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-glance - 2:20.2.0-0ubuntu1.1 glance-api - 2:20.2.0-0ubuntu1.1 glance - 2:20.2.0-0ubuntu1.1 glance-common - 2:20.2.0-0ubuntu1.1 python-glance-doc - 2:20.2.0-0ubuntu1.1 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.1 nova-common - 2:21.2.4-0ubuntu2.1 nova-compute-xen - 2:21.2.4-0ubuntu2.1 nova-api-os-compute - 2:21.2.4-0ubuntu2.1 nova-novncproxy - 2:21.2.4-0ubuntu2.1 nova-serialproxy - 2:21.2.4-0ubuntu2.1 nova-api-os-volume - 2:21.2.4-0ubuntu2.1 nova-compute-lxc - 2:21.2.4-0ubuntu2.1 nova-api-metadata - 2:21.2.4-0ubuntu2.1 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.1 nova-compute-kvm - 2:21.2.4-0ubuntu2.1 nova-doc - 2:21.2.4-0ubuntu2.1 nova-conductor - 2:21.2.4-0ubuntu2.1 nova-volume - 2:21.2.4-0ubuntu2.1 nova-compute-vmware - 2:21.2.4-0ubuntu2.1 python3-nova - 2:21.2.4-0ubuntu2.1 nova-spiceproxy - 2:21.2.4-0ubuntu2.1 nova-scheduler - 2:21.2.4-0ubuntu2.1 nova-compute-libvirt - 2:21.2.4-0ubuntu2.1 nova-compute - 2:21.2.4-0ubuntu2.1 nova-compute-qemu - 2:21.2.4-0ubuntu2.1 nova-cells - 2:21.2.4-0ubuntu2.1 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS USN-5835-1 fixed vulnerabilities in Cinder. This update provides the corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was fixed for Ubuntu 20.04 LTS. Original advisory details: Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update Instructions: Run `sudo pro fix USN-5835-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-backup - 2:16.4.2-0ubuntu2.2 cinder-api - 2:16.4.2-0ubuntu2.2 cinder-volume - 2:16.4.2-0ubuntu2.2 cinder-common - 2:16.4.2-0ubuntu2.2 python3-cinder - 2:16.4.2-0ubuntu2.2 cinder-scheduler - 2:16.4.2-0ubuntu2.2 No subscription required Medium CVE-2022-47951 Ubuntu 20.04 LTS Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to cause Django to consume memory, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5837-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.15 python-django-doc - 2:2.2.12-1ubuntu0.15 No subscription required Medium CVE-2023-23969 Ubuntu 20.04 LTS It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on MNG file. If a user were tricked into opening a specially crafted MNG file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service. (CVE-2022-35014, CVE-2022-35017, CVE-2022-35018, CVE-2022-35019, CVE-2022-35020) It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on ZIP file. If a user were tricked into opening a specially crafted ZIP file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service. (CVE-2022-35015, CVE-2022-35016) Update Instructions: Run `sudo pro fix USN-5838-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: advancecomp - 2.1-2.1ubuntu0.20.04.1 No subscription required Medium CVE-2022-35014 CVE-2022-35015 CVE-2022-35016 CVE-2022-35017 CVE-2022-35018 CVE-2022-35019 CVE-2022-35020 Ubuntu 20.04 LTS It was discovered that the Apache HTTP Server mod_dav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2006-20001) ZeddYu_Lu discovered that the Apache HTTP Server mod_proxy_ajp module incorrectly interpreted certain HTTP Requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-36760) Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy module incorrectly truncated certain response headers. This may result in later headers not being interpreted by the client. (CVE-2022-37436) Update Instructions: Run `sudo pro fix USN-5839-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.13 libapache2-mod-md - 2.4.41-4ubuntu3.13 apache2-utils - 2.4.41-4ubuntu3.13 apache2-dev - 2.4.41-4ubuntu3.13 apache2-suexec-pristine - 2.4.41-4ubuntu3.13 apache2-suexec-custom - 2.4.41-4ubuntu3.13 apache2 - 2.4.41-4ubuntu3.13 apache2-doc - 2.4.41-4ubuntu3.13 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.13 apache2-ssl-dev - 2.4.41-4ubuntu3.13 apache2-bin - 2.4.41-4ubuntu3.13 No subscription required Medium CVE-2006-20001 CVE-2022-36760 CVE-2022-37436 Ubuntu 20.04 LTS It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-25467) It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-27345, CVE-2021-27347) It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2022-26291) It was discovered that Long Range ZIP incorrectly handled memory allocation, which could lead to a heap memory corruption. An attacker could possibly use this issue to cause denial of service. This issue affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-28044) Update Instructions: Run `sudo pro fix USN-5840-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lrzip - 0.631+git180528-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 CVE-2022-26291 CVE-2022-28044 Ubuntu 20.04 LTS Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain inputs. An attacker could possibly use this issue to cause applications using EditorConfig Core C to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5842-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: editorconfig-doc - 0.12.1-1.1ubuntu0.20.04.1~esm1 libeditorconfig0 - 0.12.1-1.1ubuntu0.20.04.1~esm1 editorconfig - 0.12.1-1.1ubuntu0.20.04.1~esm1 libeditorconfig-dev - 0.12.1-1.1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-0341 Ubuntu 20.04 LTS It was discovered that tmux incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5843-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tmux - 3.0a-2ubuntu0.4 No subscription required Medium CVE-2022-47016 Ubuntu 20.04 LTS David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate verification. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203) Hubert Kario discovered that OpenSSL had a timing based side channel in the OpenSSL RSA Decryption implementation. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2022-4304) Dawei Wang discovered that OpenSSL incorrectly handled parsing certain PEM data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2022-4450) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215) Marc Schönefeld discovered that OpenSSL incorrectly handled malformed PKCS7 data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0216) Kurt Roeckx discovered that OpenSSL incorrectly handled validating certain DSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0217) Hubert Kario and Dmitry Belyavsky discovered that OpenSSL incorrectly validated certain signatures. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0401) Update Instructions: Run `sudo pro fix USN-5844-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.17 libssl-dev - 1.1.1f-1ubuntu2.17 openssl - 1.1.1f-1ubuntu2.17 libssl-doc - 1.1.1f-1ubuntu2.17 No subscription required High CVE-2022-4203 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0216 CVE-2023-0217 CVE-2023-0286 CVE-2023-0401 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges. Update Instructions: Run `sudo pro fix USN-5846-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.6 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.6 xwayland - 2:1.20.13-1ubuntu1~20.04.6 xdmx - 2:1.20.13-1ubuntu1~20.04.6 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.6 xvfb - 2:1.20.13-1ubuntu1~20.04.6 xnest - 2:1.20.13-1ubuntu1~20.04.6 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.6 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.6 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.6 xserver-common - 2:1.20.13-1ubuntu1~20.04.6 No subscription required Medium CVE-2023-0494 Ubuntu 20.04 LTS It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-7729) It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2022-0436) It was discovered that there was a race condition in the Grunt file copy function, which could lead to an arbitrary file write. An attacker could possibly use this issue to perform a local privilege escalation attack or to execute arbitrary code. (CVE-2022-1537) Update Instructions: Run `sudo pro fix USN-5847-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grunt - 1.0.4-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2020-7729 CVE-2022-0436 CVE-2022-1537 Ubuntu 20.04 LTS Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-5849-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhcrypto4-heimdal - 7.7.0+dfsg-1ubuntu1.4 libwind0-heimdal - 7.7.0+dfsg-1ubuntu1.4 libroken18-heimdal - 7.7.0+dfsg-1ubuntu1.4 libgssapi3-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-kcm - 7.7.0+dfsg-1ubuntu1.4 libhdb9-heimdal - 7.7.0+dfsg-1ubuntu1.4 libasn1-8-heimdal - 7.7.0+dfsg-1ubuntu1.4 libsl0-heimdal - 7.7.0+dfsg-1ubuntu1.4 libkadm5clnt7-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-kdc - 7.7.0+dfsg-1ubuntu1.4 libkdc2-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-servers - 7.7.0+dfsg-1ubuntu1.4 libheimntlm0-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-docs - 7.7.0+dfsg-1ubuntu1.4 libheimbase1-heimdal - 7.7.0+dfsg-1ubuntu1.4 libkrb5-26-heimdal - 7.7.0+dfsg-1ubuntu1.4 libotp0-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-dev - 7.7.0+dfsg-1ubuntu1.4 libkafs0-heimdal - 7.7.0+dfsg-1ubuntu1.4 libhx509-5-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-multidev - 7.7.0+dfsg-1ubuntu1.4 libkadm5srv8-heimdal - 7.7.0+dfsg-1ubuntu1.4 heimdal-clients - 7.7.0+dfsg-1ubuntu1.4 No subscription required Medium CVE-2022-45142 Ubuntu 20.04 LTS It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) Update Instructions: Run `sudo pro fix USN-5851-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.15-headers-5.15.0-1029 - 5.15.0-1029.35~20.04.1 linux-buildinfo-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-modules-extra-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-image-unsigned-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-modules-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-headers-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-oracle-5.15-tools-5.15.0-1029 - 5.15.0-1029.35~20.04.1 linux-image-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 linux-tools-5.15.0-1029-oracle - 5.15.0-1029.35~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1033 - 5.15.0-1033.40~20.04.1 linux-image-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-modules-extra-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-buildinfo-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-azure-5.15-headers-5.15.0-1033 - 5.15.0-1033.40~20.04.1 linux-tools-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-headers-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-image-unsigned-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-modules-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-cloud-tools-5.15.0-1033-azure - 5.15.0-1033.40~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.40~20.04.1 No subscription required linux-modules-extra-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-cloud-tools-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-modules-iwlwifi-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-cloud-tools-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-60.66~20.04.1 linux-hwe-5.15-headers-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-hwe-5.15-tools-5.15.0-60 - 5.15.0-60.66~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-generic-64k - 5.15.0-60.66~20.04.1 linux-modules-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-image-unsigned-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-tools-5.15.0-60-lowlatency-64k - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-generic-lpae - 5.15.0-60.66~20.04.1 linux-modules-iwlwifi-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-buildinfo-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-headers-5.15.0-60-generic - 5.15.0-60.66~20.04.1 linux-image-5.15.0-60-lowlatency - 5.15.0-60.66~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-60.66~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1029.35~20.04.1 linux-tools-oracle - 5.15.0.1029.35~20.04.1 linux-tools-oracle-edge - 5.15.0.1029.35~20.04.1 linux-oracle-edge - 5.15.0.1029.35~20.04.1 linux-image-oracle-edge - 5.15.0.1029.35~20.04.1 linux-headers-oracle-edge - 5.15.0.1029.35~20.04.1 linux-image-oracle - 5.15.0.1029.35~20.04.1 linux-oracle - 5.15.0.1029.35~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1033.40~20.04.23 linux-cloud-tools-azure - 5.15.0.1033.40~20.04.23 linux-tools-azure - 5.15.0.1033.40~20.04.23 linux-image-azure-edge - 5.15.0.1033.40~20.04.23 linux-azure - 5.15.0.1033.40~20.04.23 linux-cloud-tools-azure-edge - 5.15.0.1033.40~20.04.23 linux-modules-extra-azure - 5.15.0.1033.40~20.04.23 linux-image-azure - 5.15.0.1033.40~20.04.23 linux-headers-azure-edge - 5.15.0.1033.40~20.04.23 linux-azure-edge - 5.15.0.1033.40~20.04.23 linux-modules-extra-azure-edge - 5.15.0.1033.40~20.04.23 linux-headers-azure - 5.15.0.1033.40~20.04.23 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-image-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-lowlatency-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.60.66~20.04.23 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.23 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-extra-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-headers-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-tools-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-lpae-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-tools-generic-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-lpae-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-tools-virtual-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-image-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-image-generic-64k-hwe-20.04 - 5.15.0.60.66~20.04.26 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.60.66~20.04.26 linux-headers-virtual-hwe-20.04 - 5.15.0.60.66~20.04.26 No subscription required Medium CVE-2022-3543 CVE-2022-3619 CVE-2022-3623 CVE-2022-3628 CVE-2022-3640 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-47940 CVE-2023-0590 Ubuntu 20.04 LTS It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server. Update Instructions: Run `sudo pro fix USN-5852-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: swift-account - 2.25.2-0ubuntu1.1 swift-doc - 2.25.2-0ubuntu1.1 swift-proxy - 2.25.2-0ubuntu1.1 python3-swift - 2.25.2-0ubuntu1.1 swift-container - 2.25.2-0ubuntu1.1 swift - 2.25.2-0ubuntu1.1 swift-object-expirer - 2.25.2-0ubuntu1.1 swift-object - 2.25.2-0ubuntu1.1 No subscription required Medium CVE-2022-47950 Ubuntu 20.04 LTS It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5853-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-image-unsigned-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-headers-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-image-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-gkeop-source-5.4.0 - 5.4.0-1064.68 linux-gkeop-headers-5.4.0-1064 - 5.4.0-1064.68 linux-buildinfo-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-gkeop-tools-5.4.0-1064 - 5.4.0-1064.68 linux-modules-extra-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-cloud-tools-5.4.0-1064-gkeop - 5.4.0-1064.68 linux-gkeop-cloud-tools-5.4.0-1064 - 5.4.0-1064.68 linux-tools-5.4.0-1064-gkeop - 5.4.0-1064.68 No subscription required linux-buildinfo-5.4.0-1080-raspi - 5.4.0-1080.91 linux-raspi-headers-5.4.0-1080 - 5.4.0-1080.91 linux-tools-5.4.0-1080-raspi - 5.4.0-1080.91 linux-image-5.4.0-1080-raspi - 5.4.0-1080.91 linux-headers-5.4.0-1080-raspi - 5.4.0-1080.91 linux-modules-5.4.0-1080-raspi - 5.4.0-1080.91 linux-raspi-tools-5.4.0-1080 - 5.4.0-1080.91 No subscription required linux-kvm-tools-5.4.0-1086 - 5.4.0-1086.92 linux-kvm-headers-5.4.0-1086 - 5.4.0-1086.92 linux-buildinfo-5.4.0-1086-kvm - 5.4.0-1086.92 linux-tools-5.4.0-1086-kvm - 5.4.0-1086.92 linux-image-unsigned-5.4.0-1086-kvm - 5.4.0-1086.92 linux-image-5.4.0-1086-kvm - 5.4.0-1086.92 linux-modules-5.4.0-1086-kvm - 5.4.0-1086.92 linux-headers-5.4.0-1086-kvm - 5.4.0-1086.92 No subscription required linux-oracle-tools-5.4.0-1093 - 5.4.0-1093.102 linux-image-unsigned-5.4.0-1093-oracle - 5.4.0-1093.102 linux-headers-5.4.0-1093-oracle - 5.4.0-1093.102 linux-tools-5.4.0-1093-oracle - 5.4.0-1093.102 linux-modules-5.4.0-1093-oracle - 5.4.0-1093.102 linux-image-5.4.0-1093-oracle - 5.4.0-1093.102 linux-modules-extra-5.4.0-1093-oracle - 5.4.0-1093.102 linux-buildinfo-5.4.0-1093-oracle - 5.4.0-1093.102 linux-oracle-headers-5.4.0-1093 - 5.4.0-1093.102 No subscription required linux-headers-5.4.0-1096-aws - 5.4.0-1096.104 linux-aws-cloud-tools-5.4.0-1096 - 5.4.0-1096.104 linux-buildinfo-5.4.0-1096-aws - 5.4.0-1096.104 linux-modules-extra-5.4.0-1096-aws - 5.4.0-1096.104 linux-cloud-tools-5.4.0-1096-aws - 5.4.0-1096.104 linux-image-5.4.0-1096-aws - 5.4.0-1096.104 linux-aws-tools-5.4.0-1096 - 5.4.0-1096.104 linux-image-unsigned-5.4.0-1096-aws - 5.4.0-1096.104 linux-modules-5.4.0-1096-aws - 5.4.0-1096.104 linux-tools-5.4.0-1096-aws - 5.4.0-1096.104 linux-aws-headers-5.4.0-1096 - 5.4.0-1096.104 No subscription required linux-buildinfo-5.4.0-1103-azure - 5.4.0-1103.109 linux-azure-tools-5.4.0-1103 - 5.4.0-1103.109 linux-cloud-tools-5.4.0-1103-azure - 5.4.0-1103.109 linux-image-5.4.0-1103-azure - 5.4.0-1103.109 linux-modules-extra-5.4.0-1103-azure - 5.4.0-1103.109 linux-azure-headers-5.4.0-1103 - 5.4.0-1103.109 linux-azure-cloud-tools-5.4.0-1103 - 5.4.0-1103.109 linux-tools-5.4.0-1103-azure - 5.4.0-1103.109 linux-modules-5.4.0-1103-azure - 5.4.0-1103.109 linux-headers-5.4.0-1103-azure - 5.4.0-1103.109 linux-image-unsigned-5.4.0-1103-azure - 5.4.0-1103.109 No subscription required linux-image-unsigned-5.4.0-139-generic - 5.4.0-139.156 linux-buildinfo-5.4.0-139-lowlatency - 5.4.0-139.156 linux-tools-common - 5.4.0-139.156 linux-tools-5.4.0-139 - 5.4.0-139.156 linux-modules-5.4.0-139-generic - 5.4.0-139.156 linux-headers-5.4.0-139-generic - 5.4.0-139.156 linux-doc - 5.4.0-139.156 linux-buildinfo-5.4.0-139-generic - 5.4.0-139.156 linux-buildinfo-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-tools-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-tools-5.4.0-139-lowlatency - 5.4.0-139.156 linux-libc-dev - 5.4.0-139.156 linux-source-5.4.0 - 5.4.0-139.156 linux-cloud-tools-5.4.0-139-generic - 5.4.0-139.156 linux-cloud-tools-5.4.0-139 - 5.4.0-139.156 linux-cloud-tools-5.4.0-139-lowlatency - 5.4.0-139.156 linux-headers-5.4.0-139-lowlatency - 5.4.0-139.156 linux-modules-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-image-5.4.0-139-lowlatency - 5.4.0-139.156 linux-tools-host - 5.4.0-139.156 linux-tools-5.4.0-139-generic - 5.4.0-139.156 linux-headers-5.4.0-139 - 5.4.0-139.156 linux-image-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-image-5.4.0-139-generic - 5.4.0-139.156 linux-cloud-tools-common - 5.4.0-139.156 linux-headers-5.4.0-139-generic-lpae - 5.4.0-139.156 linux-image-unsigned-5.4.0-139-lowlatency - 5.4.0-139.156 linux-modules-extra-5.4.0-139-generic - 5.4.0-139.156 linux-modules-5.4.0-139-lowlatency - 5.4.0-139.156 No subscription required linux-headers-gkeop - 5.4.0.1064.62 linux-cloud-tools-gkeop-5.4 - 5.4.0.1064.62 linux-image-gkeop - 5.4.0.1064.62 linux-modules-extra-gkeop-5.4 - 5.4.0.1064.62 linux-gkeop-5.4 - 5.4.0.1064.62 linux-image-gkeop-5.4 - 5.4.0.1064.62 linux-modules-extra-gkeop - 5.4.0.1064.62 linux-gkeop - 5.4.0.1064.62 linux-cloud-tools-gkeop - 5.4.0.1064.62 linux-headers-gkeop-5.4 - 5.4.0.1064.62 linux-tools-gkeop - 5.4.0.1064.62 linux-tools-gkeop-5.4 - 5.4.0.1064.62 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-image-raspi2 - 5.4.0.1080.110 linux-headers-raspi2 - 5.4.0.1080.110 linux-image-raspi-hwe-18.04 - 5.4.0.1080.110 linux-image-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-tools-raspi - 5.4.0.1080.110 linux-headers-raspi-hwe-18.04 - 5.4.0.1080.110 linux-headers-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-headers-raspi - 5.4.0.1080.110 linux-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-raspi-hwe-18.04 - 5.4.0.1080.110 linux-tools-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-raspi2-hwe-18.04 - 5.4.0.1080.110 linux-image-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-tools-raspi-hwe-18.04 - 5.4.0.1080.110 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-raspi-hwe-18.04-edge - 5.4.0.1080.110 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1080.110 linux-image-raspi - 5.4.0.1080.110 linux-raspi2 - 5.4.0.1080.110 linux-tools-raspi2 - 5.4.0.1080.110 linux-raspi - 5.4.0.1080.110 No subscription required linux-kvm - 5.4.0.1086.80 linux-headers-kvm - 5.4.0.1086.80 linux-image-kvm - 5.4.0.1086.80 linux-tools-kvm - 5.4.0.1086.80 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1093.86 linux-headers-oracle-lts-20.04 - 5.4.0.1093.86 linux-oracle-lts-20.04 - 5.4.0.1093.86 linux-image-oracle-lts-20.04 - 5.4.0.1093.86 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1096.93 linux-image-aws-lts-20.04 - 5.4.0.1096.93 linux-headers-aws-lts-20.04 - 5.4.0.1096.93 linux-tools-aws-lts-20.04 - 5.4.0.1096.93 linux-aws-lts-20.04 - 5.4.0.1096.93 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1103.96 linux-azure-lts-20.04 - 5.4.0.1103.96 linux-image-azure-lts-20.04 - 5.4.0.1103.96 linux-headers-azure-lts-20.04 - 5.4.0.1103.96 linux-modules-extra-azure-lts-20.04 - 5.4.0.1103.96 linux-tools-azure-lts-20.04 - 5.4.0.1103.96 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-cloud-tools-virtual - 5.4.0.139.137 linux-image-generic-hwe-18.04 - 5.4.0.139.137 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-image-virtual - 5.4.0.139.137 linux-oem-osp1-tools-host - 5.4.0.139.137 linux-image-generic - 5.4.0.139.137 linux-tools-lowlatency - 5.4.0.139.137 linux-image-oem - 5.4.0.139.137 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.139.137 linux-headers-generic-hwe-18.04 - 5.4.0.139.137 linux-headers-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-headers-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-image-extra-virtual-hwe-18.04 - 5.4.0.139.137 linux-image-oem-osp1 - 5.4.0.139.137 linux-image-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-crashdump - 5.4.0.139.137 linux-tools-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-headers-generic-lpae - 5.4.0.139.137 linux-source - 5.4.0.139.137 linux-lowlatency - 5.4.0.139.137 linux-tools-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-tools-generic-lpae - 5.4.0.139.137 linux-cloud-tools-generic - 5.4.0.139.137 linux-headers-virtual-hwe-18.04 - 5.4.0.139.137 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-headers-virtual - 5.4.0.139.137 linux-tools-virtual - 5.4.0.139.137 linux-image-extra-virtual - 5.4.0.139.137 linux-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-generic-lpae - 5.4.0.139.137 linux-headers-oem - 5.4.0.139.137 linux-generic - 5.4.0.139.137 linux-tools-oem-osp1 - 5.4.0.139.137 linux-virtual - 5.4.0.139.137 linux-tools-generic-hwe-18.04-edge - 5.4.0.139.137 linux-image-virtual-hwe-18.04 - 5.4.0.139.137 linux-cloud-tools-lowlatency - 5.4.0.139.137 linux-headers-lowlatency - 5.4.0.139.137 linux-image-generic-hwe-18.04-edge - 5.4.0.139.137 linux-generic-hwe-18.04-edge - 5.4.0.139.137 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-oem - 5.4.0.139.137 linux-tools-generic - 5.4.0.139.137 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-oem-tools-host - 5.4.0.139.137 linux-tools-oem - 5.4.0.139.137 linux-headers-oem-osp1 - 5.4.0.139.137 linux-virtual-hwe-18.04 - 5.4.0.139.137 linux-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.139.137 linux-headers-generic-hwe-18.04-edge - 5.4.0.139.137 linux-headers-generic - 5.4.0.139.137 linux-oem-osp1 - 5.4.0.139.137 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.139.137 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-image-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.139.137 linux-virtual-hwe-18.04-edge - 5.4.0.139.137 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.139.137 linux-lowlatency-hwe-18.04 - 5.4.0.139.137 linux-generic-hwe-18.04 - 5.4.0.139.137 linux-image-generic-lpae - 5.4.0.139.137 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.139.137 linux-image-lowlatency - 5.4.0.139.137 linux-tools-generic-hwe-18.04 - 5.4.0.139.137 linux-tools-virtual-hwe-18.04 - 5.4.0.139.137 linux-image-virtual-hwe-18.04-edge - 5.4.0.139.137 No subscription required Medium CVE-2022-3628 CVE-2022-3640 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2023-20928 Ubuntu 20.04 LTS USN-5855-1 fixed a vulnerability in ImageMagick. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Update Instructions: Run `sudo pro fix USN-5855-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.5 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.5 No subscription required Medium CVE-2022-44267 CVE-2022-44268 Ubuntu 20.04 LTS USN-5855-2 fixed vulnerabilities in ImageMagick. Unfortunately an additional mitigation caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Update Instructions: Run `sudo pro fix USN-5855-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.7 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.7 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.7 No subscription required None https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/2004580 Ubuntu 20.04 LTS Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0179) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) Update Instructions: Run `sudo pro fix USN-5859-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.14.0-1057-oem - 5.14.0-1057.64 linux-modules-iwlwifi-5.14.0-1057-oem - 5.14.0-1057.64 linux-oem-5.14-headers-5.14.0-1057 - 5.14.0-1057.64 linux-image-5.14.0-1057-oem - 5.14.0-1057.64 linux-modules-5.14.0-1057-oem - 5.14.0-1057.64 linux-oem-5.14-tools-5.14.0-1057 - 5.14.0-1057.64 linux-tools-5.14.0-1057-oem - 5.14.0-1057.64 linux-buildinfo-5.14.0-1057-oem - 5.14.0-1057.64 linux-image-unsigned-5.14.0-1057-oem - 5.14.0-1057.64 linux-oem-5.14-tools-host - 5.14.0-1057.64 No subscription required linux-image-oem-20.04c - 5.14.0.1057.55 linux-image-oem-20.04b - 5.14.0.1057.55 linux-image-oem-20.04d - 5.14.0.1057.55 linux-headers-oem-20.04 - 5.14.0.1057.55 linux-tools-oem-20.04c - 5.14.0.1057.55 linux-tools-oem-20.04b - 5.14.0.1057.55 linux-oem-20.04 - 5.14.0.1057.55 linux-image-oem-20.04 - 5.14.0.1057.55 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1057.55 linux-oem-20.04d - 5.14.0.1057.55 linux-oem-20.04c - 5.14.0.1057.55 linux-oem-20.04b - 5.14.0.1057.55 linux-tools-oem-20.04d - 5.14.0.1057.55 linux-headers-oem-20.04b - 5.14.0.1057.55 linux-headers-oem-20.04c - 5.14.0.1057.55 linux-headers-oem-20.04d - 5.14.0.1057.55 linux-tools-oem-20.04 - 5.14.0.1057.55 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1057.55 No subscription required High CVE-2022-3545 CVE-2022-4139 CVE-2022-42895 CVE-2023-0179 Ubuntu 20.04 LTS Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-14275) It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-19555, CVE-2019-19797, CVE-2020-21529, CVE-2020-21530, CVE-2020-21531, CVE-2020-21532, CVE-2020-21533, CVE-2020-21534, CVE-2020-21535, CVE-2020-21675, CVE-2020-21676, CVE-2021-3561) It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32280) Update Instructions: Run `sudo pro fix USN-5864-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fig2dev - 1:3.2.7a-7ubuntu0.1 No subscription required Medium CVE-2019-14275 CVE-2019-19555 CVE-2019-19797 CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-21532 CVE-2020-21533 CVE-2020-21534 CVE-2020-21535 CVE-2020-21675 CVE-2020-21676 CVE-2021-32280 CVE-2021-3561 Ubuntu 20.04 LTS It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2015-9543) It was discovered that Nova did not properly handle attaching and reattaching the encrypted volume. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-18191) It was discovered that Nova did not properly handle the updation of domain XML after live migration. An attacker could possibly use this issue to corrupt the volume or perform a denial of service attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-17376) It was discovered that Nova was not properly validating the URL passed to noVNC. An attacker could possibly use this issue by providing malicious URL to the noVNC proxy to redirect to any desired URL. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-3654) It was discovered that Nova did not properly handle changes in the neutron port of vnic_type type. An authenticated user could possibly use this issue to perform a denial of service attack. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-37394) Update Instructions: Run `sudo pro fix USN-5866-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.2 nova-common - 2:21.2.4-0ubuntu2.2 nova-compute-xen - 2:21.2.4-0ubuntu2.2 nova-api-os-compute - 2:21.2.4-0ubuntu2.2 nova-novncproxy - 2:21.2.4-0ubuntu2.2 nova-serialproxy - 2:21.2.4-0ubuntu2.2 nova-api-os-volume - 2:21.2.4-0ubuntu2.2 nova-compute-lxc - 2:21.2.4-0ubuntu2.2 nova-api-metadata - 2:21.2.4-0ubuntu2.2 nova-compute-libvirt - 2:21.2.4-0ubuntu2.2 nova-compute-kvm - 2:21.2.4-0ubuntu2.2 nova-doc - 2:21.2.4-0ubuntu2.2 nova-conductor - 2:21.2.4-0ubuntu2.2 nova-volume - 2:21.2.4-0ubuntu2.2 nova-compute-vmware - 2:21.2.4-0ubuntu2.2 python3-nova - 2:21.2.4-0ubuntu2.2 nova-spiceproxy - 2:21.2.4-0ubuntu2.2 nova-scheduler - 2:21.2.4-0ubuntu2.2 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.2 nova-compute - 2:21.2.4-0ubuntu2.2 nova-compute-qemu - 2:21.2.4-0ubuntu2.2 nova-cells - 2:21.2.4-0ubuntu2.2 No subscription required Medium CVE-2015-9543 CVE-2017-18191 CVE-2020-17376 CVE-2021-3654 CVE-2022-37394 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5867-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-37-gtk2 - 2.38.4-0ubuntu0.20.04.2 libjavascriptcoregtk-4.0-dev - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-37 - 2.38.4-0ubuntu0.20.04.2 webkit2gtk-driver - 2.38.4-0ubuntu0.20.04.2 libjavascriptcoregtk-4.0-18 - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-doc - 2.38.4-0ubuntu0.20.04.2 libjavascriptcoregtk-4.0-bin - 2.38.4-0ubuntu0.20.04.2 gir1.2-webkit2-4.0 - 2.38.4-0ubuntu0.20.04.2 libwebkit2gtk-4.0-dev - 2.38.4-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-42826 CVE-2023-23517 CVE-2023-23518 Ubuntu 20.04 LTS Jakob Ackermann discovered that Django incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-5868-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.16 python-django-doc - 2:2.2.12-1ubuntu0.16 No subscription required Medium CVE-2023-24580 Ubuntu 20.04 LTS Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions. Update Instructions: Run `sudo pro fix USN-5869-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.29-0ubuntu1.3 haproxy-doc - 2.0.29-0ubuntu1.3 vim-haproxy - 2.0.29-0ubuntu1.3 No subscription required Medium CVE-2023-25725 Ubuntu 20.04 LTS Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5870-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaprutil1-dbd-odbc - 1.6.1-4ubuntu2.1 libaprutil1 - 1.6.1-4ubuntu2.1 libaprutil1-dbd-mysql - 1.6.1-4ubuntu2.1 libaprutil1-ldap - 1.6.1-4ubuntu2.1 libaprutil1-dbd-sqlite3 - 1.6.1-4ubuntu2.1 libaprutil1-dbd-pgsql - 1.6.1-4ubuntu2.1 libaprutil1-dev - 1.6.1-4ubuntu2.1 No subscription required Medium CVE-2022-25147 Ubuntu 20.04 LTS It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport. (CVE-2023-22490) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite a patch outside the working tree. (CVE-2023-23946) Update Instructions: Run `sudo pro fix USN-5871-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.10 gitweb - 1:2.25.1-1ubuntu3.10 git-gui - 1:2.25.1-1ubuntu3.10 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.10 git-el - 1:2.25.1-1ubuntu3.10 gitk - 1:2.25.1-1ubuntu3.10 git-all - 1:2.25.1-1ubuntu3.10 git-mediawiki - 1:2.25.1-1ubuntu3.10 git-daemon-run - 1:2.25.1-1ubuntu3.10 git-man - 1:2.25.1-1ubuntu3.10 git-doc - 1:2.25.1-1ubuntu3.10 git-svn - 1:2.25.1-1ubuntu3.10 git-cvs - 1:2.25.1-1ubuntu3.10 git-email - 1:2.25.1-1ubuntu3.10 No subscription required Medium CVE-2023-22490 CVE-2023-23946 Ubuntu 20.04 LTS It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14040) It was discovered that Go Text incorrectly handled certain BCP 47 language tags. An attacker could possibly use this issue to cause a denial of service. CVE-2020-28851, CVE-2020-28852 and CVE-2021-38561 affected only Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-28851, CVE-2020-28852, CVE-2021-38561, CVE-2022-32149) Update Instructions: Run `sudo pro fix USN-5873-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-golang-x-text-dev - 0.3.2-4ubuntu0.1 No subscription required Medium CVE-2020-14040 CVE-2020-28851 CVE-2020-28852 CVE-2021-38561 CVE-2022-32149 Ubuntu 20.04 LTS It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5874-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1044 - 5.4.0-1044.49 linux-headers-5.4.0-1044-ibm - 5.4.0-1044.49 linux-buildinfo-5.4.0-1044-ibm - 5.4.0-1044.49 linux-modules-extra-5.4.0-1044-ibm - 5.4.0-1044.49 linux-ibm-cloud-tools-common - 5.4.0-1044.49 linux-image-unsigned-5.4.0-1044-ibm - 5.4.0-1044.49 linux-ibm-tools-5.4.0-1044 - 5.4.0-1044.49 linux-ibm-source-5.4.0 - 5.4.0-1044.49 linux-ibm-tools-common - 5.4.0-1044.49 linux-modules-5.4.0-1044-ibm - 5.4.0-1044.49 linux-image-5.4.0-1044-ibm - 5.4.0-1044.49 linux-tools-5.4.0-1044-ibm - 5.4.0-1044.49 No subscription required linux-buildinfo-5.4.0-1100-gcp - 5.4.0-1100.109 linux-image-5.4.0-1100-gcp - 5.4.0-1100.109 linux-modules-extra-5.4.0-1100-gcp - 5.4.0-1100.109 linux-tools-5.4.0-1100-gcp - 5.4.0-1100.109 linux-image-unsigned-5.4.0-1100-gcp - 5.4.0-1100.109 linux-gcp-headers-5.4.0-1100 - 5.4.0-1100.109 linux-modules-5.4.0-1100-gcp - 5.4.0-1100.109 linux-gcp-tools-5.4.0-1100 - 5.4.0-1100.109 linux-headers-5.4.0-1100-gcp - 5.4.0-1100.109 No subscription required linux-image-ibm - 5.4.0.1044.70 linux-headers-ibm-lts-20.04 - 5.4.0.1044.70 linux-tools-ibm - 5.4.0.1044.70 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1044.70 linux-ibm-lts-20.04 - 5.4.0.1044.70 linux-tools-ibm-lts-20.04 - 5.4.0.1044.70 linux-headers-ibm - 5.4.0.1044.70 linux-image-ibm-lts-20.04 - 5.4.0.1044.70 linux-modules-extra-ibm - 5.4.0.1044.70 linux-ibm - 5.4.0.1044.70 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1100.102 linux-image-gcp-lts-20.04 - 5.4.0.1100.102 linux-tools-gcp-lts-20.04 - 5.4.0.1100.102 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1100.102 linux-gcp-lts-20.04 - 5.4.0.1100.102 No subscription required Medium CVE-2022-3628 CVE-2022-3640 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2023-20928 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5875-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-headers-5.4.0-1094 - 5.4.0-1094.101 linux-modules-5.4.0-1094-gke - 5.4.0-1094.101 linux-image-5.4.0-1094-gke - 5.4.0-1094.101 linux-gke-tools-5.4.0-1094 - 5.4.0-1094.101 linux-tools-5.4.0-1094-gke - 5.4.0-1094.101 linux-headers-5.4.0-1094-gke - 5.4.0-1094.101 linux-buildinfo-5.4.0-1094-gke - 5.4.0-1094.101 linux-modules-extra-5.4.0-1094-gke - 5.4.0-1094.101 linux-image-unsigned-5.4.0-1094-gke - 5.4.0-1094.101 No subscription required linux-modules-extra-gke - 5.4.0.1094.99 linux-image-gke - 5.4.0.1094.99 linux-gke-5.4 - 5.4.0.1094.99 linux-headers-gke-5.4 - 5.4.0.1094.99 linux-image-gke-5.4 - 5.4.0.1094.99 linux-tools-gke-5.4 - 5.4.0.1094.99 linux-modules-extra-gke-5.4 - 5.4.0.1094.99 linux-headers-gke - 5.4.0.1094.99 linux-gke - 5.4.0.1094.99 linux-tools-gke - 5.4.0.1094.99 No subscription required High CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 CVE-2023-20928 Ubuntu 20.04 LTS It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) Update Instructions: Run `sudo pro fix USN-5876-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-modules-extra-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-modules-iwlwifi-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-modules-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-image-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-gcp-5.15-tools-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-tools-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-gcp-5.15-headers-5.15.0-1029 - 5.15.0-1029.36~20.04.1 linux-buildinfo-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 linux-image-unsigned-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1030 - 5.15.0-1030.34~20.04.1 linux-aws-5.15-tools-5.15.0-1030 - 5.15.0-1030.34~20.04.1 linux-headers-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-image-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-cloud-tools-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-tools-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-modules-extra-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-modules-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.34~20.04.1 linux-buildinfo-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 linux-image-unsigned-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1029.36~20.04.1 linux-tools-gcp - 5.15.0.1029.36~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1029.36~20.04.1 linux-gcp - 5.15.0.1029.36~20.04.1 linux-headers-gcp-edge - 5.15.0.1029.36~20.04.1 linux-headers-gcp - 5.15.0.1029.36~20.04.1 linux-image-gcp-edge - 5.15.0.1029.36~20.04.1 linux-image-gcp - 5.15.0.1029.36~20.04.1 linux-modules-extra-gcp - 5.15.0.1029.36~20.04.1 linux-gcp-edge - 5.15.0.1029.36~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1030.34~20.04.19 linux-modules-extra-aws-edge - 5.15.0.1030.34~20.04.19 linux-tools-aws - 5.15.0.1030.34~20.04.19 linux-image-aws-edge - 5.15.0.1030.34~20.04.19 linux-headers-aws-edge - 5.15.0.1030.34~20.04.19 linux-aws-edge - 5.15.0.1030.34~20.04.19 linux-tools-aws-edge - 5.15.0.1030.34~20.04.19 linux-aws - 5.15.0.1030.34~20.04.19 linux-headers-aws - 5.15.0.1030.34~20.04.19 linux-image-aws - 5.15.0.1030.34~20.04.19 No subscription required Medium CVE-2022-3543 CVE-2022-3619 CVE-2022-3623 CVE-2022-3628 CVE-2022-3640 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-47940 CVE-2023-0590 Ubuntu 20.04 LTS Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3303) It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3543) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3586) It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) Jann Horn discovered a race condition existed in the Linux kernel when unmapping VMAs in certain situations, resulting in possible use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-39188) Hyunwoo Kim discovered that an integer overflow vulnerability existed in the PXA3xx graphics driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-39842) It was discovered that a race condition existed in the EFI capsule loader driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-40307) Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4095) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the USB core subsystem in the Linux kernel did not properly handle nested reset events. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (kernel deadlock). (CVE-2022-4662) Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier discovered that the KSMBD implementation in the Linux kernel did not properly validate user-supplied data in some situations. An authenticated attacker could use this to cause a denial of service (system crash), expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2022-47940) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) Update Instructions: Run `sudo pro fix USN-5877-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-tools-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-buildinfo-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-gke-5.15-headers-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-headers-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-modules-iwlwifi-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-image-unsigned-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-modules-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 linux-gke-5.15-tools-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-modules-extra-5.15.0-1027-gke - 5.15.0-1027.32~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1027.32~20.04.1 linux-gke-edge - 5.15.0.1027.32~20.04.1 linux-headers-gke-5.15 - 5.15.0.1027.32~20.04.1 linux-tools-gke-edge - 5.15.0.1027.32~20.04.1 linux-image-gke-5.15 - 5.15.0.1027.32~20.04.1 linux-tools-gke-5.15 - 5.15.0.1027.32~20.04.1 linux-headers-gke-edge - 5.15.0.1027.32~20.04.1 linux-gke-5.15 - 5.15.0.1027.32~20.04.1 No subscription required High CVE-2022-0171 CVE-2022-20421 CVE-2022-2663 CVE-2022-3061 CVE-2022-3303 CVE-2022-3543 CVE-2022-3586 CVE-2022-3619 CVE-2022-3623 CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307 CVE-2022-4095 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-43750 CVE-2022-4378 CVE-2022-45934 CVE-2022-4662 CVE-2022-47940 CVE-2023-0590 Ubuntu 20.04 LTS Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. (CVE-2023-0767) Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-25728) Vitor Torres discovered that Firefox did not properly manage permissions of extensions interaction via ExpandedPrincipals. An attacker could potentially exploits this issue to download malicious files or execute arbitrary code. (CVE-2023-25729) Irvan Kurniawan discovered that Firefox did not properly validate background script invoking requestFullscreen. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-25730) Ronald Crane discovered that Firefox did not properly manage memory when using EncodeInputStream in xpcom. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25732) Samuel Grob discovered that Firefox did not properly manage memory when using wrappers wrapping a scripted proxy. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25735) Holger Fuhrmannek discovered that Firefox did not properly manage memory when using Module load requests. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25739) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25731, CVE-2023-25733, CVE-2023-25736, CVE-2023-25737, CVE-2023-25741, CVE-2023-25742, CVE-2023-25744, CVE-2023-25745) Update Instructions: Run `sudo pro fix USN-5880-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 110.0+build3-0ubuntu0.20.04.1 firefox - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 110.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 110.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 110.0+build3-0ubuntu0.20.04.1 firefox-dev - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 110.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 110.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-25728 CVE-2023-25730 CVE-2023-0767 CVE-2023-25735 CVE-2023-25737 CVE-2023-25739 CVE-2023-25729 CVE-2023-25732 CVE-2023-25731 CVE-2023-25733 CVE-2023-25736 CVE-2023-25741 CVE-2023-25742 CVE-2023-25744 CVE-2023-25745 Ubuntu 20.04 LTS USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. (CVE-2023-0767) Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-25728) Vitor Torres discovered that Firefox did not properly manage permissions of extensions interaction via ExpandedPrincipals. An attacker could potentially exploits this issue to download malicious files or execute arbitrary code. (CVE-2023-25729) Irvan Kurniawan discovered that Firefox did not properly validate background script invoking requestFullscreen. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-25730) Ronald Crane discovered that Firefox did not properly manage memory when using EncodeInputStream in xpcom. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25732) Samuel Grob discovered that Firefox did not properly manage memory when using wrappers wrapping a scripted proxy. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25735) Holger Fuhrmannek discovered that Firefox did not properly manage memory when using Module load requests. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25739) Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25731, CVE-2023-25733, CVE-2023-25736, CVE-2023-25737, CVE-2023-25741, CVE-2023-25742, CVE-2023-25744, CVE-2023-25745) Update Instructions: Run `sudo pro fix USN-5880-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 110.0.1+build2-0ubuntu0.20.04.1 firefox - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 110.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 110.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 110.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 110.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 110.0.1+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2008861 Ubuntu 20.04 LTS Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8979) Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010228) Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2021-41687, CVE-2021-41688, CVE-2021-41689, and CVE-2021-41690) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-2119 and CVE-2022-2120) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-2121) It was discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43272) Update Instructions: Run `sudo pro fix USN-5882-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libdcmtk14 - 3.6.4-2.1ubuntu0.1~esm1 dcmtk - 3.6.4-2.1ubuntu0.1~esm1 dcmtk-doc - 3.6.4-2.1ubuntu0.1~esm1 libdcmtk-dev - 3.6.4-2.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2015-8979 CVE-2019-1010228 CVE-2021-41687 CVE-2021-41688 CVE-2021-41689 CVE-2021-41690 CVE-2022-2119 CVE-2022-2120 CVE-2022-2121 CVE-2022-43272 Ubuntu 20.04 LTS Erik C. Bjorge discovered that some Intel(R) Atom and Intel Xeon Scalable Processors did not properly implement access controls for out-of-band management. This may allow a privileged network-adjacent user to potentially escalate privileges. (CVE-2022-21216) Cfir Cohen, Erdem Aktas, Felix Wilhelm, James Forshaw, Josh Eads, Nagaraju Kodalapura Nagabhushana Rao, Przemyslaw Duda, Liron Shacham and Ron Anderson discovered that some Intel(R) Xeon(R) Processors used incorrect default permissions in some memory controller configurations when using Intel(R) Software Guard Extensions. This may allow a privileged local user to potentially escalate privileges. (CVE-2022-33196) It was discovered that some 3rd Generation Intel(R) Xeon(R) Scalable Processors did not properly calculate microkey keying. This may allow a privileged local user to potentially disclose information. (CVE-2022-33972) Joseph Nuzman discovered that some Intel(R) Processors when using Intel(R) Software Guard Extensions did not properly isolate shared resources. This may allow a privileged local user to potentially disclose information. (CVE-2022-38090) Update Instructions: Run `sudo pro fix USN-5886-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20230214.0ubuntu0.20.04.1 No subscription required Medium CVE-2022-21216 CVE-2022-33196 CVE-2022-33972 CVE-2022-38090 Ubuntu 20.04 LTS Simon Scannell discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2023-20032) Simon Scannell discovered that ClamAV incorrectly handled parsing DMG files. A remote attacker could possibly use this issue to expose sensitive information. (CVE-2023-20052) Update Instructions: Run `sudo pro fix USN-5887-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.8+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.8+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.8+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.8+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-20032 CVE-2023-20052 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2015-20107) Hamza Avvan discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-28861) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-37454, CVE-2022-42919) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-45061, CVE-2023-24329) Update Instructions: Run `sudo pro fix USN-5888-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-examples - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-full - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-venv - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-doc - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9 - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm1 idle-python3.9 - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1+esm1 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1+esm1 python3.9 - 3.9.5-3ubuntu0~20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2015-20107 CVE-2021-28861 CVE-2022-37454 CVE-2022-42919 CVE-2022-45061 CVE-2023-24329 Ubuntu 20.04 LTS It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6777) It was discovered that ZoneMinder was not properly sanitizing stored user input later printed to the user in certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6990, CVE-2019-6992) It was discovered that ZoneMinder was not properly limiting data size and not properly performing bound checks when processing username and password data, which could lead to a stack buffer overflow. An attacker could possibly use this issue to bypass authentication, cause a denial of service or execute arbitrary code. This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6991) It was discovered that ZoneMinder was not properly defining and filtering data that was appended to the webroot URL of a view. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2019-7325, CVE-2019-7329) It was discovered that ZoneMinder was not properly sanitizing stored user input later printed to the user in certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2019-7326) It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2019-7327, CVE-2019-7328, CVE-2019-7330, CVE-2019-7332) It was discovered that ZoneMinder was not properly sanitizing user input in the monitor editing view. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2019-7331) It was discovered that ZoneMinder was not properly sanitizing data related to file paths in a system. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-29806) Update Instructions: Run `sudo pro fix USN-5889-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zoneminder-doc - 1.32.3-2ubuntu2+esm1 zoneminder - 1.32.3-2ubuntu2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2019-6777 CVE-2019-6990 CVE-2019-6991 CVE-2019-6992 CVE-2019-7325 CVE-2019-7326 CVE-2019-7327 CVE-2019-7328 CVE-2019-7329 CVE-2019-7330 CVE-2019-7331 CVE-2019-7332 CVE-2022-29806 Ubuntu 20.04 LTS Qian Chen discovered that Open vSwitch incorrectly handled certain Organization Specific TLVs. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5890-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.8-0ubuntu1.1 openvswitch-switch - 2.13.8-0ubuntu1.1 openvswitch-pki - 2.13.8-0ubuntu1.1 openvswitch-common - 2.13.8-0ubuntu1.1 openvswitch-testcontroller - 2.13.8-0ubuntu1.1 openvswitch-vtep - 2.13.8-0ubuntu1.1 openvswitch-source - 2.13.8-0ubuntu1.1 python3-openvswitch - 2.13.8-0ubuntu1.1 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.1 openvswitch-test - 2.13.8-0ubuntu1.1 No subscription required Medium CVE-2022-4337 CVE-2022-4338 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested serially. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-23914) Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested in parallel. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-23915) Patrick Monnerat discovered that curl incorrectly handled memory when processing requests with multi-header compression. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service. (CVE-2023-23916) Update Instructions: Run `sudo pro fix USN-5891-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.16 libcurl4-openssl-dev - 7.68.0-1ubuntu2.16 libcurl3-gnutls - 7.68.0-1ubuntu2.16 libcurl4-doc - 7.68.0-1ubuntu2.16 libcurl3-nss - 7.68.0-1ubuntu2.16 libcurl4-nss-dev - 7.68.0-1ubuntu2.16 libcurl4 - 7.68.0-1ubuntu2.16 curl - 7.68.0-1ubuntu2.16 No subscription required Medium CVE-2023-23914 CVE-2023-23915 CVE-2023-23916 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled client authentication without a user certificate in the database. A remote attacker could possibly use this issue to cause a NSS client to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-3479) Christian Holler discovered that NSS incorrectly handled certain PKCS 12 certificated bundles. A remote attacker could use this issue to cause NSS to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-0767) Update Instructions: Run `sudo pro fix USN-5892-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.49.1-1ubuntu1.9 libnss3 - 2:3.49.1-1ubuntu1.9 libnss3-tools - 2:3.49.1-1ubuntu1.9 No subscription required Medium CVE-2022-3479 CVE-2023-0767 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5893-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.5-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.5-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.5-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.5-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.5-0ubuntu0.20.04.1 No subscription required High CVE-2023-23529 Ubuntu 20.04 LTS It was discovered that MPlayer could be made to divide by zero when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38850, CVE-2022-38860, CVE-2022-38865) It was discovered that MPlayer could be made to read out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38851) It was discovered that MPlayer could be made to write out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-38855, CVE-2022-38858, CVE-2022-38863, CVE-2022-38864, CVE-2022-38866) It was discovered that MPlayer did not properly managed memory when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-38861) Update Instructions: Run `sudo pro fix USN-5895-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mplayer-doc - 2:1.3.0-8+deb10u1build0.20.04.1 mplayer-gui - 2:1.3.0-8+deb10u1build0.20.04.1 mplayer - 2:1.3.0-8+deb10u1build0.20.04.1 mencoder - 2:1.3.0-8+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-38850 CVE-2022-38851 CVE-2022-38855 CVE-2022-38858 CVE-2022-38860 CVE-2022-38861 CVE-2022-38863 CVE-2022-38864 CVE-2022-38865 CVE-2022-38866 Ubuntu 20.04 LTS It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-30122) It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application. (CVE-2022-30123) Update Instructions: Run `sudo pro fix USN-5896-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-30122 CVE-2022-30123 Ubuntu 20.04 LTS Juraj Somorovsky, Marcel Maehren, Nurullah Erinola, and Robert Merget discovered that the DTLS implementation in the JSSE subsystem of OpenJDK did not properly restrict handshake initiation requests from clients. A remote attacker could possibly use this to cause a denial of service. (CVE-2023-21835) Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properly validate the origin of a Soundbank. An attacker could use this to specially craft an untrusted Java application or applet that could load a Soundbank from an attacker controlled remote URL. (CVE-2023-21843) Update Instructions: Run `sudo pro fix USN-5897-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-doc - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jre-zero - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jre-headless - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jdk - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jdk-headless - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-jre - 11.0.18+10-0ubuntu1~20.04.1 openjdk-11-demo - 11.0.18+10-0ubuntu1~20.04.1 No subscription required openjdk-17-demo - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jdk - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jre-zero - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jdk-headless - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-source - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jre-headless - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-jre - 17.0.6+10-0ubuntu1~20.04.1 openjdk-17-doc - 17.0.6+10-0ubuntu1~20.04.1 No subscription required Medium CVE-2023-21835 CVE-2023-21843 Ubuntu 20.04 LTS It was discovered that the Serialization component of OpenJDK did not properly handle the deserialization of some CORBA objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-21830) Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properly validate the origin of a Soundbank. An attacker could use this to specially craft an untrusted Java application or applet that could load a Soundbank from an attacker controlled remote URL. (CVE-2023-21843) Update Instructions: Run `sudo pro fix USN-5898-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jdk - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jre-headless - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jre - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jdk-headless - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-source - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-jre-zero - 8u362-ga-0ubuntu1~20.04.1 openjdk-8-demo - 8u362-ga-0ubuntu1~20.04.1 No subscription required Medium CVE-2023-21830 CVE-2023-21843 Ubuntu 20.04 LTS It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. Update Instructions: Run `sudo pro fix USN-5899-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: awstats - 7.6+dfsg-2ubuntu0.20.04.2 No subscription required Low CVE-2022-46391 Ubuntu 20.04 LTS It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or cause a crash. Update Instructions: Run `sudo pro fix USN-5900-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.3 tar - 1.30+dfsg-7ubuntu0.20.04.3 No subscription required Medium CVE-2022-48303 Ubuntu 20.04 LTS Hubert Kario discovered that GnuTLS had a timing side-channel when handling certain RSA messages. A remote attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-5901-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.8 libgnutls28-dev - 3.6.13-2ubuntu1.8 libgnutls-openssl27 - 3.6.13-2ubuntu1.8 libgnutls30 - 3.6.13-2ubuntu1.8 libgnutls-dane0 - 3.6.13-2ubuntu1.8 gnutls-bin - 3.6.13-2ubuntu1.8 guile-gnutls - 3.6.13-2ubuntu1.8 libgnutlsxx28 - 3.6.13-2ubuntu1.8 No subscription required Medium CVE-2023-0361 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. (CVE-2023-0567) It was discovered that PHP incorrectly handled resolving long paths. A remote attacker could possibly use this issue to obtain or modify sensitive information. (CVE-2023-0568) It was discovered that PHP incorrectly handled a large number of parts in HTTP form uploads. A remote attacker could possibly use this issue to cause PHP to consume resources, leading to a denial of service. (CVE-2023-0662) Update Instructions: Run `sudo pro fix USN-5902-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.18 php7.4-readline - 7.4.3-4ubuntu2.18 php7.4-dba - 7.4.3-4ubuntu2.18 php7.4-common - 7.4.3-4ubuntu2.18 php7.4-xmlrpc - 7.4.3-4ubuntu2.18 php7.4-intl - 7.4.3-4ubuntu2.18 php7.4-phpdbg - 7.4.3-4ubuntu2.18 php7.4-ldap - 7.4.3-4ubuntu2.18 php7.4-soap - 7.4.3-4ubuntu2.18 php7.4-xsl - 7.4.3-4ubuntu2.18 php7.4-pgsql - 7.4.3-4ubuntu2.18 php7.4-pspell - 7.4.3-4ubuntu2.18 php7.4-zip - 7.4.3-4ubuntu2.18 php7.4-curl - 7.4.3-4ubuntu2.18 php7.4-odbc - 7.4.3-4ubuntu2.18 php7.4-json - 7.4.3-4ubuntu2.18 php7.4-mbstring - 7.4.3-4ubuntu2.18 php7.4-imap - 7.4.3-4ubuntu2.18 php7.4-bz2 - 7.4.3-4ubuntu2.18 php7.4-cgi - 7.4.3-4ubuntu2.18 php7.4 - 7.4.3-4ubuntu2.18 php7.4-bcmath - 7.4.3-4ubuntu2.18 php7.4-dev - 7.4.3-4ubuntu2.18 php7.4-interbase - 7.4.3-4ubuntu2.18 php7.4-tidy - 7.4.3-4ubuntu2.18 php7.4-gmp - 7.4.3-4ubuntu2.18 php7.4-sqlite3 - 7.4.3-4ubuntu2.18 php7.4-enchant - 7.4.3-4ubuntu2.18 php7.4-fpm - 7.4.3-4ubuntu2.18 php7.4-sybase - 7.4.3-4ubuntu2.18 php7.4-cli - 7.4.3-4ubuntu2.18 libphp7.4-embed - 7.4.3-4ubuntu2.18 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.18 php7.4-mysql - 7.4.3-4ubuntu2.18 php7.4-snmp - 7.4.3-4ubuntu2.18 php7.4-xml - 7.4.3-4ubuntu2.18 php7.4-opcache - 7.4.3-4ubuntu2.18 No subscription required Medium CVE-2023-0567 CVE-2023-0568 CVE-2023-0662 Ubuntu 20.04 LTS It was discovered that lighttpd incorrectly handled certain inputs, which could result in a stack buffer overflow. A remote attacker could possibly use this issue to cause a denial of service (DoS). (CVE-2022-22707, CVE-2022-41556) Update Instructions: Run `sudo pro fix USN-5903-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lighttpd-doc - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-authn-sasl - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-magnet - 1.4.55-1ubuntu1.20.04.2 lighttpd-dev - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-authn-pam - 1.4.55-1ubuntu1.20.04.2 lighttpd - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-maxminddb - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-vhostdb-dbi - 1.4.55-1ubuntu1.20.04.2 lighttpd-modules-ldap - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-cml - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-vhostdb-pgsql - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-geoip - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-authn-gssapi - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-webdav - 1.4.55-1ubuntu1.20.04.2 lighttpd-mod-trigger-b4-dl - 1.4.55-1ubuntu1.20.04.2 lighttpd-modules-mysql - 1.4.55-1ubuntu1.20.04.2 No subscription required Medium CVE-2022-22707 CVE-2022-41556 Ubuntu 20.04 LTS Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-13590) Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and CVE-2022-31651) Update Instructions: Run `sudo pro fix USN-5904-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsox-fmt-mp3 - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-pulse - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-ao - 14.4.2+git20190427-2+deb11u1build0.20.04.1 sox - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox3 - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-base - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-all - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-dev - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-alsa - 14.4.2+git20190427-2+deb11u1build0.20.04.1 libsox-fmt-oss - 14.4.2+git20190427-2+deb11u1build0.20.04.1 No subscription required Medium CVE-2019-13590 CVE-2021-23159 CVE-2021-23172 CVE-2021-23210 CVE-2021-33844 CVE-2021-3643 CVE-2021-40426 CVE-2022-31650 CVE-2022-31651 Ubuntu 20.04 LTS USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Original advisory details: Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-13590) Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and CVE-2022-31651) Update Instructions: Run `sudo pro fix USN-5904-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsox-fmt-mp3 - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-pulse - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-ao - 14.4.2+git20190427-2+deb11u2build0.20.04.1 sox - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox3 - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-base - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-all - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-dev - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-alsa - 14.4.2+git20190427-2+deb11u2build0.20.04.1 libsox-fmt-oss - 14.4.2+git20190427-2+deb11u2build0.20.04.1 No subscription required Medium CVE-2021-33844 Ubuntu 20.04 LTS Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5906-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.14-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.14-0ubuntu0.20.04.1 libecpg-dev - 12.14-0ubuntu0.20.04.1 libecpg6 - 12.14-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.14-0ubuntu0.20.04.1 libpgtypes3 - 12.14-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.14-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.14-0ubuntu0.20.04.1 libpq-dev - 12.14-0ubuntu0.20.04.1 postgresql-doc-12 - 12.14-0ubuntu0.20.04.1 postgresql-12 - 12.14-0ubuntu0.20.04.1 postgresql-client-12 - 12.14-0ubuntu0.20.04.1 libecpg-compat3 - 12.14-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-41862 Ubuntu 20.04 LTS It was discovered that c-ares incorrectly handled certain sortlist strings. A remote attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-5907-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.2 libc-ares-dev - 1.15.0-1ubuntu0.2 No subscription required Medium CVE-2022-4904 Ubuntu 20.04 LTS It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5909-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1103-azure-fde - 5.4.0-1103.109+cvm1.1 linux-image-5.4.0-1103-azure-fde - 5.4.0-1103.109+cvm1.1 No subscription required linux-azure-fde - 5.4.0.1103.109+cvm1.36 linux-modules-extra-azure-fde - 5.4.0.1103.109+cvm1.36 linux-image-azure-fde - 5.4.0.1103.109+cvm1.36 linux-cloud-tools-azure-fde - 5.4.0.1103.109+cvm1.36 linux-tools-azure-fde - 5.4.0.1103.109+cvm1.36 linux-headers-azure-fde - 5.4.0.1103.109+cvm1.36 No subscription required Medium CVE-2022-3628 CVE-2022-3640 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2023-20928 Ubuntu 20.04 LTS It was discovered that Rack did not properly structure regular expressions in some of its parsing components, which could result in uncontrolled resource consumption if an application using Rack received specially crafted input. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-44570, CVE-2022-44571) It was discovered that Rack did not properly structure regular expressions in its multipart parsing component, which could result in uncontrolled resource consumption if an application using Rack to parse multipart posts received specially crafted input. A remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2022-44572) Update Instructions: Run `sudo pro fix USN-5910-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0179) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in the Linux kernel did not properly handle nested shutdown execution. An attacker in a guest vm could use this to cause a denial of service (host kernel crash) (CVE-2022-3344) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the NFSD implementation in the Linux kernel contained a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4379) It was discovered that a race condition existed in the x86 KVM subsystem implementation in the Linux kernel when nested virtualization and the TDP MMU are enabled. An attacker in a guest vm could use this to cause a denial of service (host OS crash). (CVE-2022-45869) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate the number of channels, leading to an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-47518) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate specific attributes, leading to an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-47519) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate specific attributes, leading to a heap-based buffer overflow. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-47521) Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0468) It was discovered that the file system writeback functionality in the Linux kernel contained a user-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-26605) Update Instructions: Run `sudo pro fix USN-5912-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-image-unsigned-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-tools-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-gke-5.15-tools-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-image-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-gke-5.15-headers-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-buildinfo-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-modules-extra-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-headers-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 linux-modules-iwlwifi-5.15.0-1028-gke - 5.15.0-1028.33~20.04.1 No subscription required linux-buildinfo-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-modules-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-oracle-5.15-tools-5.15.0-1030 - 5.15.0-1030.36~20.04.1 linux-image-unsigned-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-tools-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-oracle-5.15-headers-5.15.0-1030 - 5.15.0-1030.36~20.04.1 linux-headers-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-image-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 linux-modules-extra-5.15.0-1030-oracle - 5.15.0-1030.36~20.04.1 No subscription required linux-tools-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-image-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-buildinfo-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-image-unsigned-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-headers-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-modules-iwlwifi-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-modules-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 linux-gcp-5.15-tools-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-gcp-5.15-headers-5.15.0-1030 - 5.15.0-1030.37~20.04.1 linux-modules-extra-5.15.0-1030-gcp - 5.15.0-1030.37~20.04.1 No subscription required linux-cloud-tools-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.35~20.04.1 linux-image-unsigned-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-headers-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-image-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-modules-extra-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-aws-5.15-tools-5.15.0-1031 - 5.15.0-1031.35~20.04.1 linux-buildinfo-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-tools-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 linux-aws-5.15-headers-5.15.0-1031 - 5.15.0-1031.35~20.04.1 linux-modules-5.15.0-1031-aws - 5.15.0-1031.35~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1034 - 5.15.0-1034.41~20.04.1 linux-image-unsigned-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-modules-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-cloud-tools-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-buildinfo-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-azure-5.15-headers-5.15.0-1034 - 5.15.0-1034.41~20.04.1 linux-image-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-tools-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-modules-extra-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-headers-5.15.0-1034-azure - 5.15.0-1034.41~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.41~20.04.1 No subscription required linux-cloud-tools-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-modules-iwlwifi-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-modules-extra-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-67.74~20.04.1 linux-modules-iwlwifi-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-67.74~20.04.1 linux-image-unsigned-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-hwe-5.15-headers-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-headers-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-lowlatency - 5.15.0-67.74~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-67.74~20.04.1 linux-hwe-5.15-tools-5.15.0-67 - 5.15.0-67.74~20.04.1 linux-modules-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-cloud-tools-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-generic - 5.15.0-67.74~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-67.74~20.04.1 linux-image-5.15.0-67-generic-64k - 5.15.0-67.74~20.04.1 linux-tools-5.15.0-67-lowlatency-64k - 5.15.0-67.74~20.04.1 linux-buildinfo-5.15.0-67-generic-lpae - 5.15.0-67.74~20.04.1 No subscription required linux-gke-5.15 - 5.15.0.1028.33~20.04.1 linux-tools-gke-5.15 - 5.15.0.1028.33~20.04.1 linux-image-gke-5.15 - 5.15.0.1028.33~20.04.1 linux-tools-gke-edge - 5.15.0.1028.33~20.04.1 linux-headers-gke-edge - 5.15.0.1028.33~20.04.1 linux-image-gke-edge - 5.15.0.1028.33~20.04.1 linux-gke-edge - 5.15.0.1028.33~20.04.1 linux-headers-gke-5.15 - 5.15.0.1028.33~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1030.36~20.04.1 linux-tools-oracle - 5.15.0.1030.36~20.04.1 linux-tools-oracle-edge - 5.15.0.1030.36~20.04.1 linux-oracle-edge - 5.15.0.1030.36~20.04.1 linux-image-oracle-edge - 5.15.0.1030.36~20.04.1 linux-headers-oracle-edge - 5.15.0.1030.36~20.04.1 linux-image-oracle - 5.15.0.1030.36~20.04.1 linux-oracle - 5.15.0.1030.36~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1030.37~20.04.1 linux-headers-gcp-edge - 5.15.0.1030.37~20.04.1 linux-tools-gcp - 5.15.0.1030.37~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1030.37~20.04.1 linux-tools-gcp-edge - 5.15.0.1030.37~20.04.1 linux-headers-gcp - 5.15.0.1030.37~20.04.1 linux-gcp - 5.15.0.1030.37~20.04.1 linux-image-gcp - 5.15.0.1030.37~20.04.1 linux-modules-extra-gcp - 5.15.0.1030.37~20.04.1 linux-gcp-edge - 5.15.0.1030.37~20.04.1 No subscription required linux-headers-aws-edge - 5.15.0.1031.35~20.04.20 linux-headers-aws - 5.15.0.1031.35~20.04.20 linux-image-aws - 5.15.0.1031.35~20.04.20 linux-modules-extra-aws-edge - 5.15.0.1031.35~20.04.20 linux-tools-aws-edge - 5.15.0.1031.35~20.04.20 linux-image-aws-edge - 5.15.0.1031.35~20.04.20 linux-aws-edge - 5.15.0.1031.35~20.04.20 linux-aws - 5.15.0.1031.35~20.04.20 linux-tools-aws - 5.15.0.1031.35~20.04.20 linux-modules-extra-aws - 5.15.0.1031.35~20.04.20 No subscription required linux-tools-azure-edge - 5.15.0.1034.41~20.04.24 linux-cloud-tools-azure - 5.15.0.1034.41~20.04.24 linux-image-azure-edge - 5.15.0.1034.41~20.04.24 linux-cloud-tools-azure-edge - 5.15.0.1034.41~20.04.24 linux-modules-extra-azure - 5.15.0.1034.41~20.04.24 linux-azure - 5.15.0.1034.41~20.04.24 linux-image-azure - 5.15.0.1034.41~20.04.24 linux-headers-azure-edge - 5.15.0.1034.41~20.04.24 linux-azure-edge - 5.15.0.1034.41~20.04.24 linux-tools-azure - 5.15.0.1034.41~20.04.24 linux-modules-extra-azure-edge - 5.15.0.1034.41~20.04.24 linux-headers-azure - 5.15.0.1034.41~20.04.24 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-image-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-tools-lowlatency-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.25 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.67.74~20.04.25 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-extra-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-headers-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-tools-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-lpae-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-tools-generic-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-generic-lpae-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-tools-virtual-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-image-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-image-generic-64k-hwe-20.04 - 5.15.0.67.74~20.04.28 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.67.74~20.04.28 linux-headers-virtual-hwe-20.04 - 5.15.0.67.74~20.04.28 No subscription required High CVE-2022-3169 CVE-2022-3344 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-4379 CVE-2022-45869 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47521 CVE-2023-0179 CVE-2023-0461 CVE-2023-0468 CVE-2023-26605 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20566) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879) It was discovered that the USB monitoring (usbmon) component in the Linux kernel did not properly set permissions on memory mapped in to user space processes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43750) It was discovered that the NFSD implementation in the Linux kernel contained a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4379) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) Update Instructions: Run `sudo pro fix USN-5913-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-headers-5.14.0-1058 - 5.14.0-1058.66 linux-headers-5.14.0-1058-oem - 5.14.0-1058.66 linux-buildinfo-5.14.0-1058-oem - 5.14.0-1058.66 linux-oem-5.14-tools-5.14.0-1058 - 5.14.0-1058.66 linux-modules-5.14.0-1058-oem - 5.14.0-1058.66 linux-image-unsigned-5.14.0-1058-oem - 5.14.0-1058.66 linux-image-5.14.0-1058-oem - 5.14.0-1058.66 linux-modules-iwlwifi-5.14.0-1058-oem - 5.14.0-1058.66 linux-tools-5.14.0-1058-oem - 5.14.0-1058.66 linux-oem-5.14-tools-host - 5.14.0-1058.66 No subscription required linux-image-oem-20.04c - 5.14.0.1058.56 linux-image-oem-20.04b - 5.14.0.1058.56 linux-image-oem-20.04d - 5.14.0.1058.56 linux-headers-oem-20.04 - 5.14.0.1058.56 linux-tools-oem-20.04c - 5.14.0.1058.56 linux-tools-oem-20.04b - 5.14.0.1058.56 linux-oem-20.04 - 5.14.0.1058.56 linux-image-oem-20.04 - 5.14.0.1058.56 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1058.56 linux-oem-20.04d - 5.14.0.1058.56 linux-oem-20.04c - 5.14.0.1058.56 linux-oem-20.04b - 5.14.0.1058.56 linux-tools-oem-20.04d - 5.14.0.1058.56 linux-headers-oem-20.04b - 5.14.0.1058.56 linux-headers-oem-20.04c - 5.14.0.1058.56 linux-headers-oem-20.04d - 5.14.0.1058.56 linux-tools-oem-20.04 - 5.14.0.1058.56 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1058.56 No subscription required High CVE-2022-20566 CVE-2022-3565 CVE-2022-36879 CVE-2022-43750 CVE-2022-4379 CVE-2022-47520 CVE-2023-0045 CVE-2023-0461 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) Update Instructions: Run `sudo pro fix USN-5917-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-headers-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-gkeop-source-5.4.0 - 5.4.0-1065.69 linux-tools-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-gkeop-headers-5.4.0-1065 - 5.4.0-1065.69 linux-image-unsigned-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-modules-extra-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-modules-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-gkeop-tools-5.4.0-1065 - 5.4.0-1065.69 linux-gkeop-cloud-tools-5.4.0-1065 - 5.4.0-1065.69 linux-buildinfo-5.4.0-1065-gkeop - 5.4.0-1065.69 linux-image-5.4.0-1065-gkeop - 5.4.0-1065.69 No subscription required linux-kvm-tools-5.4.0-1087 - 5.4.0-1087.93 linux-image-5.4.0-1087-kvm - 5.4.0-1087.93 linux-kvm-headers-5.4.0-1087 - 5.4.0-1087.93 linux-headers-5.4.0-1087-kvm - 5.4.0-1087.93 linux-image-unsigned-5.4.0-1087-kvm - 5.4.0-1087.93 linux-tools-5.4.0-1087-kvm - 5.4.0-1087.93 linux-buildinfo-5.4.0-1087-kvm - 5.4.0-1087.93 linux-modules-5.4.0-1087-kvm - 5.4.0-1087.93 No subscription required linux-tools-5.4.0-1094-oracle - 5.4.0-1094.103 linux-modules-extra-5.4.0-1094-oracle - 5.4.0-1094.103 linux-image-unsigned-5.4.0-1094-oracle - 5.4.0-1094.103 linux-headers-5.4.0-1094-oracle - 5.4.0-1094.103 linux-modules-5.4.0-1094-oracle - 5.4.0-1094.103 linux-image-5.4.0-1094-oracle - 5.4.0-1094.103 linux-buildinfo-5.4.0-1094-oracle - 5.4.0-1094.103 linux-oracle-headers-5.4.0-1094 - 5.4.0-1094.103 linux-oracle-tools-5.4.0-1094 - 5.4.0-1094.103 No subscription required linux-gke-tools-5.4.0-1095 - 5.4.0-1095.102 linux-headers-5.4.0-1095-gke - 5.4.0-1095.102 linux-tools-5.4.0-1095-gke - 5.4.0-1095.102 linux-buildinfo-5.4.0-1095-gke - 5.4.0-1095.102 linux-modules-extra-5.4.0-1095-gke - 5.4.0-1095.102 linux-modules-5.4.0-1095-gke - 5.4.0-1095.102 linux-gke-headers-5.4.0-1095 - 5.4.0-1095.102 linux-image-unsigned-5.4.0-1095-gke - 5.4.0-1095.102 linux-image-5.4.0-1095-gke - 5.4.0-1095.102 No subscription required linux-tools-5.4.0-1097-aws - 5.4.0-1097.105 linux-aws-cloud-tools-5.4.0-1097 - 5.4.0-1097.105 linux-cloud-tools-5.4.0-1097-aws - 5.4.0-1097.105 linux-headers-5.4.0-1097-aws - 5.4.0-1097.105 linux-modules-extra-5.4.0-1097-aws - 5.4.0-1097.105 linux-aws-tools-5.4.0-1097 - 5.4.0-1097.105 linux-buildinfo-5.4.0-1097-aws - 5.4.0-1097.105 linux-image-5.4.0-1097-aws - 5.4.0-1097.105 linux-modules-5.4.0-1097-aws - 5.4.0-1097.105 linux-image-unsigned-5.4.0-1097-aws - 5.4.0-1097.105 linux-aws-headers-5.4.0-1097 - 5.4.0-1097.105 No subscription required linux-modules-extra-5.4.0-1101-gcp - 5.4.0-1101.110 linux-buildinfo-5.4.0-1101-gcp - 5.4.0-1101.110 linux-modules-5.4.0-1101-gcp - 5.4.0-1101.110 linux-gcp-headers-5.4.0-1101 - 5.4.0-1101.110 linux-tools-5.4.0-1101-gcp - 5.4.0-1101.110 linux-image-unsigned-5.4.0-1101-gcp - 5.4.0-1101.110 linux-gcp-tools-5.4.0-1101 - 5.4.0-1101.110 linux-image-5.4.0-1101-gcp - 5.4.0-1101.110 linux-headers-5.4.0-1101-gcp - 5.4.0-1101.110 No subscription required linux-tools-5.4.0-1104-azure - 5.4.0-1104.110 linux-azure-tools-5.4.0-1104 - 5.4.0-1104.110 linux-modules-extra-5.4.0-1104-azure - 5.4.0-1104.110 linux-cloud-tools-5.4.0-1104-azure - 5.4.0-1104.110 linux-image-5.4.0-1104-azure - 5.4.0-1104.110 linux-modules-5.4.0-1104-azure - 5.4.0-1104.110 linux-buildinfo-5.4.0-1104-azure - 5.4.0-1104.110 linux-headers-5.4.0-1104-azure - 5.4.0-1104.110 linux-azure-headers-5.4.0-1104 - 5.4.0-1104.110 linux-image-unsigned-5.4.0-1104-azure - 5.4.0-1104.110 linux-azure-cloud-tools-5.4.0-1104 - 5.4.0-1104.110 No subscription required linux-tools-common - 5.4.0-144.161 linux-tools-5.4.0-144-generic - 5.4.0-144.161 linux-modules-5.4.0-144-generic - 5.4.0-144.161 linux-tools-host - 5.4.0-144.161 linux-buildinfo-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-doc - 5.4.0-144.161 linux-buildinfo-5.4.0-144-lowlatency - 5.4.0-144.161 linux-image-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-modules-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-image-5.4.0-144-generic - 5.4.0-144.161 linux-headers-5.4.0-144 - 5.4.0-144.161 linux-libc-dev - 5.4.0-144.161 linux-source-5.4.0 - 5.4.0-144.161 linux-modules-5.4.0-144-lowlatency - 5.4.0-144.161 linux-tools-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-buildinfo-5.4.0-144-generic - 5.4.0-144.161 linux-cloud-tools-5.4.0-144 - 5.4.0-144.161 linux-tools-5.4.0-144 - 5.4.0-144.161 linux-tools-5.4.0-144-lowlatency - 5.4.0-144.161 linux-headers-5.4.0-144-generic - 5.4.0-144.161 linux-image-unsigned-5.4.0-144-generic - 5.4.0-144.161 linux-cloud-tools-common - 5.4.0-144.161 linux-headers-5.4.0-144-lowlatency - 5.4.0-144.161 linux-image-unsigned-5.4.0-144-lowlatency - 5.4.0-144.161 linux-modules-extra-5.4.0-144-generic - 5.4.0-144.161 linux-cloud-tools-5.4.0-144-generic - 5.4.0-144.161 linux-image-5.4.0-144-lowlatency - 5.4.0-144.161 linux-headers-5.4.0-144-generic-lpae - 5.4.0-144.161 linux-cloud-tools-5.4.0-144-lowlatency - 5.4.0-144.161 No subscription required linux-headers-gkeop - 5.4.0.1065.63 linux-cloud-tools-gkeop-5.4 - 5.4.0.1065.63 linux-image-gkeop - 5.4.0.1065.63 linux-modules-extra-gkeop-5.4 - 5.4.0.1065.63 linux-gkeop-5.4 - 5.4.0.1065.63 linux-image-gkeop-5.4 - 5.4.0.1065.63 linux-gkeop - 5.4.0.1065.63 linux-cloud-tools-gkeop - 5.4.0.1065.63 linux-tools-gkeop - 5.4.0.1065.63 linux-headers-gkeop-5.4 - 5.4.0.1065.63 linux-modules-extra-gkeop - 5.4.0.1065.63 linux-tools-gkeop-5.4 - 5.4.0.1065.63 No subscription required linux-kvm - 5.4.0.1087.81 linux-headers-kvm - 5.4.0.1087.81 linux-tools-kvm - 5.4.0.1087.81 linux-image-kvm - 5.4.0.1087.81 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1094.87 linux-oracle-lts-20.04 - 5.4.0.1094.87 linux-headers-oracle-lts-20.04 - 5.4.0.1094.87 linux-image-oracle-lts-20.04 - 5.4.0.1094.87 No subscription required linux-modules-extra-gke - 5.4.0.1095.100 linux-headers-gke-5.4 - 5.4.0.1095.100 linux-tools-gke-5.4 - 5.4.0.1095.100 linux-modules-extra-gke-5.4 - 5.4.0.1095.100 linux-tools-gke - 5.4.0.1095.100 linux-gke - 5.4.0.1095.100 linux-headers-gke - 5.4.0.1095.100 linux-image-gke - 5.4.0.1095.100 linux-gke-5.4 - 5.4.0.1095.100 linux-image-gke-5.4 - 5.4.0.1095.100 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1097.94 linux-headers-aws-lts-20.04 - 5.4.0.1097.94 linux-tools-aws-lts-20.04 - 5.4.0.1097.94 linux-aws-lts-20.04 - 5.4.0.1097.94 linux-image-aws-lts-20.04 - 5.4.0.1097.94 No subscription required linux-gcp-lts-20.04 - 5.4.0.1101.103 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1101.103 linux-headers-gcp-lts-20.04 - 5.4.0.1101.103 linux-image-gcp-lts-20.04 - 5.4.0.1101.103 linux-tools-gcp-lts-20.04 - 5.4.0.1101.103 No subscription required linux-azure-lts-20.04 - 5.4.0.1104.97 linux-image-azure-lts-20.04 - 5.4.0.1104.97 linux-modules-extra-azure-lts-20.04 - 5.4.0.1104.97 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1104.97 linux-tools-azure-lts-20.04 - 5.4.0.1104.97 linux-headers-azure-lts-20.04 - 5.4.0.1104.97 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-cloud-tools-virtual - 5.4.0.144.142 linux-image-generic-hwe-18.04 - 5.4.0.144.142 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-headers-generic-lpae - 5.4.0.144.142 linux-image-virtual - 5.4.0.144.142 linux-oem-osp1-tools-host - 5.4.0.144.142 linux-image-generic - 5.4.0.144.142 linux-image-oem - 5.4.0.144.142 linux-headers-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-image-extra-virtual-hwe-18.04 - 5.4.0.144.142 linux-image-oem-osp1 - 5.4.0.144.142 linux-image-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-crashdump - 5.4.0.144.142 linux-tools-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-headers-generic-hwe-18.04 - 5.4.0.144.142 linux-headers-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-lowlatency - 5.4.0.144.142 linux-source - 5.4.0.144.142 linux-tools-generic-lpae - 5.4.0.144.142 linux-cloud-tools-generic - 5.4.0.144.142 linux-oem - 5.4.0.144.142 linux-tools-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-virtual - 5.4.0.144.142 linux-headers-virtual-hwe-18.04 - 5.4.0.144.142 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-tools-virtual - 5.4.0.144.142 linux-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-tools-oem-osp1 - 5.4.0.144.142 linux-generic-lpae - 5.4.0.144.142 linux-headers-oem - 5.4.0.144.142 linux-generic - 5.4.0.144.142 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.144.142 linux-tools-generic-hwe-18.04-edge - 5.4.0.144.142 linux-image-virtual-hwe-18.04 - 5.4.0.144.142 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-oem-tools-host - 5.4.0.144.142 linux-headers-lowlatency - 5.4.0.144.142 linux-image-generic-hwe-18.04-edge - 5.4.0.144.142 linux-generic-hwe-18.04-edge - 5.4.0.144.142 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-tools-generic - 5.4.0.144.142 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-image-extra-virtual - 5.4.0.144.142 linux-cloud-tools-lowlatency - 5.4.0.144.142 linux-tools-oem - 5.4.0.144.142 linux-headers-oem-osp1 - 5.4.0.144.142 linux-virtual-hwe-18.04 - 5.4.0.144.142 linux-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-tools-generic-hwe-18.04 - 5.4.0.144.142 linux-headers-generic-hwe-18.04-edge - 5.4.0.144.142 linux-headers-generic - 5.4.0.144.142 linux-oem-osp1 - 5.4.0.144.142 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.144.142 linux-tools-lowlatency - 5.4.0.144.142 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.144.142 linux-image-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.144.142 linux-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-headers-virtual - 5.4.0.144.142 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-tools-virtual-hwe-18.04 - 5.4.0.144.142 linux-lowlatency-hwe-18.04 - 5.4.0.144.142 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.144.142 linux-generic-hwe-18.04 - 5.4.0.144.142 linux-image-generic-lpae - 5.4.0.144.142 linux-image-virtual-hwe-18.04-edge - 5.4.0.144.142 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.144.142 linux-image-lowlatency - 5.4.0.144.142 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 Ubuntu 20.04 LTS It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934) It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20928) Update Instructions: Run `sudo pro fix USN-5918-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1058 - 5.4.0-1058.64 linux-image-unsigned-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-image-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-buildinfo-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-modules-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-bluefield-tools-5.4.0-1058 - 5.4.0-1058.64 linux-headers-5.4.0-1058-bluefield - 5.4.0-1058.64 linux-tools-5.4.0-1058-bluefield - 5.4.0-1058.64 No subscription required linux-bluefield - 5.4.0.1058.53 linux-tools-bluefield - 5.4.0.1058.53 linux-image-bluefield - 5.4.0.1058.53 linux-headers-bluefield - 5.4.0.1058.53 No subscription required High CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3649 CVE-2022-41849 CVE-2022-41850 CVE-2022-42895 CVE-2022-42896 CVE-2022-43945 CVE-2022-45934 CVE-2023-20928 Ubuntu 20.04 LTS Koen van Hove discovered that the rsync client incorrectly validated filenames returned by servers. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to write arbitrary files, and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-5921-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.5 No subscription required Medium CVE-2022-29154 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service. (CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799) It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804) Update Instructions: Run `sudo pro fix USN-5923-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.8 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.8 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.8 No subscription required Medium CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 Ubuntu 20.04 LTS It was discovered that systemd did not properly validate the time and accuracy values provided to the format_timespan() function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3821) It was discovered that systemd did not properly manage the fs.suid_dumpable kernel configurations. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-4415) It was discovered that systemd did not properly manage a crash with long backtrace data. A local attacker could possibly use this issue to cause a deadlock, leading to a denial of service attack. This issue only affected Ubuntu 22.10. (CVE-2022-45873) Update Instructions: Run `sudo pro fix USN-5928-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: systemd-tests - 245.4-4ubuntu3.20 systemd-coredump - 245.4-4ubuntu3.20 systemd - 245.4-4ubuntu3.20 libsystemd0 - 245.4-4ubuntu3.20 systemd-container - 245.4-4ubuntu3.20 libnss-myhostname - 245.4-4ubuntu3.20 libudev1 - 245.4-4ubuntu3.20 systemd-timesyncd - 245.4-4ubuntu3.20 libsystemd-dev - 245.4-4ubuntu3.20 libnss-systemd - 245.4-4ubuntu3.20 systemd-journal-remote - 245.4-4ubuntu3.20 libpam-systemd - 245.4-4ubuntu3.20 libnss-mymachines - 245.4-4ubuntu3.20 libnss-resolve - 245.4-4ubuntu3.20 systemd-sysv - 245.4-4ubuntu3.20 udev - 245.4-4ubuntu3.20 libudev-dev - 245.4-4ubuntu3.20 No subscription required Medium CVE-2022-3821 CVE-2022-4415 CVE-2022-45873 Ubuntu 20.04 LTS It was discovered that Sofia-SIP incorrectly handled specially crafted SDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-31001, CVE-2022-31002, CVE-2022-31003) It was discovered that Sofia-SIP incorrectly handled specially crafted UDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service. (CVE-2022-47516) Qiuhao Li discovered that Sofia-SIP incorrectly handled specially crafted STUN packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-22741) Update Instructions: Run `sudo pro fix USN-5932-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sofia-sip-doc - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua-glib3 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua0 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 sofia-sip-bin - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua-glib-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 libsofia-sip-ua-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 No subscription required Medium CVE-2022-31001 CVE-2022-31002 CVE-2022-31003 CVE-2022-47516 CVE-2023-22741 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) Update Instructions: Run `sudo pro fix USN-5934-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1081 - 5.4.0-1081.92 linux-image-5.4.0-1081-raspi - 5.4.0-1081.92 linux-raspi-headers-5.4.0-1081 - 5.4.0-1081.92 linux-tools-5.4.0-1081-raspi - 5.4.0-1081.92 linux-buildinfo-5.4.0-1081-raspi - 5.4.0-1081.92 linux-headers-5.4.0-1081-raspi - 5.4.0-1081.92 linux-modules-5.4.0-1081-raspi - 5.4.0-1081.92 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-raspi - 5.4.0.1081.111 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-raspi-hwe-18.04 - 5.4.0.1081.111 linux-tools-raspi - 5.4.0.1081.111 linux-image-raspi - 5.4.0.1081.111 linux-tools-raspi2-hwe-18.04 - 5.4.0.1081.111 linux-raspi2-hwe-18.04 - 5.4.0.1081.111 linux-raspi2 - 5.4.0.1081.111 linux-headers-raspi2 - 5.4.0.1081.111 linux-headers-raspi2-hwe-18.04 - 5.4.0.1081.111 linux-image-raspi2 - 5.4.0.1081.111 linux-image-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-tools-raspi-hwe-18.04 - 5.4.0.1081.111 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-tools-raspi2 - 5.4.0.1081.111 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1081.111 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1081.111 linux-headers-raspi - 5.4.0.1081.111 linux-headers-raspi-hwe-18.04 - 5.4.0.1081.111 linux-image-raspi-hwe-18.04 - 5.4.0.1081.111 linux-image-raspi2-hwe-18.04 - 5.4.0.1081.111 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 Ubuntu 20.04 LTS Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos keys. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-37966, CVE-2022-37967) It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. A remote attacker could possibly use this issue to elevate privileges. (CVE-2022-38023) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) WARNING: This update upgrades the version of Samba to 4.15.13. Please see the upstream release notes for important changes in the new version: https://www.samba.org/samba/history/samba-4.15.0.html In addition, the security fixes included in this new version introduce several important behavior changes which may cause compatibility problems interacting with systems still expecting the former behavior. Please see the following upstream advisories for more information: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html Update Instructions: Run `sudo pro fix USN-5936-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.1 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.1 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.1 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.1 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.1 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.1 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-3437 CVE-2022-37966 CVE-2022-37967 CVE-2022-38023 CVE-2022-42898 CVE-2022-45141 Ubuntu 20.04 LTS It was discovered that Opusfile was not properly validating pointer arguments in some of its functions, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts. Update Instructions: Run `sudo pro fix USN-5937-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopusfile-doc - 0.9+20170913-1ubuntu0.20.04.1~esm1 libopusfile-dev - 0.9+20170913-1ubuntu0.20.04.1~esm1 libopusfile0 - 0.9+20170913-1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-47021 Ubuntu 20.04 LTS Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2023-25690) Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy_uwsgi module incorrectly handled certain special characters. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-27522) Update Instructions: Run `sudo pro fix USN-5942-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.14 libapache2-mod-md - 2.4.41-4ubuntu3.14 apache2-utils - 2.4.41-4ubuntu3.14 apache2-dev - 2.4.41-4ubuntu3.14 apache2-suexec-pristine - 2.4.41-4ubuntu3.14 apache2-suexec-custom - 2.4.41-4ubuntu3.14 apache2 - 2.4.41-4ubuntu3.14 apache2-doc - 2.4.41-4ubuntu3.14 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.14 apache2-ssl-dev - 2.4.41-4ubuntu3.14 apache2-bin - 2.4.41-4ubuntu3.14 No subscription required Medium CVE-2023-25690 CVE-2023-27522 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-0616, CVE-2023-25735, CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25742, CVE-2023-25746) Johan Carlsson discovered that Thunderbird did not properly implement CSP policy on a header when using iframes. An attacker could potentially exploits this to exfiltrate data. (CVE-2023-25728) Irvan Kurniawan discovered that Thunderbird was not properly handling background fullscreen scripts when the window goes into fullscreen mode. An attacker could possibly use this issue to spoof the user and obtain sensitive information. (CVE-2023-25730) Christian Holler discovered that Thunderbird did not properly check the Safe Bag attributes in PKCS 12 certificate bundle. An attacker could possibly use this issue to write to arbitrary memory by sending malicious PKCS 12 certificate. (CVE-2023-0767) Ronald Crane discovered that Thunderbird did not properly check the size of the input being encoded in xpcom. An attacker could possibly use this issue to perform out of bound memory write operations. (CVE-2023-25732) Update Instructions: Run `sudo pro fix USN-5943-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.8.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.8.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.8.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.8.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.8.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-0616 CVE-2023-25728 CVE-2023-25730 CVE-2023-0767 CVE-2023-25735 CVE-2023-25737 CVE-2023-25729 CVE-2023-25739 CVE-2023-25732 CVE-2023-25742 CVE-2023-25746 Ubuntu 20.04 LTS It was discovered that SnakeYAML did not limit the maximal nested depth for collections when parsing YAML data. If a user or automated system were tricked into opening a specially crafted YAML file, an attacker could possibly use this issue to cause applications using SnakeYAML to crash, resulting in a denial of service. (CVE-2022-25857, CVE-2022-38749, CVE-2022-38750) It was discovered that SnakeYAML did not limit the maximal data matched with regular expressions when parsing YAML data. If a user or automated system were tricked into opening a specially crafted YAML file, an attacker could possibly use this issue to cause applications using SnakeYAML to crash, resulting in a denial of service. (CVE-2022-38751) Update Instructions: Run `sudo pro fix USN-5944-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libyaml-snake-java - 1.25+ds-2ubuntu0.1 libyaml-snake-java-doc - 1.25+ds-2ubuntu0.1 No subscription required Medium CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751 Ubuntu 20.04 LTS It was discovered that Protocol Buffers did not properly validate field com.google.protobuf.UnknownFieldSet in protobuf-java. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected protobuf Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2021-22569) It was discovered that Protocol Buffers did not properly parse certain symbols. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2021-22570) It was discovered that Protocol Buffers did not properly manage memory when parsing specifically crafted messages. An attacker could possibly use this issue to cause applications using protobuf to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-1941) Update Instructions: Run `sudo pro fix USN-5945-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libprotobuf17 - 3.6.1.3-2ubuntu5.2 libprotoc17 - 3.6.1.3-2ubuntu5.2 libprotoc-dev - 3.6.1.3-2ubuntu5.2 python-protobuf - 3.6.1.3-2ubuntu5.2 libprotobuf-lite17 - 3.6.1.3-2ubuntu5.2 ruby-google-protobuf - 3.6.1.3-2ubuntu5.2 libprotobuf-dev - 3.6.1.3-2ubuntu5.2 python3-protobuf - 3.6.1.3-2ubuntu5.2 libprotobuf-java - 3.6.1.3-2ubuntu5.2 protobuf-compiler - 3.6.1.3-2ubuntu5.2 No subscription required Low CVE-2021-22569 CVE-2021-22570 CVE-2022-1941 Ubuntu 20.04 LTS Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39140) It was discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39139, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149, CVE-2021-39151, CVE-2021-39153, CVE-2021-39154) It was discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39150, CVE-2021-39152) Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-41966) Update Instructions: Run `sudo pro fix USN-5946-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxstream-java - 1.4.11.1-1ubuntu0.3 No subscription required Medium CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149 CVE-2021-39150 CVE-2021-39151 CVE-2021-39152 CVE-2021-39153 CVE-2021-39154 CVE-2022-41966 Ubuntu 20.04 LTS Fabien Potencier discovered that Twig was not properly enforcing sandbox policies when dealing with objects automatically cast to strings by PHP. An attacker could possibly use this issue to expose sensitive information. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-9942) Marlon Starkloff discovered that Twig was not properly enforcing closure constraints in some of its array filtering functions. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2022-23614) Dariusz Tytko discovered that Twig was not properly verifying input data utilized when defining pathnames used to access files in a system. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2022-39261) Update Instructions: Run `sudo pro fix USN-5947-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-twig-inky-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-cssinliner-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-intl-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-extra-bundle - 2.12.5-1ubuntu0.1~esm1 php-twig-html-extra - 2.12.5-1ubuntu0.1~esm1 php-twig-doc - 2.12.5-1ubuntu0.1~esm1 php-twig-markdown-extra - 2.12.5-1ubuntu0.1~esm1 php-twig - 2.12.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-9942 CVE-2022-23614 CVE-2022-39261 Ubuntu 20.04 LTS It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookies. (CVE-2023-23934) It was discovered that Werkzeug could be made to process unlimited number of multipart form data parts. A remote attacker could possibly use this issue to cause Werkzeug to consume resources, leading to a denial of service. (CVE-2023-25577) Update Instructions: Run `sudo pro fix USN-5948-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-werkzeug - 0.16.1+dfsg1-2ubuntu0.1 python-werkzeug-doc - 0.16.1+dfsg1-2ubuntu0.1 No subscription required Medium CVE-2023-23934 CVE-2023-25577 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) Update Instructions: Run `sudo pro fix USN-5951-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-headers-5.4.0-1045 - 5.4.0-1045.50 linux-image-5.4.0-1045-ibm - 5.4.0-1045.50 linux-buildinfo-5.4.0-1045-ibm - 5.4.0-1045.50 linux-tools-5.4.0-1045-ibm - 5.4.0-1045.50 linux-headers-5.4.0-1045-ibm - 5.4.0-1045.50 linux-image-unsigned-5.4.0-1045-ibm - 5.4.0-1045.50 linux-ibm-tools-5.4.0-1045 - 5.4.0-1045.50 linux-modules-5.4.0-1045-ibm - 5.4.0-1045.50 linux-ibm-tools-common - 5.4.0-1045.50 linux-ibm-source-5.4.0 - 5.4.0-1045.50 linux-ibm-cloud-tools-common - 5.4.0-1045.50 linux-modules-extra-5.4.0-1045-ibm - 5.4.0-1045.50 No subscription required linux-image-ibm - 5.4.0.1045.71 linux-headers-ibm-lts-20.04 - 5.4.0.1045.71 linux-tools-ibm - 5.4.0.1045.71 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1045.71 linux-ibm-lts-20.04 - 5.4.0.1045.71 linux-tools-ibm-lts-20.04 - 5.4.0.1045.71 linux-headers-ibm - 5.4.0.1045.71 linux-image-ibm-lts-20.04 - 5.4.0.1045.71 linux-modules-extra-ibm - 5.4.0.1045.71 linux-ibm - 5.4.0.1045.71 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 Ubuntu 20.04 LTS It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery (CSRF) attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. (CVE-2015-5607) It was discovered that IPython did not properly manage cross user temporary files. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2022-21699) Update Instructions: Run `sudo pro fix USN-5953-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-ipython-doc - 7.13.0-1ubuntu0.1~esm1 python3-ipython - 7.13.0-1ubuntu0.1~esm1 ipython3 - 7.13.0-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2015-5607 CVE-2022-21699 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25750, CVE-2023-25752, CVE-2023-28162, CVE-2023-28176, CVE-2023-28177) Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25751) Rob Wu discovered that Firefox did not properly manage the URLs when following a redirect to a publicly accessible web extension file. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-28160) Luan Herrera discovered that Firefox did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-28164) Khiem Tran discovered that Firefox did not properly manage one-time permissions granted to a document loaded using a file: URL. An attacker could potentially exploit this issue to use granted one-time permissions on the local files came from different sources. (CVE-2023-28161) Update Instructions: Run `sudo pro fix USN-5954-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 111.0+build2-0ubuntu0.20.04.1 firefox - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 111.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 111.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 111.0+build2-0ubuntu0.20.04.1 firefox-dev - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 111.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 111.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-25750 CVE-2023-25751 CVE-2023-28160 CVE-2023-28164 CVE-2023-28161 CVE-2023-28162 CVE-2023-25752 CVE-2023-28176 CVE-2023-28177 Ubuntu 20.04 LTS USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-25750, CVE-2023-25752, CVE-2023-28162, CVE-2023-28176, CVE-2023-28177) Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25751) Rob Wu discovered that Firefox did not properly manage the URLs when following a redirect to a publicly accessible web extension file. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-28160) Luan Herrera discovered that Firefox did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-28164) Khiem Tran discovered that Firefox did not properly manage one-time permissions granted to a document loaded using a file: URL. An attacker could potentially exploit this issue to use granted one-time permissions on the local files came from different sources. (CVE-2023-28161) Update Instructions: Run `sudo pro fix USN-5954-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 111.0.1+build2-0ubuntu0.20.04.1 firefox - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 111.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 111.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 111.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 111.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 111.0.1+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2012696 Ubuntu 20.04 LTS Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2016-10033, CVE-2016-10045) It was discovered that PHPMailer was not properly escaping characters in certain fields of the code_generator.php example code. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2017-11503) Yongxiang Li discovered that PHPMailer was not properly converting relative paths provided as user input when adding attachments to messages, which could lead to relative image URLs being treated as absolute local file paths and added as attachments. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. This issue only affected Ubuntu 16.04 ESM. (CVE-2017-5223) Sehun Oh discovered that PHPMailer was not properly processing untrusted non-local file attachments, which could lead to an object injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2018-19296) Elar Lang discovered that PHPMailer was not properly escaping file attachment names, which could lead to a misinterpretation of file types by entities processing the message. An attacker could possibly use this issue to bypass attachment filters. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13625) It was discovered that PHPMailer was not properly handling callables in its validateAddress function, which could result in untrusted code being called should the global namespace contain a function called 'php'. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3603) Update Instructions: Run `sudo pro fix USN-5956-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libphp-phpmailer - 6.0.6-0.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-10033 CVE-2016-10045 CVE-2017-11503 CVE-2017-5223 CVE-2018-19296 CVE-2020-13625 CVE-2021-3603 Ubuntu 20.04 LTS Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-19105) Lilith of Cisco Talos discovered that LibreCAD incorrectly handled memory when parsing DWG files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2021-21898, CVE-2021-21899) Lilith of Cisco Talos discovered that LibreCAD incorrectly handled memory when parsing DRW files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2021-21900) Albin Eldstål-Ahrens discovered that LibreCAD incorrectly handled memory when parsing JWW files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2021-45341, CVE-2021-45342) Albin Eldstål-Ahrens discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. (CVE-2021-45343) Update Instructions: Run `sudo pro fix USN-5957-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librecad-data - 2.1.3-1.2+deb10u1build0.20.04.1 librecad - 2.1.3-1.2+deb10u1build0.20.04.1 No subscription required Medium CVE-2018-19105 CVE-2021-21898 CVE-2021-21899 CVE-2021-21900 CVE-2021-45341 CVE-2021-45342 CVE-2021-45343 Ubuntu 20.04 LTS It was discovered that FFmpeg could be made to dereference a null pointer. An attacker could possibly use this to cause a denial of service via application crash. These issues only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3109, CVE-2022-3341) It was discovered that FFmpeg could be made to access an out-of-bounds frame by the Apple RPZA encoder. An attacker could possibly use this to cause a denial of service via application crash or access sensitive information. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3964) It was discovered that FFmpeg could be made to access an out-of-bounds frame by the QuickTime encoder. An attacker could possibly use this to cause a denial of service via application crash or access sensitive information. This issue only affected Ubuntu 22.10. (CVE-2022-3965) Update Instructions: Run `sudo pro fix USN-5958-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.7-0ubuntu0.1+esm1 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm1 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm1 libavformat58 - 7:4.2.7-0ubuntu0.1+esm1 libavresample4 - 7:4.2.7-0ubuntu0.1+esm1 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm1 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm1 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm1 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm1 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm1 libswresample3 - 7:4.2.7-0ubuntu0.1+esm1 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm1 libswscale5 - 7:4.2.7-0ubuntu0.1+esm1 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm1 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm1 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm1 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm1 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm1 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm1 libavutil56 - 7:4.2.7-0ubuntu0.1+esm1 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm1 ffmpeg - 7:4.2.7-0ubuntu0.1+esm1 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm1 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-3109 CVE-2022-3341 CVE-2022-3964 CVE-2022-3965 https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/2007269 Ubuntu 20.04 LTS It was discovered that Kerberos incorrectly handled memory when processing KDC data, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts. (CVE-2021-36222, CVE-2021-37750) Update Instructions: Run `sudo pro fix USN-5959-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-doc - 1.17-6ubuntu4.3 krb5-kpropd - 1.17-6ubuntu4.3 krb5-user - 1.17-6ubuntu4.3 libgssrpc4 - 1.17-6ubuntu4.3 libkrb5support0 - 1.17-6ubuntu4.3 libk5crypto3 - 1.17-6ubuntu4.3 libkrb5-dev - 1.17-6ubuntu4.3 krb5-pkinit - 1.17-6ubuntu4.3 libkrb5-3 - 1.17-6ubuntu4.3 krb5-kdc-ldap - 1.17-6ubuntu4.3 krb5-otp - 1.17-6ubuntu4.3 krb5-gss-samples - 1.17-6ubuntu4.3 libkdb5-9 - 1.17-6ubuntu4.3 krb5-locales - 1.17-6ubuntu4.3 libgssapi-krb5-2 - 1.17-6ubuntu4.3 krb5-kdc - 1.17-6ubuntu4.3 libkrad-dev - 1.17-6ubuntu4.3 krb5-k5tls - 1.17-6ubuntu4.3 libkrad0 - 1.17-6ubuntu4.3 krb5-multidev - 1.17-6ubuntu4.3 libkadm5srv-mit11 - 1.17-6ubuntu4.3 libkadm5clnt-mit11 - 1.17-6ubuntu4.3 krb5-admin-server - 1.17-6ubuntu4.3 No subscription required Medium CVE-2021-36222 CVE-2021-37750 Ubuntu 20.04 LTS Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters. Update Instructions: Run `sudo pro fix USN-5960-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.7 python3.8-full - 3.8.10-0ubuntu1~20.04.7 python3.8-examples - 3.8.10-0ubuntu1~20.04.7 python3.8-dev - 3.8.10-0ubuntu1~20.04.7 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.7 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.7 python3.8-venv - 3.8.10-0ubuntu1~20.04.7 libpython3.8 - 3.8.10-0ubuntu1~20.04.7 idle-python3.8 - 3.8.10-0ubuntu1~20.04.7 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.7 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.7 python3.8 - 3.8.10-0ubuntu1~20.04.7 python3.8-doc - 3.8.10-0ubuntu1~20.04.7 No subscription required Medium CVE-2023-24329 Ubuntu 20.04 LTS It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-10753, CVE-2018-10771, CVE-2019-1010069) Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service. (CVE-2021-32434, CVE-2021-32435, CVE-2021-32436) Update Instructions: Run `sudo pro fix USN-5961-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: abcm2ps - 8.14.6-0.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-10753 CVE-2018-10771 CVE-2019-1010069 CVE-2021-32434 CVE-2021-32435 CVE-2021-32436 Ubuntu 20.04 LTS It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-47024, CVE-2023-0049, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433) It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-0051) It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-1170, CVE-2023-1175) It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-1264) Update Instructions: Run `sudo pro fix USN-5963-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.12 vim-athena - 2:8.1.2269-1ubuntu5.12 xxd - 2:8.1.2269-1ubuntu5.12 vim-gtk - 2:8.1.2269-1ubuntu5.12 vim-gui-common - 2:8.1.2269-1ubuntu5.12 vim - 2:8.1.2269-1ubuntu5.12 vim-doc - 2:8.1.2269-1ubuntu5.12 vim-tiny - 2:8.1.2269-1ubuntu5.12 vim-runtime - 2:8.1.2269-1ubuntu5.12 vim-gtk3 - 2:8.1.2269-1ubuntu5.12 vim-nox - 2:8.1.2269-1ubuntu5.12 No subscription required Medium CVE-2022-47024 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 CVE-2023-1170 CVE-2023-1175 CVE-2023-1264 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to the server as provided, contrary to expectations. (CVE-2023-27533) Harry Sintonen discovered that curl incorrectly handled special tilde characters when used with SFTP paths. A remote attacker could possibly use this issue to circumvent filtering. (CVE-2023-27534) Harry Sintonen discovered that curl incorrectly reused certain FTP connections. This could lead to the wrong credentials being reused, contrary to expectations. (CVE-2023-27535) Harry Sintonen discovered that curl incorrectly reused connections when the GSS delegation option had been changed. This could lead to the option being reused, contrary to expectations. (CVE-2023-27536) Harry Sintonen discovered that curl incorrectly reused certain SSH connections. This could lead to the wrong credentials being reused, contrary to expectations. (CVE-2023-27538) Update Instructions: Run `sudo pro fix USN-5964-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.18 libcurl4-openssl-dev - 7.68.0-1ubuntu2.18 libcurl3-gnutls - 7.68.0-1ubuntu2.18 libcurl4-doc - 7.68.0-1ubuntu2.18 libcurl3-nss - 7.68.0-1ubuntu2.18 libcurl4-nss-dev - 7.68.0-1ubuntu2.18 libcurl4 - 7.68.0-1ubuntu2.18 curl - 7.68.0-1ubuntu2.18 No subscription required Medium CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538 Ubuntu 20.04 LTS It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after a client had added an exception and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-5965-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tigervnc-xorg-extension - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-common - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-standalone-server - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-scraping-server - 1.10.1+dfsg-3ubuntu0.1+esm2 tigervnc-viewer - 1.10.1+dfsg-3ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-26117 Ubuntu 20.04 LTS Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update Instructions: Run `sudo pro fix USN-5966-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.1 amanda-common - 1:3.5.1-2ubuntu0.1 amanda-server - 1:3.5.1-2ubuntu0.1 No subscription required High CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 Ubuntu 20.04 LTS USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in amanda until a better fix is provided. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update Instructions: Run `sudo pro fix USN-5966-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.2 amanda-common - 1:3.5.1-2ubuntu0.2 amanda-server - 1:3.5.1-2ubuntu0.2 No subscription required None https://launchpad.net/bugs/2012536 Ubuntu 20.04 LTS USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This update provides security fixes for Ubuntu 22.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update Instructions: Run `sudo pro fix USN-5966-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.3 amanda-common - 1:3.5.1-2ubuntu0.3 amanda-server - 1:3.5.1-2ubuntu0.3 No subscription required High CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 https://launchpad.net/bugs/2012536 Ubuntu 20.04 LTS It was discovered that the set() method in object-path could be corrupted as a result of prototype pollution by sending a message to the parent process. An attacker could use this issue to cause object-path to crash. (CVE-2020-15256, CVE-2021-23434, CVE-2021-3805) Update Instructions: Run `sudo pro fix USN-5967-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-object-path - 0.11.4-2ubuntu0.1 No subscription required Medium CVE-2020-15256 CVE-2021-23434 CVE-2021-3805 Ubuntu 20.04 LTS It was discovered that GitPython did not properly sanitize user inputs for remote URLs in the clone command. By injecting a maliciously crafted remote URL, an attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-5968-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-git-doc - 3.0.7-1ubuntu0.1~esm1 python3-git - 3.0.7-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24439 Ubuntu 20.04 LTS It was discovered that gif2apng contained multiple heap-base overflows. An attacker could potentially exploit this to cause a denial of service (system crash). (CVE-2021-45909, CVE-2021-45910, CVE-2021-45911) Update Instructions: Run `sudo pro fix USN-5969-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gif2apng - 1.9+srconly-3ubuntu0.1 No subscription required Medium CVE-2021-45909 CVE-2021-45910 CVE-2021-45911 Ubuntu 20.04 LTS It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10196) It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. These issues only affected Ubuntu 14.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11023) It was discovered that graphviz contains a buffer overflow vulnerability. Exploitation via a specially crafted input file can cause a denial of service or possibly allow for arbitrary code execution. These issues only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-18032) Update Instructions: Run `sudo pro fix USN-5971-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgv-perl - 2.42.2-3ubuntu0.1~esm1 python3-gv - 2.42.2-3ubuntu0.1~esm1 libcgraph6 - 2.42.2-3ubuntu0.1~esm1 libgv-tcl - 2.42.2-3ubuntu0.1~esm1 liblab-gamut1 - 2.42.2-3ubuntu0.1~esm1 libgvc6 - 2.42.2-3ubuntu0.1~esm1 libxdot4 - 2.42.2-3ubuntu0.1~esm1 libgv-php7 - 2.42.2-3ubuntu0.1~esm1 graphviz-doc - 2.42.2-3ubuntu0.1~esm1 graphviz - 2.42.2-3ubuntu0.1~esm1 libgv-lua - 2.42.2-3ubuntu0.1~esm1 libpathplan4 - 2.42.2-3ubuntu0.1~esm1 libcdt5 - 2.42.2-3ubuntu0.1~esm1 libgvpr2 - 2.42.2-3ubuntu0.1~esm1 libgraphviz-dev - 2.42.2-3ubuntu0.1~esm1 libgvc6-plugins-gtk - 2.42.2-3ubuntu0.1~esm1 libgv-guile - 2.42.2-3ubuntu0.1~esm1 libgv-ruby - 2.42.2-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-10196 CVE-2019-11023 CVE-2020-18032 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-25152, CVE-2023-28162, CVE-2023-28176) Lukas Bernhard discovered that Thunderbird did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-25751) Luan Herrera discovered that Thunderbird did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-28164) Update Instructions: Run `sudo pro fix USN-5972-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.9.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.9.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.9.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.9.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-25751 CVE-2023-25752 CVE-2023-28162 CVE-2023-28164 CVE-2023-28176 Ubuntu 20.04 LTS It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. (CVE-2018-3774) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass input validation. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8124) Yaniv Nizry discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-27515) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3664) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass authorization. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0512, CVE-2022-0639, CVE-2022-0691) Rohan Sharma discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass authorization. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0686) Update Instructions: Run `sudo pro fix USN-5973-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-url-parse - 1.4.7-3ubuntu0.1 No subscription required Medium CVE-2018-3774 CVE-2020-8124 CVE-2021-27515 CVE-2021-3664 CVE-2022-0512 CVE-2022-0639 CVE-2022-0686 CVE-2022-0691 Ubuntu 20.04 LTS It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-20184) It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-20189) It was discovered that GraphicsMagick was not properly processing bit-field mask values in BMP image files, which could result in the execution of an infinite loop. If a user or automated system were tricked into processing a specially crafted BMP image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-5685) It was discovered that GraphicsMagick was not properly validating data used in arithmetic operations when processing MNG image files, which could result in a divide-by-zero error. If a user or automated system were tricked into processing a specially crafted MNG image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-9018) It was discovered that GraphicsMagick was not properly performing bounds checks when processing MIFF image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted MIFF image file, an attacker could possibly use this issue to cause a denial of service or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2019-11006) It was discovered that GraphicsMagick did not properly magnify certain MNG image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted MNG image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-12672) It was discovered that GraphicsMagick was not properly performing bounds checks when parsing certain MIFF image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted MIFF image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1270) Update Instructions: Run `sudo pro fix USN-5974-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgraphics-magick-perl - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick-q16-3 - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick1-dev - 1.4+really1.3.35-1ubuntu0.1 graphicsmagick - 1.4+really1.3.35-1ubuntu0.1 graphicsmagick-imagemagick-compat - 1.4+really1.3.35-1ubuntu0.1 graphicsmagick-libmagick-dev-compat - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick++-q16-12 - 1.4+really1.3.35-1ubuntu0.1 libgraphicsmagick++1-dev - 1.4+really1.3.35-1ubuntu0.1 No subscription required Medium CVE-2018-20184 CVE-2018-20189 CVE-2018-5685 CVE-2018-9018 CVE-2019-11006 CVE-2020-12672 CVE-2022-1270 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) It was discovered that the NILFS2 file system implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3646) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41850) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) Update Instructions: Run `sudo pro fix USN-5976-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oem-5.14-headers-5.14.0-1059 - 5.14.0-1059.67 linux-headers-5.14.0-1059-oem - 5.14.0-1059.67 linux-oem-5.14-tools-5.14.0-1059 - 5.14.0-1059.67 linux-image-5.14.0-1059-oem - 5.14.0-1059.67 linux-tools-5.14.0-1059-oem - 5.14.0-1059.67 linux-modules-5.14.0-1059-oem - 5.14.0-1059.67 linux-image-unsigned-5.14.0-1059-oem - 5.14.0-1059.67 linux-modules-iwlwifi-5.14.0-1059-oem - 5.14.0-1059.67 linux-oem-5.14-tools-host - 5.14.0-1059.67 linux-buildinfo-5.14.0-1059-oem - 5.14.0-1059.67 No subscription required linux-image-oem-20.04c - 5.14.0.1059.57 linux-image-oem-20.04b - 5.14.0.1059.57 linux-image-oem-20.04d - 5.14.0.1059.57 linux-headers-oem-20.04 - 5.14.0.1059.57 linux-tools-oem-20.04c - 5.14.0.1059.57 linux-tools-oem-20.04b - 5.14.0.1059.57 linux-oem-20.04 - 5.14.0.1059.57 linux-image-oem-20.04 - 5.14.0.1059.57 linux-modules-iwlwifi-oem-20.04d - 5.14.0.1059.57 linux-oem-20.04d - 5.14.0.1059.57 linux-oem-20.04c - 5.14.0.1059.57 linux-oem-20.04b - 5.14.0.1059.57 linux-tools-oem-20.04d - 5.14.0.1059.57 linux-headers-oem-20.04b - 5.14.0.1059.57 linux-headers-oem-20.04c - 5.14.0.1059.57 linux-headers-oem-20.04d - 5.14.0.1059.57 linux-tools-oem-20.04 - 5.14.0.1059.57 linux-modules-iwlwifi-oem-20.04 - 5.14.0.1059.57 No subscription required High CVE-2022-2196 CVE-2022-3061 CVE-2022-3628 CVE-2022-36280 CVE-2022-3646 CVE-2022-3649 CVE-2022-41850 CVE-2023-0394 CVE-2023-0461 Ubuntu 20.04 LTS It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update Instructions: Run `sudo pro fix USN-5980-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-source-5.4.0 - 5.4.0-1046.51 linux-modules-extra-5.4.0-1046-ibm - 5.4.0-1046.51 linux-ibm-cloud-tools-common - 5.4.0-1046.51 linux-ibm-tools-common - 5.4.0-1046.51 linux-ibm-headers-5.4.0-1046 - 5.4.0-1046.51 linux-image-unsigned-5.4.0-1046-ibm - 5.4.0-1046.51 linux-modules-5.4.0-1046-ibm - 5.4.0-1046.51 linux-buildinfo-5.4.0-1046-ibm - 5.4.0-1046.51 linux-tools-5.4.0-1046-ibm - 5.4.0-1046.51 linux-image-5.4.0-1046-ibm - 5.4.0-1046.51 linux-headers-5.4.0-1046-ibm - 5.4.0-1046.51 linux-ibm-tools-5.4.0-1046 - 5.4.0-1046.51 No subscription required linux-cloud-tools-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-image-unsigned-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-tools-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-image-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-headers-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-gkeop-source-5.4.0 - 5.4.0-1066.70 linux-gkeop-headers-5.4.0-1066 - 5.4.0-1066.70 linux-gkeop-tools-5.4.0-1066 - 5.4.0-1066.70 linux-gkeop-cloud-tools-5.4.0-1066 - 5.4.0-1066.70 linux-modules-extra-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-buildinfo-5.4.0-1066-gkeop - 5.4.0-1066.70 linux-modules-5.4.0-1066-gkeop - 5.4.0-1066.70 No subscription required linux-raspi-headers-5.4.0-1082 - 5.4.0-1082.93 linux-modules-5.4.0-1082-raspi - 5.4.0-1082.93 linux-tools-5.4.0-1082-raspi - 5.4.0-1082.93 linux-buildinfo-5.4.0-1082-raspi - 5.4.0-1082.93 linux-headers-5.4.0-1082-raspi - 5.4.0-1082.93 linux-raspi-tools-5.4.0-1082 - 5.4.0-1082.93 linux-image-5.4.0-1082-raspi - 5.4.0-1082.93 No subscription required linux-kvm-tools-5.4.0-1088 - 5.4.0-1088.94 linux-kvm-headers-5.4.0-1088 - 5.4.0-1088.94 linux-buildinfo-5.4.0-1088-kvm - 5.4.0-1088.94 linux-image-5.4.0-1088-kvm - 5.4.0-1088.94 linux-image-unsigned-5.4.0-1088-kvm - 5.4.0-1088.94 linux-tools-5.4.0-1088-kvm - 5.4.0-1088.94 linux-headers-5.4.0-1088-kvm - 5.4.0-1088.94 linux-modules-5.4.0-1088-kvm - 5.4.0-1088.94 No subscription required linux-gke-tools-5.4.0-1096 - 5.4.0-1096.103 linux-image-unsigned-5.4.0-1096-gke - 5.4.0-1096.103 linux-modules-extra-5.4.0-1096-gke - 5.4.0-1096.103 linux-modules-5.4.0-1096-gke - 5.4.0-1096.103 linux-image-5.4.0-1096-gke - 5.4.0-1096.103 linux-headers-5.4.0-1096-gke - 5.4.0-1096.103 linux-gke-headers-5.4.0-1096 - 5.4.0-1096.103 linux-tools-5.4.0-1096-gke - 5.4.0-1096.103 linux-buildinfo-5.4.0-1096-gke - 5.4.0-1096.103 No subscription required linux-image-5.4.0-1098-oracle - 5.4.0-1098.107 linux-modules-5.4.0-1098-oracle - 5.4.0-1098.107 linux-modules-extra-5.4.0-1098-oracle - 5.4.0-1098.107 linux-headers-5.4.0-1098-oracle - 5.4.0-1098.107 linux-tools-5.4.0-1098-oracle - 5.4.0-1098.107 linux-oracle-headers-5.4.0-1098 - 5.4.0-1098.107 linux-oracle-tools-5.4.0-1098 - 5.4.0-1098.107 linux-buildinfo-5.4.0-1098-oracle - 5.4.0-1098.107 linux-image-unsigned-5.4.0-1098-oracle - 5.4.0-1098.107 No subscription required linux-image-5.4.0-1099-aws - 5.4.0-1099.107 linux-aws-cloud-tools-5.4.0-1099 - 5.4.0-1099.107 linux-buildinfo-5.4.0-1099-aws - 5.4.0-1099.107 linux-tools-5.4.0-1099-aws - 5.4.0-1099.107 linux-cloud-tools-5.4.0-1099-aws - 5.4.0-1099.107 linux-image-unsigned-5.4.0-1099-aws - 5.4.0-1099.107 linux-modules-5.4.0-1099-aws - 5.4.0-1099.107 linux-aws-tools-5.4.0-1099 - 5.4.0-1099.107 linux-headers-5.4.0-1099-aws - 5.4.0-1099.107 linux-aws-headers-5.4.0-1099 - 5.4.0-1099.107 linux-modules-extra-5.4.0-1099-aws - 5.4.0-1099.107 No subscription required linux-modules-extra-5.4.0-1102-gcp - 5.4.0-1102.111 linux-modules-5.4.0-1102-gcp - 5.4.0-1102.111 linux-buildinfo-5.4.0-1102-gcp - 5.4.0-1102.111 linux-gcp-tools-5.4.0-1102 - 5.4.0-1102.111 linux-image-5.4.0-1102-gcp - 5.4.0-1102.111 linux-gcp-headers-5.4.0-1102 - 5.4.0-1102.111 linux-tools-5.4.0-1102-gcp - 5.4.0-1102.111 linux-image-unsigned-5.4.0-1102-gcp - 5.4.0-1102.111 linux-headers-5.4.0-1102-gcp - 5.4.0-1102.111 No subscription required linux-azure-tools-5.4.0-1105 - 5.4.0-1105.111 linux-modules-5.4.0-1105-azure - 5.4.0-1105.111 linux-buildinfo-5.4.0-1105-azure - 5.4.0-1105.111 linux-tools-5.4.0-1105-azure - 5.4.0-1105.111 linux-image-5.4.0-1105-azure - 5.4.0-1105.111 linux-cloud-tools-5.4.0-1105-azure - 5.4.0-1105.111 linux-headers-5.4.0-1105-azure - 5.4.0-1105.111 linux-image-unsigned-5.4.0-1105-azure - 5.4.0-1105.111 linux-modules-extra-5.4.0-1105-azure - 5.4.0-1105.111 linux-azure-headers-5.4.0-1105 - 5.4.0-1105.111 linux-azure-cloud-tools-5.4.0-1105 - 5.4.0-1105.111 No subscription required linux-cloud-tools-5.4.0-146-generic - 5.4.0-146.163 linux-tools-common - 5.4.0-146.163 linux-image-unsigned-5.4.0-146-lowlatency - 5.4.0-146.163 linux-tools-host - 5.4.0-146.163 linux-doc - 5.4.0-146.163 linux-modules-5.4.0-146-generic - 5.4.0-146.163 linux-image-unsigned-5.4.0-146-generic - 5.4.0-146.163 linux-buildinfo-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-headers-5.4.0-146 - 5.4.0-146.163 linux-libc-dev - 5.4.0-146.163 linux-source-5.4.0 - 5.4.0-146.163 linux-modules-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-tools-5.4.0-146 - 5.4.0-146.163 linux-image-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-buildinfo-5.4.0-146-generic - 5.4.0-146.163 linux-modules-extra-5.4.0-146-generic - 5.4.0-146.163 linux-cloud-tools-5.4.0-146 - 5.4.0-146.163 linux-tools-5.4.0-146-lowlatency - 5.4.0-146.163 linux-headers-5.4.0-146-generic - 5.4.0-146.163 linux-modules-5.4.0-146-lowlatency - 5.4.0-146.163 linux-cloud-tools-common - 5.4.0-146.163 linux-buildinfo-5.4.0-146-lowlatency - 5.4.0-146.163 linux-image-5.4.0-146-generic - 5.4.0-146.163 linux-tools-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-headers-5.4.0-146-generic-lpae - 5.4.0-146.163 linux-image-5.4.0-146-lowlatency - 5.4.0-146.163 linux-cloud-tools-5.4.0-146-lowlatency - 5.4.0-146.163 linux-headers-5.4.0-146-lowlatency - 5.4.0-146.163 linux-tools-5.4.0-146-generic - 5.4.0-146.163 No subscription required linux-modules-extra-ibm - 5.4.0.1046.72 linux-image-ibm - 5.4.0.1046.72 linux-headers-ibm-lts-20.04 - 5.4.0.1046.72 linux-tools-ibm - 5.4.0.1046.72 linux-ibm-lts-20.04 - 5.4.0.1046.72 linux-image-ibm-lts-20.04 - 5.4.0.1046.72 linux-ibm - 5.4.0.1046.72 linux-tools-ibm-lts-20.04 - 5.4.0.1046.72 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1046.72 linux-headers-ibm - 5.4.0.1046.72 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1066.64 linux-image-gkeop - 5.4.0.1066.64 linux-gkeop-5.4 - 5.4.0.1066.64 linux-headers-gkeop - 5.4.0.1066.64 linux-image-gkeop-5.4 - 5.4.0.1066.64 linux-gkeop - 5.4.0.1066.64 linux-cloud-tools-gkeop - 5.4.0.1066.64 linux-modules-extra-gkeop-5.4 - 5.4.0.1066.64 linux-headers-gkeop-5.4 - 5.4.0.1066.64 linux-modules-extra-gkeop - 5.4.0.1066.64 linux-tools-gkeop - 5.4.0.1066.64 linux-tools-gkeop-5.4 - 5.4.0.1066.64 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-raspi2 - 5.4.0.1082.112 linux-headers-raspi2 - 5.4.0.1082.112 linux-image-raspi-hwe-18.04 - 5.4.0.1082.112 linux-image-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-tools-raspi - 5.4.0.1082.112 linux-headers-raspi-hwe-18.04 - 5.4.0.1082.112 linux-headers-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-headers-raspi - 5.4.0.1082.112 linux-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-image-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-raspi-hwe-18.04 - 5.4.0.1082.112 linux-tools-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-raspi2-hwe-18.04 - 5.4.0.1082.112 linux-image-raspi2 - 5.4.0.1082.112 linux-tools-raspi-hwe-18.04 - 5.4.0.1082.112 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-raspi-hwe-18.04-edge - 5.4.0.1082.112 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1082.112 linux-image-raspi - 5.4.0.1082.112 linux-tools-raspi2 - 5.4.0.1082.112 linux-raspi - 5.4.0.1082.112 No subscription required linux-kvm - 5.4.0.1088.82 linux-headers-kvm - 5.4.0.1088.82 linux-tools-kvm - 5.4.0.1088.82 linux-image-kvm - 5.4.0.1088.82 No subscription required linux-modules-extra-gke - 5.4.0.1096.101 linux-headers-gke-5.4 - 5.4.0.1096.101 linux-modules-extra-gke-5.4 - 5.4.0.1096.101 linux-gke-5.4 - 5.4.0.1096.101 linux-tools-gke - 5.4.0.1096.101 linux-gke - 5.4.0.1096.101 linux-headers-gke - 5.4.0.1096.101 linux-image-gke - 5.4.0.1096.101 linux-image-gke-5.4 - 5.4.0.1096.101 linux-tools-gke-5.4 - 5.4.0.1096.101 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1098.91 linux-oracle-lts-20.04 - 5.4.0.1098.91 linux-headers-oracle-lts-20.04 - 5.4.0.1098.91 linux-image-oracle-lts-20.04 - 5.4.0.1098.91 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1099.96 linux-image-aws-lts-20.04 - 5.4.0.1099.96 linux-headers-aws-lts-20.04 - 5.4.0.1099.96 linux-tools-aws-lts-20.04 - 5.4.0.1099.96 linux-aws-lts-20.04 - 5.4.0.1099.96 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1102.104 linux-gcp-lts-20.04 - 5.4.0.1102.104 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1102.104 linux-headers-gcp-lts-20.04 - 5.4.0.1102.104 linux-image-gcp-lts-20.04 - 5.4.0.1102.104 No subscription required linux-azure-lts-20.04 - 5.4.0.1105.98 linux-image-azure-lts-20.04 - 5.4.0.1105.98 linux-modules-extra-azure-lts-20.04 - 5.4.0.1105.98 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1105.98 linux-tools-azure-lts-20.04 - 5.4.0.1105.98 linux-headers-azure-lts-20.04 - 5.4.0.1105.98 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-cloud-tools-virtual - 5.4.0.146.144 linux-image-generic-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-headers-generic-lpae - 5.4.0.146.144 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-image-virtual - 5.4.0.146.144 linux-oem-osp1-tools-host - 5.4.0.146.144 linux-image-generic - 5.4.0.146.144 linux-tools-lowlatency - 5.4.0.146.144 linux-image-oem - 5.4.0.146.144 linux-headers-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.146.144 linux-image-extra-virtual-hwe-18.04 - 5.4.0.146.144 linux-image-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-crashdump - 5.4.0.146.144 linux-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-tools-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-headers-generic-hwe-18.04 - 5.4.0.146.144 linux-headers-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-source - 5.4.0.146.144 linux-lowlatency - 5.4.0.146.144 linux-tools-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-lpae - 5.4.0.146.144 linux-cloud-tools-generic - 5.4.0.146.144 linux-virtual - 5.4.0.146.144 linux-headers-virtual-hwe-18.04 - 5.4.0.146.144 linux-tools-generic - 5.4.0.146.144 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-tools-virtual - 5.4.0.146.144 linux-tools-oem - 5.4.0.146.144 linux-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-headers-oem - 5.4.0.146.144 linux-generic - 5.4.0.146.144 linux-tools-oem-osp1 - 5.4.0.146.144 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-image-lowlatency - 5.4.0.146.144 linux-image-virtual-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-lowlatency - 5.4.0.146.144 linux-headers-lowlatency - 5.4.0.146.144 linux-image-generic-hwe-18.04-edge - 5.4.0.146.144 linux-generic-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.146.144 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-image-generic-lpae - 5.4.0.146.144 linux-oem - 5.4.0.146.144 linux-image-extra-virtual - 5.4.0.146.144 linux-image-oem-osp1 - 5.4.0.146.144 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-headers-oem-osp1 - 5.4.0.146.144 linux-generic-lpae - 5.4.0.146.144 linux-virtual-hwe-18.04 - 5.4.0.146.144 linux-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.146.144 linux-headers-generic-hwe-18.04-edge - 5.4.0.146.144 linux-headers-generic - 5.4.0.146.144 linux-oem-osp1 - 5.4.0.146.144 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.146.144 linux-image-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-headers-virtual - 5.4.0.146.144 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.146.144 linux-tools-virtual-hwe-18.04 - 5.4.0.146.144 linux-lowlatency-hwe-18.04 - 5.4.0.146.144 linux-generic-hwe-18.04 - 5.4.0.146.144 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.146.144 linux-image-virtual-hwe-18.04-edge - 5.4.0.146.144 linux-tools-generic-hwe-18.04 - 5.4.0.146.144 linux-oem-tools-host - 5.4.0.146.144 No subscription required Medium CVE-2021-3669 CVE-2022-2196 CVE-2022-4382 CVE-2023-23559 Ubuntu 20.04 LTS It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-48423) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48424) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer lengths, leading to a heap-based buffer overflow. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-0210) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) It was discovered that the NTFS file system implementation in the Linux kernel did not properly handle a loop termination condition, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-26606) Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel contained a null pointer dereference when handling certain messages from user space. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-28328) Update Instructions: Run `sudo pro fix USN-5982-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-image-unsigned-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-image-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-tools-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-buildinfo-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-modules-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-modules-iwlwifi-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 linux-gcp-5.15-tools-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-gcp-5.15-headers-5.15.0-1031 - 5.15.0-1031.38~20.04.1 linux-modules-extra-5.15.0-1031-gcp - 5.15.0-1031.38~20.04.1 No subscription required linux-oracle-5.15-tools-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-oracle-5.15-headers-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-modules-extra-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-tools-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-image-unsigned-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-headers-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-modules-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-buildinfo-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 linux-image-5.15.0-1032-oracle - 5.15.0-1032.38~20.04.1 No subscription required linux-modules-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-tools-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.37~20.04.1 linux-headers-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-image-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-buildinfo-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-aws-5.15-tools-5.15.0-1033 - 5.15.0-1033.37~20.04.1 linux-aws-5.15-headers-5.15.0-1033 - 5.15.0-1033.37~20.04.1 linux-modules-extra-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-cloud-tools-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 linux-image-unsigned-5.15.0-1033-aws - 5.15.0-1033.37~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1035 - 5.15.0-1035.42~20.04.1 linux-tools-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-buildinfo-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-image-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-headers-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-image-unsigned-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-modules-extra-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-cloud-tools-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-azure-5.15-headers-5.15.0-1035 - 5.15.0-1035.42~20.04.1 linux-modules-5.15.0-1035-azure - 5.15.0-1035.42~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1035 - 5.15.0-1035.42~20.04.1 No subscription required linux-buildinfo-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-69.76~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-cloud-tools-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-cloud-tools-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-modules-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-image-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-hwe-5.15-headers-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-generic-lpae - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-headers-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-tools-5.15.0-69-generic-64k - 5.15.0-69.76~20.04.1 linux-buildinfo-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-hwe-5.15-tools-5.15.0-69 - 5.15.0-69.76~20.04.1 linux-modules-extra-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-69.76~20.04.1 linux-modules-iwlwifi-5.15.0-69-generic - 5.15.0-69.76~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-69.76~20.04.1 linux-modules-iwlwifi-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-lowlatency-64k - 5.15.0-69.76~20.04.1 linux-image-unsigned-5.15.0-69-lowlatency - 5.15.0-69.76~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1031.38~20.04.1 linux-headers-gcp-edge - 5.15.0.1031.38~20.04.1 linux-modules-extra-gcp - 5.15.0.1031.38~20.04.1 linux-tools-gcp - 5.15.0.1031.38~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1031.38~20.04.1 linux-gcp - 5.15.0.1031.38~20.04.1 linux-tools-gcp-edge - 5.15.0.1031.38~20.04.1 linux-headers-gcp - 5.15.0.1031.38~20.04.1 linux-image-gcp - 5.15.0.1031.38~20.04.1 linux-gcp-edge - 5.15.0.1031.38~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1032.38~20.04.1 linux-tools-oracle - 5.15.0.1032.38~20.04.1 linux-tools-oracle-edge - 5.15.0.1032.38~20.04.1 linux-oracle-edge - 5.15.0.1032.38~20.04.1 linux-image-oracle-edge - 5.15.0.1032.38~20.04.1 linux-headers-oracle-edge - 5.15.0.1032.38~20.04.1 linux-image-oracle - 5.15.0.1032.38~20.04.1 linux-oracle - 5.15.0.1032.38~20.04.1 No subscription required linux-image-aws - 5.15.0.1033.37~20.04.22 linux-headers-aws - 5.15.0.1033.37~20.04.22 linux-modules-extra-aws-edge - 5.15.0.1033.37~20.04.22 linux-image-aws-edge - 5.15.0.1033.37~20.04.22 linux-aws-edge - 5.15.0.1033.37~20.04.22 linux-aws - 5.15.0.1033.37~20.04.22 linux-tools-aws - 5.15.0.1033.37~20.04.22 linux-headers-aws-edge - 5.15.0.1033.37~20.04.22 linux-modules-extra-aws - 5.15.0.1033.37~20.04.22 linux-tools-aws-edge - 5.15.0.1033.37~20.04.22 No subscription required linux-tools-azure-edge - 5.15.0.1035.42~20.04.25 linux-cloud-tools-azure - 5.15.0.1035.42~20.04.25 linux-tools-azure - 5.15.0.1035.42~20.04.25 linux-image-azure-edge - 5.15.0.1035.42~20.04.25 linux-cloud-tools-azure-edge - 5.15.0.1035.42~20.04.25 linux-modules-extra-azure - 5.15.0.1035.42~20.04.25 linux-azure - 5.15.0.1035.42~20.04.25 linux-image-azure - 5.15.0.1035.42~20.04.25 linux-headers-azure-edge - 5.15.0.1035.42~20.04.25 linux-azure-edge - 5.15.0.1035.42~20.04.25 linux-modules-extra-azure-edge - 5.15.0.1035.42~20.04.25 linux-headers-azure - 5.15.0.1035.42~20.04.25 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-image-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-lowlatency-64k-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-tools-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-lowlatency-hwe-20.04 - 5.15.0.69.76~20.04.27 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.27 No subscription required linux-tools-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-extra-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-headers-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-headers-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-tools-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-generic-lpae-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-tools-generic-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-headers-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-generic-lpae-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-virtual-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-tools-virtual-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-image-generic-hwe-20.04-edge - 5.15.0.69.76~20.04.30 linux-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 linux-image-generic-64k-hwe-20.04 - 5.15.0.69.76~20.04.30 No subscription required High CVE-2022-2196 CVE-2022-3424 CVE-2022-36280 CVE-2022-41218 CVE-2022-4382 CVE-2022-48423 CVE-2022-48424 CVE-2023-0045 CVE-2023-0210 CVE-2023-0266 CVE-2023-23454 CVE-2023-23455 CVE-2023-23559 CVE-2023-26606 CVE-2023-28328 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges. Update Instructions: Run `sudo pro fix USN-5986-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.8 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.8 xwayland - 2:1.20.13-1ubuntu1~20.04.8 xdmx - 2:1.20.13-1ubuntu1~20.04.8 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.8 xvfb - 2:1.20.13-1ubuntu1~20.04.8 xnest - 2:1.20.13-1ubuntu1~20.04.8 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.8 xserver-common - 2:1.20.13-1ubuntu1~20.04.8 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.8 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.8 No subscription required Medium CVE-2023-1393 Ubuntu 20.04 LTS It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-48423) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48424) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer lengths, leading to a heap-based buffer overflow. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-0210) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) It was discovered that the NTFS file system implementation in the Linux kernel did not properly handle a loop termination condition, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-26606) Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel contained a null pointer dereference when handling certain messages from user space. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-28328) Update Instructions: Run `sudo pro fix USN-5987-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-gke-5.15-headers-5.15.0-1029 - 5.15.0-1029.34~20.04.1 linux-buildinfo-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-modules-iwlwifi-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-image-unsigned-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-modules-extra-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-gke-5.15-tools-5.15.0-1029 - 5.15.0-1029.34~20.04.1 linux-headers-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-tools-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 linux-image-5.15.0-1029-gke - 5.15.0-1029.34~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1029.34~20.04.1 linux-headers-gke-5.15 - 5.15.0.1029.34~20.04.1 linux-tools-gke-edge - 5.15.0.1029.34~20.04.1 linux-gke-edge - 5.15.0.1029.34~20.04.1 linux-image-gke-5.15 - 5.15.0.1029.34~20.04.1 linux-tools-gke-5.15 - 5.15.0.1029.34~20.04.1 linux-headers-gke-edge - 5.15.0.1029.34~20.04.1 linux-gke-5.15 - 5.15.0.1029.34~20.04.1 No subscription required High CVE-2022-2196 CVE-2022-3424 CVE-2022-36280 CVE-2022-41218 CVE-2022-4382 CVE-2022-48423 CVE-2022-48424 CVE-2023-0045 CVE-2023-0210 CVE-2023-0266 CVE-2023-23454 CVE-2023-23455 CVE-2023-23559 CVE-2023-26606 CVE-2023-28328 Ubuntu 20.04 LTS It was discovered that integer overflows vulnerabilities existed in Xcftools. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-5086, CVE-2019-5087) Update Instructions: Run `sudo pro fix USN-5988-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xcftools - 1.0.7-6ubuntu0.20.04.1 No subscription required Medium CVE-2019-5086 CVE-2019-5087 Ubuntu 20.04 LTS It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service (crash) or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-14697) It was discovered that musl did not handle wide-character conversion properly. A remote attacker could use this vulnerability to cause resource consumption (infinite loop), denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-28928) Update Instructions: Run `sudo pro fix USN-5990-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: musl-dev - 1.1.24-1ubuntu0.1~esm1 musl-tools - 1.1.24-1ubuntu0.1~esm1 musl - 1.1.24-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-14697 CVE-2020-28928 Ubuntu 20.04 LTS Demi Marie Obenour discovered that ldb, when used with Samba, incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. Update Instructions: Run `sudo pro fix USN-5992-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ldb-tools - 2:2.4.4-0ubuntu0.20.04.2 libldb2 - 2:2.4.4-0ubuntu0.20.04.2 python3-ldb - 2:2.4.4-0ubuntu0.20.04.2 libldb-dev - 2:2.4.4-0ubuntu0.20.04.2 python3-ldb-dev - 2:2.4.4-0ubuntu0.20.04.2 No subscription required Medium CVE-2023-0614 Ubuntu 20.04 LTS Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. (CVE-2023-0614) Andrew Bartlett discovered that the Samba AD DC admin tool incorrectly sent passwords in cleartext. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-0922) Update Instructions: Run `sudo pro fix USN-5993-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.2 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.2 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.2 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.2 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.2 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.2 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.2 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.2 No subscription required Medium CVE-2023-0614 CVE-2023-0922 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304, CVE-2022-2345, CVE-2022-2581) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849, CVE-2022-2923) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927, CVE-2022-2344) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2946) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2980) Update Instructions: Run `sudo pro fix USN-5995-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.13 vim-athena - 2:8.1.2269-1ubuntu5.13 vim-tiny - 2:8.1.2269-1ubuntu5.13 vim-gtk - 2:8.1.2269-1ubuntu5.13 vim-gui-common - 2:8.1.2269-1ubuntu5.13 vim - 2:8.1.2269-1ubuntu5.13 vim-doc - 2:8.1.2269-1ubuntu5.13 xxd - 2:8.1.2269-1ubuntu5.13 vim-runtime - 2:8.1.2269-1ubuntu5.13 vim-gtk3 - 2:8.1.2269-1ubuntu5.13 vim-nox - 2:8.1.2269-1ubuntu5.13 No subscription required Medium CVE-2022-0413 CVE-2022-1629 CVE-2022-1674 CVE-2022-1720 CVE-2022-1733 CVE-2022-1735 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851 CVE-2022-1898 CVE-2022-1927 CVE-2022-1942 CVE-2022-1968 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2175 CVE-2022-2183 CVE-2022-2206 CVE-2022-2304 CVE-2022-2344 CVE-2022-2345 CVE-2022-2571 CVE-2022-2581 CVE-2022-2845 CVE-2022-2849 CVE-2022-2923 CVE-2022-2946 CVE-2022-2980 Ubuntu 20.04 LTS It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26767, CVE-2023-26768, CVE-2023-26769) Update Instructions: Run `sudo pro fix USN-5996-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblouis-dev - 3.12.0-3ubuntu0.2 python3-louis - 3.12.0-3ubuntu0.2 liblouis-data - 3.12.0-3ubuntu0.2 liblouis20 - 3.12.0-3ubuntu0.2 liblouis-bin - 3.12.0-3ubuntu0.2 No subscription required Medium CVE-2023-26767 CVE-2023-26768 CVE-2023-26769 Ubuntu 20.04 LTS It was discovered that IPMItool was not properly checking the data received from a remote LAN party. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-5997-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ipmitool - 1.8.18-8ubuntu0.1 No subscription required Medium CVE-2020-5208 Ubuntu 20.04 LTS It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. (CVE-2019-17571) It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-23302) It was discovered that Apache Log4j 1.2 incorrectly handled certain SQL statements. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305) It was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23307) Update Instructions: Run `sudo pro fix USN-5998-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liblog4j1.2-java-doc - 1.2.17-9ubuntu0.2 liblog4j1.2-java - 1.2.17-9ubuntu0.2 No subscription required Medium CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVE-2019-17571 Ubuntu 20.04 LTS It was discovered that trim-newlines incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-33623) Update Instructions: Run `sudo pro fix USN-5999-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-trim-newlines - 1.0.0-1ubuntu0.20.04.1 No subscription required Medium CVE-2021-33623 Ubuntu 20.04 LTS It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435) It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3521) It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3545) It was discovered that the hugetlb implementation in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2022-3623) Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36280) Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41218) It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-4139) It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-42328, CVE-2022-42329) It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2022-47520) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) José Oliveira and Rodrigo Branco discovered that the prctl syscall implementation in the Linux kernel did not properly protect against indirect branch prediction attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-0045) It was discovered that a use-after-free vulnerability existed in the Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0266) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1382) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) Kyle Zeng discovered that the class-based queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23454) Kyle Zeng discovered that the ATM VC queuing discipline implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-23455) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2023-26607) Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel contained a null pointer dereference when handling certain messages from user space. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-28328) Update Instructions: Run `sudo pro fix USN-6000-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1059 - 5.4.0-1059.65 linux-image-unsigned-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-headers-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-tools-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-buildinfo-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-image-5.4.0-1059-bluefield - 5.4.0-1059.65 linux-bluefield-tools-5.4.0-1059 - 5.4.0-1059.65 linux-modules-5.4.0-1059-bluefield - 5.4.0-1059.65 No subscription required linux-bluefield - 5.4.0.1059.54 linux-tools-bluefield - 5.4.0.1059.54 linux-image-bluefield - 5.4.0.1059.54 linux-headers-bluefield - 5.4.0.1059.54 No subscription required High CVE-2022-3169 CVE-2022-3424 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-4139 CVE-2022-42328 CVE-2022-42329 CVE-2022-47520 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0461 CVE-2023-1382 CVE-2023-20938 CVE-2023-23454 CVE-2023-23455 CVE-2023-26607 CVE-2023-28328 Ubuntu 20.04 LTS Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could possibly use these issues to inject terminal control characters that alter output when being viewed. Update Instructions: Run `sudo pro fix USN-6005-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sudo-ldap - 1.8.31-1ubuntu1.5 sudo - 1.8.31-1ubuntu1.5 No subscription required Medium CVE-2023-28486 CVE-2023-28487 Ubuntu 20.04 LTS It was discovered that Exo did not properly sanitized desktop files. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6008-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libexo-2-dev - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-helpers - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-common - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-1-0 - 0.12.11-1ubuntu1.20.04.1+esm1 exo-utils - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-1-dev - 0.12.11-1ubuntu1.20.04.1+esm1 libexo-2-0 - 0.12.11-1ubuntu1.20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-32278 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-29537, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-29538) Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6010-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 112.0+build2-0ubuntu0.20.04.1 firefox - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 112.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 112.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 112.0+build2-0ubuntu0.20.04.1 firefox-dev - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 112.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 112.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29537 CVE-2023-29538 CVE-2023-29539 CVE-2023-29540 CVE-2023-29541 CVE-2023-29543 CVE-2023-29544 CVE-2023-29547 CVE-2023-29548 CVE-2023-29549 CVE-2023-29550 CVE-2023-29551 Ubuntu 20.04 LTS USN-6010-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-29537, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-29538) Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6010-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 112.0.1+build1-0ubuntu0.20.04.1 firefox - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 112.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 112.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 112.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 112.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 112.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2016835 Ubuntu 20.04 LTS USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-29537, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-29538) Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6010-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 112.0.2+build1-0ubuntu0.20.04.1 firefox - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 112.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 112.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 112.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 112.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 112.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2017722 Ubuntu 20.04 LTS It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. (CVE-2021-31684) It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed brackets. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. (CVE-2023-1370) Update Instructions: Run `sudo pro fix USN-6011-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjson-smart-java - 2.2-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-31684 CVE-2023-1370 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-1945, CVE-2023-29548, CVE-2023-29550) Paul Menzel discovered that Thunderbird did not properly validate OCSP revocation status of recipient certificates when sending S/Mime encrypted email. An attacker could potentially exploits this issue to perform spoofing attack. (CVE-2023-0547) Ribose RNP Team discovered that Thunderbird did not properly manage memory when parsing certain OpenPGP messages. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29479) Irvan Kurniawan discovered that Thunderbird did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-29533) Lukas Bernhard discovered that Thunderbird did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29535) Zx from qriousec discovered that Thunderbird did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-29536) Trung Pham discovered that Thunderbird did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. (CVE-2023-29539) Ameen Basha M K discovered that Thunderbird did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code. (CVE-2023-29541) Update Instructions: Run `sudo pro fix USN-6015-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.10.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.10.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.10.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.10.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.10.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-0547 CVE-2023-1945 CVE-2023-29479 CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-29548 CVE-2023-29550 Ubuntu 20.04 LTS It was discovered that thenify incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6016-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-thenify - 3.3.0-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-7677 Ubuntu 20.04 LTS Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6017-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.7 ghostscript-x - 9.50~dfsg-5ubuntu4.7 libgs-dev - 9.50~dfsg-5ubuntu4.7 ghostscript-doc - 9.50~dfsg-5ubuntu4.7 libgs9 - 9.50~dfsg-5ubuntu4.7 libgs9-common - 9.50~dfsg-5ubuntu4.7 No subscription required Medium CVE-2023-28879 Ubuntu 20.04 LTS Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege. Update Instructions: Run `sudo pro fix USN-6018-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-problem-report - 2.20.11-0ubuntu27.26 apport-kde - 2.20.11-0ubuntu27.26 apport-retrace - 2.20.11-0ubuntu27.26 apport-valgrind - 2.20.11-0ubuntu27.26 python3-apport - 2.20.11-0ubuntu27.26 dh-apport - 2.20.11-0ubuntu27.26 apport-gtk - 2.20.11-0ubuntu27.26 apport - 2.20.11-0ubuntu27.26 apport-noui - 2.20.11-0ubuntu27.26 No subscription required Medium CVE-2023-1326 https://launchpad.net/bugs/2016023 Ubuntu 20.04 LTS It was discovered that Flask-CORS did not properly escape paths before evaluating resource rules. An attacker could possibly use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6019-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-flask-cors - 3.0.8-2ubuntu0.1 No subscription required Medium CVE-2020-25032 Ubuntu 20.04 LTS It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update Instructions: Run `sudo pro fix USN-6020-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-image-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-bluefield-headers-5.4.0-1060 - 5.4.0-1060.66 linux-bluefield-tools-5.4.0-1060 - 5.4.0-1060.66 linux-image-unsigned-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-buildinfo-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-headers-5.4.0-1060-bluefield - 5.4.0-1060.66 linux-modules-5.4.0-1060-bluefield - 5.4.0-1060.66 No subscription required linux-bluefield - 5.4.0.1060.55 linux-tools-bluefield - 5.4.0.1060.55 linux-image-bluefield - 5.4.0.1060.55 linux-headers-bluefield - 5.4.0.1060.55 No subscription required Medium CVE-2021-3669 CVE-2022-2196 CVE-2022-4382 CVE-2023-23559 Ubuntu 20.04 LTS It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. (CVE-2018-16657) It was discovered that Kamailio did not properly validate INVITE requests under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. (CVE-2020-27507) Update Instructions: Run `sudo pro fix USN-6022-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kamailio-radius-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-lua-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-postgres-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-perl-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-ruby-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-mysql-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-utils-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-extra-modules - 5.3.2-1ubuntu0.1~esm1 kamailio - 5.3.2-1ubuntu0.1~esm1 kamailio-cpl-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-mono-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-kazoo-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-rabbitmq-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-cnxcc-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-snmpstats-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-tls-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-xmpp-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-presence-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-json-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-sctp-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-mongodb-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-geoip-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-sqlite-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-ldap-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-websocket-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-ims-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-phonenum-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-redis-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-python3-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-erlang-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-autheph-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-outbound-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-systemd-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-berkeley-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-geoip2-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-unixodbc-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-xml-modules - 5.3.2-1ubuntu0.1~esm1 kamailio-berkeley-bin - 5.3.2-1ubuntu0.1~esm1 kamailio-memcached-modules - 5.3.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-16657 CVE-2020-27507 Ubuntu 20.04 LTS It was discovered that LibreOffice may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. Update Instructions: Run `sudo pro fix USN-6023-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.7 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.7 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.7 libreoffice - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.7 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.7 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.7 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.7 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.7 libridl-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.7 python3-access2base - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.7 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.7 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.7 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.7 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.7 libunoil-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.7 python3-uno - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.7 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.7 libjurt-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.7 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.7 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.7 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.7 ure - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.7 libjuh-java - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.7 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.7 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.7 No subscription required Low CVE-2022-38745 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6025-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-image-unsigned-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-buildinfo-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-gke-5.15-headers-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-modules-iwlwifi-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-modules-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-gke-5.15-tools-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-image-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-modules-extra-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 linux-tools-5.15.0-1031-gke - 5.15.0-1031.36~20.04.1 No subscription required linux-modules-iwlwifi-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-headers-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-tools-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-modules-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-image-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-modules-extra-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-gcp-5.15-tools-5.15.0-1032 - 5.15.0-1032.40~20.04.1 linux-gcp-5.15-headers-5.15.0-1032 - 5.15.0-1032.40~20.04.1 linux-buildinfo-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 linux-image-unsigned-5.15.0-1032-gcp - 5.15.0-1032.40~20.04.1 No subscription required linux-tools-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-oracle-5.15-tools-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-headers-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-image-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-oracle-5.15-headers-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-modules-extra-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-image-unsigned-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-modules-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 linux-buildinfo-5.15.0-1033-oracle - 5.15.0-1033.39~20.04.1 No subscription required linux-buildinfo-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-tools-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-cloud-tools-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.38~20.04.1 linux-modules-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-image-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-headers-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-aws-5.15-tools-5.15.0-1034 - 5.15.0-1034.38~20.04.1 linux-aws-5.15-headers-5.15.0-1034 - 5.15.0-1034.38~20.04.1 linux-modules-extra-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 linux-image-unsigned-5.15.0-1034-aws - 5.15.0-1034.38~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1036 - 5.15.0-1036.43~20.04.1 linux-buildinfo-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-image-unsigned-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-modules-extra-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-modules-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-azure-5.15-headers-5.15.0-1036 - 5.15.0-1036.43~20.04.1 linux-headers-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-image-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-cloud-tools-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-tools-5.15.0-1036-azure - 5.15.0-1036.43~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.43~20.04.1 No subscription required linux-headers-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-lowlatency-64k - 5.15.0-70.77~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-70.77~20.04.1 linux-cloud-tools-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-modules-iwlwifi-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-lowlatency - 5.15.0-70.77~20.04.1 No subscription required linux-tools-gke-5.15 - 5.15.0.1031.36~20.04.1 linux-headers-gke-edge - 5.15.0.1031.36~20.04.1 linux-image-gke-edge - 5.15.0.1031.36~20.04.1 linux-gke-5.15 - 5.15.0.1031.36~20.04.1 linux-image-gke-5.15 - 5.15.0.1031.36~20.04.1 linux-tools-gke-edge - 5.15.0.1031.36~20.04.1 linux-gke-edge - 5.15.0.1031.36~20.04.1 linux-headers-gke-5.15 - 5.15.0.1031.36~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1032.40~20.04.1 linux-image-gcp - 5.15.0.1032.40~20.04.1 linux-headers-gcp-edge - 5.15.0.1032.40~20.04.1 linux-modules-extra-gcp - 5.15.0.1032.40~20.04.1 linux-tools-gcp - 5.15.0.1032.40~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1032.40~20.04.1 linux-headers-gcp - 5.15.0.1032.40~20.04.1 linux-gcp - 5.15.0.1032.40~20.04.1 linux-tools-gcp-edge - 5.15.0.1032.40~20.04.1 linux-gcp-edge - 5.15.0.1032.40~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1033.39~20.04.1 linux-image-oracle-edge - 5.15.0.1033.39~20.04.1 linux-tools-oracle-edge - 5.15.0.1033.39~20.04.1 linux-oracle-edge - 5.15.0.1033.39~20.04.1 linux-oracle - 5.15.0.1033.39~20.04.1 linux-headers-oracle-edge - 5.15.0.1033.39~20.04.1 linux-image-oracle - 5.15.0.1033.39~20.04.1 linux-tools-oracle - 5.15.0.1033.39~20.04.1 No subscription required linux-headers-aws - 5.15.0.1034.38~20.04.23 linux-image-aws - 5.15.0.1034.38~20.04.23 linux-modules-extra-aws-edge - 5.15.0.1034.38~20.04.23 linux-tools-aws-edge - 5.15.0.1034.38~20.04.23 linux-image-aws-edge - 5.15.0.1034.38~20.04.23 linux-aws-edge - 5.15.0.1034.38~20.04.23 linux-aws - 5.15.0.1034.38~20.04.23 linux-headers-aws-edge - 5.15.0.1034.38~20.04.23 linux-modules-extra-aws - 5.15.0.1034.38~20.04.23 linux-tools-aws - 5.15.0.1034.38~20.04.23 No subscription required linux-tools-azure-edge - 5.15.0.1036.43~20.04.26 linux-cloud-tools-azure - 5.15.0.1036.43~20.04.26 linux-headers-azure-cvm - 5.15.0.1036.43~20.04.26 linux-image-azure-edge - 5.15.0.1036.43~20.04.26 linux-image-azure-cvm - 5.15.0.1036.43~20.04.26 linux-modules-extra-azure-cvm - 5.15.0.1036.43~20.04.26 linux-tools-azure-cvm - 5.15.0.1036.43~20.04.26 linux-cloud-tools-azure-edge - 5.15.0.1036.43~20.04.26 linux-modules-extra-azure - 5.15.0.1036.43~20.04.26 linux-azure - 5.15.0.1036.43~20.04.26 linux-image-azure - 5.15.0.1036.43~20.04.26 linux-cloud-tools-azure-cvm - 5.15.0.1036.43~20.04.26 linux-headers-azure-edge - 5.15.0.1036.43~20.04.26 linux-azure-edge - 5.15.0.1036.43~20.04.26 linux-tools-azure - 5.15.0.1036.43~20.04.26 linux-azure-cvm - 5.15.0.1036.43~20.04.26 linux-modules-extra-azure-edge - 5.15.0.1036.43~20.04.26 linux-headers-azure - 5.15.0.1036.43~20.04.26 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-image-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-lowlatency-64k-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-lowlatency-hwe-20.04 - 5.15.0.70.77~20.04.28 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.28 No subscription required High CVE-2022-4129 CVE-2022-47929 CVE-2022-4842 CVE-2023-0386 CVE-2023-0394 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-1652 CVE-2023-26545 Ubuntu 20.04 LTS It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-4166) It was discovered that Vim was using freed memory when dealing with regular expressions inside a visual selection. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4192) It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4193) It was discovered that Vim was not properly performing bounds checks when updating windows present on a screen, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0213) It was discovered that Vim was incorrectly performing read and write operations when in visual block mode, going beyond the end of a line and causing a heap buffer overflow. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0261, CVE-2022-0318) It was discovered that Vim was incorrectly handling window exchanging operations when in Visual mode, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-0319) It was discovered that Vim was incorrectly handling recursion when parsing conditional expressions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0351) It was discovered that Vim was not properly handling memory allocation when processing data in Ex mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0359) It was discovered that Vim was not properly performing bounds checks when executing line operations in Visual mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0361, CVE-2022-0368) It was discovered that Vim was not properly handling loop conditions when looking for spell suggestions, which could result in a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0408) It was discovered that Vim was incorrectly handling memory access when executing buffer operations, which could result in the usage of freed memory. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0443) It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. (CVE-2022-0554) It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs with spaces or spaces with tabs, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0572) It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0629) It was discovered that Vim was not properly performing validation of data that contained special multi-byte characters, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0685) It was discovered that Vim was incorrectly processing data used to define indentation in a file, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0714) It was discovered that Vim was incorrectly processing certain regular expression patterns and strings, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0729) It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. (CVE-2022-2207) Update Instructions: Run `sudo pro fix USN-6026-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.14 vim-athena - 2:8.1.2269-1ubuntu5.14 vim-tiny - 2:8.1.2269-1ubuntu5.14 vim-gtk - 2:8.1.2269-1ubuntu5.14 vim-gui-common - 2:8.1.2269-1ubuntu5.14 vim - 2:8.1.2269-1ubuntu5.14 vim-doc - 2:8.1.2269-1ubuntu5.14 xxd - 2:8.1.2269-1ubuntu5.14 vim-runtime - 2:8.1.2269-1ubuntu5.14 vim-gtk3 - 2:8.1.2269-1ubuntu5.14 vim-nox - 2:8.1.2269-1ubuntu5.14 No subscription required Medium CVE-2021-4166 CVE-2021-4192 CVE-2021-4193 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0408 CVE-2022-0443 CVE-2022-0554 CVE-2022-0572 CVE-2022-0629 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729 CVE-2022-2207 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6027-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-source-5.4.0 - 5.4.0-1047.52 linux-ibm-tools-common - 5.4.0-1047.52 linux-image-unsigned-5.4.0-1047-ibm - 5.4.0-1047.52 linux-modules-5.4.0-1047-ibm - 5.4.0-1047.52 linux-buildinfo-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-cloud-tools-common - 5.4.0-1047.52 linux-tools-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-headers-5.4.0-1047 - 5.4.0-1047.52 linux-image-5.4.0-1047-ibm - 5.4.0-1047.52 linux-headers-5.4.0-1047-ibm - 5.4.0-1047.52 linux-ibm-tools-5.4.0-1047 - 5.4.0-1047.52 No subscription required linux-headers-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-modules-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-cloud-tools-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-tools-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-gkeop-source-5.4.0 - 5.4.0-1067.71 linux-gkeop-headers-5.4.0-1067 - 5.4.0-1067.71 linux-modules-extra-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-gkeop-tools-5.4.0-1067 - 5.4.0-1067.71 linux-buildinfo-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-image-5.4.0-1067-gkeop - 5.4.0-1067.71 linux-gkeop-cloud-tools-5.4.0-1067 - 5.4.0-1067.71 linux-image-unsigned-5.4.0-1067-gkeop - 5.4.0-1067.71 No subscription required linux-raspi-headers-5.4.0-1083 - 5.4.0-1083.94 linux-tools-5.4.0-1083-raspi - 5.4.0-1083.94 linux-headers-5.4.0-1083-raspi - 5.4.0-1083.94 linux-image-5.4.0-1083-raspi - 5.4.0-1083.94 linux-raspi-tools-5.4.0-1083 - 5.4.0-1083.94 linux-modules-5.4.0-1083-raspi - 5.4.0-1083.94 linux-buildinfo-5.4.0-1083-raspi - 5.4.0-1083.94 No subscription required linux-image-5.4.0-1089-kvm - 5.4.0-1089.95 linux-tools-5.4.0-1089-kvm - 5.4.0-1089.95 linux-kvm-tools-5.4.0-1089 - 5.4.0-1089.95 linux-headers-5.4.0-1089-kvm - 5.4.0-1089.95 linux-buildinfo-5.4.0-1089-kvm - 5.4.0-1089.95 linux-kvm-headers-5.4.0-1089 - 5.4.0-1089.95 linux-image-unsigned-5.4.0-1089-kvm - 5.4.0-1089.95 linux-modules-5.4.0-1089-kvm - 5.4.0-1089.95 No subscription required linux-gke-tools-5.4.0-1097 - 5.4.0-1097.104 linux-image-5.4.0-1097-gke - 5.4.0-1097.104 linux-modules-5.4.0-1097-gke - 5.4.0-1097.104 linux-buildinfo-5.4.0-1097-gke - 5.4.0-1097.104 linux-image-unsigned-5.4.0-1097-gke - 5.4.0-1097.104 linux-modules-extra-5.4.0-1097-gke - 5.4.0-1097.104 linux-gke-headers-5.4.0-1097 - 5.4.0-1097.104 linux-tools-5.4.0-1097-gke - 5.4.0-1097.104 linux-headers-5.4.0-1097-gke - 5.4.0-1097.104 No subscription required linux-oracle-headers-5.4.0-1099 - 5.4.0-1099.108 linux-modules-5.4.0-1099-oracle - 5.4.0-1099.108 linux-image-unsigned-5.4.0-1099-oracle - 5.4.0-1099.108 linux-image-5.4.0-1099-oracle - 5.4.0-1099.108 linux-modules-extra-5.4.0-1099-oracle - 5.4.0-1099.108 linux-headers-5.4.0-1099-oracle - 5.4.0-1099.108 linux-oracle-tools-5.4.0-1099 - 5.4.0-1099.108 linux-tools-5.4.0-1099-oracle - 5.4.0-1099.108 linux-buildinfo-5.4.0-1099-oracle - 5.4.0-1099.108 No subscription required linux-buildinfo-5.4.0-1100-aws - 5.4.0-1100.108 linux-image-5.4.0-1100-aws - 5.4.0-1100.108 linux-aws-headers-5.4.0-1100 - 5.4.0-1100.108 linux-cloud-tools-5.4.0-1100-aws - 5.4.0-1100.108 linux-modules-5.4.0-1100-aws - 5.4.0-1100.108 linux-aws-tools-5.4.0-1100 - 5.4.0-1100.108 linux-tools-5.4.0-1100-aws - 5.4.0-1100.108 linux-headers-5.4.0-1100-aws - 5.4.0-1100.108 linux-aws-cloud-tools-5.4.0-1100 - 5.4.0-1100.108 linux-image-unsigned-5.4.0-1100-aws - 5.4.0-1100.108 linux-modules-extra-5.4.0-1100-aws - 5.4.0-1100.108 No subscription required linux-image-5.4.0-1103-gcp - 5.4.0-1103.112 linux-headers-5.4.0-1103-gcp - 5.4.0-1103.112 linux-gcp-headers-5.4.0-1103 - 5.4.0-1103.112 linux-buildinfo-5.4.0-1103-gcp - 5.4.0-1103.112 linux-gcp-tools-5.4.0-1103 - 5.4.0-1103.112 linux-modules-extra-5.4.0-1103-gcp - 5.4.0-1103.112 linux-image-unsigned-5.4.0-1103-gcp - 5.4.0-1103.112 linux-tools-5.4.0-1103-gcp - 5.4.0-1103.112 linux-modules-5.4.0-1103-gcp - 5.4.0-1103.112 No subscription required linux-tools-5.4.0-1106-azure - 5.4.0-1106.112 linux-azure-tools-5.4.0-1106 - 5.4.0-1106.112 linux-modules-5.4.0-1106-azure - 5.4.0-1106.112 linux-azure-headers-5.4.0-1106 - 5.4.0-1106.112 linux-image-5.4.0-1106-azure - 5.4.0-1106.112 linux-headers-5.4.0-1106-azure - 5.4.0-1106.112 linux-cloud-tools-5.4.0-1106-azure - 5.4.0-1106.112 linux-image-unsigned-5.4.0-1106-azure - 5.4.0-1106.112 linux-azure-cloud-tools-5.4.0-1106 - 5.4.0-1106.112 linux-modules-extra-5.4.0-1106-azure - 5.4.0-1106.112 linux-buildinfo-5.4.0-1106-azure - 5.4.0-1106.112 No subscription required linux-tools-common - 5.4.0-147.164 linux-tools-host - 5.4.0-147.164 linux-doc - 5.4.0-147.164 linux-modules-5.4.0-147-lowlatency - 5.4.0-147.164 linux-tools-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-image-5.4.0-147-generic - 5.4.0-147.164 linux-source-5.4.0 - 5.4.0-147.164 linux-headers-5.4.0-147 - 5.4.0-147.164 linux-headers-5.4.0-147-generic - 5.4.0-147.164 linux-image-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-image-5.4.0-147-lowlatency - 5.4.0-147.164 linux-cloud-tools-5.4.0-147 - 5.4.0-147.164 linux-tools-5.4.0-147 - 5.4.0-147.164 linux-image-unsigned-5.4.0-147-generic - 5.4.0-147.164 linux-headers-5.4.0-147-lowlatency - 5.4.0-147.164 linux-buildinfo-5.4.0-147-generic - 5.4.0-147.164 linux-modules-extra-5.4.0-147-generic - 5.4.0-147.164 linux-tools-5.4.0-147-generic - 5.4.0-147.164 linux-modules-5.4.0-147-generic - 5.4.0-147.164 linux-cloud-tools-common - 5.4.0-147.164 linux-tools-5.4.0-147-lowlatency - 5.4.0-147.164 linux-image-unsigned-5.4.0-147-lowlatency - 5.4.0-147.164 linux-cloud-tools-5.4.0-147-generic - 5.4.0-147.164 linux-modules-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-headers-5.4.0-147-generic-lpae - 5.4.0-147.164 linux-cloud-tools-5.4.0-147-lowlatency - 5.4.0-147.164 linux-buildinfo-5.4.0-147-lowlatency - 5.4.0-147.164 linux-libc-dev - 5.4.0-147.164 linux-buildinfo-5.4.0-147-generic-lpae - 5.4.0-147.164 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1047.73 linux-image-ibm - 5.4.0.1047.73 linux-headers-ibm-lts-20.04 - 5.4.0.1047.73 linux-tools-ibm - 5.4.0.1047.73 linux-image-ibm-lts-20.04 - 5.4.0.1047.73 linux-ibm-lts-20.04 - 5.4.0.1047.73 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1047.73 linux-modules-extra-ibm - 5.4.0.1047.73 linux-ibm - 5.4.0.1047.73 linux-headers-ibm - 5.4.0.1047.73 No subscription required linux-headers-gkeop - 5.4.0.1067.65 linux-cloud-tools-gkeop-5.4 - 5.4.0.1067.65 linux-image-gkeop - 5.4.0.1067.65 linux-gkeop-5.4 - 5.4.0.1067.65 linux-image-gkeop-5.4 - 5.4.0.1067.65 linux-gkeop - 5.4.0.1067.65 linux-cloud-tools-gkeop - 5.4.0.1067.65 linux-modules-extra-gkeop-5.4 - 5.4.0.1067.65 linux-headers-gkeop-5.4 - 5.4.0.1067.65 linux-modules-extra-gkeop - 5.4.0.1067.65 linux-tools-gkeop - 5.4.0.1067.65 linux-tools-gkeop-5.4 - 5.4.0.1067.65 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi2 - 5.4.0.1083.113 linux-headers-raspi2 - 5.4.0.1083.113 linux-image-raspi-hwe-18.04 - 5.4.0.1083.113 linux-image-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-headers-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-headers-raspi-hwe-18.04 - 5.4.0.1083.113 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-headers-raspi - 5.4.0.1083.113 linux-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi-hwe-18.04 - 5.4.0.1083.113 linux-tools-raspi - 5.4.0.1083.113 linux-tools-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi2-hwe-18.04 - 5.4.0.1083.113 linux-image-raspi-hwe-18.04-edge - 5.4.0.1083.113 linux-image-raspi2 - 5.4.0.1083.113 linux-tools-raspi-hwe-18.04 - 5.4.0.1083.113 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-raspi - 5.4.0.1083.113 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1083.113 linux-image-raspi - 5.4.0.1083.113 linux-tools-raspi2 - 5.4.0.1083.113 No subscription required linux-image-kvm - 5.4.0.1089.83 linux-kvm - 5.4.0.1089.83 linux-headers-kvm - 5.4.0.1089.83 linux-tools-kvm - 5.4.0.1089.83 No subscription required linux-modules-extra-gke - 5.4.0.1097.102 linux-headers-gke-5.4 - 5.4.0.1097.102 linux-modules-extra-gke-5.4 - 5.4.0.1097.102 linux-gke-5.4 - 5.4.0.1097.102 linux-tools-gke - 5.4.0.1097.102 linux-gke - 5.4.0.1097.102 linux-headers-gke - 5.4.0.1097.102 linux-image-gke-5.4 - 5.4.0.1097.102 linux-image-gke - 5.4.0.1097.102 linux-tools-gke-5.4 - 5.4.0.1097.102 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1099.92 linux-oracle-lts-20.04 - 5.4.0.1099.92 linux-tools-oracle-lts-20.04 - 5.4.0.1099.92 linux-image-oracle-lts-20.04 - 5.4.0.1099.92 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1100.97 linux-image-aws-lts-20.04 - 5.4.0.1100.97 linux-headers-aws-lts-20.04 - 5.4.0.1100.97 linux-tools-aws-lts-20.04 - 5.4.0.1100.97 linux-aws-lts-20.04 - 5.4.0.1100.97 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1103.105 linux-gcp-lts-20.04 - 5.4.0.1103.105 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1103.105 linux-headers-gcp-lts-20.04 - 5.4.0.1103.105 linux-image-gcp-lts-20.04 - 5.4.0.1103.105 No subscription required linux-azure-lts-20.04 - 5.4.0.1106.99 linux-tools-azure-lts-20.04 - 5.4.0.1106.99 linux-image-azure-lts-20.04 - 5.4.0.1106.99 linux-modules-extra-azure-lts-20.04 - 5.4.0.1106.99 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1106.99 linux-headers-azure-lts-20.04 - 5.4.0.1106.99 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-headers-generic-hwe-18.04-edge - 5.4.0.147.145 linux-image-generic-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-headers-generic-lpae - 5.4.0.147.145 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-image-virtual - 5.4.0.147.145 linux-oem-osp1-tools-host - 5.4.0.147.145 linux-cloud-tools-lowlatency - 5.4.0.147.145 linux-tools-lowlatency - 5.4.0.147.145 linux-image-oem - 5.4.0.147.145 linux-tools-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-headers-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-virtual - 5.4.0.147.145 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-image-extra-virtual-hwe-18.04 - 5.4.0.147.145 linux-oem - 5.4.0.147.145 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.147.145 linux-image-oem-osp1 - 5.4.0.147.145 linux-image-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-crashdump - 5.4.0.147.145 linux-image-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-headers-generic-hwe-18.04 - 5.4.0.147.145 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-headers-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-source - 5.4.0.147.145 linux-lowlatency - 5.4.0.147.145 linux-tools-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-tools-generic-lpae - 5.4.0.147.145 linux-cloud-tools-generic - 5.4.0.147.145 linux-virtual - 5.4.0.147.145 linux-headers-virtual-hwe-18.04 - 5.4.0.147.145 linux-tools-generic - 5.4.0.147.145 linux-virtual-hwe-18.04 - 5.4.0.147.145 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-tools-virtual - 5.4.0.147.145 linux-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.147.145 linux-headers-oem - 5.4.0.147.145 linux-generic - 5.4.0.147.145 linux-tools-oem-osp1 - 5.4.0.147.145 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.147.145 linux-image-virtual-hwe-18.04 - 5.4.0.147.145 linux-headers-lowlatency - 5.4.0.147.145 linux-image-generic-hwe-18.04-edge - 5.4.0.147.145 linux-generic-hwe-18.04-edge - 5.4.0.147.145 linux-tools-generic-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-image-extra-virtual - 5.4.0.147.145 linux-oem-tools-host - 5.4.0.147.145 linux-tools-oem - 5.4.0.147.145 linux-headers-oem-osp1 - 5.4.0.147.145 linux-generic-lpae - 5.4.0.147.145 linux-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-headers-generic - 5.4.0.147.145 linux-image-generic - 5.4.0.147.145 linux-oem-osp1 - 5.4.0.147.145 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.147.145 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-headers-virtual - 5.4.0.147.145 linux-tools-virtual-hwe-18.04 - 5.4.0.147.145 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.147.145 linux-image-virtual-hwe-18.04-edge - 5.4.0.147.145 linux-generic-hwe-18.04 - 5.4.0.147.145 linux-image-generic-lpae - 5.4.0.147.145 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.147.145 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.147.145 linux-tools-generic-hwe-18.04-edge - 5.4.0.147.145 linux-image-lowlatency - 5.4.0.147.145 No subscription required High CVE-2022-3108 CVE-2022-3903 CVE-2022-4129 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-26545 Ubuntu 20.04 LTS It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2023-28484) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. (CVE-2023-29469) Update Instructions: Run `sudo pro fix USN-6028-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.6 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.6 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.6 No subscription required Medium CVE-2023-28484 CVE-2023-29469 Ubuntu 20.04 LTS It was discovered that Dnsmasq was sending large DNS messages over UDP, possibly causing transmission failures due to IP fragmentation. This update lowers the default maximum size of DNS messages to improve transmission reliability over UDP. Update Instructions: Run `sudo pro fix USN-6034-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.80-1.1ubuntu1.7 dnsmasq-base-lua - 2.80-1.1ubuntu1.7 dnsmasq-utils - 2.80-1.1ubuntu1.7 dnsmasq-base - 2.80-1.1ubuntu1.7 No subscription required Low CVE-2023-28450 Ubuntu 20.04 LTS ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private network of the client. Update Instructions: Run `sudo pro fix USN-6037-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcommons-net-java-doc - 3.6-1+deb11u1build0.20.04.1 libcommons-net-java - 3.6-1+deb11u1build0.20.04.1 No subscription required Medium CVE-2021-37533 Ubuntu 20.04 LTS It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-1705) It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717, CVE-2023-24534, CVE-2023-24537) It was discovered that Go did not properly implemented the maximum size of file headers in Reader.Read. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-2879) It was discovered that the Go net/http module incorrectly handled query parameters in requests forwarded by ReverseProxy. A remote attacker could possibly use this issue to perform an HTTP Query Parameter Smuggling attack. (CVE-2022-2880) It was discovered that Go did not properly manage the permissions for Faccessat function. A attacker could possibly use this issue to expose sensitive information. (CVE-2022-29526) It was discovered that Go did not properly generate the values for ticket_age_add in session tickets. An attacker could possibly use this issue to observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629) It was discovered that Go did not properly manage client IP addresses in net/http. An attacker could possibly use this issue to cause ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148) It was discovered that Go did not properly validate backticks (`) as Javascript string delimiters, and do not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template. (CVE-2023-24538) Update Instructions: Run `sudo pro fix USN-6038-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.18-go - 1.18.1-1ubuntu1~20.04.2 golang-1.18-src - 1.18.1-1ubuntu1~20.04.2 golang-1.18 - 1.18.1-1ubuntu1~20.04.2 golang-1.18-doc - 1.18.1-1ubuntu1~20.04.2 No subscription required Medium CVE-2022-1705 CVE-2022-1962 CVE-2022-27664 CVE-2022-28131 CVE-2022-2879 CVE-2022-2880 CVE-2022-29526 CVE-2022-30629 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 CVE-2022-41715 CVE-2022-41717 CVE-2023-24534 CVE-2023-24537 CVE-2023-24538 Ubuntu 20.04 LTS USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. Original advisory details: It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-1705) It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717, CVE-2023-24534, CVE-2023-24537) It was discovered that Go did not properly implemented the maximum size of file headers in Reader.Read. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2022-2879) It was discovered that the Go net/http module incorrectly handled query parameters in requests forwarded by ReverseProxy. A remote attacker could possibly use this issue to perform an HTTP Query Parameter Smuggling attack. (CVE-2022-2880) It was discovered that Go did not properly manage the permissions for Faccessat function. A attacker could possibly use this issue to expose sensitive information. (CVE-2022-29526) It was discovered that Go did not properly generate the values for ticket_age_add in session tickets. An attacker could possibly use this issue to observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629) It was discovered that Go did not properly manage client IP addresses in net/http. An attacker could possibly use this issue to cause ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148) It was discovered that Go did not properly validate backticks (`) as Javascript string delimiters, and do not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template. (CVE-2023-24538) Update Instructions: Run `sudo pro fix USN-6038-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.13 - 1.13.8-1ubuntu1.2 golang-1.13-src - 1.13.8-1ubuntu1.2 golang-1.13-go - 1.13.8-1ubuntu1.2 golang-1.13-doc - 1.13.8-1ubuntu1.2 No subscription required golang-1.16 - 1.16.2-0ubuntu1~20.04.1 golang-1.16-doc - 1.16.2-0ubuntu1~20.04.1 golang-1.16-go - 1.16.2-0ubuntu1~20.04.1 golang-1.16-src - 1.16.2-0ubuntu1~20.04.1 No subscription required Medium CVE-2022-1705 CVE-2022-27664 CVE-2022-28131 CVE-2022-2879 CVE-2022-2880 CVE-2022-29526 CVE-2022-30629 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 CVE-2022-41717 CVE-2023-24534 CVE-2023-24537 CVE-2023-24538 Ubuntu 20.04 LTS It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3996) David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0464) David Benjamin discovered that OpenSSL was not properly handling invalid certificate policies in leaf certificates, which would result in certain policy checks being skipped for the certificate. If a user or automated system were tricked into processing a specially crafted certificate, a remote attacker could possibly use this issue to assert invalid certificate policies and circumvent policy checking. (CVE-2023-0465) David Benjamin discovered that OpenSSL incorrectly documented the functionalities of function X509_VERIFY_PARAM_add0_policy, stating that it would implicitly enable certificate policy checks when doing certificate verifications, contrary to its implementation. This could cause users and applications to not perform certificate policy checks even when expected to do so. (CVE-2023-0466) Update Instructions: Run `sudo pro fix USN-6039-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.18 libssl-dev - 1.1.1f-1ubuntu2.18 openssl - 1.1.1f-1ubuntu2.18 libssl-doc - 1.1.1f-1ubuntu2.18 No subscription required Low CVE-2022-3996 CVE-2023-0464 CVE-2023-0466 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6040-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-modules-extra-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-70.77~20.04.1 linux-modules-iwlwifi-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-image-unsigned-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-modules-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-generic-lpae - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-generic-64k - 5.15.0-70.77~20.04.1 linux-hwe-5.15-tools-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-hwe-5.15-headers-5.15.0-70 - 5.15.0-70.77~20.04.1 linux-headers-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-70.77~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-70.77~20.04.1 linux-image-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-buildinfo-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-cloud-tools-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-tools-5.15.0-70-generic - 5.15.0-70.77~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-70.77~20.04.1 No subscription required linux-tools-oem-20.04 - 5.15.0.70.77~20.04.31 linux-headers-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-headers-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-oem-20.04c - 5.15.0.70.77~20.04.31 linux-image-oem-20.04b - 5.15.0.70.77~20.04.31 linux-image-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-oem-20.04d - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-tools-oem-20.04c - 5.15.0.70.77~20.04.31 linux-tools-oem-20.04b - 5.15.0.70.77~20.04.31 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-oem-20.04 - 5.15.0.70.77~20.04.31 linux-tools-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-extra-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-tools-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-oem-20.04d - 5.15.0.70.77~20.04.31 linux-tools-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-oem-20.04d - 5.15.0.70.77~20.04.31 linux-oem-20.04c - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-generic-64k-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-oem-20.04 - 5.15.0.70.77~20.04.31 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04b - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04c - 5.15.0.70.77~20.04.31 linux-headers-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-image-generic-lpae-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-generic-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-headers-oem-20.04d - 5.15.0.70.77~20.04.31 linux-tools-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-generic-lpae-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-tools-virtual-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.70.77~20.04.31 linux-modules-iwlwifi-oem-20.04 - 5.15.0.70.77~20.04.31 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.70.77~20.04.31 linux-tools-oem-20.04d - 5.15.0.70.77~20.04.31 linux-oem-20.04b - 5.15.0.70.77~20.04.31 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.70.77~20.04.31 No subscription required High CVE-2022-4129 CVE-2022-47929 CVE-2022-4842 CVE-2023-0386 CVE-2023-0394 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-1652 CVE-2023-26545 Ubuntu 20.04 LTS James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Update Instructions: Run `sudo pro fix USN-6042-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cloud-init - 23.1.2-0ubuntu0~20.04.1 No subscription required Medium CVE-2023-1786 https://bugs.launchpad.net/cloud-init/+bug/2013967 Ubuntu 20.04 LTS USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Update Instructions: Run `sudo pro fix USN-6042-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cloud-init - 23.1.2-0ubuntu0~20.04.2 No subscription required None https://launchpad.net/bugs/2020375 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6044-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-modules-iwlwifi-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-gke-5.15-headers-5.15.0-1032 - 5.15.0-1032.37~20.04.1 linux-gke-5.15-tools-5.15.0-1032 - 5.15.0-1032.37~20.04.1 linux-modules-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-modules-extra-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-tools-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-buildinfo-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-image-unsigned-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 linux-headers-5.15.0-1032-gke - 5.15.0-1032.37~20.04.1 No subscription required linux-headers-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-oracle-5.15-tools-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-image-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-buildinfo-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-tools-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-oracle-5.15-headers-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-modules-extra-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-modules-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 linux-image-unsigned-5.15.0-1034-oracle - 5.15.0-1034.40~20.04.1 No subscription required linux-image-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-cloud-tools-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1035 - 5.15.0-1035.39~20.04.1 linux-image-unsigned-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-modules-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-modules-extra-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-buildinfo-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-tools-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 linux-aws-5.15-tools-5.15.0-1035 - 5.15.0-1035.39~20.04.1 linux-aws-5.15-headers-5.15.0-1035 - 5.15.0-1035.39~20.04.1 linux-headers-5.15.0-1035-aws - 5.15.0-1035.39~20.04.1 No subscription required linux-image-unsigned-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-image-unsigned-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-71.78~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-71.78~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-modules-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-cloud-tools-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-image-unsigned-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-modules-extra-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-hwe-5.15-headers-5.15.0-71 - 5.15.0-71.78~20.04.1 linux-cloud-tools-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-tools-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-modules-iwlwifi-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-71.78~20.04.1 linux-image-unsigned-5.15.0-71-generic-64k - 5.15.0-71.78~20.04.1 linux-modules-iwlwifi-5.15.0-71-generic - 5.15.0-71.78~20.04.1 linux-headers-5.15.0-71-lowlatency - 5.15.0-71.78~20.04.1 linux-image-5.15.0-71-generic-lpae - 5.15.0-71.78~20.04.1 linux-buildinfo-5.15.0-71-lowlatency-64k - 5.15.0-71.78~20.04.1 linux-hwe-5.15-tools-5.15.0-71 - 5.15.0-71.78~20.04.1 No subscription required linux-gke-5.15 - 5.15.0.1032.37~20.04.1 linux-tools-gke-5.15 - 5.15.0.1032.37~20.04.1 linux-headers-gke-edge - 5.15.0.1032.37~20.04.1 linux-image-gke-5.15 - 5.15.0.1032.37~20.04.1 linux-tools-gke-edge - 5.15.0.1032.37~20.04.1 linux-image-gke-edge - 5.15.0.1032.37~20.04.1 linux-gke-edge - 5.15.0.1032.37~20.04.1 linux-headers-gke-5.15 - 5.15.0.1032.37~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1034.40~20.04.1 linux-tools-oracle - 5.15.0.1034.40~20.04.1 linux-tools-oracle-edge - 5.15.0.1034.40~20.04.1 linux-image-oracle - 5.15.0.1034.40~20.04.1 linux-image-oracle-edge - 5.15.0.1034.40~20.04.1 linux-oracle-edge - 5.15.0.1034.40~20.04.1 linux-headers-oracle-edge - 5.15.0.1034.40~20.04.1 linux-oracle - 5.15.0.1034.40~20.04.1 No subscription required linux-headers-aws - 5.15.0.1035.39~20.04.24 linux-image-aws - 5.15.0.1035.39~20.04.24 linux-modules-extra-aws-edge - 5.15.0.1035.39~20.04.24 linux-image-aws-edge - 5.15.0.1035.39~20.04.24 linux-aws-edge - 5.15.0.1035.39~20.04.24 linux-aws - 5.15.0.1035.39~20.04.24 linux-tools-aws - 5.15.0.1035.39~20.04.24 linux-headers-aws-edge - 5.15.0.1035.39~20.04.24 linux-modules-extra-aws - 5.15.0.1035.39~20.04.24 linux-tools-aws-edge - 5.15.0.1035.39~20.04.24 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-lowlatency-64k-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-tools-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-lowlatency-hwe-20.04 - 5.15.0.71.78~20.04.29 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.71.78~20.04.29 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.29 No subscription required linux-tools-oem-20.04 - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04 - 5.15.0.71.78~20.04.32 linux-tools-oem-20.04c - 5.15.0.71.78~20.04.32 linux-tools-oem-20.04b - 5.15.0.71.78~20.04.32 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-tools-oem-20.04d - 5.15.0.71.78~20.04.32 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-extra-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-headers-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-tools-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-oem-20.04c - 5.15.0.71.78~20.04.32 linux-image-oem-20.04b - 5.15.0.71.78~20.04.32 linux-image-oem-20.04d - 5.15.0.71.78~20.04.32 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-oem-20.04 - 5.15.0.71.78~20.04.32 linux-image-oem-20.04 - 5.15.0.71.78~20.04.32 linux-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-oem-20.04c - 5.15.0.71.78~20.04.32 linux-oem-20.04b - 5.15.0.71.78~20.04.32 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-oem-20.04d - 5.15.0.71.78~20.04.32 linux-generic-lpae-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-oem-20.04 - 5.15.0.71.78~20.04.32 linux-tools-generic-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-image-generic-lpae-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-tools-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-oem-20.04d - 5.15.0.71.78~20.04.32 linux-tools-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-tools-virtual-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-image-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-generic-64k-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-generic-64k-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04b - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04c - 5.15.0.71.78~20.04.32 linux-headers-virtual-hwe-20.04 - 5.15.0.71.78~20.04.32 linux-headers-oem-20.04d - 5.15.0.71.78~20.04.32 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6046-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssl-ibmca - 2.1.0-0ubuntu1.20.04.2 No subscription required None https://launchpad.net/bugs/2015454 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Update Instructions: Run `sudo pro fix USN-6047-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1048-ibm - 5.4.0-1048.53 linux-modules-extra-5.4.0-1048-ibm - 5.4.0-1048.53 linux-modules-5.4.0-1048-ibm - 5.4.0-1048.53 linux-ibm-tools-common - 5.4.0-1048.53 linux-tools-5.4.0-1048-ibm - 5.4.0-1048.53 linux-ibm-source-5.4.0 - 5.4.0-1048.53 linux-ibm-cloud-tools-common - 5.4.0-1048.53 linux-ibm-headers-5.4.0-1048 - 5.4.0-1048.53 linux-buildinfo-5.4.0-1048-ibm - 5.4.0-1048.53 linux-image-5.4.0-1048-ibm - 5.4.0-1048.53 linux-ibm-tools-5.4.0-1048 - 5.4.0-1048.53 linux-headers-5.4.0-1048-ibm - 5.4.0-1048.53 No subscription required linux-image-unsigned-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-gkeop-source-5.4.0 - 5.4.0-1068.72 linux-headers-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-cloud-tools-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-gkeop-headers-5.4.0-1068 - 5.4.0-1068.72 linux-gkeop-cloud-tools-5.4.0-1068 - 5.4.0-1068.72 linux-gkeop-tools-5.4.0-1068 - 5.4.0-1068.72 linux-buildinfo-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-modules-extra-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-image-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-modules-5.4.0-1068-gkeop - 5.4.0-1068.72 linux-tools-5.4.0-1068-gkeop - 5.4.0-1068.72 No subscription required linux-kvm-headers-5.4.0-1090 - 5.4.0-1090.96 linux-tools-5.4.0-1090-kvm - 5.4.0-1090.96 linux-image-5.4.0-1090-kvm - 5.4.0-1090.96 linux-buildinfo-5.4.0-1090-kvm - 5.4.0-1090.96 linux-modules-5.4.0-1090-kvm - 5.4.0-1090.96 linux-headers-5.4.0-1090-kvm - 5.4.0-1090.96 linux-image-unsigned-5.4.0-1090-kvm - 5.4.0-1090.96 linux-kvm-tools-5.4.0-1090 - 5.4.0-1090.96 No subscription required linux-gke-tools-5.4.0-1098 - 5.4.0-1098.105 linux-tools-5.4.0-1098-gke - 5.4.0-1098.105 linux-modules-extra-5.4.0-1098-gke - 5.4.0-1098.105 linux-headers-5.4.0-1098-gke - 5.4.0-1098.105 linux-gke-headers-5.4.0-1098 - 5.4.0-1098.105 linux-image-unsigned-5.4.0-1098-gke - 5.4.0-1098.105 linux-image-5.4.0-1098-gke - 5.4.0-1098.105 linux-buildinfo-5.4.0-1098-gke - 5.4.0-1098.105 linux-modules-5.4.0-1098-gke - 5.4.0-1098.105 No subscription required linux-buildinfo-5.4.0-1100-oracle - 5.4.0-1100.109 linux-image-unsigned-5.4.0-1100-oracle - 5.4.0-1100.109 linux-modules-5.4.0-1100-oracle - 5.4.0-1100.109 linux-oracle-headers-5.4.0-1100 - 5.4.0-1100.109 linux-modules-extra-5.4.0-1100-oracle - 5.4.0-1100.109 linux-oracle-tools-5.4.0-1100 - 5.4.0-1100.109 linux-image-5.4.0-1100-oracle - 5.4.0-1100.109 linux-headers-5.4.0-1100-oracle - 5.4.0-1100.109 linux-tools-5.4.0-1100-oracle - 5.4.0-1100.109 No subscription required linux-modules-5.4.0-1101-aws - 5.4.0-1101.109 linux-image-5.4.0-1101-aws - 5.4.0-1101.109 linux-image-unsigned-5.4.0-1101-aws - 5.4.0-1101.109 linux-cloud-tools-5.4.0-1101-aws - 5.4.0-1101.109 linux-aws-tools-5.4.0-1101 - 5.4.0-1101.109 linux-buildinfo-5.4.0-1101-aws - 5.4.0-1101.109 linux-headers-5.4.0-1101-aws - 5.4.0-1101.109 linux-modules-extra-5.4.0-1101-aws - 5.4.0-1101.109 linux-aws-headers-5.4.0-1101 - 5.4.0-1101.109 linux-tools-5.4.0-1101-aws - 5.4.0-1101.109 linux-aws-cloud-tools-5.4.0-1101 - 5.4.0-1101.109 No subscription required linux-tools-5.4.0-1104-gcp - 5.4.0-1104.113 linux-image-unsigned-5.4.0-1104-gcp - 5.4.0-1104.113 linux-gcp-headers-5.4.0-1104 - 5.4.0-1104.113 linux-modules-extra-5.4.0-1104-gcp - 5.4.0-1104.113 linux-modules-5.4.0-1104-gcp - 5.4.0-1104.113 linux-headers-5.4.0-1104-gcp - 5.4.0-1104.113 linux-image-5.4.0-1104-gcp - 5.4.0-1104.113 linux-gcp-tools-5.4.0-1104 - 5.4.0-1104.113 linux-buildinfo-5.4.0-1104-gcp - 5.4.0-1104.113 No subscription required linux-azure-tools-5.4.0-1107 - 5.4.0-1107.113 linux-buildinfo-5.4.0-1107-azure - 5.4.0-1107.113 linux-tools-5.4.0-1107-azure - 5.4.0-1107.113 linux-cloud-tools-5.4.0-1107-azure - 5.4.0-1107.113 linux-modules-5.4.0-1107-azure - 5.4.0-1107.113 linux-azure-headers-5.4.0-1107 - 5.4.0-1107.113 linux-azure-cloud-tools-5.4.0-1107 - 5.4.0-1107.113 linux-image-unsigned-5.4.0-1107-azure - 5.4.0-1107.113 linux-headers-5.4.0-1107-azure - 5.4.0-1107.113 linux-image-5.4.0-1107-azure - 5.4.0-1107.113 linux-modules-extra-5.4.0-1107-azure - 5.4.0-1107.113 No subscription required linux-tools-common - 5.4.0-148.165 linux-modules-extra-5.4.0-148-generic - 5.4.0-148.165 linux-modules-5.4.0-148-generic - 5.4.0-148.165 linux-buildinfo-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-tools-host - 5.4.0-148.165 linux-buildinfo-5.4.0-148-generic - 5.4.0-148.165 linux-doc - 5.4.0-148.165 linux-modules-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-cloud-tools-5.4.0-148-lowlatency - 5.4.0-148.165 linux-headers-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-image-unsigned-5.4.0-148-lowlatency - 5.4.0-148.165 linux-headers-5.4.0-148-generic - 5.4.0-148.165 linux-modules-5.4.0-148-lowlatency - 5.4.0-148.165 linux-tools-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-libc-dev - 5.4.0-148.165 linux-tools-5.4.0-148-lowlatency - 5.4.0-148.165 linux-image-5.4.0-148-generic - 5.4.0-148.165 linux-source-5.4.0 - 5.4.0-148.165 linux-cloud-tools-5.4.0-148 - 5.4.0-148.165 linux-image-5.4.0-148-generic-lpae - 5.4.0-148.165 linux-tools-5.4.0-148-generic - 5.4.0-148.165 linux-image-unsigned-5.4.0-148-generic - 5.4.0-148.165 linux-tools-5.4.0-148 - 5.4.0-148.165 linux-buildinfo-5.4.0-148-lowlatency - 5.4.0-148.165 linux-cloud-tools-5.4.0-148-generic - 5.4.0-148.165 linux-cloud-tools-common - 5.4.0-148.165 linux-headers-5.4.0-148 - 5.4.0-148.165 linux-headers-5.4.0-148-lowlatency - 5.4.0-148.165 linux-image-5.4.0-148-lowlatency - 5.4.0-148.165 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1048.74 linux-modules-extra-ibm - 5.4.0.1048.74 linux-image-ibm - 5.4.0.1048.74 linux-headers-ibm-lts-20.04 - 5.4.0.1048.74 linux-tools-ibm - 5.4.0.1048.74 linux-ibm-lts-20.04 - 5.4.0.1048.74 linux-image-ibm-lts-20.04 - 5.4.0.1048.74 linux-ibm - 5.4.0.1048.74 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1048.74 linux-headers-ibm - 5.4.0.1048.74 No subscription required linux-headers-gkeop - 5.4.0.1068.66 linux-cloud-tools-gkeop-5.4 - 5.4.0.1068.66 linux-image-gkeop - 5.4.0.1068.66 linux-modules-extra-gkeop-5.4 - 5.4.0.1068.66 linux-gkeop-5.4 - 5.4.0.1068.66 linux-image-gkeop-5.4 - 5.4.0.1068.66 linux-gkeop - 5.4.0.1068.66 linux-cloud-tools-gkeop - 5.4.0.1068.66 linux-headers-gkeop-5.4 - 5.4.0.1068.66 linux-modules-extra-gkeop - 5.4.0.1068.66 linux-tools-gkeop - 5.4.0.1068.66 linux-tools-gkeop-5.4 - 5.4.0.1068.66 No subscription required linux-kvm - 5.4.0.1090.84 linux-headers-kvm - 5.4.0.1090.84 linux-image-kvm - 5.4.0.1090.84 linux-tools-kvm - 5.4.0.1090.84 No subscription required linux-modules-extra-gke - 5.4.0.1098.103 linux-headers-gke-5.4 - 5.4.0.1098.103 linux-tools-gke-5.4 - 5.4.0.1098.103 linux-modules-extra-gke-5.4 - 5.4.0.1098.103 linux-gke-5.4 - 5.4.0.1098.103 linux-tools-gke - 5.4.0.1098.103 linux-gke - 5.4.0.1098.103 linux-headers-gke - 5.4.0.1098.103 linux-image-gke-5.4 - 5.4.0.1098.103 linux-image-gke - 5.4.0.1098.103 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1100.93 linux-headers-oracle-lts-20.04 - 5.4.0.1100.93 linux-oracle-lts-20.04 - 5.4.0.1100.93 linux-image-oracle-lts-20.04 - 5.4.0.1100.93 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1101.98 linux-image-aws-lts-20.04 - 5.4.0.1101.98 linux-headers-aws-lts-20.04 - 5.4.0.1101.98 linux-tools-aws-lts-20.04 - 5.4.0.1101.98 linux-aws-lts-20.04 - 5.4.0.1101.98 No subscription required linux-gcp-lts-20.04 - 5.4.0.1104.106 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1104.106 linux-headers-gcp-lts-20.04 - 5.4.0.1104.106 linux-tools-gcp-lts-20.04 - 5.4.0.1104.106 linux-image-gcp-lts-20.04 - 5.4.0.1104.106 No subscription required linux-azure-lts-20.04 - 5.4.0.1107.100 linux-image-azure-lts-20.04 - 5.4.0.1107.100 linux-modules-extra-azure-lts-20.04 - 5.4.0.1107.100 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1107.100 linux-tools-azure-lts-20.04 - 5.4.0.1107.100 linux-headers-azure-lts-20.04 - 5.4.0.1107.100 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-virtual - 5.4.0.148.146 linux-image-generic-hwe-18.04 - 5.4.0.148.146 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-generic-lpae - 5.4.0.148.146 linux-image-virtual - 5.4.0.148.146 linux-oem-osp1-tools-host - 5.4.0.148.146 linux-image-generic - 5.4.0.148.146 linux-tools-lowlatency - 5.4.0.148.146 linux-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-tools-virtual-hwe-18.04 - 5.4.0.148.146 linux-tools-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-headers-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-image-extra-virtual-hwe-18.04 - 5.4.0.148.146 linux-image-oem-osp1 - 5.4.0.148.146 linux-image-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-crashdump - 5.4.0.148.146 linux-headers-generic-hwe-18.04 - 5.4.0.148.146 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-source - 5.4.0.148.146 linux-lowlatency - 5.4.0.148.146 linux-tools-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-generic - 5.4.0.148.146 linux-virtual - 5.4.0.148.146 linux-headers-virtual-hwe-18.04 - 5.4.0.148.146 linux-tools-generic - 5.4.0.148.146 linux-virtual-hwe-18.04 - 5.4.0.148.146 linux-tools-generic-lpae - 5.4.0.148.146 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-tools-virtual - 5.4.0.148.146 linux-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-generic-lpae - 5.4.0.148.146 linux-headers-oem - 5.4.0.148.146 linux-tools-oem-osp1 - 5.4.0.148.146 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.148.146 linux-tools-generic-hwe-18.04-edge - 5.4.0.148.146 linux-image-virtual-hwe-18.04 - 5.4.0.148.146 linux-headers-lowlatency - 5.4.0.148.146 linux-image-generic-hwe-18.04-edge - 5.4.0.148.146 linux-generic-hwe-18.04-edge - 5.4.0.148.146 linux-generic - 5.4.0.148.146 linux-oem - 5.4.0.148.146 linux-image-extra-virtual - 5.4.0.148.146 linux-oem-tools-host - 5.4.0.148.146 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-lowlatency - 5.4.0.148.146 linux-tools-oem - 5.4.0.148.146 linux-headers-oem-osp1 - 5.4.0.148.146 linux-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-tools-generic-hwe-18.04 - 5.4.0.148.146 linux-headers-generic-hwe-18.04-edge - 5.4.0.148.146 linux-headers-generic - 5.4.0.148.146 linux-oem-osp1 - 5.4.0.148.146 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.148.146 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-image-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.148.146 linux-headers-virtual - 5.4.0.148.146 linux-image-oem - 5.4.0.148.146 linux-lowlatency-hwe-18.04 - 5.4.0.148.146 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.148.146 linux-generic-hwe-18.04 - 5.4.0.148.146 linux-image-generic-lpae - 5.4.0.148.146 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.148.146 linux-image-virtual-hwe-18.04-edge - 5.4.0.148.146 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.148.146 linux-image-lowlatency - 5.4.0.148.146 No subscription required High CVE-2023-1829 Ubuntu 20.04 LTS It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input to crash programs using the library. Update Instructions: Run `sudo pro fix USN-6048-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzen-dev - 0.4.37-1ubuntu0.20.04.1 libzen-doc - 0.4.37-1ubuntu0.20.04.1 libzen0v5 - 0.4.37-1ubuntu0.20.04.1 No subscription required Medium CVE-2020-36646 Ubuntu 20.04 LTS It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-11612) It was discovered that Netty created temporary files with excessive permissions. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM, and Ubuntu 20.04 ESM. (CVE-2021-21290) It was discovered that Netty did not properly validate content-length headers. A remote attacker could possibly use this issue to smuggle requests. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2021-21295, CVE-2021-21409) It was discovered that Netty's Bzip2 decompression decoder did not limit the decompressed output data size. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2021-37136) It was discovered that Netty's Snappy frame decoder function did not limit chunk lengths. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. (CVE-2021-37137) It was discovered that Netty did not properly handle control chars at the beginning and end of header names. A remote attacker could possibly use this issue to smuggle requests. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2021-43797) It was discovered that Netty could be made into an infinite recursion when parsing a malformed crafted message. A remote attacker could possibly use this issue to cause Netty to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41881) It was discovered that Netty did not validate header values under certain circumstances. A remote attacker could possibly use this issue to perform HTTP response splitting via malicious header values. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41915) Update Instructions: Run `sudo pro fix USN-6049-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnetty-java - 1:4.1.45-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-11612 CVE-2021-21290 CVE-2021-21295 CVE-2021-21409 CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881 CVE-2022-41915 Ubuntu 20.04 LTS It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. (CVE-2023-25652) Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. (CVE-2023-25815) André Baptista and Vítor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection. (CVE-2023-29007) Update Instructions: Run `sudo pro fix USN-6050-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.11 gitweb - 1:2.25.1-1ubuntu3.11 git-gui - 1:2.25.1-1ubuntu3.11 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.11 git-el - 1:2.25.1-1ubuntu3.11 gitk - 1:2.25.1-1ubuntu3.11 git-all - 1:2.25.1-1ubuntu3.11 git-mediawiki - 1:2.25.1-1ubuntu3.11 git-daemon-run - 1:2.25.1-1ubuntu3.11 git-man - 1:2.25.1-1ubuntu3.11 git-doc - 1:2.25.1-1ubuntu3.11 git-svn - 1:2.25.1-1ubuntu3.11 git-cvs - 1:2.25.1-1ubuntu3.11 git-email - 1:2.25.1-1ubuntu3.11 No subscription required Medium CVE-2023-25652 CVE-2023-25815 CVE-2023-29007 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6051-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-azure-5.15-tools-5.15.0-1037 - 5.15.0-1037.44~20.04.1 linux-modules-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-image-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-cloud-tools-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-tools-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-image-unsigned-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-azure-5.15-headers-5.15.0-1037 - 5.15.0-1037.44~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.44~20.04.1 linux-modules-extra-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 linux-headers-5.15.0-1037-azure - 5.15.0-1037.44~20.04.1 No subscription required linux-modules-extra-azure-edge - 5.15.0.1037.44~20.04.27 linux-tools-azure-cvm - 5.15.0.1037.44~20.04.27 linux-tools-azure-edge - 5.15.0.1037.44~20.04.27 linux-azure - 5.15.0.1037.44~20.04.27 linux-image-azure - 5.15.0.1037.44~20.04.27 linux-cloud-tools-azure - 5.15.0.1037.44~20.04.27 linux-headers-azure-cvm - 5.15.0.1037.44~20.04.27 linux-cloud-tools-azure-edge - 5.15.0.1037.44~20.04.27 linux-cloud-tools-azure-cvm - 5.15.0.1037.44~20.04.27 linux-tools-azure - 5.15.0.1037.44~20.04.27 linux-headers-azure-edge - 5.15.0.1037.44~20.04.27 linux-image-azure-edge - 5.15.0.1037.44~20.04.27 linux-modules-extra-azure - 5.15.0.1037.44~20.04.27 linux-azure-edge - 5.15.0.1037.44~20.04.27 linux-image-azure-cvm - 5.15.0.1037.44~20.04.27 linux-azure-cvm - 5.15.0.1037.44~20.04.27 linux-modules-extra-azure-cvm - 5.15.0.1037.44~20.04.27 linux-headers-azure - 5.15.0.1037.44~20.04.27 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker could possibly use this issue to bypass certain validations. Update Instructions: Run `sudo pro fix USN-6054-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.17 python-django-doc - 2:2.2.12-1ubuntu0.17 No subscription required Low CVE-2023-31047 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2023-28756) Update Instructions: Run `sudo pro fix USN-6055-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.9 ruby2.7-doc - 2.7.0-5ubuntu1.9 ruby2.7-dev - 2.7.0-5ubuntu1.9 libruby2.7 - 2.7.0-5ubuntu1.9 No subscription required Medium CVE-2023-28755 CVE-2023-28756 Ubuntu 20.04 LTS USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) Update Instructions: Run `sudo pro fix USN-6055-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.10 ruby2.7-doc - 2.7.0-5ubuntu1.10 ruby2.7-dev - 2.7.0-5ubuntu1.10 libruby2.7 - 2.7.0-5ubuntu1.10 No subscription required Medium CVE-2023-28755 https://launchpad.net/bugs/2018547 Ubuntu 20.04 LTS It was discovered that Erlang did not properly implement TLS client certificate validation during the TLS handshake. A remote attacker could use this issue to bypass client authentication. Update Instructions: Run `sudo pro fix USN-6059-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: erlang-x11 - 1:22.2.7+dfsg-1ubuntu0.2 erlang-jinterface - 1:22.2.7+dfsg-1ubuntu0.2 erlang-asn1 - 1:22.2.7+dfsg-1ubuntu0.2 erlang-inets - 1:22.2.7+dfsg-1ubuntu0.2 erlang-snmp - 1:22.2.7+dfsg-1ubuntu0.2 erlang-mode - 1:22.2.7+dfsg-1ubuntu0.2 erlang-odbc - 1:22.2.7+dfsg-1ubuntu0.2 erlang-common-test - 1:22.2.7+dfsg-1ubuntu0.2 erlang-examples - 1:22.2.7+dfsg-1ubuntu0.2 erlang-wx - 1:22.2.7+dfsg-1ubuntu0.2 erlang-ftp - 1:22.2.7+dfsg-1ubuntu0.2 erlang-observer - 1:22.2.7+dfsg-1ubuntu0.2 erlang-os-mon - 1:22.2.7+dfsg-1ubuntu0.2 erlang-syntax-tools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-ssl - 1:22.2.7+dfsg-1ubuntu0.2 erlang-dev - 1:22.2.7+dfsg-1ubuntu0.2 erlang-ssh - 1:22.2.7+dfsg-1ubuntu0.2 erlang-megaco - 1:22.2.7+dfsg-1ubuntu0.2 erlang-manpages - 1:22.2.7+dfsg-1ubuntu0.2 erlang - 1:22.2.7+dfsg-1ubuntu0.2 erlang-tftp - 1:22.2.7+dfsg-1ubuntu0.2 erlang-runtime-tools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-eunit - 1:22.2.7+dfsg-1ubuntu0.2 erlang-tools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-debugger - 1:22.2.7+dfsg-1ubuntu0.2 erlang-parsetools - 1:22.2.7+dfsg-1ubuntu0.2 erlang-public-key - 1:22.2.7+dfsg-1ubuntu0.2 erlang-diameter - 1:22.2.7+dfsg-1ubuntu0.2 erlang-doc - 1:22.2.7+dfsg-1ubuntu0.2 erlang-reltool - 1:22.2.7+dfsg-1ubuntu0.2 erlang-xmerl - 1:22.2.7+dfsg-1ubuntu0.2 erlang-nox - 1:22.2.7+dfsg-1ubuntu0.2 erlang-eldap - 1:22.2.7+dfsg-1ubuntu0.2 erlang-src - 1:22.2.7+dfsg-1ubuntu0.2 erlang-edoc - 1:22.2.7+dfsg-1ubuntu0.2 erlang-mnesia - 1:22.2.7+dfsg-1ubuntu0.2 erlang-base-hipe - 1:22.2.7+dfsg-1ubuntu0.2 erlang-crypto - 1:22.2.7+dfsg-1ubuntu0.2 erlang-erl-docgen - 1:22.2.7+dfsg-1ubuntu0.2 erlang-base - 1:22.2.7+dfsg-1ubuntu0.2 erlang-et - 1:22.2.7+dfsg-1ubuntu0.2 erlang-dialyzer - 1:22.2.7+dfsg-1ubuntu0.2 No subscription required Medium CVE-2022-37026 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-42.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html https://www.oracle.com/security-alerts/cpuapr2023.html Update Instructions: Run `sudo pro fix USN-6060-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.33-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.33-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-router - 8.0.33-0ubuntu0.20.04.1 mysql-server - 8.0.33-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.33-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-testsuite - 8.0.33-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.33-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.33-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-21911 CVE-2023-21912 CVE-2023-21919 CVE-2023-21920 CVE-2023-21929 CVE-2023-21933 CVE-2023-21935 CVE-2023-21940 CVE-2023-21945 CVE-2023-21946 CVE-2023-21947 CVE-2023-21953 CVE-2023-21955 CVE-2023-21962 CVE-2023-21966 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 Ubuntu 20.04 LTS USN-6060-1 fixed vulnerabilities in MySQL. The new upstream 8.0.33 version introduced a regression on the armhf architecture. This update fixes the problem. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-42.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html https://www.oracle.com/security-alerts/cpuapr2023.html Update Instructions: Run `sudo pro fix USN-6060-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.33-0ubuntu0.20.04.2 libmysqlclient-dev - 8.0.33-0ubuntu0.20.04.2 mysql-testsuite-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-router - 8.0.33-0ubuntu0.20.04.2 mysql-server - 8.0.33-0ubuntu0.20.04.2 libmysqlclient21 - 8.0.33-0ubuntu0.20.04.2 mysql-client-core-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-server-core-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-server-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-testsuite - 8.0.33-0ubuntu0.20.04.2 mysql-client-8.0 - 8.0.33-0ubuntu0.20.04.2 mysql-source-8.0 - 8.0.33-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2019203 Ubuntu 20.04 LTS Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6061-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-javascriptcoregtk-4.0 - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37-gtk2 - 2.38.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-dev - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 - 2.38.6-0ubuntu0.20.04.1 webkit2gtk-driver - 2.38.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-18 - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-doc - 2.38.6-0ubuntu0.20.04.1 libjavascriptcoregtk-4.0-bin - 2.38.6-0ubuntu0.20.04.1 gir1.2-webkit2-4.0 - 2.38.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-dev - 2.38.6-0ubuntu0.20.04.1 No subscription required Medium CVE-2022-0108 CVE-2023-25358 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205 Ubuntu 20.04 LTS It was discovered that FreeType incorrectly handled certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6062-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freetype2-doc - 2.10.1-2ubuntu0.3 libfreetype6-dev - 2.10.1-2ubuntu0.3 libfreetype-dev - 2.10.1-2ubuntu0.3 freetype2-demos - 2.10.1-2ubuntu0.3 libfreetype6 - 2.10.1-2ubuntu0.3 No subscription required None Ubuntu 20.04 LTS Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3979) It was discovered that Ceph incorrectly handled the volumes plugin. An attacker could possibly use this issue to obtain access to any share. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-0670) It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-3650) It was discovered that Ceph incorrectly handled URL processing on RGW backends. An attacker could possibly use this issue to cause RGW to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3854) Update Instructions: Run `sudo pro fix USN-6063-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-rbd - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-modules-core - 15.2.17-0ubuntu0.20.04.3 ceph-mgr - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-cephadm - 15.2.17-0ubuntu0.20.04.3 ceph - 15.2.17-0ubuntu0.20.04.3 python3-ceph-argparse - 15.2.17-0ubuntu0.20.04.3 rbd-mirror - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-dashboard - 15.2.17-0ubuntu0.20.04.3 librbd-dev - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-rook - 15.2.17-0ubuntu0.20.04.3 rbd-fuse - 15.2.17-0ubuntu0.20.04.3 libradospp-dev - 15.2.17-0ubuntu0.20.04.3 librados-dev - 15.2.17-0ubuntu0.20.04.3 librbd1 - 15.2.17-0ubuntu0.20.04.3 python3-ceph - 15.2.17-0ubuntu0.20.04.3 cephadm - 15.2.17-0ubuntu0.20.04.3 libradosstriper-dev - 15.2.17-0ubuntu0.20.04.3 librados2 - 15.2.17-0ubuntu0.20.04.3 ceph-mon - 15.2.17-0ubuntu0.20.04.3 libcephfs2 - 15.2.17-0ubuntu0.20.04.3 ceph-immutable-object-cache - 15.2.17-0ubuntu0.20.04.3 librgw2 - 15.2.17-0ubuntu0.20.04.3 ceph-mds - 15.2.17-0ubuntu0.20.04.3 radosgw - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-diskprediction-local - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-diskprediction-cloud - 15.2.17-0ubuntu0.20.04.3 python3-rgw - 15.2.17-0ubuntu0.20.04.3 rbd-nbd - 15.2.17-0ubuntu0.20.04.3 libcephfs-dev - 15.2.17-0ubuntu0.20.04.3 rados-objclass-dev - 15.2.17-0ubuntu0.20.04.3 libradosstriper1 - 15.2.17-0ubuntu0.20.04.3 ceph-osd - 15.2.17-0ubuntu0.20.04.3 python3-ceph-common - 15.2.17-0ubuntu0.20.04.3 librgw-dev - 15.2.17-0ubuntu0.20.04.3 python3-rados - 15.2.17-0ubuntu0.20.04.3 ceph-base - 15.2.17-0ubuntu0.20.04.3 ceph-mgr-k8sevents - 15.2.17-0ubuntu0.20.04.3 python3-cephfs - 15.2.17-0ubuntu0.20.04.3 ceph-fuse - 15.2.17-0ubuntu0.20.04.3 cephfs-shell - 15.2.17-0ubuntu0.20.04.3 ceph-common - 15.2.17-0ubuntu0.20.04.3 libcephfs-java - 15.2.17-0ubuntu0.20.04.3 ceph-resource-agents - 15.2.17-0ubuntu0.20.04.3 libcephfs-jni - 15.2.17-0ubuntu0.20.04.3 No subscription required Medium CVE-2021-3979 CVE-2022-0670 CVE-2022-3650 CVE-2022-3854 Ubuntu 20.04 LTS It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6064-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sqlformat - 0.2.4-3ubuntu0.1 python3-sqlparse - 0.2.4-3ubuntu0.1 python-sqlparse-doc - 0.2.4-3ubuntu0.1 pypy-sqlparse - 0.2.4-3ubuntu0.1 No subscription required Medium CVE-2023-30608 Ubuntu 20.04 LTS It was discovered that css-what incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-33587, CVE-2022-21222) Update Instructions: Run `sudo pro fix USN-6065-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-css-what - 3.2.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-33587 CVE-2022-21222 Ubuntu 20.04 LTS It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data. Update Instructions: Run `sudo pro fix USN-6066-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-heat - 1:14.2.0-0ubuntu1.1 heat-api-cfn - 1:14.2.0-0ubuntu1.1 heat-engine - 1:14.2.0-0ubuntu1.1 heat-api - 1:14.2.0-0ubuntu1.1 heat-common - 1:14.2.0-0ubuntu1.1 No subscription required Medium CVE-2023-1625 Ubuntu 20.04 LTS David Sinquin discovered that OpenStack Neutron incorrectly handled the default Open vSwitch firewall rules. An attacker could possibly use this issue to impersonate the IPv6 addresses of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20267) Jake Yip and Justin Mammarella discovered that OpenStack Neutron incorrectly handled the linuxbridge driver when ebtables-nft is being used. An attacker could possibly use this issue to impersonate the hardware addresss of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598) Pavel Toporkov discovered that OpenStack Neutron incorrectly handled extra_dhcp_opts values. An attacker could possibly use this issue to reconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40085) Slawek Kaplonski discovered that OpenStack Neutron incorrectly handled the routes middleware. An attacker could possibly use this issue to cause the API worker to consume memory, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797) It was discovered that OpenStack Neutron incorrectly handled certain queries. A remote authenticated user could possibly use this issue to cause resource consumption, leading to a denial of service. (CVE-2022-3277) Update Instructions: Run `sudo pro fix USN-6067-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: neutron-linuxbridge-agent - 2:16.4.2-0ubuntu6.2 neutron-metering-agent - 2:16.4.2-0ubuntu6.2 neutron-plugin-ml2 - 2:16.4.2-0ubuntu6.2 neutron-server - 2:16.4.2-0ubuntu6.2 neutron-ovn-metadata-agent - 2:16.4.2-0ubuntu6.2 python3-neutron - 2:16.4.2-0ubuntu6.2 neutron-l3-agent - 2:16.4.2-0ubuntu6.2 neutron-metadata-agent - 2:16.4.2-0ubuntu6.2 neutron-dhcp-agent - 2:16.4.2-0ubuntu6.2 neutron-sriov-agent - 2:16.4.2-0ubuntu6.2 neutron-openvswitch-agent - 2:16.4.2-0ubuntu6.2 neutron-common - 2:16.4.2-0ubuntu6.2 neutron-macvtap-agent - 2:16.4.2-0ubuntu6.2 No subscription required Medium CVE-2021-20267 CVE-2021-38598 CVE-2021-40085 CVE-2021-40797 CVE-2022-3277 Ubuntu 20.04 LTS David Marchand discovered that Open vSwitch incorrectly handled IP packets with the protocol set to 0. A remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6068-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.8-0ubuntu1.2 openvswitch-switch - 2.13.8-0ubuntu1.2 openvswitch-pki - 2.13.8-0ubuntu1.2 openvswitch-common - 2.13.8-0ubuntu1.2 openvswitch-testcontroller - 2.13.8-0ubuntu1.2 openvswitch-vtep - 2.13.8-0ubuntu1.2 openvswitch-source - 2.13.8-0ubuntu1.2 python3-openvswitch - 2.13.8-0ubuntu1.2 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.2 openvswitch-test - 2.13.8-0ubuntu1.2 No subscription required Medium CVE-2023-1668 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Update Instructions: Run `sudo pro fix USN-6069-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1084 - 5.4.0-1084.95 linux-raspi-headers-5.4.0-1084 - 5.4.0-1084.95 linux-image-5.4.0-1084-raspi - 5.4.0-1084.95 linux-buildinfo-5.4.0-1084-raspi - 5.4.0-1084.95 linux-modules-5.4.0-1084-raspi - 5.4.0-1084.95 linux-headers-5.4.0-1084-raspi - 5.4.0-1084.95 linux-tools-5.4.0-1084-raspi - 5.4.0-1084.95 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-raspi2 - 5.4.0.1084.114 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-raspi-hwe-18.04 - 5.4.0.1084.114 linux-tools-raspi - 5.4.0.1084.114 linux-image-raspi - 5.4.0.1084.114 linux-tools-raspi2-hwe-18.04 - 5.4.0.1084.114 linux-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-raspi2-hwe-18.04 - 5.4.0.1084.114 linux-headers-raspi2 - 5.4.0.1084.114 linux-tools-raspi-hwe-18.04 - 5.4.0.1084.114 linux-headers-raspi2-hwe-18.04 - 5.4.0.1084.114 linux-image-raspi2 - 5.4.0.1084.114 linux-image-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1084.114 linux-tools-raspi2 - 5.4.0.1084.114 linux-image-raspi-hwe-18.04 - 5.4.0.1084.114 linux-raspi - 5.4.0.1084.114 linux-headers-raspi - 5.4.0.1084.114 linux-headers-raspi-hwe-18.04 - 5.4.0.1084.114 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1084.114 linux-image-raspi2-hwe-18.04 - 5.4.0.1084.114 No subscription required High CVE-2023-1829 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6070-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1037-azure-fde - 5.15.0-1037.44~20.04.1.1 linux-image-unsigned-5.15.0-1037-azure-fde - 5.15.0-1037.44~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-modules-extra-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-headers-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-modules-extra-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-tools-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-image-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-image-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-cloud-tools-azure-fde-edge - 5.15.0.1037.44~20.04.1.16 linux-cloud-tools-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-tools-azure-fde - 5.15.0.1037.44~20.04.1.16 linux-headers-azure-fde - 5.15.0.1037.44~20.04.1.16 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cinder - 2:16.4.2-0ubuntu2.3 cinder-api - 2:16.4.2-0ubuntu2.3 cinder-volume - 2:16.4.2-0ubuntu2.3 cinder-common - 2:16.4.2-0ubuntu2.3 cinder-backup - 2:16.4.2-0ubuntu2.3 cinder-scheduler - 2:16.4.2-0ubuntu2.3 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 2.0.0-0ubuntu4.1 python3-glance-store - 2.0.0-0ubuntu4.1 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.3 nova-common - 2:21.2.4-0ubuntu2.3 nova-compute-xen - 2:21.2.4-0ubuntu2.3 nova-api-os-compute - 2:21.2.4-0ubuntu2.3 nova-novncproxy - 2:21.2.4-0ubuntu2.3 nova-serialproxy - 2:21.2.4-0ubuntu2.3 nova-api-os-volume - 2:21.2.4-0ubuntu2.3 nova-compute-lxc - 2:21.2.4-0ubuntu2.3 nova-api-metadata - 2:21.2.4-0ubuntu2.3 nova-compute-libvirt - 2:21.2.4-0ubuntu2.3 nova-compute-kvm - 2:21.2.4-0ubuntu2.3 nova-doc - 2:21.2.4-0ubuntu2.3 nova-conductor - 2:21.2.4-0ubuntu2.3 nova-volume - 2:21.2.4-0ubuntu2.3 nova-compute-vmware - 2:21.2.4-0ubuntu2.3 nova-cells - 2:21.2.4-0ubuntu2.3 nova-spiceproxy - 2:21.2.4-0ubuntu2.3 nova-scheduler - 2:21.2.4-0ubuntu2.3 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.3 nova-compute - 2:21.2.4-0ubuntu2.3 nova-compute-qemu - 2:21.2.4-0ubuntu2.3 python3-nova - 2:21.2.4-0ubuntu2.3 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: os-brick-common - 3.0.8-0ubuntu1.1 python3-os-brick - 3.0.8-0ubuntu1.1 python-os-brick-doc - 3.0.8-0ubuntu1.1 No subscription required Medium CVE-2023-2088 Ubuntu 20.04 LTS USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.4 nova-common - 2:21.2.4-0ubuntu2.4 nova-compute-xen - 2:21.2.4-0ubuntu2.4 nova-api-os-compute - 2:21.2.4-0ubuntu2.4 nova-novncproxy - 2:21.2.4-0ubuntu2.4 nova-serialproxy - 2:21.2.4-0ubuntu2.4 nova-api-os-volume - 2:21.2.4-0ubuntu2.4 nova-compute-lxc - 2:21.2.4-0ubuntu2.4 nova-api-metadata - 2:21.2.4-0ubuntu2.4 nova-compute-libvirt - 2:21.2.4-0ubuntu2.4 nova-compute-kvm - 2:21.2.4-0ubuntu2.4 nova-doc - 2:21.2.4-0ubuntu2.4 nova-conductor - 2:21.2.4-0ubuntu2.4 nova-volume - 2:21.2.4-0ubuntu2.4 nova-compute-vmware - 2:21.2.4-0ubuntu2.4 nova-cells - 2:21.2.4-0ubuntu2.4 nova-spiceproxy - 2:21.2.4-0ubuntu2.4 nova-scheduler - 2:21.2.4-0ubuntu2.4 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.4 nova-compute - 2:21.2.4-0ubuntu2.4 nova-compute-qemu - 2:21.2.4-0ubuntu2.4 python3-nova - 2:21.2.4-0ubuntu2.4 No subscription required None https://launchpad.net/bugs/2019460 Ubuntu 20.04 LTS USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-6` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cinder - 2:16.4.2-0ubuntu2.4 cinder-api - 2:16.4.2-0ubuntu2.4 cinder-volume - 2:16.4.2-0ubuntu2.4 cinder-common - 2:16.4.2-0ubuntu2.4 cinder-backup - 2:16.4.2-0ubuntu2.4 cinder-scheduler - 2:16.4.2-0ubuntu2.4 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS USN-6073-2 fixed a vulnerability in Glance_store. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-7` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 2.0.0-0ubuntu4.2 python3-glance-store - 2.0.0-0ubuntu4.2 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-8` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-api - 2:21.2.4-0ubuntu2.5 nova-common - 2:21.2.4-0ubuntu2.5 nova-compute-xen - 2:21.2.4-0ubuntu2.5 nova-api-os-compute - 2:21.2.4-0ubuntu2.5 nova-novncproxy - 2:21.2.4-0ubuntu2.5 nova-serialproxy - 2:21.2.4-0ubuntu2.5 nova-api-os-volume - 2:21.2.4-0ubuntu2.5 nova-compute-lxc - 2:21.2.4-0ubuntu2.5 nova-api-metadata - 2:21.2.4-0ubuntu2.5 nova-compute-libvirt - 2:21.2.4-0ubuntu2.5 nova-compute-kvm - 2:21.2.4-0ubuntu2.5 nova-doc - 2:21.2.4-0ubuntu2.5 nova-conductor - 2:21.2.4-0ubuntu2.5 nova-volume - 2:21.2.4-0ubuntu2.5 nova-compute-vmware - 2:21.2.4-0ubuntu2.5 nova-cells - 2:21.2.4-0ubuntu2.5 nova-spiceproxy - 2:21.2.4-0ubuntu2.5 nova-scheduler - 2:21.2.4-0ubuntu2.5 nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.5 nova-compute - 2:21.2.4-0ubuntu2.5 nova-compute-qemu - 2:21.2.4-0ubuntu2.5 python3-nova - 2:21.2.4-0ubuntu2.5 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: https://security.openstack.org/ossa/OSSA-2023-003.html Update Instructions: Run `sudo pro fix USN-6073-9` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: os-brick-common - 3.0.8-0ubuntu1.2 python3-os-brick - 3.0.8-0ubuntu1.2 python-os-brick-doc - 3.0.8-0ubuntu1.2 No subscription required None https://launchpad.net/bugs/2020111 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209) Update Instructions: Run `sudo pro fix USN-6074-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 113.0+build2-0ubuntu0.20.04.1 firefox - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 113.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 113.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 113.0+build2-0ubuntu0.20.04.1 firefox-dev - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 113.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 113.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-32205 CVE-2023-32206 CVE-2023-32207 CVE-2023-32208 CVE-2023-32209 CVE-2023-32210 CVE-2023-32211 CVE-2023-32212 CVE-2023-32213 CVE-2023-32215 CVE-2023-32216 Ubuntu 20.04 LTS USN-6074-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209) Update Instructions: Run `sudo pro fix USN-6074-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 113.0.1+build1-0ubuntu0.20.04.1 firefox - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 113.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 113.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 113.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 113.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 113.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2019782 Ubuntu 20.04 LTS USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209) Update Instructions: Run `sudo pro fix USN-6074-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 113.0.2+build1-0ubuntu0.20.04.1 firefox - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 113.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 113.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 113.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 113.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 113.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2020649 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215) Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Update Instructions: Run `sudo pro fix USN-6075-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.11.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.11.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.11.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.11.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.11.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-32205 CVE-2023-32206 CVE-2023-32207 CVE-2023-32211 CVE-2023-32212 CVE-2023-32213 CVE-2023-32215 Ubuntu 20.04 LTS Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21930) It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21937) It was discovered that OpenJDK incorrectly handled command arguments. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21938) It was discovered that OpenJDK incorrectly validated HTML documents. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-21939) Ramki Ramakrishna discovered that OpenJDK incorrectly handled garbage collection. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2023-21954) Jonathan Looney discovered that OpenJDK incorrectly handled certificate chains during TLS session negotiation. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-21967) Adam Reziouk discovered that OpenJDK incorrectly sanitized URIs. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2023-21968) Update Instructions: Run `sudo pro fix USN-6077-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jdk - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-source - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jdk-headless - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-demo - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jre-zero - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jre-headless - 11.0.19+7~us1-0ubuntu1~20.04.1 openjdk-11-jre - 11.0.19+7~us1-0ubuntu1~20.04.1 No subscription required openjdk-17-jdk-headless - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jre-headless - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jre - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jdk - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-jre-zero - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-source - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-demo - 17.0.7+7~us1-0ubuntu1~20.04 openjdk-17-doc - 17.0.7+7~us1-0ubuntu1~20.04 No subscription required openjdk-8-doc - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jre-headless - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jre - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-demo - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jre-zero - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jdk - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-source - 8u372-ga~us1-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u372-ga~us1-0ubuntu1~20.04 No subscription required Medium CVE-2023-21930 CVE-2023-21937 CVE-2023-21938 CVE-2023-21939 CVE-2023-21954 CVE-2023-21967 CVE-2023-21968 Ubuntu 20.04 LTS Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6078-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: webp - 0.6.1-2ubuntu0.20.04.2 libwebp6 - 0.6.1-2ubuntu0.20.04.2 libwebpmux3 - 0.6.1-2ubuntu0.20.04.2 libwebp-dev - 0.6.1-2ubuntu0.20.04.2 libwebpdemux2 - 0.6.1-2ubuntu0.20.04.2 No subscription required Medium CVE-2023-1999 Ubuntu 20.04 LTS It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6080-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-image-unsigned-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-cloud-tools-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-headers-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-buildinfo-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.40~20.04.1 linux-aws-5.15-tools-5.15.0-1036 - 5.15.0-1036.40~20.04.1 linux-modules-extra-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-tools-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 linux-aws-5.15-headers-5.15.0-1036 - 5.15.0-1036.40~20.04.1 linux-image-5.15.0-1036-aws - 5.15.0-1036.40~20.04.1 No subscription required linux-modules-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-azure-5.15-tools-5.15.0-1038 - 5.15.0-1038.45~20.04.1 linux-image-unsigned-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-cloud-tools-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-headers-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-azure-5.15-headers-5.15.0-1038 - 5.15.0-1038.45~20.04.1 linux-modules-extra-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-buildinfo-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-tools-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.45~20.04.1 linux-image-5.15.0-1038-azure - 5.15.0-1038.45~20.04.1 No subscription required linux-image-5.15.0-1038-azure-fde - 5.15.0-1038.45~20.04.1.1 linux-image-unsigned-5.15.0-1038-azure-fde - 5.15.0-1038.45~20.04.1.1 No subscription required linux-image-unsigned-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-modules-extra-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-image-unsigned-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-modules-iwlwifi-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-cloud-tools-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-modules-iwlwifi-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-hwe-5.15-headers-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-image-5.15.0-72-generic - 5.15.0-72.79~20.04.1 linux-headers-5.15.0-72-generic-lpae - 5.15.0-72.79~20.04.1 linux-image-unsigned-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-image-unsigned-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-cloud-tools-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-buildinfo-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-lowlatency-64k - 5.15.0-72.79~20.04.1 linux-hwe-5.15-tools-5.15.0-72 - 5.15.0-72.79~20.04.1 linux-tools-5.15.0-72-generic-64k - 5.15.0-72.79~20.04.1 linux-modules-5.15.0-72-lowlatency - 5.15.0-72.79~20.04.1 No subscription required linux-headers-aws - 5.15.0.1036.40~20.04.25 linux-image-aws - 5.15.0.1036.40~20.04.25 linux-modules-extra-aws-edge - 5.15.0.1036.40~20.04.25 linux-image-aws-edge - 5.15.0.1036.40~20.04.25 linux-aws-edge - 5.15.0.1036.40~20.04.25 linux-aws - 5.15.0.1036.40~20.04.25 linux-tools-aws - 5.15.0.1036.40~20.04.25 linux-headers-aws-edge - 5.15.0.1036.40~20.04.25 linux-modules-extra-aws - 5.15.0.1036.40~20.04.25 linux-tools-aws-edge - 5.15.0.1036.40~20.04.25 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-tools-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-headers-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-image-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-tools-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-modules-extra-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-image-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-cloud-tools-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-azure-fde-edge - 5.15.0.1038.45~20.04.1.17 linux-modules-extra-azure-fde - 5.15.0.1038.45~20.04.1.17 linux-headers-azure-fde - 5.15.0.1038.45~20.04.1.17 No subscription required linux-tools-azure-edge - 5.15.0.1038.45~20.04.28 linux-cloud-tools-azure - 5.15.0.1038.45~20.04.28 linux-tools-azure - 5.15.0.1038.45~20.04.28 linux-image-azure-edge - 5.15.0.1038.45~20.04.28 linux-image-azure-cvm - 5.15.0.1038.45~20.04.28 linux-modules-extra-azure-cvm - 5.15.0.1038.45~20.04.28 linux-tools-azure-cvm - 5.15.0.1038.45~20.04.28 linux-cloud-tools-azure-edge - 5.15.0.1038.45~20.04.28 linux-modules-extra-azure - 5.15.0.1038.45~20.04.28 linux-azure - 5.15.0.1038.45~20.04.28 linux-image-azure - 5.15.0.1038.45~20.04.28 linux-headers-azure-cvm - 5.15.0.1038.45~20.04.28 linux-cloud-tools-azure-cvm - 5.15.0.1038.45~20.04.28 linux-headers-azure-edge - 5.15.0.1038.45~20.04.28 linux-azure-edge - 5.15.0.1038.45~20.04.28 linux-azure-cvm - 5.15.0.1038.45~20.04.28 linux-modules-extra-azure-edge - 5.15.0.1038.45~20.04.28 linux-headers-azure - 5.15.0.1038.45~20.04.28 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-lowlatency-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.72.79~20.04.30 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.72.79~20.04.30 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.30 No subscription required linux-tools-oem-20.04d - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04b - 5.15.0.72.79~20.04.33 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-oem-20.04b - 5.15.0.72.79~20.04.33 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-extra-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04c - 5.15.0.72.79~20.04.33 linux-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-tools-oem-20.04 - 5.15.0.72.79~20.04.33 linux-oem-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-oem-20.04c - 5.15.0.72.79~20.04.33 linux-image-oem-20.04d - 5.15.0.72.79~20.04.33 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-oem-20.04 - 5.15.0.72.79~20.04.33 linux-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-oem-20.04c - 5.15.0.72.79~20.04.33 linux-oem-20.04b - 5.15.0.72.79~20.04.33 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-oem-20.04d - 5.15.0.72.79~20.04.33 linux-tools-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-lpae-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-oem-20.04 - 5.15.0.72.79~20.04.33 linux-tools-generic-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-image-generic-lpae-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-oem-20.04d - 5.15.0.72.79~20.04.33 linux-tools-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-tools-virtual-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-image-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-generic-64k-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04c - 5.15.0.72.79~20.04.33 linux-headers-virtual-hwe-20.04 - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04d - 5.15.0.72.79~20.04.33 linux-headers-oem-20.04b - 5.15.0.72.79~20.04.33 No subscription required Medium CVE-2022-27672 CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-20938 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that EventSource incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6082-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-eventsource - 0.2.1-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-1650 Ubuntu 20.04 LTS It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6083-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfontembed-dev - 1.27.4-1ubuntu0.2 libfontembed1 - 1.27.4-1ubuntu0.2 libcupsfilters-dev - 1.27.4-1ubuntu0.2 cups-filters - 1.27.4-1ubuntu0.2 cups-browsed - 1.27.4-1ubuntu0.2 cups-filters-core-drivers - 1.27.4-1ubuntu0.2 libcupsfilters1 - 1.27.4-1ubuntu0.2 No subscription required Medium CVE-2023-24805 Ubuntu 20.04 LTS It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6086-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-minimatch - 3.0.4-4ubuntu0.1 No subscription required Medium CVE-2022-3517 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possily use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. (CVE-2023-28756) Update Instructions: Run `sudo pro fix USN-6087-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.11 ruby2.7-doc - 2.7.0-5ubuntu1.11 ruby2.7-dev - 2.7.0-5ubuntu1.11 libruby2.7 - 2.7.0-5ubuntu1.11 No subscription required Medium CVE-2023-28755 CVE-2023-28756 Ubuntu 20.04 LTS It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. (CVE-2023-25809) It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. (CVE-2023-27561) It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux. (CVE-2023-28642) Update Instructions: Run `sudo pro fix USN-6088-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.1.4-0ubuntu1~20.04.3 runc - 1.1.4-0ubuntu1~20.04.3 No subscription required Medium CVE-2023-25809 CVE-2023-27561 CVE-2023-28642 Ubuntu 20.04 LTS It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6090-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-modules-extra-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-modules-iwlwifi-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-image-unsigned-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-buildinfo-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-modules-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-gke-5.15-headers-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-image-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-tools-5.15.0-1033-gke - 5.15.0-1033.38~20.04.1 linux-gke-5.15-tools-5.15.0-1033 - 5.15.0-1033.38~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1034 - 5.15.0-1034.42~20.04.1 linux-modules-iwlwifi-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-buildinfo-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-image-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-image-unsigned-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-modules-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-modules-extra-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-tools-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-headers-5.15.0-1034-gcp - 5.15.0-1034.42~20.04.1 linux-gcp-5.15-tools-5.15.0-1034 - 5.15.0-1034.42~20.04.1 No subscription required linux-image-unsigned-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-tools-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-modules-extra-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-image-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-oracle-5.15-headers-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-buildinfo-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-oracle-5.15-tools-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-modules-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 linux-headers-5.15.0-1035-oracle - 5.15.0-1035.41~20.04.1 No subscription required linux-tools-gke-edge - 5.15.0.1033.38~20.04.1 linux-image-gke-5.15 - 5.15.0.1033.38~20.04.1 linux-gke-edge - 5.15.0.1033.38~20.04.1 linux-headers-gke-5.15 - 5.15.0.1033.38~20.04.1 linux-tools-gke-5.15 - 5.15.0.1033.38~20.04.1 linux-headers-gke-edge - 5.15.0.1033.38~20.04.1 linux-image-gke-edge - 5.15.0.1033.38~20.04.1 linux-gke-5.15 - 5.15.0.1033.38~20.04.1 No subscription required linux-image-gcp - 5.15.0.1034.42~20.04.1 linux-tools-gcp-edge - 5.15.0.1034.42~20.04.1 linux-tools-gcp - 5.15.0.1034.42~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1034.42~20.04.1 linux-headers-gcp-edge - 5.15.0.1034.42~20.04.1 linux-gcp - 5.15.0.1034.42~20.04.1 linux-headers-gcp - 5.15.0.1034.42~20.04.1 linux-image-gcp-edge - 5.15.0.1034.42~20.04.1 linux-modules-extra-gcp - 5.15.0.1034.42~20.04.1 linux-gcp-edge - 5.15.0.1034.42~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1035.41~20.04.1 linux-headers-oracle-edge - 5.15.0.1035.41~20.04.1 linux-image-oracle - 5.15.0.1035.41~20.04.1 linux-tools-oracle - 5.15.0.1035.41~20.04.1 linux-tools-oracle-edge - 5.15.0.1035.41~20.04.1 linux-oracle-edge - 5.15.0.1035.41~20.04.1 linux-image-oracle-edge - 5.15.0.1035.41~20.04.1 linux-oracle - 5.15.0.1035.41~20.04.1 No subscription required Medium CVE-2022-27672 CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-20938 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update Instructions: Run `sudo pro fix USN-6093-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-buildinfo-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-modules-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-headers-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-bluefield-tools-5.4.0-1062 - 5.4.0-1062.68 linux-bluefield-headers-5.4.0-1062 - 5.4.0-1062.68 linux-image-5.4.0-1062-bluefield - 5.4.0-1062.68 linux-image-unsigned-5.4.0-1062-bluefield - 5.4.0-1062.68 No subscription required linux-bluefield - 5.4.0.1062.57 linux-image-bluefield - 5.4.0.1062.57 linux-tools-bluefield - 5.4.0.1062.57 linux-headers-bluefield - 5.4.0.1062.57 No subscription required High CVE-2022-3108 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-1073 CVE-2023-1074 CVE-2023-1281 CVE-2023-1829 CVE-2023-26545 Ubuntu 20.04 LTS Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6094-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-source-5.4.0 - 5.4.0-1049.54 linux-image-5.4.0-1049-ibm - 5.4.0-1049.54 linux-modules-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-tools-common - 5.4.0-1049.54 linux-headers-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-cloud-tools-common - 5.4.0-1049.54 linux-ibm-headers-5.4.0-1049 - 5.4.0-1049.54 linux-modules-extra-5.4.0-1049-ibm - 5.4.0-1049.54 linux-image-unsigned-5.4.0-1049-ibm - 5.4.0-1049.54 linux-ibm-tools-5.4.0-1049 - 5.4.0-1049.54 linux-tools-5.4.0-1049-ibm - 5.4.0-1049.54 No subscription required linux-gkeop-source-5.4.0 - 5.4.0-1069.73 linux-gkeop-headers-5.4.0-1069 - 5.4.0-1069.73 linux-cloud-tools-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-buildinfo-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-gkeop-cloud-tools-5.4.0-1069 - 5.4.0-1069.73 linux-gkeop-tools-5.4.0-1069 - 5.4.0-1069.73 linux-image-unsigned-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-headers-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-modules-extra-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-image-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-tools-5.4.0-1069-gkeop - 5.4.0-1069.73 linux-modules-5.4.0-1069-gkeop - 5.4.0-1069.73 No subscription required linux-headers-5.4.0-1091-kvm - 5.4.0-1091.97 linux-kvm-headers-5.4.0-1091 - 5.4.0-1091.97 linux-modules-5.4.0-1091-kvm - 5.4.0-1091.97 linux-buildinfo-5.4.0-1091-kvm - 5.4.0-1091.97 linux-tools-5.4.0-1091-kvm - 5.4.0-1091.97 linux-image-5.4.0-1091-kvm - 5.4.0-1091.97 linux-kvm-tools-5.4.0-1091 - 5.4.0-1091.97 linux-image-unsigned-5.4.0-1091-kvm - 5.4.0-1091.97 No subscription required linux-gke-tools-5.4.0-1099 - 5.4.0-1099.106 linux-modules-extra-5.4.0-1099-gke - 5.4.0-1099.106 linux-image-5.4.0-1099-gke - 5.4.0-1099.106 linux-modules-5.4.0-1099-gke - 5.4.0-1099.106 linux-headers-5.4.0-1099-gke - 5.4.0-1099.106 linux-image-unsigned-5.4.0-1099-gke - 5.4.0-1099.106 linux-gke-headers-5.4.0-1099 - 5.4.0-1099.106 linux-buildinfo-5.4.0-1099-gke - 5.4.0-1099.106 linux-tools-5.4.0-1099-gke - 5.4.0-1099.106 No subscription required linux-aws-tools-5.4.0-1102 - 5.4.0-1102.110 linux-image-unsigned-5.4.0-1102-aws - 5.4.0-1102.110 linux-aws-headers-5.4.0-1102 - 5.4.0-1102.110 linux-cloud-tools-5.4.0-1102-aws - 5.4.0-1102.110 linux-headers-5.4.0-1102-aws - 5.4.0-1102.110 linux-image-5.4.0-1102-aws - 5.4.0-1102.110 linux-modules-5.4.0-1102-aws - 5.4.0-1102.110 linux-aws-cloud-tools-5.4.0-1102 - 5.4.0-1102.110 linux-tools-5.4.0-1102-aws - 5.4.0-1102.110 linux-buildinfo-5.4.0-1102-aws - 5.4.0-1102.110 linux-modules-extra-5.4.0-1102-aws - 5.4.0-1102.110 No subscription required linux-tools-5.4.0-1105-gcp - 5.4.0-1105.114 linux-gcp-headers-5.4.0-1105 - 5.4.0-1105.114 linux-image-unsigned-5.4.0-1105-gcp - 5.4.0-1105.114 linux-image-5.4.0-1105-gcp - 5.4.0-1105.114 linux-headers-5.4.0-1105-gcp - 5.4.0-1105.114 linux-modules-extra-5.4.0-1105-gcp - 5.4.0-1105.114 linux-gcp-tools-5.4.0-1105 - 5.4.0-1105.114 linux-buildinfo-5.4.0-1105-gcp - 5.4.0-1105.114 linux-modules-5.4.0-1105-gcp - 5.4.0-1105.114 No subscription required linux-image-unsigned-5.4.0-1108-azure - 5.4.0-1108.114 linux-cloud-tools-5.4.0-1108-azure - 5.4.0-1108.114 linux-image-5.4.0-1108-azure - 5.4.0-1108.114 linux-azure-tools-5.4.0-1108 - 5.4.0-1108.114 linux-tools-5.4.0-1108-azure - 5.4.0-1108.114 linux-modules-extra-5.4.0-1108-azure - 5.4.0-1108.114 linux-modules-5.4.0-1108-azure - 5.4.0-1108.114 linux-azure-headers-5.4.0-1108 - 5.4.0-1108.114 linux-buildinfo-5.4.0-1108-azure - 5.4.0-1108.114 linux-headers-5.4.0-1108-azure - 5.4.0-1108.114 linux-azure-cloud-tools-5.4.0-1108 - 5.4.0-1108.114 No subscription required linux-tools-common - 5.4.0-149.166 linux-tools-host - 5.4.0-149.166 linux-cloud-tools-5.4.0-149-generic - 5.4.0-149.166 linux-doc - 5.4.0-149.166 linux-buildinfo-5.4.0-149-generic - 5.4.0-149.166 linux-modules-5.4.0-149-lowlatency - 5.4.0-149.166 linux-libc-dev - 5.4.0-149.166 linux-source-5.4.0 - 5.4.0-149.166 linux-headers-5.4.0-149 - 5.4.0-149.166 linux-image-unsigned-5.4.0-149-generic - 5.4.0-149.166 linux-image-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-image-unsigned-5.4.0-149-lowlatency - 5.4.0-149.166 linux-tools-5.4.0-149-generic - 5.4.0-149.166 linux-image-5.4.0-149-generic - 5.4.0-149.166 linux-modules-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-cloud-tools-5.4.0-149 - 5.4.0-149.166 linux-tools-5.4.0-149-lowlatency - 5.4.0-149.166 linux-buildinfo-5.4.0-149-lowlatency - 5.4.0-149.166 linux-cloud-tools-5.4.0-149-lowlatency - 5.4.0-149.166 linux-headers-5.4.0-149-generic - 5.4.0-149.166 linux-modules-5.4.0-149-generic - 5.4.0-149.166 linux-tools-5.4.0-149 - 5.4.0-149.166 linux-modules-extra-5.4.0-149-generic - 5.4.0-149.166 linux-cloud-tools-common - 5.4.0-149.166 linux-headers-5.4.0-149-lowlatency - 5.4.0-149.166 linux-tools-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-image-5.4.0-149-lowlatency - 5.4.0-149.166 linux-headers-5.4.0-149-generic-lpae - 5.4.0-149.166 linux-buildinfo-5.4.0-149-generic-lpae - 5.4.0-149.166 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1049.75 linux-image-ibm - 5.4.0.1049.75 linux-headers-ibm-lts-20.04 - 5.4.0.1049.75 linux-tools-ibm - 5.4.0.1049.75 linux-image-ibm-lts-20.04 - 5.4.0.1049.75 linux-ibm-lts-20.04 - 5.4.0.1049.75 linux-modules-extra-ibm - 5.4.0.1049.75 linux-ibm - 5.4.0.1049.75 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1049.75 linux-headers-ibm - 5.4.0.1049.75 No subscription required linux-image-gkeop-5.4 - 5.4.0.1069.67 linux-headers-gkeop - 5.4.0.1069.67 linux-cloud-tools-gkeop-5.4 - 5.4.0.1069.67 linux-modules-extra-gkeop-5.4 - 5.4.0.1069.67 linux-gkeop-5.4 - 5.4.0.1069.67 linux-tools-gkeop - 5.4.0.1069.67 linux-image-gkeop - 5.4.0.1069.67 linux-gkeop - 5.4.0.1069.67 linux-cloud-tools-gkeop - 5.4.0.1069.67 linux-headers-gkeop-5.4 - 5.4.0.1069.67 linux-modules-extra-gkeop - 5.4.0.1069.67 linux-tools-gkeop-5.4 - 5.4.0.1069.67 No subscription required linux-kvm - 5.4.0.1091.85 linux-headers-kvm - 5.4.0.1091.85 linux-image-kvm - 5.4.0.1091.85 linux-tools-kvm - 5.4.0.1091.85 No subscription required linux-modules-extra-gke - 5.4.0.1099.104 linux-headers-gke-5.4 - 5.4.0.1099.104 linux-tools-gke-5.4 - 5.4.0.1099.104 linux-modules-extra-gke-5.4 - 5.4.0.1099.104 linux-gke-5.4 - 5.4.0.1099.104 linux-tools-gke - 5.4.0.1099.104 linux-gke - 5.4.0.1099.104 linux-headers-gke - 5.4.0.1099.104 linux-image-gke-5.4 - 5.4.0.1099.104 linux-image-gke - 5.4.0.1099.104 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1102.99 linux-image-aws-lts-20.04 - 5.4.0.1102.99 linux-headers-aws-lts-20.04 - 5.4.0.1102.99 linux-tools-aws-lts-20.04 - 5.4.0.1102.99 linux-aws-lts-20.04 - 5.4.0.1102.99 No subscription required linux-gcp-lts-20.04 - 5.4.0.1105.107 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1105.107 linux-headers-gcp-lts-20.04 - 5.4.0.1105.107 linux-image-gcp-lts-20.04 - 5.4.0.1105.107 linux-tools-gcp-lts-20.04 - 5.4.0.1105.107 No subscription required linux-azure-lts-20.04 - 5.4.0.1108.101 linux-image-azure-lts-20.04 - 5.4.0.1108.101 linux-modules-extra-azure-lts-20.04 - 5.4.0.1108.101 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1108.101 linux-tools-azure-lts-20.04 - 5.4.0.1108.101 linux-headers-azure-lts-20.04 - 5.4.0.1108.101 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-image-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-cloud-tools-virtual - 5.4.0.149.147 linux-headers-virtual-hwe-18.04 - 5.4.0.149.147 linux-image-generic-hwe-18.04 - 5.4.0.149.147 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-headers-generic-lpae - 5.4.0.149.147 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-image-virtual - 5.4.0.149.147 linux-oem-osp1-tools-host - 5.4.0.149.147 linux-cloud-tools-lowlatency - 5.4.0.149.147 linux-image-generic - 5.4.0.149.147 linux-tools-lowlatency - 5.4.0.149.147 linux-tools-virtual-hwe-18.04 - 5.4.0.149.147 linux-oem-osp1 - 5.4.0.149.147 linux-headers-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-oem - 5.4.0.149.147 linux-image-oem-osp1 - 5.4.0.149.147 linux-crashdump - 5.4.0.149.147 linux-tools-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-hwe-18.04 - 5.4.0.149.147 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-headers-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-lowlatency - 5.4.0.149.147 linux-source - 5.4.0.149.147 linux-tools-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic-lpae - 5.4.0.149.147 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-cloud-tools-generic - 5.4.0.149.147 linux-virtual - 5.4.0.149.147 linux-virtual-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-headers-virtual - 5.4.0.149.147 linux-tools-virtual - 5.4.0.149.147 linux-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-generic-lpae - 5.4.0.149.147 linux-headers-oem - 5.4.0.149.147 linux-image-extra-virtual-hwe-18.04 - 5.4.0.149.147 linux-generic - 5.4.0.149.147 linux-tools-oem-osp1 - 5.4.0.149.147 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic-hwe-18.04-edge - 5.4.0.149.147 linux-image-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-image-virtual-hwe-18.04 - 5.4.0.149.147 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.149.147 linux-headers-lowlatency - 5.4.0.149.147 linux-image-generic-hwe-18.04-edge - 5.4.0.149.147 linux-generic-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic-hwe-18.04 - 5.4.0.149.147 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.149.147 linux-image-generic-lpae - 5.4.0.149.147 linux-image-extra-virtual - 5.4.0.149.147 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-tools-generic - 5.4.0.149.147 linux-tools-oem - 5.4.0.149.147 linux-headers-oem-osp1 - 5.4.0.149.147 linux-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-hwe-18.04-edge - 5.4.0.149.147 linux-headers-generic - 5.4.0.149.147 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.149.147 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.149.147 linux-image-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-virtual-hwe-18.04-edge - 5.4.0.149.147 linux-image-oem - 5.4.0.149.147 linux-lowlatency-hwe-18.04 - 5.4.0.149.147 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.149.147 linux-generic-hwe-18.04 - 5.4.0.149.147 linux-image-lowlatency - 5.4.0.149.147 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.149.147 linux-oem-tools-host - 5.4.0.149.147 No subscription required Medium CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that Linux PTP did not properly perform a length check when forwarding a PTP message between ports. A remote attacker could possibly use this issue to access sensitive information, execute arbitrary code, or cause a denial of service. Update Instructions: Run `sudo pro fix USN-6097-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linuxptp - 1.9.2-1ubuntu0.1 No subscription required Medium CVE-2021-3570 Ubuntu 20.04 LTS It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2019-19035) It was discovered that Jhead did not properly handle certain crafted images while processing longitude tags. An attacker could cause Jhead to crash. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010301) It was discovered that Jhead did not properly handle certain crafted images while processing IPTC data. An attacker could cause Jhead to crash. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010302) Binbin Li discovered that Jhead did not properly handle certain crafted images while processing the DQT data. An attacker could cause Jhead to crash. (CVE-2020-6624) Binbin Li discovered that Jhead did not properly handle certain crafted images while processing longitude data. An attacker could cause Jhead to crash. (CVE-2020-6625) Feng Zhao Yang discovered that Jhead did not properly handle certain crafted images while reading JPEG sections. An attacker could cause Jhead to crash. (CVE-2020-26208) It was discovered that Jhead did not properly handle certain crafted images while processing Canon images. An attacker could cause Jhead to crash. (CVE-2021-28276) It was discovered that Jhead did not properly handle certain crafted images when removing a certain type of sections. An attacker could cause Jhead to crash. (CVE-2021-28278) Update Instructions: Run `sudo pro fix USN-6098-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jhead - 1:3.04-1ubuntu0.1 No subscription required Medium CVE-2019-1010301 CVE-2019-1010302 CVE-2019-19035 CVE-2020-26208 CVE-2020-6624 CVE-2020-6625 CVE-2021-28276 CVE-2021-28278 Ubuntu 20.04 LTS It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17594) It was discovered that ncurses was incorrectly handling end-of-string characters when processing terminfo and termcap files. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-17595) It was discovered that ncurses was incorrectly handling end-of-string characters when converting between termcap and terminfo formats. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39537) It was discovered that ncurses was incorrectly performing bounds checks when dealing with corrupt terminfo data while reading a terminfo file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-29458) It was discovered that ncurses was parsing environment variables when running with setuid applications and not properly handling the processing of malformed data when doing so. A local attacker could possibly use this issue to cause a denial of service (application crash) or execute arbitrary code. (CVE-2023-29491) Update Instructions: Run `sudo pro fix USN-6099-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ncurses-examples - 6.2-0ubuntu2.1 lib32ncurses-dev - 6.2-0ubuntu2.1 lib32ncursesw6 - 6.2-0ubuntu2.1 libtinfo-dev - 6.2-0ubuntu2.1 libncursesw5 - 6.2-0ubuntu2.1 libtinfo5 - 6.2-0ubuntu2.1 libtinfo6 - 6.2-0ubuntu2.1 lib32tinfo6 - 6.2-0ubuntu2.1 lib32ncurses6 - 6.2-0ubuntu2.1 ncurses-bin - 6.2-0ubuntu2.1 lib64tinfo6 - 6.2-0ubuntu2.1 libncurses5-dev - 6.2-0ubuntu2.1 lib64ncurses6 - 6.2-0ubuntu2.1 libncurses-dev - 6.2-0ubuntu2.1 libncurses6 - 6.2-0ubuntu2.1 libncurses5 - 6.2-0ubuntu2.1 ncurses-base - 6.2-0ubuntu2.1 ncurses-doc - 6.2-0ubuntu2.1 lib64ncurses-dev - 6.2-0ubuntu2.1 ncurses-term - 6.2-0ubuntu2.1 libncursesw6 - 6.2-0ubuntu2.1 libncursesw5-dev - 6.2-0ubuntu2.1 lib64ncursesw6 - 6.2-0ubuntu2.1 No subscription required Medium CVE-2019-17594 CVE-2019-17595 CVE-2021-39537 CVE-2022-29458 CVE-2023-29491 Ubuntu 20.04 LTS It was discovered that HTML::StripScripts does not properly parse HTML content with certain style attributes. A remote attacker could use this issue to cause a regular expression denial of service (ReDoS). Update Instructions: Run `sudo pro fix USN-6100-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhtml-stripscripts-perl - 1.06-1ubuntu0.20.04.1 No subscription required Medium CVE-2023-24038 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. (CVE-2023-1579) It was discovered that GNU binutils did not properly verify the version definitions in zer0-lengthverdef table. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-1972) It was discovered that GNU binutils did not properly validate the size of length parameter in vms-alpha. An attacker could possibly use this issue to cause a crash or access sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-25584) It was discovered that GNU binutils did not properly initialized the file_table field of struct module and the_bfd field of asymbol. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-25585, CVE-2023-25588) Update Instructions: Run `sudo pro fix USN-6101-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.5 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.5 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.5 binutils-ia64-linux-gnu - 2.34-6ubuntu1.5 binutils-multiarch - 2.34-6ubuntu1.5 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.5 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.5 binutils-m68k-linux-gnu - 2.34-6ubuntu1.5 binutils-for-build - 2.34-6ubuntu1.5 binutils-s390x-linux-gnu - 2.34-6ubuntu1.5 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.5 binutils-multiarch-dev - 2.34-6ubuntu1.5 binutils-i686-gnu - 2.34-6ubuntu1.5 libctf-nobfd0 - 2.34-6ubuntu1.5 binutils-for-host - 2.34-6ubuntu1.5 binutils-doc - 2.34-6ubuntu1.5 binutils-sh4-linux-gnu - 2.34-6ubuntu1.5 libctf0 - 2.34-6ubuntu1.5 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.5 binutils-source - 2.34-6ubuntu1.5 binutils-i686-linux-gnu - 2.34-6ubuntu1.5 binutils-common - 2.34-6ubuntu1.5 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.5 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.5 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.5 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.5 binutils-hppa-linux-gnu - 2.34-6ubuntu1.5 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.5 libbinutils - 2.34-6ubuntu1.5 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.5 binutils-alpha-linux-gnu - 2.34-6ubuntu1.5 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.5 binutils - 2.34-6ubuntu1.5 No subscription required Medium CVE-2023-1579 CVE-2023-1972 CVE-2023-25584 CVE-2023-25585 CVE-2023-25588 Ubuntu 20.04 LTS It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause unexpected syntactic changes during XML processing. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-21366) It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-37616, CVE-2022-39353) Update Instructions: Run `sudo pro fix USN-6102-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-xmldom - 0.1.27+ds-1+deb10u2build0.20.04.1 No subscription required Medium CVE-2021-21366 CVE-2022-37616 CVE-2022-39353 Ubuntu 20.04 LTS It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6103-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-json-schema - 0.2.3-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2021-3918 Ubuntu 20.04 LTS Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. (CVE-2023-2454) Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security policies. An authenticated user could possibly use this issue to complete otherwise forbidden reads and modifications. (CVE-2023-2455) Update Instructions: Run `sudo pro fix USN-6104-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postgresql-server-dev-12 - 12.15-0ubuntu0.20.04.1 libpq-dev - 12.15-0ubuntu0.20.04.1 libecpg6 - 12.15-0ubuntu0.20.04.1 libpq5 - 12.15-0ubuntu0.20.04.1 libpgtypes3 - 12.15-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.15-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.15-0ubuntu0.20.04.1 libecpg-dev - 12.15-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.15-0ubuntu0.20.04.1 postgresql-doc-12 - 12.15-0ubuntu0.20.04.1 postgresql-12 - 12.15-0ubuntu0.20.04.1 postgresql-client-12 - 12.15-0ubuntu0.20.04.1 libecpg-compat3 - 12.15-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-2454 CVE-2023-2455 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-6105-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20230311ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2020089 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) Update Instructions: Run `sudo pro fix USN-6107-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-buildinfo-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-gcp-5.15-headers-5.15.0-1033 - 5.15.0-1033.41~20.04.1 linux-modules-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-tools-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-modules-iwlwifi-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-headers-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-gcp-5.15-tools-5.15.0-1033 - 5.15.0-1033.41~20.04.1 linux-image-unsigned-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 linux-image-5.15.0-1033-gcp - 5.15.0-1033.41~20.04.1 No subscription required linux-tools-gcp - 5.15.0.1033.41~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1033.41~20.04.1 linux-image-gcp - 5.15.0.1033.41~20.04.1 linux-modules-extra-gcp - 5.15.0.1033.41~20.04.1 linux-tools-gcp-edge - 5.15.0.1033.41~20.04.1 linux-gcp-edge - 5.15.0.1033.41~20.04.1 linux-headers-gcp-edge - 5.15.0.1033.41~20.04.1 linux-gcp - 5.15.0.1033.41~20.04.1 linux-headers-gcp - 5.15.0.1033.41~20.04.1 linux-image-gcp-edge - 5.15.0.1033.41~20.04.1 No subscription required High CVE-2023-1829 CVE-2023-1872 Ubuntu 20.04 LTS It was discovered that Jhead did not properly handle certain crafted images while rotating them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. (CVE-2021-34055) Kyle Brown discovered that Jhead did not properly handle certain crafted images while regenerating the Exif thumbnail. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2022-41751) Update Instructions: Run `sudo pro fix USN-6108-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jhead - 1:3.04-1ubuntu0.2 No subscription required Medium CVE-2021-34055 CVE-2022-41751 Ubuntu 20.04 LTS Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6109-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1085 - 5.4.0-1085.96 linux-raspi-headers-5.4.0-1085 - 5.4.0-1085.96 linux-modules-5.4.0-1085-raspi - 5.4.0-1085.96 linux-headers-5.4.0-1085-raspi - 5.4.0-1085.96 linux-buildinfo-5.4.0-1085-raspi - 5.4.0-1085.96 linux-image-5.4.0-1085-raspi - 5.4.0-1085.96 linux-tools-5.4.0-1085-raspi - 5.4.0-1085.96 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-raspi-hwe-18.04 - 5.4.0.1085.115 linux-tools-raspi - 5.4.0.1085.115 linux-image-raspi - 5.4.0.1085.115 linux-tools-raspi2-hwe-18.04 - 5.4.0.1085.115 linux-raspi2-hwe-18.04 - 5.4.0.1085.115 linux-raspi2 - 5.4.0.1085.115 linux-headers-raspi2 - 5.4.0.1085.115 linux-headers-raspi2-hwe-18.04 - 5.4.0.1085.115 linux-image-raspi2 - 5.4.0.1085.115 linux-image-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-tools-raspi-hwe-18.04 - 5.4.0.1085.115 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1085.115 linux-tools-raspi2 - 5.4.0.1085.115 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1085.115 linux-raspi - 5.4.0.1085.115 linux-headers-raspi - 5.4.0.1085.115 linux-headers-raspi-hwe-18.04 - 5.4.0.1085.115 linux-image-raspi-hwe-18.04 - 5.4.0.1085.115 linux-image-raspi2-hwe-18.04 - 5.4.0.1085.115 No subscription required Medium CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that Jhead did not properly handle certain crafted Canon images when processing them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-3496) It was discovered that Jhead did not properly handle certain crafted images when printing Canon-specific information. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 20.04. (CVE-2021-28275) It was discovered that Jhead did not properly handle certain crafted images when removing unknown sections. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-28277) Kyle Brown discovered that Jhead did not properly handle certain crafted images when editing their comments. An attacker could possibly use this to crash Jhead, resulting in a denial of service. (LP: #2020068) Update Instructions: Run `sudo pro fix USN-6110-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jhead - 1:3.04-1ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-28275 CVE-2021-28277 CVE-2021-3496 https://launchpad.net/bugs/2020068 Ubuntu 20.04 LTS It was discovered that Flask incorrectly handled certain data responses. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6111-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-flask-doc - 1.1.1-2ubuntu0.1 python3-flask - 1.1.1-2ubuntu0.1 No subscription required Medium CVE-2023-30861 Ubuntu 20.04 LTS USN-6112-1 fixed vulnerabilities in Perl. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Original advisory details: It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with HTTP::Tiny to download modules over HTTPS. If a remote attacker were able to intercept communications, this flaw could potentially be used to install altered modules. Update Instructions: Run `sudo pro fix USN-6112-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.4 libperl-dev - 5.30.0-9ubuntu0.4 perl-doc - 5.30.0-9ubuntu0.4 perl - 5.30.0-9ubuntu0.4 perl-base - 5.30.0-9ubuntu0.4 libperl5.30 - 5.30.0-9ubuntu0.4 perl-debug - 5.30.0-9ubuntu0.4 No subscription required Medium CVE-2023-31484 Ubuntu 20.04 LTS Yeting Li discovered that nth-check incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6114-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-nth-check - 1.0.1-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2021-3803 Ubuntu 20.04 LTS Max Chernoff discovered that LuaTeX (TeX Live) did not properly disable shell escape. An attacker could possibly use this issue to execute arbitrary shell commands. Update Instructions: Run `sudo pro fix USN-6115-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libptexenc-dev - 2019.20190605.51237-3ubuntu0.1 libkpathsea-dev - 2019.20190605.51237-3ubuntu0.1 libsynctex2 - 2019.20190605.51237-3ubuntu0.1 libtexlua53-dev - 2019.20190605.51237-3ubuntu0.1 libtexluajit2 - 2019.20190605.51237-3ubuntu0.1 libtexluajit-dev - 2019.20190605.51237-3ubuntu0.1 texlive-binaries - 2019.20190605.51237-3ubuntu0.1 libkpathsea6 - 2019.20190605.51237-3ubuntu0.1 libtexlua53 - 2019.20190605.51237-3ubuntu0.1 libsynctex-dev - 2019.20190605.51237-3ubuntu0.1 libptexenc1 - 2019.20190605.51237-3ubuntu0.1 No subscription required Medium CVE-2023-32700 Ubuntu 20.04 LTS It was discovered that hawk incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6116-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-hawk - 7.1.2+dfsg-1ubuntu0.1 No subscription required Medium CVE-2022-29167 Ubuntu 20.04 LTS It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. (CVE-2019-17566, CVE-2020-11987, CVE-2022-38398, CVE-2022-38648) It was discovered that Apache Batik incorrectly handled Jar URLs in some situations. A remote attacker could use this issue to access files on the server. (CVE-2022-40146) It was discovered that Apache Batik allowed running untrusted Java code from an SVG. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-41704, CVE-2022-42890) Update Instructions: Run `sudo pro fix USN-6117-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbatik-java - 1.12-1ubuntu0.1 No subscription required Medium CVE-2019-17566 CVE-2020-11987 CVE-2022-38398 CVE-2022-38648 CVE-2022-40146 CVE-2022-41704 CVE-2022-42890 Ubuntu 20.04 LTS Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6118-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1101-oracle - 5.4.0-1101.110 linux-image-unsigned-5.4.0-1101-oracle - 5.4.0-1101.110 linux-oracle-tools-5.4.0-1101 - 5.4.0-1101.110 linux-tools-5.4.0-1101-oracle - 5.4.0-1101.110 linux-oracle-headers-5.4.0-1101 - 5.4.0-1101.110 linux-modules-5.4.0-1101-oracle - 5.4.0-1101.110 linux-buildinfo-5.4.0-1101-oracle - 5.4.0-1101.110 linux-modules-extra-5.4.0-1101-oracle - 5.4.0-1101.110 linux-headers-5.4.0-1101-oracle - 5.4.0-1101.110 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1101.94 linux-image-oracle-lts-20.04 - 5.4.0.1101.94 linux-headers-oracle-lts-20.04 - 5.4.0.1101.94 linux-oracle-lts-20.04 - 5.4.0.1101.94 No subscription required Medium CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1513 CVE-2023-2162 CVE-2023-32269 Ubuntu 20.04 LTS Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2023-2650) Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1255) Update Instructions: Run `sudo pro fix USN-6119-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.19 libssl-dev - 1.1.1f-1ubuntu2.19 openssl - 1.1.1f-1ubuntu2.19 libssl-doc - 1.1.1f-1ubuntu2.19 No subscription required Medium CVE-2023-1255 CVE-2023-2650 Ubuntu 20.04 LTS It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this cause a denial of service or expose sensitive information. (CVE-2020-26243) It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-21401) Update Instructions: Run `sudo pro fix USN-6121-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnanopb-dev - 0.4.1-1ubuntu0.1~esm1 nanopb - 0.4.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-26243 CVE-2021-21401 Ubuntu 20.04 LTS It was discovered that the snap sandbox did not restrict the use of the ioctl system call with a TIOCLINUX request. This could be exploited by a malicious snap to inject commands into the controlling terminal which would then be executed outside of the snap sandbox once the snap had exited. This could allow an attacker to execute arbitrary commands outside of the confined snap sandbox. Note: graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. Update Instructions: Run `sudo pro fix USN-6125-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-core-snapd-units - 2.58+20.04.1 ubuntu-core-launcher - 2.58+20.04.1 snap-confine - 2.58+20.04.1 ubuntu-snappy-cli - 2.58+20.04.1 golang-github-snapcore-snapd-dev - 2.58+20.04.1 snapd-xdg-open - 2.58+20.04.1 snapd - 2.58+20.04.1 golang-github-ubuntu-core-snappy-dev - 2.58+20.04.1 ubuntu-snappy - 2.58+20.04.1 No subscription required Medium CVE-2023-1523 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6127-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-image-unsigned-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-gke-5.15-headers-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-tools-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-modules-iwlwifi-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-gke-5.15-tools-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-buildinfo-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-headers-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-modules-extra-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 linux-modules-5.15.0-1034-gke - 5.15.0-1034.39~20.04.1 No subscription required linux-headers-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-image-unsigned-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-modules-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-tools-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-modules-extra-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-modules-iwlwifi-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-buildinfo-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 linux-gcp-5.15-tools-5.15.0-1035 - 5.15.0-1035.43~20.04.1 linux-gcp-5.15-headers-5.15.0-1035 - 5.15.0-1035.43~20.04.1 linux-image-5.15.0-1035-gcp - 5.15.0-1035.43~20.04.1 No subscription required linux-modules-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-buildinfo-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-oracle-5.15-headers-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-oracle-5.15-tools-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-tools-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-modules-extra-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-image-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-image-unsigned-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 linux-headers-5.15.0-1036-oracle - 5.15.0-1036.42~20.04.1 No subscription required linux-tools-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-modules-extra-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-aws-5.15-headers-5.15.0-1037 - 5.15.0-1037.41~20.04.1 linux-image-unsigned-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.41~20.04.1 linux-modules-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-image-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-buildinfo-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-aws-5.15-tools-5.15.0-1037 - 5.15.0-1037.41~20.04.1 linux-headers-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 linux-cloud-tools-5.15.0-1037-aws - 5.15.0-1037.41~20.04.1 No subscription required linux-azure-5.15-tools-5.15.0-1039 - 5.15.0-1039.46~20.04.1 linux-headers-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-modules-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-image-unsigned-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-modules-extra-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-azure-5.15-headers-5.15.0-1039 - 5.15.0-1039.46~20.04.1 linux-cloud-tools-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1039 - 5.15.0-1039.46~20.04.1 linux-image-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-tools-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 linux-buildinfo-5.15.0-1039-azure - 5.15.0-1039.46~20.04.1 No subscription required linux-buildinfo-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-cloud-tools-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-73.80~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-cloud-tools-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-image-unsigned-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-modules-extra-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-73.80~20.04.1 linux-image-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-modules-iwlwifi-5.15.0-73-generic - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-lowlatency-64k - 5.15.0-73.80~20.04.1 linux-buildinfo-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 linux-tools-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-hwe-5.15-headers-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-73.80~20.04.1 linux-modules-iwlwifi-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-modules-5.15.0-73-generic-lpae - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-lowlatency - 5.15.0-73.80~20.04.1 linux-hwe-5.15-tools-5.15.0-73 - 5.15.0-73.80~20.04.1 linux-headers-5.15.0-73-generic-64k - 5.15.0-73.80~20.04.1 No subscription required linux-tools-gke-5.15 - 5.15.0.1034.39~20.04.1 linux-headers-gke-edge - 5.15.0.1034.39~20.04.1 linux-gke-5.15 - 5.15.0.1034.39~20.04.1 linux-image-gke-5.15 - 5.15.0.1034.39~20.04.1 linux-tools-gke-edge - 5.15.0.1034.39~20.04.1 linux-image-gke-edge - 5.15.0.1034.39~20.04.1 linux-gke-edge - 5.15.0.1034.39~20.04.1 linux-headers-gke-5.15 - 5.15.0.1034.39~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1035.43~20.04.1 linux-headers-gcp-edge - 5.15.0.1035.43~20.04.1 linux-tools-gcp - 5.15.0.1035.43~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1035.43~20.04.1 linux-tools-gcp-edge - 5.15.0.1035.43~20.04.1 linux-headers-gcp - 5.15.0.1035.43~20.04.1 linux-gcp - 5.15.0.1035.43~20.04.1 linux-image-gcp - 5.15.0.1035.43~20.04.1 linux-modules-extra-gcp - 5.15.0.1035.43~20.04.1 linux-gcp-edge - 5.15.0.1035.43~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1036.42~20.04.1 linux-tools-oracle - 5.15.0.1036.42~20.04.1 linux-tools-oracle-edge - 5.15.0.1036.42~20.04.1 linux-oracle-edge - 5.15.0.1036.42~20.04.1 linux-oracle - 5.15.0.1036.42~20.04.1 linux-image-oracle-edge - 5.15.0.1036.42~20.04.1 linux-headers-oracle-edge - 5.15.0.1036.42~20.04.1 linux-image-oracle - 5.15.0.1036.42~20.04.1 No subscription required linux-headers-aws - 5.15.0.1037.41~20.04.26 linux-image-aws - 5.15.0.1037.41~20.04.26 linux-modules-extra-aws-edge - 5.15.0.1037.41~20.04.26 linux-image-aws-edge - 5.15.0.1037.41~20.04.26 linux-aws-edge - 5.15.0.1037.41~20.04.26 linux-aws - 5.15.0.1037.41~20.04.26 linux-headers-aws-edge - 5.15.0.1037.41~20.04.26 linux-tools-aws - 5.15.0.1037.41~20.04.26 linux-modules-extra-aws - 5.15.0.1037.41~20.04.26 linux-tools-aws-edge - 5.15.0.1037.41~20.04.26 No subscription required linux-tools-azure-edge - 5.15.0.1039.46~20.04.29 linux-cloud-tools-azure - 5.15.0.1039.46~20.04.29 linux-tools-azure - 5.15.0.1039.46~20.04.29 linux-image-azure-edge - 5.15.0.1039.46~20.04.29 linux-image-azure-cvm - 5.15.0.1039.46~20.04.29 linux-modules-extra-azure-cvm - 5.15.0.1039.46~20.04.29 linux-tools-azure-cvm - 5.15.0.1039.46~20.04.29 linux-cloud-tools-azure-edge - 5.15.0.1039.46~20.04.29 linux-modules-extra-azure - 5.15.0.1039.46~20.04.29 linux-azure - 5.15.0.1039.46~20.04.29 linux-image-azure - 5.15.0.1039.46~20.04.29 linux-headers-azure-cvm - 5.15.0.1039.46~20.04.29 linux-cloud-tools-azure-cvm - 5.15.0.1039.46~20.04.29 linux-headers-azure-edge - 5.15.0.1039.46~20.04.29 linux-azure-edge - 5.15.0.1039.46~20.04.29 linux-azure-cvm - 5.15.0.1039.46~20.04.29 linux-modules-extra-azure-edge - 5.15.0.1039.46~20.04.29 linux-headers-azure - 5.15.0.1039.46~20.04.29 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-image-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-lowlatency-hwe-20.04 - 5.15.0.73.80~20.04.31 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.31 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.73.80~20.04.31 No subscription required linux-tools-oem-20.04d - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04b - 5.15.0.73.80~20.04.34 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-oem-20.04d - 5.15.0.73.80~20.04.34 linux-headers-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04 - 5.15.0.73.80~20.04.34 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-extra-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04 - 5.15.0.73.80~20.04.34 linux-tools-oem-20.04c - 5.15.0.73.80~20.04.34 linux-image-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-headers-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-tools-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-oem-20.04c - 5.15.0.73.80~20.04.34 linux-image-oem-20.04b - 5.15.0.73.80~20.04.34 linux-image-oem-20.04d - 5.15.0.73.80~20.04.34 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-oem-20.04 - 5.15.0.73.80~20.04.34 linux-image-oem-20.04 - 5.15.0.73.80~20.04.34 linux-oem-20.04c - 5.15.0.73.80~20.04.34 linux-oem-20.04b - 5.15.0.73.80~20.04.34 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-oem-20.04d - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04b - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-oem-20.04 - 5.15.0.73.80~20.04.34 linux-tools-generic-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-generic-lpae-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-tools-virtual-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-image-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-image-generic-64k-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04c - 5.15.0.73.80~20.04.34 linux-headers-virtual-hwe-20.04 - 5.15.0.73.80~20.04.34 linux-headers-oem-20.04d - 5.15.0.73.80~20.04.34 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6128-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.3 cups-bsd - 2.3.1-9ubuntu1.3 cups-common - 2.3.1-9ubuntu1.3 cups-core-drivers - 2.3.1-9ubuntu1.3 cups-server-common - 2.3.1-9ubuntu1.3 libcupsimage2 - 2.3.1-9ubuntu1.3 cups-client - 2.3.1-9ubuntu1.3 cups-ipp-utils - 2.3.1-9ubuntu1.3 libcups2 - 2.3.1-9ubuntu1.3 cups-ppdc - 2.3.1-9ubuntu1.3 cups - 2.3.1-9ubuntu1.3 libcupsimage2-dev - 2.3.1-9ubuntu1.3 cups-daemon - 2.3.1-9ubuntu1.3 No subscription required Medium CVE-2023-32324 Ubuntu 20.04 LTS It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6129-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavahi-compat-libdnssd-dev - 0.7-4ubuntu7.2 libavahi-ui-gtk3-0 - 0.7-4ubuntu7.2 libavahi-core7 - 0.7-4ubuntu7.2 libavahi-client3 - 0.7-4ubuntu7.2 libavahi-core-dev - 0.7-4ubuntu7.2 libavahi-client-dev - 0.7-4ubuntu7.2 avahi-ui-utils - 0.7-4ubuntu7.2 libavahi-gobject-dev - 0.7-4ubuntu7.2 avahi-dnsconfd - 0.7-4ubuntu7.2 libavahi-compat-libdnssd1 - 0.7-4ubuntu7.2 libavahi-common3 - 0.7-4ubuntu7.2 avahi-daemon - 0.7-4ubuntu7.2 avahi-discover - 0.7-4ubuntu7.2 libavahi-common-dev - 0.7-4ubuntu7.2 libavahi-common-data - 0.7-4ubuntu7.2 avahi-utils - 0.7-4ubuntu7.2 libavahi-ui-gtk3-dev - 0.7-4ubuntu7.2 libavahi-glib-dev - 0.7-4ubuntu7.2 libavahi-gobject0 - 0.7-4ubuntu7.2 gir1.2-avahi-0.6 - 0.7-4ubuntu7.2 avahi-autoipd - 0.7-4ubuntu7.2 python-avahi - 0.7-4ubuntu7.2 libavahi-glib1 - 0.7-4ubuntu7.2 No subscription required Medium CVE-2023-1981 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6131-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1050-ibm - 5.4.0-1050.55 linux-image-5.4.0-1050-ibm - 5.4.0-1050.55 linux-ibm-headers-5.4.0-1050 - 5.4.0-1050.55 linux-modules-extra-5.4.0-1050-ibm - 5.4.0-1050.55 linux-buildinfo-5.4.0-1050-ibm - 5.4.0-1050.55 linux-tools-5.4.0-1050-ibm - 5.4.0-1050.55 linux-ibm-source-5.4.0 - 5.4.0-1050.55 linux-ibm-cloud-tools-common - 5.4.0-1050.55 linux-ibm-tools-common - 5.4.0-1050.55 linux-ibm-tools-5.4.0-1050 - 5.4.0-1050.55 linux-modules-5.4.0-1050-ibm - 5.4.0-1050.55 linux-image-unsigned-5.4.0-1050-ibm - 5.4.0-1050.55 No subscription required linux-image-unsigned-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-cloud-tools-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-gkeop-source-5.4.0 - 5.4.0-1070.74 linux-gkeop-cloud-tools-5.4.0-1070 - 5.4.0-1070.74 linux-gkeop-tools-5.4.0-1070 - 5.4.0-1070.74 linux-tools-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-headers-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-buildinfo-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-gkeop-headers-5.4.0-1070 - 5.4.0-1070.74 linux-modules-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-image-5.4.0-1070-gkeop - 5.4.0-1070.74 linux-modules-extra-5.4.0-1070-gkeop - 5.4.0-1070.74 No subscription required linux-modules-5.4.0-1092-kvm - 5.4.0-1092.98 linux-headers-5.4.0-1092-kvm - 5.4.0-1092.98 linux-buildinfo-5.4.0-1092-kvm - 5.4.0-1092.98 linux-image-unsigned-5.4.0-1092-kvm - 5.4.0-1092.98 linux-kvm-headers-5.4.0-1092 - 5.4.0-1092.98 linux-kvm-tools-5.4.0-1092 - 5.4.0-1092.98 linux-tools-5.4.0-1092-kvm - 5.4.0-1092.98 linux-image-5.4.0-1092-kvm - 5.4.0-1092.98 No subscription required linux-gke-tools-5.4.0-1100 - 5.4.0-1100.107 linux-gke-headers-5.4.0-1100 - 5.4.0-1100.107 linux-modules-extra-5.4.0-1100-gke - 5.4.0-1100.107 linux-tools-5.4.0-1100-gke - 5.4.0-1100.107 linux-modules-5.4.0-1100-gke - 5.4.0-1100.107 linux-headers-5.4.0-1100-gke - 5.4.0-1100.107 linux-buildinfo-5.4.0-1100-gke - 5.4.0-1100.107 linux-image-unsigned-5.4.0-1100-gke - 5.4.0-1100.107 linux-image-5.4.0-1100-gke - 5.4.0-1100.107 No subscription required linux-modules-extra-5.4.0-1102-oracle - 5.4.0-1102.111 linux-image-5.4.0-1102-oracle - 5.4.0-1102.111 linux-oracle-headers-5.4.0-1102 - 5.4.0-1102.111 linux-oracle-tools-5.4.0-1102 - 5.4.0-1102.111 linux-modules-5.4.0-1102-oracle - 5.4.0-1102.111 linux-headers-5.4.0-1102-oracle - 5.4.0-1102.111 linux-tools-5.4.0-1102-oracle - 5.4.0-1102.111 linux-image-unsigned-5.4.0-1102-oracle - 5.4.0-1102.111 linux-buildinfo-5.4.0-1102-oracle - 5.4.0-1102.111 No subscription required linux-buildinfo-5.4.0-1103-aws - 5.4.0-1103.111 linux-cloud-tools-5.4.0-1103-aws - 5.4.0-1103.111 linux-image-5.4.0-1103-aws - 5.4.0-1103.111 linux-aws-headers-5.4.0-1103 - 5.4.0-1103.111 linux-aws-tools-5.4.0-1103 - 5.4.0-1103.111 linux-modules-5.4.0-1103-aws - 5.4.0-1103.111 linux-tools-5.4.0-1103-aws - 5.4.0-1103.111 linux-aws-cloud-tools-5.4.0-1103 - 5.4.0-1103.111 linux-image-unsigned-5.4.0-1103-aws - 5.4.0-1103.111 linux-modules-extra-5.4.0-1103-aws - 5.4.0-1103.111 linux-headers-5.4.0-1103-aws - 5.4.0-1103.111 No subscription required linux-image-5.4.0-1106-gcp - 5.4.0-1106.115 linux-gcp-headers-5.4.0-1106 - 5.4.0-1106.115 linux-image-unsigned-5.4.0-1106-gcp - 5.4.0-1106.115 linux-modules-5.4.0-1106-gcp - 5.4.0-1106.115 linux-tools-5.4.0-1106-gcp - 5.4.0-1106.115 linux-modules-extra-5.4.0-1106-gcp - 5.4.0-1106.115 linux-headers-5.4.0-1106-gcp - 5.4.0-1106.115 linux-gcp-tools-5.4.0-1106 - 5.4.0-1106.115 linux-buildinfo-5.4.0-1106-gcp - 5.4.0-1106.115 No subscription required linux-modules-5.4.0-1109-azure - 5.4.0-1109.115 linux-buildinfo-5.4.0-1109-azure - 5.4.0-1109.115 linux-tools-5.4.0-1109-azure - 5.4.0-1109.115 linux-image-5.4.0-1109-azure - 5.4.0-1109.115 linux-azure-tools-5.4.0-1109 - 5.4.0-1109.115 linux-image-unsigned-5.4.0-1109-azure - 5.4.0-1109.115 linux-azure-headers-5.4.0-1109 - 5.4.0-1109.115 linux-modules-extra-5.4.0-1109-azure - 5.4.0-1109.115 linux-headers-5.4.0-1109-azure - 5.4.0-1109.115 linux-cloud-tools-5.4.0-1109-azure - 5.4.0-1109.115 linux-azure-cloud-tools-5.4.0-1109 - 5.4.0-1109.115 No subscription required linux-tools-common - 5.4.0-150.167 linux-cloud-tools-5.4.0-150-generic - 5.4.0-150.167 linux-modules-5.4.0-150-generic - 5.4.0-150.167 linux-doc - 5.4.0-150.167 linux-headers-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-headers-5.4.0-150-lowlatency - 5.4.0-150.167 linux-buildinfo-5.4.0-150-generic - 5.4.0-150.167 linux-tools-5.4.0-150-generic - 5.4.0-150.167 linux-buildinfo-5.4.0-150-lowlatency - 5.4.0-150.167 linux-libc-dev - 5.4.0-150.167 linux-source-5.4.0 - 5.4.0-150.167 linux-cloud-tools-common - 5.4.0-150.167 linux-image-unsigned-5.4.0-150-generic - 5.4.0-150.167 linux-tools-host - 5.4.0-150.167 linux-cloud-tools-5.4.0-150-lowlatency - 5.4.0-150.167 linux-tools-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-cloud-tools-5.4.0-150 - 5.4.0-150.167 linux-image-5.4.0-150-generic - 5.4.0-150.167 linux-tools-5.4.0-150 - 5.4.0-150.167 linux-image-unsigned-5.4.0-150-lowlatency - 5.4.0-150.167 linux-image-5.4.0-150-lowlatency - 5.4.0-150.167 linux-modules-5.4.0-150-lowlatency - 5.4.0-150.167 linux-headers-5.4.0-150-generic - 5.4.0-150.167 linux-modules-extra-5.4.0-150-generic - 5.4.0-150.167 linux-modules-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-buildinfo-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-headers-5.4.0-150 - 5.4.0-150.167 linux-image-5.4.0-150-generic-lpae - 5.4.0-150.167 linux-tools-5.4.0-150-lowlatency - 5.4.0-150.167 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1050.76 linux-image-ibm - 5.4.0.1050.76 linux-headers-ibm-lts-20.04 - 5.4.0.1050.76 linux-tools-ibm - 5.4.0.1050.76 linux-ibm-lts-20.04 - 5.4.0.1050.76 linux-image-ibm-lts-20.04 - 5.4.0.1050.76 linux-modules-extra-ibm - 5.4.0.1050.76 linux-ibm - 5.4.0.1050.76 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1050.76 linux-headers-ibm - 5.4.0.1050.76 No subscription required linux-headers-gkeop - 5.4.0.1070.68 linux-modules-extra-gkeop-5.4 - 5.4.0.1070.68 linux-gkeop-5.4 - 5.4.0.1070.68 linux-cloud-tools-gkeop-5.4 - 5.4.0.1070.68 linux-image-gkeop-5.4 - 5.4.0.1070.68 linux-modules-extra-gkeop - 5.4.0.1070.68 linux-tools-gkeop - 5.4.0.1070.68 linux-image-gkeop - 5.4.0.1070.68 linux-gkeop - 5.4.0.1070.68 linux-cloud-tools-gkeop - 5.4.0.1070.68 linux-headers-gkeop-5.4 - 5.4.0.1070.68 linux-tools-gkeop-5.4 - 5.4.0.1070.68 No subscription required linux-kvm - 5.4.0.1092.87 linux-headers-kvm - 5.4.0.1092.87 linux-image-kvm - 5.4.0.1092.87 linux-tools-kvm - 5.4.0.1092.87 No subscription required linux-modules-extra-gke - 5.4.0.1100.105 linux-headers-gke-5.4 - 5.4.0.1100.105 linux-modules-extra-gke-5.4 - 5.4.0.1100.105 linux-gke-5.4 - 5.4.0.1100.105 linux-tools-gke - 5.4.0.1100.105 linux-gke - 5.4.0.1100.105 linux-headers-gke - 5.4.0.1100.105 linux-tools-gke-5.4 - 5.4.0.1100.105 linux-image-gke-5.4 - 5.4.0.1100.105 linux-image-gke - 5.4.0.1100.105 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1102.95 linux-headers-oracle-lts-20.04 - 5.4.0.1102.95 linux-oracle-lts-20.04 - 5.4.0.1102.95 linux-image-oracle-lts-20.04 - 5.4.0.1102.95 No subscription required linux-tools-aws-lts-20.04 - 5.4.0.1103.100 linux-image-aws-lts-20.04 - 5.4.0.1103.100 linux-headers-aws-lts-20.04 - 5.4.0.1103.100 linux-modules-extra-aws-lts-20.04 - 5.4.0.1103.100 linux-aws-lts-20.04 - 5.4.0.1103.100 No subscription required linux-gcp-lts-20.04 - 5.4.0.1106.108 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1106.108 linux-headers-gcp-lts-20.04 - 5.4.0.1106.108 linux-image-gcp-lts-20.04 - 5.4.0.1106.108 linux-tools-gcp-lts-20.04 - 5.4.0.1106.108 No subscription required linux-azure-lts-20.04 - 5.4.0.1109.102 linux-image-azure-lts-20.04 - 5.4.0.1109.102 linux-modules-extra-azure-lts-20.04 - 5.4.0.1109.102 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1109.102 linux-tools-azure-lts-20.04 - 5.4.0.1109.102 linux-headers-azure-lts-20.04 - 5.4.0.1109.102 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-image-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-cloud-tools-virtual - 5.4.0.150.148 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-image-virtual - 5.4.0.150.148 linux-image-generic - 5.4.0.150.148 linux-tools-lowlatency - 5.4.0.150.148 linux-oem-osp1-tools-host - 5.4.0.150.148 linux-image-oem - 5.4.0.150.148 linux-tools-virtual-hwe-18.04 - 5.4.0.150.148 linux-headers-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-headers-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-oem - 5.4.0.150.148 linux-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-image-oem-osp1 - 5.4.0.150.148 linux-image-generic-hwe-18.04 - 5.4.0.150.148 linux-image-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-crashdump - 5.4.0.150.148 linux-headers-generic-hwe-18.04 - 5.4.0.150.148 linux-headers-generic-lpae - 5.4.0.150.148 linux-lowlatency - 5.4.0.150.148 linux-cloud-tools-generic - 5.4.0.150.148 linux-tools-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-virtual - 5.4.0.150.148 linux-headers-virtual-hwe-18.04 - 5.4.0.150.148 linux-virtual-hwe-18.04 - 5.4.0.150.148 linux-tools-generic-lpae - 5.4.0.150.148 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-tools-virtual - 5.4.0.150.148 linux-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-tools-oem-osp1 - 5.4.0.150.148 linux-generic-lpae - 5.4.0.150.148 linux-image-generic-hwe-18.04-edge - 5.4.0.150.148 linux-headers-oem - 5.4.0.150.148 linux-image-extra-virtual-hwe-18.04 - 5.4.0.150.148 linux-generic - 5.4.0.150.148 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.150.148 linux-tools-generic-hwe-18.04-edge - 5.4.0.150.148 linux-image-virtual-hwe-18.04 - 5.4.0.150.148 linux-headers-lowlatency - 5.4.0.150.148 linux-generic-hwe-18.04-edge - 5.4.0.150.148 linux-tools-generic-hwe-18.04 - 5.4.0.150.148 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-source - 5.4.0.150.148 linux-image-extra-virtual - 5.4.0.150.148 linux-oem-tools-host - 5.4.0.150.148 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.150.148 linux-tools-generic - 5.4.0.150.148 linux-cloud-tools-lowlatency - 5.4.0.150.148 linux-tools-oem - 5.4.0.150.148 linux-headers-oem-osp1 - 5.4.0.150.148 linux-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.150.148 linux-headers-generic-hwe-18.04-edge - 5.4.0.150.148 linux-headers-generic - 5.4.0.150.148 linux-oem-osp1 - 5.4.0.150.148 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.150.148 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-image-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.150.148 linux-headers-virtual - 5.4.0.150.148 linux-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.150.148 linux-generic-hwe-18.04 - 5.4.0.150.148 linux-image-generic-lpae - 5.4.0.150.148 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.150.148 linux-tools-lowlatency-hwe-18.04 - 5.4.0.150.148 linux-image-lowlatency - 5.4.0.150.148 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6132-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-image-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-headers-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-bluefield-headers-5.4.0-1064 - 5.4.0-1064.70 linux-tools-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-bluefield-tools-5.4.0-1064 - 5.4.0-1064.70 linux-buildinfo-5.4.0-1064-bluefield - 5.4.0-1064.70 linux-image-unsigned-5.4.0-1064-bluefield - 5.4.0-1064.70 No subscription required linux-bluefield - 5.4.0.1064.59 linux-tools-bluefield - 5.4.0.1064.59 linux-image-bluefield - 5.4.0.1064.59 linux-headers-bluefield - 5.4.0.1064.59 No subscription required High CVE-2022-3707 CVE-2023-0459 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1380 CVE-2023-1513 CVE-2023-2162 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1872) It was discovered that the Android Binder IPC subsystem in the Linux kernel did not properly validate inputs in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-20938) It was discovered that the ARM64 EFI runtime services implementation in the Linux kernel did not properly manage concurrency calls. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21102) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Update Instructions: Run `sudo pro fix USN-6134-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-buildinfo-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1030.35~20.04.1 linux-headers-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1030.35~20.04.1 linux-modules-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-modules-extra-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-modules-iwlwifi-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-cloud-tools-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-image-unsigned-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-image-5.15.0-1030-intel-iotg - 5.15.0-1030.35~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1030.35~20.04.22 linux-tools-intel - 5.15.0.1030.35~20.04.22 linux-intel-iotg - 5.15.0.1030.35~20.04.22 linux-image-intel-iotg - 5.15.0.1030.35~20.04.22 linux-tools-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-intel - 5.15.0.1030.35~20.04.22 linux-headers-intel - 5.15.0.1030.35~20.04.22 linux-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-image-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-headers-intel-iotg - 5.15.0.1030.35~20.04.22 linux-image-intel - 5.15.0.1030.35~20.04.22 linux-headers-intel-iotg-edge - 5.15.0.1030.35~20.04.22 linux-tools-intel-iotg - 5.15.0.1030.35~20.04.22 No subscription required High CVE-2022-27672 CVE-2022-3707 CVE-2022-4129 CVE-2022-47929 CVE-2022-4842 CVE-2023-0386 CVE-2023-0394 CVE-2023-0458 CVE-2023-0459 CVE-2023-1073 CVE-2023-1074 CVE-2023-1075 CVE-2023-1078 CVE-2023-1118 CVE-2023-1281 CVE-2023-1513 CVE-2023-1652 CVE-2023-1829 CVE-2023-1872 CVE-2023-20938 CVE-2023-21102 CVE-2023-2162 CVE-2023-26545 CVE-2023-32269 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6135-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1039-azure-fde - 5.15.0-1039.46~20.04.1.1 linux-image-5.15.0-1039-azure-fde - 5.15.0-1039.46~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-modules-extra-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-headers-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-image-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-modules-extra-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-tools-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-image-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-cloud-tools-azure-fde-edge - 5.15.0.1039.46~20.04.1.18 linux-cloud-tools-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-tools-azure-fde - 5.15.0.1039.46~20.04.1.18 linux-headers-azure-fde - 5.15.0.1039.46~20.04.1.18 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6137-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-doc - 0.19.5-1ubuntu1.2 libraw-bin - 0.19.5-1ubuntu1.2 libraw19 - 0.19.5-1ubuntu1.2 libraw-dev - 0.19.5-1ubuntu1.2 No subscription required Medium CVE-2021-32142 CVE-2023-1729 Ubuntu 20.04 LTS Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-1667) Kevin Backhouse discovered that libssh incorrectly handled verifying data signatures. A remote attacker could possibly use this issue to bypass authorization. (CVE-2023-2283) Update Instructions: Run `sudo pro fix USN-6138-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.3 libssh-doc - 0.9.3-2ubuntu2.3 libssh-gcrypt-4 - 0.9.3-2ubuntu2.3 libssh-4 - 0.9.3-2ubuntu2.3 libssh-dev - 0.9.3-2ubuntu2.3 No subscription required Medium CVE-2023-1667 CVE-2023-2283 Ubuntu 20.04 LTS Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could use this issue to bypass blockinglisting methods. This issue was first addressed in USN-5960-1, but was incomplete. Here we address an additional fix to that issue. (CVE-2023-24329) Update Instructions: Run `sudo pro fix USN-6139-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.8 python3.8-full - 3.8.10-0ubuntu1~20.04.8 python3.8-examples - 3.8.10-0ubuntu1~20.04.8 python3.8-dev - 3.8.10-0ubuntu1~20.04.8 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.8 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.8 python3.8-venv - 3.8.10-0ubuntu1~20.04.8 libpython3.8 - 3.8.10-0ubuntu1~20.04.8 idle-python3.8 - 3.8.10-0ubuntu1~20.04.8 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.8 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.8 python3.8 - 3.8.10-0ubuntu1~20.04.8 python3.8-doc - 3.8.10-0ubuntu1~20.04.8 No subscription required Medium CVE-2023-24329 Ubuntu 20.04 LTS Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6142-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.40.0-1ubuntu0.1 libnghttp2-doc - 1.40.0-1ubuntu0.1 libnghttp2-dev - 1.40.0-1ubuntu0.1 nghttp2-proxy - 1.40.0-1ubuntu0.1 nghttp2 - 1.40.0-1ubuntu0.1 nghttp2-client - 1.40.0-1ubuntu0.1 nghttp2-server - 1.40.0-1ubuntu0.1 No subscription required Medium CVE-2020-11080 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Update Instructions: Run `sudo pro fix USN-6143-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 114.0+build3-0ubuntu0.20.04.1 firefox - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 114.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 114.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-tg - 114.0+build3-0ubuntu0.20.04.1 firefox-dev - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 114.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 114.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-34414 CVE-2023-34415 CVE-2023-34416 CVE-2023-34417 Ubuntu 20.04 LTS USN-6143-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Update Instructions: Run `sudo pro fix USN-6143-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 114.0.1+build1-0ubuntu0.20.04.1 firefox - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 114.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 114.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 114.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 114.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 114.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2023610 Ubuntu 20.04 LTS USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Update Instructions: Run `sudo pro fix USN-6143-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 114.0.2+build1-0ubuntu0.20.04.1 firefox - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 114.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 114.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 114.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 114.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 114.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2024513 Ubuntu 20.04 LTS It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. (CVE-2023-0950) Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code. (CVE-2023-2255) Update Instructions: Run `sudo pro fix USN-6144-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.8 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.8 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.8 libreoffice - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.8 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.8 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.8 python3-access2base - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.8 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.8 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.8 libridl-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.8 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.8 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.8 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.8 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.8 libunoil-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.8 python3-uno - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.8 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.8 libjurt-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.8 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.8 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.8 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.8 ure - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.8 libjuh-java - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.8 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.8 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.8 No subscription required Medium CVE-2023-0950 CVE-2023-2255 Ubuntu 20.04 LTS It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. (CVE-2022-39377) It was discovered that Sysstat incorrectly handled certain arithmetic multiplications in 64-bit systems, as a result of an incomplete fix for CVE-2022-39377. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-33204) Update Instructions: Run `sudo pro fix USN-6145-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: isag - 12.2.0-2ubuntu0.3 sysstat - 12.2.0-2ubuntu0.3 No subscription required Medium CVE-2022-39377 CVE-2023-33204 Ubuntu 20.04 LTS It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-31439) It was discovered that Netatalk did not properly validate the length of user-supplied data in the ad_addcomment function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0194) It was discovered that Netatalk did not properly handle errors when parsing AppleDouble entries. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23121) It was discovered that Netatalk did not properly validate the length of user-supplied data in the setfilparams function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23122) It was discovered that Netatalk did not properly validate the length of user-supplied data in the getdirparams function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23123) It was discovered that Netatalk did not properly validate the length of user-supplied data in the get_finderinfo function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23124) It was discovered that Netatalk did not properly validate the length of user-supplied data in the copyapplfile function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23125) It was discovered that Netatalk did not properly validate the length of user-supplied data in the dsi_writeinit function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-43634) It was discovered that Netatalk did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted .appl file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-45188) Update Instructions: Run `sudo pro fix USN-6146-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netatalk - 3.1.12~ds-4ubuntu0.20.04.1 No subscription required High CVE-2021-31439 CVE-2022-0194 CVE-2022-23121 CVE-2022-23122 CVE-2022-23123 CVE-2022-23124 CVE-2022-23125 CVE-2022-43634 CVE-2022-45188 Ubuntu 20.04 LTS It was discovered that SNI Proxy did not properly handle wildcard backend hosts. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6148-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sniproxy - 0.6.0-1ubuntu0.1 No subscription required High CVE-2023-25076 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6150-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-raspi-tools-5.4.0-1086 - 5.4.0-1086.97 linux-raspi-headers-5.4.0-1086 - 5.4.0-1086.97 linux-image-5.4.0-1086-raspi - 5.4.0-1086.97 linux-tools-5.4.0-1086-raspi - 5.4.0-1086.97 linux-buildinfo-5.4.0-1086-raspi - 5.4.0-1086.97 linux-modules-5.4.0-1086-raspi - 5.4.0-1086.97 linux-headers-5.4.0-1086-raspi - 5.4.0-1086.97 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-tools-raspi - 5.4.0.1086.116 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-raspi-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi - 5.4.0.1086.116 linux-tools-raspi2-hwe-18.04 - 5.4.0.1086.116 linux-raspi2-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-raspi2 - 5.4.0.1086.116 linux-headers-raspi2 - 5.4.0.1086.116 linux-headers-raspi2-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi2 - 5.4.0.1086.116 linux-tools-raspi-hwe-18.04 - 5.4.0.1086.116 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1086.116 linux-tools-raspi2 - 5.4.0.1086.116 linux-image-raspi-hwe-18.04 - 5.4.0.1086.116 linux-raspi - 5.4.0.1086.116 linux-headers-raspi - 5.4.0.1086.116 linux-headers-raspi-hwe-18.04 - 5.4.0.1086.116 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1086.116 linux-image-raspi2-hwe-18.04 - 5.4.0.1086.116 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) Update Instructions: Run `sudo pro fix USN-6151-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-xilinx-zynqmp-tools-5.4.0-1023 - 5.4.0-1023.27 linux-headers-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-xilinx-zynqmp-headers-5.4.0-1023 - 5.4.0-1023.27 linux-image-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-tools-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-buildinfo-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 linux-modules-5.4.0-1023-xilinx-zynqmp - 5.4.0-1023.27 No subscription required linux-tools-xilinx-zynqmp - 5.4.0.1023.26 linux-headers-xilinx-zynqmp - 5.4.0.1023.26 linux-xilinx-zynqmp - 5.4.0.1023.26 linux-image-xilinx-zynqmp - 5.4.0.1023.26 No subscription required Medium CVE-2021-3669 CVE-2022-2196 CVE-2022-4382 CVE-2023-23559 Ubuntu 20.04 LTS It was discovered that NFS client's access cache implementation in the Linux kernel caused a severe NFS performance degradation in certain conditions. This updated makes the NFS file-access stale cache behavior to be optional. Update Instructions: Run `sudo pro fix USN-6152-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gke-headers-5.4.0-1101 - 5.4.0-1101.108 linux-image-5.4.0-1101-gke - 5.4.0-1101.108 linux-headers-5.4.0-1101-gke - 5.4.0-1101.108 linux-buildinfo-5.4.0-1101-gke - 5.4.0-1101.108 linux-tools-5.4.0-1101-gke - 5.4.0-1101.108 linux-modules-extra-5.4.0-1101-gke - 5.4.0-1101.108 linux-image-unsigned-5.4.0-1101-gke - 5.4.0-1101.108 linux-modules-5.4.0-1101-gke - 5.4.0-1101.108 linux-gke-tools-5.4.0-1101 - 5.4.0-1101.108 No subscription required linux-modules-extra-gke - 5.4.0.1101.106 linux-gke-5.4 - 5.4.0.1101.106 linux-image-gke - 5.4.0.1101.106 linux-image-gke-5.4 - 5.4.0.1101.106 linux-tools-gke-5.4 - 5.4.0.1101.106 linux-modules-extra-gke-5.4 - 5.4.0.1101.106 linux-headers-gke - 5.4.0.1101.106 linux-gke - 5.4.0.1101.106 linux-headers-gke-5.4 - 5.4.0.1101.106 linux-tools-gke - 5.4.0.1101.106 No subscription required None https://launchpad.net/bugs/2022098 Ubuntu 20.04 LTS It was discovered that Jupyter Core executed untrusted files in the current working directory. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6153-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jupyter-core-doc - 4.6.3-3ubuntu0.1~esm1 jupyter - 4.6.3-3ubuntu0.1~esm1 jupyter-core - 4.6.3-3ubuntu0.1~esm1 python3-jupyter-core - 4.6.3-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-39286 Ubuntu 20.04 LTS It was discovered that Vim was using uninitialized memory when fuzzy matching, which could lead to invalid memory access. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-2426) It was discovered that Vim was not properly performing bounds checks when processing register contents, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-2609) It was discovered that Vim was not properly limiting the length of substitution expression strings, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-2610) Update Instructions: Run `sudo pro fix USN-6154-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.15 vim-athena - 2:8.1.2269-1ubuntu5.15 xxd - 2:8.1.2269-1ubuntu5.15 vim-gtk - 2:8.1.2269-1ubuntu5.15 vim-gui-common - 2:8.1.2269-1ubuntu5.15 vim - 2:8.1.2269-1ubuntu5.15 vim-doc - 2:8.1.2269-1ubuntu5.15 vim-tiny - 2:8.1.2269-1ubuntu5.15 vim-runtime - 2:8.1.2269-1ubuntu5.15 vim-gtk3 - 2:8.1.2269-1ubuntu5.15 vim-nox - 2:8.1.2269-1ubuntu5.15 No subscription required Medium CVE-2023-2426 CVE-2023-2609 CVE-2023-2610 Ubuntu 20.04 LTS Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6155-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-requests - 2.22.0-2ubuntu1.1 No subscription required Medium CVE-2023-32681 Ubuntu 20.04 LTS It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-6156-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.11 libipa-hbac-dev - 2.2.3-3ubuntu0.11 sssd-ad - 2.2.3-3ubuntu0.11 libsss-sudo - 2.2.3-3ubuntu0.11 libsss-nss-idmap0 - 2.2.3-3ubuntu0.11 libnss-sss - 2.2.3-3ubuntu0.11 sssd-ipa - 2.2.3-3ubuntu0.11 libsss-simpleifp0 - 2.2.3-3ubuntu0.11 libsss-idmap-dev - 2.2.3-3ubuntu0.11 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.11 libsss-certmap0 - 2.2.3-3ubuntu0.11 python3-sss - 2.2.3-3ubuntu0.11 libpam-sss - 2.2.3-3ubuntu0.11 sssd-kcm - 2.2.3-3ubuntu0.11 libsss-idmap0 - 2.2.3-3ubuntu0.11 sssd-ldap - 2.2.3-3ubuntu0.11 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.11 libsss-simpleifp-dev - 2.2.3-3ubuntu0.11 sssd - 2.2.3-3ubuntu0.11 libwbclient-sssd - 2.2.3-3ubuntu0.11 libwbclient-sssd-dev - 2.2.3-3ubuntu0.11 sssd-common - 2.2.3-3ubuntu0.11 python3-libipa-hbac - 2.2.3-3ubuntu0.11 libipa-hbac0 - 2.2.3-3ubuntu0.11 sssd-tools - 2.2.3-3ubuntu0.11 sssd-ad-common - 2.2.3-3ubuntu0.11 sssd-krb5-common - 2.2.3-3ubuntu0.11 sssd-dbus - 2.2.3-3ubuntu0.11 sssd-krb5 - 2.2.3-3ubuntu0.11 sssd-proxy - 2.2.3-3ubuntu0.11 No subscription required Medium CVE-2022-4254 Ubuntu 20.04 LTS USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures when the PAM module was being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges. Update Instructions: Run `sudo pro fix USN-6156-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.12 libipa-hbac-dev - 2.2.3-3ubuntu0.12 sssd-ad - 2.2.3-3ubuntu0.12 libsss-sudo - 2.2.3-3ubuntu0.12 libsss-nss-idmap0 - 2.2.3-3ubuntu0.12 libnss-sss - 2.2.3-3ubuntu0.12 sssd-ipa - 2.2.3-3ubuntu0.12 libsss-simpleifp0 - 2.2.3-3ubuntu0.12 libsss-idmap-dev - 2.2.3-3ubuntu0.12 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.12 libsss-certmap0 - 2.2.3-3ubuntu0.12 python3-sss - 2.2.3-3ubuntu0.12 libpam-sss - 2.2.3-3ubuntu0.12 sssd-kcm - 2.2.3-3ubuntu0.12 libsss-idmap0 - 2.2.3-3ubuntu0.12 sssd-ldap - 2.2.3-3ubuntu0.12 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.12 libsss-simpleifp-dev - 2.2.3-3ubuntu0.12 sssd - 2.2.3-3ubuntu0.12 libwbclient-sssd - 2.2.3-3ubuntu0.12 libwbclient-sssd-dev - 2.2.3-3ubuntu0.12 sssd-common - 2.2.3-3ubuntu0.12 python3-libipa-hbac - 2.2.3-3ubuntu0.12 libipa-hbac0 - 2.2.3-3ubuntu0.12 sssd-tools - 2.2.3-3ubuntu0.12 sssd-ad-common - 2.2.3-3ubuntu0.12 sssd-krb5-common - 2.2.3-3ubuntu0.12 sssd-dbus - 2.2.3-3ubuntu0.12 sssd-krb5 - 2.2.3-3ubuntu0.12 sssd-proxy - 2.2.3-3ubuntu0.12 No subscription required None https://launchpad.net/bugs/2023598 Ubuntu 20.04 LTS It was discovered that Node Fetch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6158-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-fetch - 1.7.3-2ubuntu0.1 No subscription required Medium CVE-2022-0235 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6160-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.6 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.6 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.6 binutils-ia64-linux-gnu - 2.34-6ubuntu1.6 binutils-multiarch - 2.34-6ubuntu1.6 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.6 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.6 binutils-m68k-linux-gnu - 2.34-6ubuntu1.6 binutils-for-build - 2.34-6ubuntu1.6 binutils-s390x-linux-gnu - 2.34-6ubuntu1.6 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.6 binutils-multiarch-dev - 2.34-6ubuntu1.6 binutils-i686-gnu - 2.34-6ubuntu1.6 libctf-nobfd0 - 2.34-6ubuntu1.6 binutils-for-host - 2.34-6ubuntu1.6 binutils-doc - 2.34-6ubuntu1.6 binutils-sh4-linux-gnu - 2.34-6ubuntu1.6 libctf0 - 2.34-6ubuntu1.6 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.6 binutils-source - 2.34-6ubuntu1.6 binutils-i686-linux-gnu - 2.34-6ubuntu1.6 binutils-common - 2.34-6ubuntu1.6 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.6 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.6 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.6 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.6 binutils-hppa-linux-gnu - 2.34-6ubuntu1.6 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.6 libbinutils - 2.34-6ubuntu1.6 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.6 binutils-alpha-linux-gnu - 2.34-6ubuntu1.6 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.6 binutils - 2.34-6ubuntu1.6 No subscription required Low CVE-2021-45078 Ubuntu 20.04 LTS Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Update Instructions: Run `sudo pro fix USN-6162-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-headers-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-modules-iwlwifi-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-cloud-tools-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1031.36~20.04.1 linux-image-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-image-unsigned-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-modules-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-buildinfo-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.36~20.04.1 linux-tools-5.15.0-1031-intel-iotg - 5.15.0-1031.36~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1031.36~20.04.23 linux-tools-intel - 5.15.0.1031.36~20.04.23 linux-intel-iotg - 5.15.0.1031.36~20.04.23 linux-image-intel-iotg - 5.15.0.1031.36~20.04.23 linux-tools-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-intel - 5.15.0.1031.36~20.04.23 linux-headers-intel - 5.15.0.1031.36~20.04.23 linux-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-image-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-headers-intel-iotg - 5.15.0.1031.36~20.04.23 linux-image-intel - 5.15.0.1031.36~20.04.23 linux-headers-intel-iotg-edge - 5.15.0.1031.36~20.04.23 linux-tools-intel-iotg - 5.15.0.1031.36~20.04.23 No subscription required High CVE-2023-1380 CVE-2023-2612 CVE-2023-30456 CVE-2023-31436 CVE-2023-32233 Ubuntu 20.04 LTS It was discovered that pano13 did not properly validate the prefix provided for PTcrop's output. An attacker could use this issue to cause pano13 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20307) It was discovered that pano13 did not properly handle certain crafted TIFF images. An attacker could use this issue to cause pano13 to crash, resulting in a denial of service. (CVE-2021-33293) Update Instructions: Run `sudo pro fix USN-6163-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpano13-dev - 2.9.19+dfsg-3ubuntu0.20.04.1 libpano13-bin - 2.9.19+dfsg-3ubuntu0.20.04.1 libpano13-3 - 2.9.19+dfsg-3ubuntu0.20.04.1 No subscription required Medium CVE-2021-20307 CVE-2021-33293 Ubuntu 20.04 LTS Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-31130) Xiang Li discovered that c-ares incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service. (CVE-2023-32067) Update Instructions: Run `sudo pro fix USN-6164-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.3 libc-ares-dev - 1.15.0-1ubuntu0.3 No subscription required Medium CVE-2023-31130 CVE-2023-32067 Ubuntu 20.04 LTS It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or perform other unknown attacks. Update Instructions: Run `sudo pro fix USN-6165-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.6 libglib2.0-data - 2.64.6-1~ubuntu20.04.6 libglib2.0-tests - 2.64.6-1~ubuntu20.04.6 libglib2.0-doc - 2.64.6-1~ubuntu20.04.6 libglib2.0-bin - 2.64.6-1~ubuntu20.04.6 libglib2.0-dev - 2.64.6-1~ubuntu20.04.6 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.6 No subscription required Medium CVE-2023-29499 CVE-2023-32611 CVE-2023-32636 CVE-2023-32643 CVE-2023-32665 Ubuntu 20.04 LTS David Gstir discovered that libcap2 incorrectly handled certain return codes. An attacker could possibly use this issue to cause libcap2 to consume memory, leading to a denial of service. (CVE-2023-2602) Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An attacker could use this issue to cause libcap2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-2603) Update Instructions: Run `sudo pro fix USN-6166-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcap2 - 1:2.32-1ubuntu0.1 libcap2-bin - 1:2.32-1ubuntu0.1 libpam-cap - 1:2.32-1ubuntu0.1 libcap-dev - 1:2.32-1ubuntu0.1 No subscription required Medium CVE-2023-2602 CVE-2023-2603 Ubuntu 20.04 LTS It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-1050) It was discovered that QEMU did not properly check the size of the structure pointed to by the guest physical address pqxl. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4144) It was discovered that QEMU did not properly manage memory in the ACPI Error Record Serialization Table (ERST) device. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-4172) It was discovered that QEMU did not properly manage memory when DMA memory writes happen repeatedly in the lsi53c895a device. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2023-0330) Update Instructions: Run `sudo pro fix USN-6167-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.27 qemu-system-common - 1:4.2-3ubuntu6.27 qemu-system-data - 1:4.2-3ubuntu6.27 qemu-system-s390x - 1:4.2-3ubuntu6.27 qemu-block-extra - 1:4.2-3ubuntu6.27 qemu-system-misc - 1:4.2-3ubuntu6.27 qemu-user - 1:4.2-3ubuntu6.27 qemu-system-sparc - 1:4.2-3ubuntu6.27 qemu-guest-agent - 1:4.2-3ubuntu6.27 qemu-system - 1:4.2-3ubuntu6.27 qemu-utils - 1:4.2-3ubuntu6.27 qemu-user-static - 1:4.2-3ubuntu6.27 qemu-kvm - 1:4.2-3ubuntu6.27 qemu-user-binfmt - 1:4.2-3ubuntu6.27 qemu-system-x86 - 1:4.2-3ubuntu6.27 qemu-system-arm - 1:4.2-3ubuntu6.27 qemu-system-gui - 1:4.2-3ubuntu6.27 qemu - 1:4.2-3ubuntu6.27 qemu-system-ppc - 1:4.2-3ubuntu6.27 qemu-system-mips - 1:4.2-3ubuntu6.27 qemu-system-x86-xen - 1:4.2-3ubuntu6.27 No subscription required Medium CVE-2022-1050 CVE-2022-4144 CVE-2022-4172 CVE-2023-0330 Ubuntu 20.04 LTS Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6168-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.5 libx11-data - 2:1.6.9-2ubuntu1.5 libx11-xcb-dev - 2:1.6.9-2ubuntu1.5 libx11-xcb1 - 2:1.6.9-2ubuntu1.5 libx11-doc - 2:1.6.9-2ubuntu1.5 libx11-dev - 2:1.6.9-2ubuntu1.5 No subscription required Medium CVE-2023-3138 Ubuntu 20.04 LTS It was discovered that GNU SASL's GSSAPI server could make an out-of-bounds reads if given specially crafted GSS-API authentication data. A remote attacker could possibly use this issue to cause a denial of service or to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6169-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgsasl7 - 1.8.1-1ubuntu0.1~esm1 libgsasl7-dev - 1.8.1-1ubuntu0.1~esm1 gsasl - 1.8.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2022-2469 Ubuntu 20.04 LTS It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Update Instructions: Run `sudo pro fix USN-6172-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-modules-extra-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-modules-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-gke-5.15-headers-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-gke-5.15-tools-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-tools-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-headers-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-buildinfo-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-image-unsigned-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 linux-image-5.15.0-1036-gke - 5.15.0-1036.41~20.04.1 No subscription required linux-image-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-modules-extra-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-gcp-5.15-tools-5.15.0-1036 - 5.15.0-1036.44~20.04.1 linux-image-unsigned-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-modules-iwlwifi-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-tools-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-headers-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-gcp-5.15-headers-5.15.0-1036 - 5.15.0-1036.44~20.04.1 linux-buildinfo-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 linux-modules-5.15.0-1036-gcp - 5.15.0-1036.44~20.04.1 No subscription required linux-buildinfo-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-image-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-oracle-5.15-headers-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-modules-extra-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-modules-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-oracle-5.15-tools-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-tools-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-headers-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 linux-image-unsigned-5.15.0-1037-oracle - 5.15.0-1037.43~20.04.1 No subscription required linux-image-unsigned-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-aws-5.15-headers-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-image-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-cloud-tools-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-buildinfo-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-tools-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-headers-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-aws-5.15-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-modules-extra-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 linux-modules-5.15.0-1038-aws - 5.15.0-1038.43~20.04.1 No subscription required linux-buildinfo-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-headers-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-tools-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-modules-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-azure-5.15-tools-5.15.0-1040 - 5.15.0-1040.47~20.04.1 linux-cloud-tools-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-image-unsigned-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-azure-5.15-headers-5.15.0-1040 - 5.15.0-1040.47~20.04.1 linux-image-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-modules-extra-5.15.0-1040-azure - 5.15.0-1040.47~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.47~20.04.1 No subscription required linux-image-5.15.0-1040-azure-fde - 5.15.0-1040.47~20.04.1.1 linux-image-unsigned-5.15.0-1040-azure-fde - 5.15.0-1040.47~20.04.1.1 No subscription required linux-buildinfo-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-75.82~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-modules-iwlwifi-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-modules-iwlwifi-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-image-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-hwe-5.15-headers-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-75.82~20.04.1 linux-headers-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-hwe-5.15-tools-5.15.0-75 - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-75.82~20.04.1 linux-buildinfo-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-lowlatency-64k - 5.15.0-75.82~20.04.1 linux-tools-5.15.0-75-generic-lpae - 5.15.0-75.82~20.04.1 linux-cloud-tools-5.15.0-75-lowlatency - 5.15.0-75.82~20.04.1 linux-modules-extra-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-75.82~20.04.1 linux-image-unsigned-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-cloud-tools-5.15.0-75-generic - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-generic-64k - 5.15.0-75.82~20.04.1 linux-modules-5.15.0-75-generic - 5.15.0-75.82~20.04.1 No subscription required linux-image-gke-edge - 5.15.0.1036.41~20.04.1 linux-headers-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-image-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-tools-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-headers-gke-edge - 5.15.0.1036.41~20.04.1 linux-gke-5.15 - 5.15.0.1036.41~20.04.1 linux-tools-gke-edge - 5.15.0.1036.41~20.04.1 linux-gke-edge - 5.15.0.1036.41~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1036.44~20.04.1 linux-headers-gcp-edge - 5.15.0.1036.44~20.04.1 linux-modules-extra-gcp - 5.15.0.1036.44~20.04.1 linux-gcp - 5.15.0.1036.44~20.04.1 linux-tools-gcp - 5.15.0.1036.44~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1036.44~20.04.1 linux-image-gcp - 5.15.0.1036.44~20.04.1 linux-tools-gcp-edge - 5.15.0.1036.44~20.04.1 linux-headers-gcp - 5.15.0.1036.44~20.04.1 linux-gcp-edge - 5.15.0.1036.44~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1037.43~20.04.1 linux-tools-oracle - 5.15.0.1037.43~20.04.1 linux-tools-oracle-edge - 5.15.0.1037.43~20.04.1 linux-oracle-edge - 5.15.0.1037.43~20.04.1 linux-image-oracle-edge - 5.15.0.1037.43~20.04.1 linux-image-oracle - 5.15.0.1037.43~20.04.1 linux-headers-oracle-edge - 5.15.0.1037.43~20.04.1 linux-oracle - 5.15.0.1037.43~20.04.1 No subscription required linux-image-aws - 5.15.0.1038.43~20.04.27 linux-aws-edge - 5.15.0.1038.43~20.04.27 linux-headers-aws - 5.15.0.1038.43~20.04.27 linux-modules-extra-aws-edge - 5.15.0.1038.43~20.04.27 linux-image-aws-edge - 5.15.0.1038.43~20.04.27 linux-headers-aws-edge - 5.15.0.1038.43~20.04.27 linux-modules-extra-aws - 5.15.0.1038.43~20.04.27 linux-tools-aws - 5.15.0.1038.43~20.04.27 linux-tools-aws-edge - 5.15.0.1038.43~20.04.27 linux-aws - 5.15.0.1038.43~20.04.27 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-headers-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-tools-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-modules-extra-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-image-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-cloud-tools-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-headers-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-tools-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 linux-image-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-modules-extra-azure-fde - 5.15.0.1040.47~20.04.1.19 linux-azure-fde-edge - 5.15.0.1040.47~20.04.1.19 No subscription required linux-cloud-tools-azure - 5.15.0.1040.47~20.04.30 linux-modules-extra-azure-cvm - 5.15.0.1040.47~20.04.30 linux-azure - 5.15.0.1040.47~20.04.30 linux-image-azure - 5.15.0.1040.47~20.04.30 linux-headers-azure-edge - 5.15.0.1040.47~20.04.30 linux-headers-azure - 5.15.0.1040.47~20.04.30 linux-tools-azure-edge - 5.15.0.1040.47~20.04.30 linux-azure-cvm - 5.15.0.1040.47~20.04.30 linux-modules-extra-azure-edge - 5.15.0.1040.47~20.04.30 linux-cloud-tools-azure-cvm - 5.15.0.1040.47~20.04.30 linux-headers-azure-cvm - 5.15.0.1040.47~20.04.30 linux-tools-azure - 5.15.0.1040.47~20.04.30 linux-image-azure-edge - 5.15.0.1040.47~20.04.30 linux-image-azure-cvm - 5.15.0.1040.47~20.04.30 linux-tools-azure-cvm - 5.15.0.1040.47~20.04.30 linux-cloud-tools-azure-edge - 5.15.0.1040.47~20.04.30 linux-modules-extra-azure - 5.15.0.1040.47~20.04.30 linux-azure-edge - 5.15.0.1040.47~20.04.30 No subscription required linux-tools-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-image-lowlatency-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-lowlatency-hwe-20.04-edge - 5.15.0.75.82~20.04.33 linux-lowlatency-64k-hwe-20.04 - 5.15.0.75.82~20.04.33 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.33 No subscription required linux-image-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04 - 5.15.0.75.82~20.04.36 linux-image-extra-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-oem-20.04 - 5.15.0.75.82~20.04.36 linux-oem-20.04 - 5.15.0.75.82~20.04.36 linux-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04d - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04b - 5.15.0.75.82~20.04.36 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-oem-20.04b - 5.15.0.75.82~20.04.36 linux-headers-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-oem-20.04c - 5.15.0.75.82~20.04.36 linux-image-oem-20.04d - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04b - 5.15.0.75.82~20.04.36 linux-tools-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-modules-iwlwifi-oem-20.04d - 5.15.0.75.82~20.04.36 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04c - 5.15.0.75.82~20.04.36 linux-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-oem-20.04d - 5.15.0.75.82~20.04.36 linux-oem-20.04c - 5.15.0.75.82~20.04.36 linux-oem-20.04b - 5.15.0.75.82~20.04.36 linux-tools-oem-20.04 - 5.15.0.75.82~20.04.36 linux-image-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-tools-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04c - 5.15.0.75.82~20.04.36 linux-headers-oem-20.04d - 5.15.0.75.82~20.04.36 linux-image-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-generic-lpae-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-tools-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-oem-20.04 - 5.15.0.75.82~20.04.36 linux-generic-lpae-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-tools-generic-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-headers-generic-hwe-20.04-edge - 5.15.0.75.82~20.04.36 linux-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-image-generic-64k-hwe-20.04 - 5.15.0.75.82~20.04.36 linux-headers-virtual-hwe-20.04 - 5.15.0.75.82~20.04.36 No subscription required linux-image-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-image-5.4.0-152-generic - 5.4.0-152.169 linux-source-5.4.0 - 5.4.0-152.169 linux-headers-5.4.0-152-generic - 5.4.0-152.169 linux-tools-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-tools-5.4.0-152-generic - 5.4.0-152.169 linux-cloud-tools-common - 5.4.0-152.169 linux-modules-5.4.0-152-generic - 5.4.0-152.169 linux-libc-dev - 5.4.0-152.169 linux-image-5.4.0-152-lowlatency - 5.4.0-152.169 linux-cloud-tools-5.4.0-152 - 5.4.0-152.169 linux-buildinfo-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-image-unsigned-5.4.0-152-generic - 5.4.0-152.169 linux-tools-host - 5.4.0-152.169 linux-buildinfo-5.4.0-152-generic - 5.4.0-152.169 linux-headers-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-modules-5.4.0-152-lowlatency - 5.4.0-152.169 linux-tools-5.4.0-152 - 5.4.0-152.169 linux-modules-extra-5.4.0-152-generic - 5.4.0-152.169 linux-tools-common - 5.4.0-152.169 linux-buildinfo-5.4.0-152-lowlatency - 5.4.0-152.169 linux-doc - 5.4.0-152.169 linux-headers-5.4.0-152 - 5.4.0-152.169 linux-modules-5.4.0-152-generic-lpae - 5.4.0-152.169 linux-tools-5.4.0-152-lowlatency - 5.4.0-152.169 linux-cloud-tools-5.4.0-152-lowlatency - 5.4.0-152.169 linux-cloud-tools-5.4.0-152-generic - 5.4.0-152.169 linux-image-unsigned-5.4.0-152-lowlatency - 5.4.0-152.169 linux-headers-5.4.0-152-lowlatency - 5.4.0-152.169 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-image-virtual - 5.4.0.152.149 linux-tools-lowlatency - 5.4.0.152.149 linux-headers-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-headers-generic-hwe-18.04 - 5.4.0.152.149 linux-source - 5.4.0.152.149 linux-cloud-tools-generic - 5.4.0.152.149 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-generic - 5.4.0.152.149 linux-generic-hwe-18.04-edge - 5.4.0.152.149 linux-virtual-hwe-18.04 - 5.4.0.152.149 linux-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-headers-generic-hwe-18.04-edge - 5.4.0.152.149 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.152.149 linux-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-tools-virtual-hwe-18.04 - 5.4.0.152.149 linux-image-lowlatency - 5.4.0.152.149 linux-image-oem-osp1 - 5.4.0.152.149 linux-crashdump - 5.4.0.152.149 linux-headers-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-tools-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-headers-virtual-hwe-18.04 - 5.4.0.152.149 linux-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-tools-oem-osp1 - 5.4.0.152.149 linux-generic-lpae - 5.4.0.152.149 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-image-generic-hwe-18.04-edge - 5.4.0.152.149 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-oem - 5.4.0.152.149 linux-tools-generic - 5.4.0.152.149 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-headers-virtual - 5.4.0.152.149 linux-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.152.149 linux-image-generic-lpae - 5.4.0.152.149 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.152.149 linux-image-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.152.149 linux-image-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-image-generic-hwe-18.04 - 5.4.0.152.149 linux-image-oem - 5.4.0.152.149 linux-tools-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-lowlatency - 5.4.0.152.149 linux-tools-virtual - 5.4.0.152.149 linux-virtual - 5.4.0.152.149 linux-image-extra-virtual - 5.4.0.152.149 linux-headers-oem - 5.4.0.152.149 linux-tools-generic-hwe-18.04-edge - 5.4.0.152.149 linux-image-virtual-hwe-18.04 - 5.4.0.152.149 linux-cloud-tools-lowlatency - 5.4.0.152.149 linux-headers-lowlatency - 5.4.0.152.149 linux-oem-osp1 - 5.4.0.152.149 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.152.149 linux-image-lowlatency-hwe-18.04 - 5.4.0.152.149 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.152.149 linux-cloud-tools-virtual - 5.4.0.152.149 linux-headers-generic-lpae - 5.4.0.152.149 linux-oem-osp1-tools-host - 5.4.0.152.149 linux-image-generic - 5.4.0.152.149 linux-image-extra-virtual-hwe-18.04 - 5.4.0.152.149 linux-tools-generic-lpae - 5.4.0.152.149 linux-tools-oem - 5.4.0.152.149 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.152.149 linux-oem-tools-host - 5.4.0.152.149 linux-headers-oem-osp1 - 5.4.0.152.149 linux-headers-generic - 5.4.0.152.149 linux-generic-hwe-18.04 - 5.4.0.152.149 linux-tools-generic-hwe-18.04 - 5.4.0.152.149 No subscription required Medium CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985 Ubuntu 20.04 LTS It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6176-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pypdf2 - 1.26.0-3ubuntu1.20.04.1 python-pypdf2 - 1.26.0-3ubuntu1.20.04.1 No subscription required Medium CVE-2022-24859 Ubuntu 20.04 LTS It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6177-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjettison-java - 1.4.0-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-40149 CVE-2022-40150 CVE-2022-45685 CVE-2022-45693 Ubuntu 20.04 LTS It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6179-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjettison-java - 1.4.0-1ubuntu0.20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-1436 Ubuntu 20.04 LTS It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-19721) It was discovered that VLC could be made to write out of bounds when processing H.264 video files. If a user were tricked into opening a crafted H.264 video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-13428) It was discovered that VLC could be made to read out of bounds when processing AVI video files. If a user were tricked into opening a crafted AVI video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-25801, CVE-2021-25802, CVE-2021-25803, CVE-2021-25804) It was discovered that the VNC module of VLC contained an arithmetic overflow. If a user were tricked into opening a crafted playlist or connecting to a rouge VNC server, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2022-41325) Update Instructions: Run `sudo pro fix USN-6180-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vlc-plugin-notify - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-svg - 3.0.9.2-1ubuntu0.1~esm1 vlc-l10n - 3.0.9.2-1ubuntu0.1~esm1 libvlc-dev - 3.0.9.2-1ubuntu0.1~esm1 libvlccore9 - 3.0.9.2-1ubuntu0.1~esm1 libvlc-bin - 3.0.9.2-1ubuntu0.1~esm1 vlc - 3.0.9.2-1ubuntu0.1~esm1 vlc-data - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-fluidsynth - 3.0.9.2-1ubuntu0.1~esm1 libvlc5 - 3.0.9.2-1ubuntu0.1~esm1 vlc-bin - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-visualization - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-jack - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-samba - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-qt - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-base - 3.0.9.2-1ubuntu0.1~esm1 libvlccore-dev - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-access-extra - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-skins2 - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-video-output - 3.0.9.2-1ubuntu0.1~esm1 vlc-plugin-video-splitter - 3.0.9.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-19721 CVE-2020-13428 CVE-2021-25801 CVE-2021-25802 CVE-2021-25803 CVE-2021-25804 CVE-2022-41325 Ubuntu 20.04 LTS It was discovered that pngcheck incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6182-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pngcheck - 2.3.0-7ubuntu0.20.04.1 No subscription required Medium CVE-2020-27818 CVE-2020-35511 Ubuntu 20.04 LTS Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-2828) It was discovered that Bind incorrectly handled the recursive-clients quota. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-2911) Update Instructions: Run `sudo pro fix USN-6183-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.15 bind9-libs - 1:9.16.1-0ubuntu2.15 bind9utils - 1:9.16.1-0ubuntu2.15 bind9-doc - 1:9.16.1-0ubuntu2.15 bind9-utils - 1:9.16.1-0ubuntu2.15 bind9 - 1:9.16.1-0ubuntu2.15 bind9-dnsutils - 1:9.16.1-0ubuntu2.15 bind9-host - 1:9.16.1-0ubuntu2.15 No subscription required Medium CVE-2023-2828 CVE-2023-2911 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6184-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.4 cups-bsd - 2.3.1-9ubuntu1.4 cups-common - 2.3.1-9ubuntu1.4 cups-core-drivers - 2.3.1-9ubuntu1.4 cups-server-common - 2.3.1-9ubuntu1.4 libcupsimage2 - 2.3.1-9ubuntu1.4 cups-client - 2.3.1-9ubuntu1.4 cups-ipp-utils - 2.3.1-9ubuntu1.4 libcups2 - 2.3.1-9ubuntu1.4 cups-ppdc - 2.3.1-9ubuntu1.4 cups - 2.3.1-9ubuntu1.4 libcupsimage2-dev - 2.3.1-9ubuntu1.4 cups-daemon - 2.3.1-9ubuntu1.4 No subscription required Medium CVE-2023-34241 Ubuntu 20.04 LTS It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Update Instructions: Run `sudo pro fix USN-6185-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1051-ibm - 5.4.0-1051.56 linux-tools-5.4.0-1051-ibm - 5.4.0-1051.56 linux-buildinfo-5.4.0-1051-ibm - 5.4.0-1051.56 linux-ibm-tools-common - 5.4.0-1051.56 linux-headers-5.4.0-1051-ibm - 5.4.0-1051.56 linux-image-unsigned-5.4.0-1051-ibm - 5.4.0-1051.56 linux-modules-5.4.0-1051-ibm - 5.4.0-1051.56 linux-ibm-source-5.4.0 - 5.4.0-1051.56 linux-ibm-cloud-tools-common - 5.4.0-1051.56 linux-ibm-tools-5.4.0-1051 - 5.4.0-1051.56 linux-image-5.4.0-1051-ibm - 5.4.0-1051.56 linux-ibm-headers-5.4.0-1051 - 5.4.0-1051.56 No subscription required linux-tools-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-image-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-image-unsigned-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-bluefield-headers-5.4.0-1065 - 5.4.0-1065.71 linux-bluefield-tools-5.4.0-1065 - 5.4.0-1065.71 linux-buildinfo-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-headers-5.4.0-1065-bluefield - 5.4.0-1065.71 linux-modules-5.4.0-1065-bluefield - 5.4.0-1065.71 No subscription required linux-gkeop-headers-5.4.0-1071 - 5.4.0-1071.75 linux-modules-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-modules-extra-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-buildinfo-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-gkeop-source-5.4.0 - 5.4.0-1071.75 linux-gkeop-cloud-tools-5.4.0-1071 - 5.4.0-1071.75 linux-gkeop-tools-5.4.0-1071 - 5.4.0-1071.75 linux-headers-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-tools-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-image-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-image-unsigned-5.4.0-1071-gkeop - 5.4.0-1071.75 linux-cloud-tools-5.4.0-1071-gkeop - 5.4.0-1071.75 No subscription required linux-raspi-headers-5.4.0-1088 - 5.4.0-1088.99 linux-tools-5.4.0-1088-raspi - 5.4.0-1088.99 linux-image-5.4.0-1088-raspi - 5.4.0-1088.99 linux-buildinfo-5.4.0-1088-raspi - 5.4.0-1088.99 linux-headers-5.4.0-1088-raspi - 5.4.0-1088.99 linux-raspi-tools-5.4.0-1088 - 5.4.0-1088.99 linux-modules-5.4.0-1088-raspi - 5.4.0-1088.99 No subscription required linux-tools-5.4.0-1093-kvm - 5.4.0-1093.99 linux-buildinfo-5.4.0-1093-kvm - 5.4.0-1093.99 linux-image-unsigned-5.4.0-1093-kvm - 5.4.0-1093.99 linux-headers-5.4.0-1093-kvm - 5.4.0-1093.99 linux-kvm-headers-5.4.0-1093 - 5.4.0-1093.99 linux-modules-5.4.0-1093-kvm - 5.4.0-1093.99 linux-image-5.4.0-1093-kvm - 5.4.0-1093.99 linux-kvm-tools-5.4.0-1093 - 5.4.0-1093.99 No subscription required linux-gke-headers-5.4.0-1102 - 5.4.0-1102.109 linux-headers-5.4.0-1102-gke - 5.4.0-1102.109 linux-buildinfo-5.4.0-1102-gke - 5.4.0-1102.109 linux-image-5.4.0-1102-gke - 5.4.0-1102.109 linux-tools-5.4.0-1102-gke - 5.4.0-1102.109 linux-image-unsigned-5.4.0-1102-gke - 5.4.0-1102.109 linux-modules-5.4.0-1102-gke - 5.4.0-1102.109 linux-gke-tools-5.4.0-1102 - 5.4.0-1102.109 linux-modules-extra-5.4.0-1102-gke - 5.4.0-1102.109 No subscription required linux-oracle-tools-5.4.0-1103 - 5.4.0-1103.112 linux-headers-5.4.0-1103-oracle - 5.4.0-1103.112 linux-oracle-headers-5.4.0-1103 - 5.4.0-1103.112 linux-tools-5.4.0-1103-oracle - 5.4.0-1103.112 linux-buildinfo-5.4.0-1103-oracle - 5.4.0-1103.112 linux-image-5.4.0-1103-oracle - 5.4.0-1103.112 linux-modules-extra-5.4.0-1103-oracle - 5.4.0-1103.112 linux-modules-5.4.0-1103-oracle - 5.4.0-1103.112 linux-image-unsigned-5.4.0-1103-oracle - 5.4.0-1103.112 No subscription required linux-buildinfo-5.4.0-1104-aws - 5.4.0-1104.112 linux-image-unsigned-5.4.0-1104-aws - 5.4.0-1104.112 linux-image-5.4.0-1104-aws - 5.4.0-1104.112 linux-aws-tools-5.4.0-1104 - 5.4.0-1104.112 linux-cloud-tools-5.4.0-1104-aws - 5.4.0-1104.112 linux-modules-5.4.0-1104-aws - 5.4.0-1104.112 linux-aws-headers-5.4.0-1104 - 5.4.0-1104.112 linux-aws-cloud-tools-5.4.0-1104 - 5.4.0-1104.112 linux-headers-5.4.0-1104-aws - 5.4.0-1104.112 linux-tools-5.4.0-1104-aws - 5.4.0-1104.112 linux-modules-extra-5.4.0-1104-aws - 5.4.0-1104.112 No subscription required linux-image-5.4.0-1107-gcp - 5.4.0-1107.116 linux-headers-5.4.0-1107-gcp - 5.4.0-1107.116 linux-image-unsigned-5.4.0-1107-gcp - 5.4.0-1107.116 linux-gcp-headers-5.4.0-1107 - 5.4.0-1107.116 linux-tools-5.4.0-1107-gcp - 5.4.0-1107.116 linux-modules-5.4.0-1107-gcp - 5.4.0-1107.116 linux-buildinfo-5.4.0-1107-gcp - 5.4.0-1107.116 linux-gcp-tools-5.4.0-1107 - 5.4.0-1107.116 linux-modules-extra-5.4.0-1107-gcp - 5.4.0-1107.116 No subscription required linux-buildinfo-5.4.0-1110-azure - 5.4.0-1110.116 linux-azure-tools-5.4.0-1110 - 5.4.0-1110.116 linux-image-unsigned-5.4.0-1110-azure - 5.4.0-1110.116 linux-image-5.4.0-1110-azure - 5.4.0-1110.116 linux-modules-5.4.0-1110-azure - 5.4.0-1110.116 linux-cloud-tools-5.4.0-1110-azure - 5.4.0-1110.116 linux-tools-5.4.0-1110-azure - 5.4.0-1110.116 linux-azure-headers-5.4.0-1110 - 5.4.0-1110.116 linux-headers-5.4.0-1110-azure - 5.4.0-1110.116 linux-azure-cloud-tools-5.4.0-1110 - 5.4.0-1110.116 linux-modules-extra-5.4.0-1110-azure - 5.4.0-1110.116 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1051.77 linux-image-ibm - 5.4.0.1051.77 linux-headers-ibm-lts-20.04 - 5.4.0.1051.77 linux-tools-ibm - 5.4.0.1051.77 linux-modules-extra-ibm - 5.4.0.1051.77 linux-image-ibm-lts-20.04 - 5.4.0.1051.77 linux-ibm-lts-20.04 - 5.4.0.1051.77 linux-ibm - 5.4.0.1051.77 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1051.77 linux-headers-ibm - 5.4.0.1051.77 No subscription required linux-bluefield - 5.4.0.1065.60 linux-image-bluefield - 5.4.0.1065.60 linux-headers-bluefield - 5.4.0.1065.60 linux-tools-bluefield - 5.4.0.1065.60 No subscription required linux-headers-gkeop - 5.4.0.1071.69 linux-cloud-tools-gkeop-5.4 - 5.4.0.1071.69 linux-image-gkeop - 5.4.0.1071.69 linux-modules-extra-gkeop-5.4 - 5.4.0.1071.69 linux-gkeop-5.4 - 5.4.0.1071.69 linux-image-gkeop-5.4 - 5.4.0.1071.69 linux-tools-gkeop - 5.4.0.1071.69 linux-gkeop - 5.4.0.1071.69 linux-headers-gkeop-5.4 - 5.4.0.1071.69 linux-modules-extra-gkeop - 5.4.0.1071.69 linux-tools-gkeop-5.4 - 5.4.0.1071.69 linux-cloud-tools-gkeop - 5.4.0.1071.69 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-headers-raspi2 - 5.4.0.1088.118 linux-image-raspi - 5.4.0.1088.118 linux-image-raspi-hwe-18.04 - 5.4.0.1088.118 linux-image-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-tools-raspi - 5.4.0.1088.118 linux-headers-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-headers-raspi-hwe-18.04 - 5.4.0.1088.118 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-headers-raspi - 5.4.0.1088.118 linux-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-raspi-hwe-18.04 - 5.4.0.1088.118 linux-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-image-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-image-raspi2 - 5.4.0.1088.118 linux-tools-raspi-hwe-18.04 - 5.4.0.1088.118 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-raspi-hwe-18.04-edge - 5.4.0.1088.118 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1088.118 linux-tools-raspi2-hwe-18.04 - 5.4.0.1088.118 linux-raspi2 - 5.4.0.1088.118 linux-tools-raspi2 - 5.4.0.1088.118 linux-raspi - 5.4.0.1088.118 No subscription required linux-kvm - 5.4.0.1093.88 linux-headers-kvm - 5.4.0.1093.88 linux-image-kvm - 5.4.0.1093.88 linux-tools-kvm - 5.4.0.1093.88 No subscription required linux-modules-extra-gke - 5.4.0.1102.107 linux-headers-gke-5.4 - 5.4.0.1102.107 linux-modules-extra-gke-5.4 - 5.4.0.1102.107 linux-gke-5.4 - 5.4.0.1102.107 linux-tools-gke - 5.4.0.1102.107 linux-gke - 5.4.0.1102.107 linux-headers-gke - 5.4.0.1102.107 linux-image-gke-5.4 - 5.4.0.1102.107 linux-image-gke - 5.4.0.1102.107 linux-tools-gke-5.4 - 5.4.0.1102.107 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1103.96 linux-headers-oracle-lts-20.04 - 5.4.0.1103.96 linux-oracle-lts-20.04 - 5.4.0.1103.96 linux-image-oracle-lts-20.04 - 5.4.0.1103.96 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1104.101 linux-image-aws-lts-20.04 - 5.4.0.1104.101 linux-headers-aws-lts-20.04 - 5.4.0.1104.101 linux-tools-aws-lts-20.04 - 5.4.0.1104.101 linux-aws-lts-20.04 - 5.4.0.1104.101 No subscription required linux-gcp-lts-20.04 - 5.4.0.1107.109 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1107.109 linux-headers-gcp-lts-20.04 - 5.4.0.1107.109 linux-image-gcp-lts-20.04 - 5.4.0.1107.109 linux-tools-gcp-lts-20.04 - 5.4.0.1107.109 No subscription required linux-azure-lts-20.04 - 5.4.0.1110.103 linux-image-azure-lts-20.04 - 5.4.0.1110.103 linux-modules-extra-azure-lts-20.04 - 5.4.0.1110.103 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1110.103 linux-tools-azure-lts-20.04 - 5.4.0.1110.103 linux-headers-azure-lts-20.04 - 5.4.0.1110.103 No subscription required Medium CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985 Ubuntu 20.04 LTS It was discovered that etcd leaked credentials when debugging was enabled. This allowed remote attackers to discover etcd authentication credentials and possibly escalate privileges on systems using etcd. Update Instructions: Run `sudo pro fix USN-6189-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: etcd-server - 3.2.26+dfsg-6ubuntu0.2+esm1 golang-etcd-server-dev - 3.2.26+dfsg-6ubuntu0.2+esm1 etcd-client - 3.2.26+dfsg-6ubuntu0.2+esm1 etcd - 3.2.26+dfsg-6ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-28235 Ubuntu 20.04 LTS Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6190-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.6 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.6 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.6 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.6 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.6 No subscription required Medium CVE-2023-3297 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6193-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-5.15-cloud-tools-5.15.0-1023 - 5.15.0-1023.28~20.04.1 linux-modules-extra-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-image-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-headers-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-gkeop-5.15-tools-5.15.0-1023 - 5.15.0-1023.28~20.04.1 linux-image-unsigned-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-buildinfo-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-modules-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-cloud-tools-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 linux-gkeop-5.15-headers-5.15.0-1023 - 5.15.0-1023.28~20.04.1 linux-tools-5.15.0-1023-gkeop - 5.15.0-1023.28~20.04.1 No subscription required linux-gke-5.15-headers-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-image-unsigned-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-headers-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-modules-iwlwifi-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-gke-5.15-tools-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-buildinfo-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-image-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-modules-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-modules-extra-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 linux-tools-5.15.0-1037-gke - 5.15.0-1037.42~20.04.1 No subscription required linux-image-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-modules-extra-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-buildinfo-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-modules-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-image-unsigned-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-gcp-5.15-tools-5.15.0-1037 - 5.15.0-1037.45~20.04.1 linux-headers-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-tools-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-modules-iwlwifi-5.15.0-1037-gcp - 5.15.0-1037.45~20.04.1 linux-gcp-5.15-headers-5.15.0-1037 - 5.15.0-1037.45~20.04.1 No subscription required linux-tools-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-image-unsigned-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-modules-extra-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-headers-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-modules-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-image-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 linux-oracle-5.15-headers-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-oracle-5.15-tools-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-buildinfo-5.15.0-1038-oracle - 5.15.0-1038.44~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-image-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-tools-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-buildinfo-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-modules-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-headers-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-image-unsigned-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-cloud-tools-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-modules-extra-5.15.0-1039-aws - 5.15.0-1039.44~20.04.1 linux-aws-5.15-tools-5.15.0-1039 - 5.15.0-1039.44~20.04.1 No subscription required linux-modules-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-azure-5.15-tools-5.15.0-1041 - 5.15.0-1041.48~20.04.1 linux-buildinfo-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-cloud-tools-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-headers-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-tools-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-modules-extra-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-image-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-image-unsigned-5.15.0-1041-azure - 5.15.0-1041.48~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1041 - 5.15.0-1041.48~20.04.1 linux-azure-5.15-headers-5.15.0-1041 - 5.15.0-1041.48~20.04.1 No subscription required linux-image-unsigned-5.15.0-1041-azure-fde - 5.15.0-1041.48~20.04.1.1 linux-image-5.15.0-1041-azure-fde - 5.15.0-1041.48~20.04.1.1 No subscription required linux-image-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-cloud-tools-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-76.83~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-cloud-tools-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-iwlwifi-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-modules-extra-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-hwe-5.15-headers-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-76.83~20.04.1 linux-modules-iwlwifi-5.15.0-76-generic - 5.15.0-76.83~20.04.1 linux-hwe-5.15-tools-5.15.0-76 - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-76.83~20.04.1 linux-buildinfo-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-modules-5.15.0-76-lowlatency - 5.15.0-76.83~20.04.1 linux-image-unsigned-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 linux-image-5.15.0-76-generic-lpae - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-headers-5.15.0-76-generic-64k - 5.15.0-76.83~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-76.83~20.04.1 linux-tools-5.15.0-76-lowlatency-64k - 5.15.0-76.83~20.04.1 No subscription required linux-image-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-headers-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-headers-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-tools-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-image-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-cloud-tools-gkeop-5.15 - 5.15.0.1023.28~20.04.19 linux-modules-extra-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-tools-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-cloud-tools-gkeop-edge - 5.15.0.1023.28~20.04.19 linux-modules-extra-gkeop-5.15 - 5.15.0.1023.28~20.04.19 No subscription required linux-image-gke-edge - 5.15.0.1037.42~20.04.1 linux-headers-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-image-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-tools-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-headers-gke-edge - 5.15.0.1037.42~20.04.1 linux-gke-5.15 - 5.15.0.1037.42~20.04.1 linux-tools-gke-edge - 5.15.0.1037.42~20.04.1 linux-gke-edge - 5.15.0.1037.42~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1037.45~20.04.1 linux-headers-gcp-edge - 5.15.0.1037.45~20.04.1 linux-modules-extra-gcp - 5.15.0.1037.45~20.04.1 linux-gcp - 5.15.0.1037.45~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1037.45~20.04.1 linux-image-gcp - 5.15.0.1037.45~20.04.1 linux-tools-gcp-edge - 5.15.0.1037.45~20.04.1 linux-tools-gcp - 5.15.0.1037.45~20.04.1 linux-headers-gcp - 5.15.0.1037.45~20.04.1 linux-gcp-edge - 5.15.0.1037.45~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1038.44~20.04.1 linux-tools-oracle - 5.15.0.1038.44~20.04.1 linux-tools-oracle-edge - 5.15.0.1038.44~20.04.1 linux-oracle-edge - 5.15.0.1038.44~20.04.1 linux-image-oracle-edge - 5.15.0.1038.44~20.04.1 linux-image-oracle - 5.15.0.1038.44~20.04.1 linux-headers-oracle-edge - 5.15.0.1038.44~20.04.1 linux-oracle - 5.15.0.1038.44~20.04.1 No subscription required linux-image-aws - 5.15.0.1039.44~20.04.28 linux-aws-edge - 5.15.0.1039.44~20.04.28 linux-headers-aws - 5.15.0.1039.44~20.04.28 linux-modules-extra-aws-edge - 5.15.0.1039.44~20.04.28 linux-image-aws-edge - 5.15.0.1039.44~20.04.28 linux-headers-aws-edge - 5.15.0.1039.44~20.04.28 linux-modules-extra-aws - 5.15.0.1039.44~20.04.28 linux-tools-aws - 5.15.0.1039.44~20.04.28 linux-tools-aws-edge - 5.15.0.1039.44~20.04.28 linux-aws - 5.15.0.1039.44~20.04.28 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-tools-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-modules-extra-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-image-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-cloud-tools-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-headers-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-tools-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-image-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-modules-extra-azure-fde - 5.15.0.1041.48~20.04.1.20 linux-headers-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 linux-azure-fde-edge - 5.15.0.1041.48~20.04.1.20 No subscription required linux-cloud-tools-azure - 5.15.0.1041.48~20.04.31 linux-modules-extra-azure-cvm - 5.15.0.1041.48~20.04.31 linux-azure - 5.15.0.1041.48~20.04.31 linux-image-azure - 5.15.0.1041.48~20.04.31 linux-headers-azure-edge - 5.15.0.1041.48~20.04.31 linux-headers-azure - 5.15.0.1041.48~20.04.31 linux-tools-azure-edge - 5.15.0.1041.48~20.04.31 linux-azure-cvm - 5.15.0.1041.48~20.04.31 linux-modules-extra-azure-edge - 5.15.0.1041.48~20.04.31 linux-headers-azure-cvm - 5.15.0.1041.48~20.04.31 linux-cloud-tools-azure-cvm - 5.15.0.1041.48~20.04.31 linux-tools-azure - 5.15.0.1041.48~20.04.31 linux-image-azure-edge - 5.15.0.1041.48~20.04.31 linux-image-azure-cvm - 5.15.0.1041.48~20.04.31 linux-tools-azure-cvm - 5.15.0.1041.48~20.04.31 linux-cloud-tools-azure-edge - 5.15.0.1041.48~20.04.31 linux-modules-extra-azure - 5.15.0.1041.48~20.04.31 linux-azure-edge - 5.15.0.1041.48~20.04.31 No subscription required linux-tools-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-image-lowlatency-hwe-20.04 - 5.15.0.76.83~20.04.34 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.34 No subscription required linux-headers-oem-20.04 - 5.15.0.76.83~20.04.37 linux-image-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-extra-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-oem-20.04 - 5.15.0.76.83~20.04.37 linux-oem-20.04 - 5.15.0.76.83~20.04.37 linux-tools-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04d - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04b - 5.15.0.76.83~20.04.37 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-oem-20.04 - 5.15.0.76.83~20.04.37 linux-image-oem-20.04c - 5.15.0.76.83~20.04.37 linux-image-oem-20.04b - 5.15.0.76.83~20.04.37 linux-image-oem-20.04d - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-modules-iwlwifi-oem-20.04d - 5.15.0.76.83~20.04.37 linux-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04c - 5.15.0.76.83~20.04.37 linux-oem-20.04d - 5.15.0.76.83~20.04.37 linux-oem-20.04c - 5.15.0.76.83~20.04.37 linux-oem-20.04b - 5.15.0.76.83~20.04.37 linux-tools-oem-20.04 - 5.15.0.76.83~20.04.37 linux-image-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04b - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04c - 5.15.0.76.83~20.04.37 linux-headers-oem-20.04d - 5.15.0.76.83~20.04.37 linux-image-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-tools-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-image-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-generic-lpae-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-tools-generic-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-headers-generic-hwe-20.04-edge - 5.15.0.76.83~20.04.37 linux-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-image-generic-64k-hwe-20.04 - 5.15.0.76.83~20.04.37 linux-generic-lpae-hwe-20.04 - 5.15.0.76.83~20.04.37 No subscription required linux-tools-5.4.0-1052-ibm - 5.4.0-1052.57 linux-ibm-headers-5.4.0-1052 - 5.4.0-1052.57 linux-modules-extra-5.4.0-1052-ibm - 5.4.0-1052.57 linux-image-5.4.0-1052-ibm - 5.4.0-1052.57 linux-ibm-cloud-tools-common - 5.4.0-1052.57 linux-ibm-tools-5.4.0-1052 - 5.4.0-1052.57 linux-buildinfo-5.4.0-1052-ibm - 5.4.0-1052.57 linux-modules-5.4.0-1052-ibm - 5.4.0-1052.57 linux-ibm-tools-common - 5.4.0-1052.57 linux-image-unsigned-5.4.0-1052-ibm - 5.4.0-1052.57 linux-ibm-source-5.4.0 - 5.4.0-1052.57 linux-headers-5.4.0-1052-ibm - 5.4.0-1052.57 No subscription required linux-image-unsigned-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-headers-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-buildinfo-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-bluefield-tools-5.4.0-1066 - 5.4.0-1066.72 linux-image-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-tools-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-modules-5.4.0-1066-bluefield - 5.4.0-1066.72 linux-bluefield-headers-5.4.0-1066 - 5.4.0-1066.72 No subscription required linux-gkeop-headers-5.4.0-1072 - 5.4.0-1072.76 linux-buildinfo-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-gkeop-tools-5.4.0-1072 - 5.4.0-1072.76 linux-modules-extra-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-image-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-modules-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-headers-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-gkeop-source-5.4.0 - 5.4.0-1072.76 linux-gkeop-cloud-tools-5.4.0-1072 - 5.4.0-1072.76 linux-image-unsigned-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-tools-5.4.0-1072-gkeop - 5.4.0-1072.76 linux-cloud-tools-5.4.0-1072-gkeop - 5.4.0-1072.76 No subscription required linux-raspi-headers-5.4.0-1089 - 5.4.0-1089.100 linux-headers-5.4.0-1089-raspi - 5.4.0-1089.100 linux-image-5.4.0-1089-raspi - 5.4.0-1089.100 linux-buildinfo-5.4.0-1089-raspi - 5.4.0-1089.100 linux-tools-5.4.0-1089-raspi - 5.4.0-1089.100 linux-raspi-tools-5.4.0-1089 - 5.4.0-1089.100 linux-modules-5.4.0-1089-raspi - 5.4.0-1089.100 No subscription required linux-modules-5.4.0-1094-kvm - 5.4.0-1094.100 linux-buildinfo-5.4.0-1094-kvm - 5.4.0-1094.100 linux-image-unsigned-5.4.0-1094-kvm - 5.4.0-1094.100 linux-kvm-headers-5.4.0-1094 - 5.4.0-1094.100 linux-kvm-tools-5.4.0-1094 - 5.4.0-1094.100 linux-tools-5.4.0-1094-kvm - 5.4.0-1094.100 linux-headers-5.4.0-1094-kvm - 5.4.0-1094.100 linux-image-5.4.0-1094-kvm - 5.4.0-1094.100 No subscription required linux-oracle-headers-5.4.0-1104 - 5.4.0-1104.113 linux-tools-5.4.0-1104-oracle - 5.4.0-1104.113 linux-buildinfo-5.4.0-1104-oracle - 5.4.0-1104.113 linux-image-unsigned-5.4.0-1104-oracle - 5.4.0-1104.113 linux-image-5.4.0-1104-oracle - 5.4.0-1104.113 linux-modules-5.4.0-1104-oracle - 5.4.0-1104.113 linux-oracle-tools-5.4.0-1104 - 5.4.0-1104.113 linux-headers-5.4.0-1104-oracle - 5.4.0-1104.113 linux-modules-extra-5.4.0-1104-oracle - 5.4.0-1104.113 No subscription required linux-cloud-tools-5.4.0-1105-aws - 5.4.0-1105.113 linux-headers-5.4.0-1105-aws - 5.4.0-1105.113 linux-aws-headers-5.4.0-1105 - 5.4.0-1105.113 linux-tools-5.4.0-1105-aws - 5.4.0-1105.113 linux-buildinfo-5.4.0-1105-aws - 5.4.0-1105.113 linux-modules-extra-5.4.0-1105-aws - 5.4.0-1105.113 linux-image-5.4.0-1105-aws - 5.4.0-1105.113 linux-modules-5.4.0-1105-aws - 5.4.0-1105.113 linux-aws-tools-5.4.0-1105 - 5.4.0-1105.113 linux-image-unsigned-5.4.0-1105-aws - 5.4.0-1105.113 linux-aws-cloud-tools-5.4.0-1105 - 5.4.0-1105.113 No subscription required linux-gcp-tools-5.4.0-1108 - 5.4.0-1108.117 linux-image-5.4.0-1108-gcp - 5.4.0-1108.117 linux-buildinfo-5.4.0-1108-gcp - 5.4.0-1108.117 linux-image-unsigned-5.4.0-1108-gcp - 5.4.0-1108.117 linux-headers-5.4.0-1108-gcp - 5.4.0-1108.117 linux-modules-extra-5.4.0-1108-gcp - 5.4.0-1108.117 linux-modules-5.4.0-1108-gcp - 5.4.0-1108.117 linux-gcp-headers-5.4.0-1108 - 5.4.0-1108.117 linux-tools-5.4.0-1108-gcp - 5.4.0-1108.117 No subscription required linux-modules-extra-5.4.0-1111-azure - 5.4.0-1111.117 linux-headers-5.4.0-1111-azure - 5.4.0-1111.117 linux-modules-5.4.0-1111-azure - 5.4.0-1111.117 linux-buildinfo-5.4.0-1111-azure - 5.4.0-1111.117 linux-azure-headers-5.4.0-1111 - 5.4.0-1111.117 linux-azure-cloud-tools-5.4.0-1111 - 5.4.0-1111.117 linux-image-5.4.0-1111-azure - 5.4.0-1111.117 linux-azure-tools-5.4.0-1111 - 5.4.0-1111.117 linux-image-unsigned-5.4.0-1111-azure - 5.4.0-1111.117 linux-cloud-tools-5.4.0-1111-azure - 5.4.0-1111.117 linux-tools-5.4.0-1111-azure - 5.4.0-1111.117 No subscription required linux-source-5.4.0 - 5.4.0-153.170 linux-modules-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-cloud-tools-5.4.0-153-generic - 5.4.0-153.170 linux-image-unsigned-5.4.0-153-generic - 5.4.0-153.170 linux-cloud-tools-common - 5.4.0-153.170 linux-modules-5.4.0-153-generic - 5.4.0-153.170 linux-headers-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-libc-dev - 5.4.0-153.170 linux-buildinfo-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-headers-5.4.0-153-generic - 5.4.0-153.170 linux-headers-5.4.0-153-lowlatency - 5.4.0-153.170 linux-cloud-tools-5.4.0-153 - 5.4.0-153.170 linux-tools-host - 5.4.0-153.170 linux-tools-5.4.0-153-generic - 5.4.0-153.170 linux-buildinfo-5.4.0-153-lowlatency - 5.4.0-153.170 linux-image-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-tools-5.4.0-153 - 5.4.0-153.170 linux-image-5.4.0-153-lowlatency - 5.4.0-153.170 linux-modules-extra-5.4.0-153-generic - 5.4.0-153.170 linux-buildinfo-5.4.0-153-generic - 5.4.0-153.170 linux-tools-common - 5.4.0-153.170 linux-tools-5.4.0-153-generic-lpae - 5.4.0-153.170 linux-doc - 5.4.0-153.170 linux-headers-5.4.0-153 - 5.4.0-153.170 linux-tools-5.4.0-153-lowlatency - 5.4.0-153.170 linux-image-unsigned-5.4.0-153-lowlatency - 5.4.0-153.170 linux-image-5.4.0-153-generic - 5.4.0-153.170 linux-modules-5.4.0-153-lowlatency - 5.4.0-153.170 linux-cloud-tools-5.4.0-153-lowlatency - 5.4.0-153.170 No subscription required linux-tools-ibm - 5.4.0.1052.78 linux-image-ibm-lts-20.04 - 5.4.0.1052.78 linux-tools-ibm-lts-20.04 - 5.4.0.1052.78 linux-ibm-lts-20.04 - 5.4.0.1052.78 linux-ibm - 5.4.0.1052.78 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1052.78 linux-headers-ibm - 5.4.0.1052.78 linux-image-ibm - 5.4.0.1052.78 linux-headers-ibm-lts-20.04 - 5.4.0.1052.78 linux-modules-extra-ibm - 5.4.0.1052.78 No subscription required linux-tools-bluefield - 5.4.0.1066.61 linux-image-bluefield - 5.4.0.1066.61 linux-headers-bluefield - 5.4.0.1066.61 linux-bluefield - 5.4.0.1066.61 No subscription required linux-cloud-tools-gkeop-5.4 - 5.4.0.1072.70 linux-image-gkeop - 5.4.0.1072.70 linux-gkeop-5.4 - 5.4.0.1072.70 linux-image-gkeop-5.4 - 5.4.0.1072.70 linux-headers-gkeop-5.4 - 5.4.0.1072.70 linux-modules-extra-gkeop - 5.4.0.1072.70 linux-tools-gkeop-5.4 - 5.4.0.1072.70 linux-headers-gkeop - 5.4.0.1072.70 linux-tools-gkeop - 5.4.0.1072.70 linux-cloud-tools-gkeop - 5.4.0.1072.70 linux-modules-extra-gkeop-5.4 - 5.4.0.1072.70 linux-gkeop - 5.4.0.1072.70 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-image-raspi-hwe-18.04 - 5.4.0.1089.119 linux-headers-raspi-hwe-18.04 - 5.4.0.1089.119 linux-headers-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-headers-raspi - 5.4.0.1089.119 linux-image-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-tools-raspi-hwe-18.04 - 5.4.0.1089.119 linux-headers-raspi2 - 5.4.0.1089.119 linux-raspi-hwe-18.04 - 5.4.0.1089.119 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-raspi-hwe-18.04-edge - 5.4.0.1089.119 linux-tools-raspi2 - 5.4.0.1089.119 linux-raspi2 - 5.4.0.1089.119 linux-image-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-tools-raspi - 5.4.0.1089.119 linux-raspi2-hwe-18.04 - 5.4.0.1089.119 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-image-raspi - 5.4.0.1089.119 linux-raspi - 5.4.0.1089.119 linux-raspi2-hwe-18.04-edge - 5.4.0.1089.119 linux-image-raspi2 - 5.4.0.1089.119 linux-tools-raspi2-hwe-18.04 - 5.4.0.1089.119 No subscription required linux-kvm - 5.4.0.1094.89 linux-image-kvm - 5.4.0.1094.89 linux-tools-kvm - 5.4.0.1094.89 linux-headers-kvm - 5.4.0.1094.89 No subscription required linux-image-oracle-lts-20.04 - 5.4.0.1104.97 linux-headers-oracle-lts-20.04 - 5.4.0.1104.97 linux-tools-oracle-lts-20.04 - 5.4.0.1104.97 linux-oracle-lts-20.04 - 5.4.0.1104.97 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1105.102 linux-aws-lts-20.04 - 5.4.0.1105.102 linux-modules-extra-aws-lts-20.04 - 5.4.0.1105.102 linux-tools-aws-lts-20.04 - 5.4.0.1105.102 linux-image-aws-lts-20.04 - 5.4.0.1105.102 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1108.110 linux-gcp-lts-20.04 - 5.4.0.1108.110 linux-image-gcp-lts-20.04 - 5.4.0.1108.110 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1108.110 linux-headers-gcp-lts-20.04 - 5.4.0.1108.110 No subscription required linux-azure-lts-20.04 - 5.4.0.1111.104 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1111.104 linux-tools-azure-lts-20.04 - 5.4.0.1111.104 linux-headers-azure-lts-20.04 - 5.4.0.1111.104 linux-image-azure-lts-20.04 - 5.4.0.1111.104 linux-modules-extra-azure-lts-20.04 - 5.4.0.1111.104 No subscription required linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-image-virtual - 5.4.0.153.150 linux-tools-lowlatency - 5.4.0.153.150 linux-tools-virtual-hwe-18.04 - 5.4.0.153.150 linux-headers-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-image-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-headers-generic-hwe-18.04 - 5.4.0.153.150 linux-source - 5.4.0.153.150 linux-cloud-tools-generic - 5.4.0.153.150 linux-tools-virtual - 5.4.0.153.150 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-generic - 5.4.0.153.150 linux-generic-hwe-18.04-edge - 5.4.0.153.150 linux-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-headers-generic-hwe-18.04-edge - 5.4.0.153.150 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.153.150 linux-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-image-oem-osp1 - 5.4.0.153.150 linux-crashdump - 5.4.0.153.150 linux-headers-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-tools-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-headers-virtual-hwe-18.04 - 5.4.0.153.150 linux-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-generic-lpae - 5.4.0.153.150 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-image-generic-hwe-18.04-edge - 5.4.0.153.150 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-oem - 5.4.0.153.150 linux-tools-generic - 5.4.0.153.150 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-headers-virtual - 5.4.0.153.150 linux-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.153.150 linux-image-generic-lpae - 5.4.0.153.150 linux-image-lowlatency - 5.4.0.153.150 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.153.150 linux-image-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.153.150 linux-image-generic-hwe-18.04 - 5.4.0.153.150 linux-image-oem - 5.4.0.153.150 linux-tools-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-lowlatency - 5.4.0.153.150 linux-virtual - 5.4.0.153.150 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.153.150 linux-image-extra-virtual - 5.4.0.153.150 linux-headers-oem - 5.4.0.153.150 linux-tools-generic-hwe-18.04-edge - 5.4.0.153.150 linux-image-virtual-hwe-18.04 - 5.4.0.153.150 linux-cloud-tools-lowlatency - 5.4.0.153.150 linux-headers-lowlatency - 5.4.0.153.150 linux-oem-osp1 - 5.4.0.153.150 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-image-lowlatency-hwe-18.04 - 5.4.0.153.150 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-cloud-tools-virtual - 5.4.0.153.150 linux-headers-generic-lpae - 5.4.0.153.150 linux-oem-osp1-tools-host - 5.4.0.153.150 linux-image-generic - 5.4.0.153.150 linux-image-extra-virtual-hwe-18.04 - 5.4.0.153.150 linux-tools-oem-osp1 - 5.4.0.153.150 linux-tools-generic-lpae - 5.4.0.153.150 linux-virtual-hwe-18.04 - 5.4.0.153.150 linux-tools-oem - 5.4.0.153.150 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.153.150 linux-oem-tools-host - 5.4.0.153.150 linux-headers-oem-osp1 - 5.4.0.153.150 linux-headers-generic - 5.4.0.153.150 linux-generic-hwe-18.04 - 5.4.0.153.150 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.153.150 linux-tools-generic-hwe-18.04 - 5.4.0.153.150 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that ReportLab incorrectly handled certain PDF files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6196-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-reportlab-accel - 3.5.34-1ubuntu1.1 python-reportlab-doc - 3.5.34-1ubuntu1.1 python3-reportlab - 3.5.34-1ubuntu1.1 python3-renderpm - 3.5.34-1ubuntu1.1 No subscription required High CVE-2023-33733 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain Digest authentication for SOAP. An attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6199-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.19 php7.4-readline - 7.4.3-4ubuntu2.19 php7.4-dba - 7.4.3-4ubuntu2.19 php7.4-common - 7.4.3-4ubuntu2.19 php7.4-json - 7.4.3-4ubuntu2.19 php7.4-xmlrpc - 7.4.3-4ubuntu2.19 php7.4-intl - 7.4.3-4ubuntu2.19 php7.4-phpdbg - 7.4.3-4ubuntu2.19 php7.4-ldap - 7.4.3-4ubuntu2.19 php7.4-soap - 7.4.3-4ubuntu2.19 php7.4-xsl - 7.4.3-4ubuntu2.19 php7.4-pgsql - 7.4.3-4ubuntu2.19 php7.4-pspell - 7.4.3-4ubuntu2.19 php7.4-zip - 7.4.3-4ubuntu2.19 php7.4-interbase - 7.4.3-4ubuntu2.19 php7.4-enchant - 7.4.3-4ubuntu2.19 php7.4-odbc - 7.4.3-4ubuntu2.19 php7.4 - 7.4.3-4ubuntu2.19 php7.4-mbstring - 7.4.3-4ubuntu2.19 php7.4-imap - 7.4.3-4ubuntu2.19 php7.4-bz2 - 7.4.3-4ubuntu2.19 php7.4-cgi - 7.4.3-4ubuntu2.19 php7.4-bcmath - 7.4.3-4ubuntu2.19 php7.4-dev - 7.4.3-4ubuntu2.19 php7.4-curl - 7.4.3-4ubuntu2.19 php7.4-tidy - 7.4.3-4ubuntu2.19 php7.4-gmp - 7.4.3-4ubuntu2.19 php7.4-sqlite3 - 7.4.3-4ubuntu2.19 php7.4-fpm - 7.4.3-4ubuntu2.19 php7.4-sybase - 7.4.3-4ubuntu2.19 php7.4-cli - 7.4.3-4ubuntu2.19 libphp7.4-embed - 7.4.3-4ubuntu2.19 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.19 php7.4-mysql - 7.4.3-4ubuntu2.19 php7.4-snmp - 7.4.3-4ubuntu2.19 php7.4-xml - 7.4.3-4ubuntu2.19 php7.4-opcache - 7.4.3-4ubuntu2.19 No subscription required Medium CVE-2023-3247 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20241, CVE-2021-20243) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20244, CVE-2021-20309) It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20246) It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image data. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20312) It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20313) It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module policy. An attacker could use this issue to read and write certain restricted files. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-39212) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2021-3610, CVE-2023-1906, CVE-2023-3428) It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1289) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted tiff file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-3195) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2023-34151) Update Instructions: Run `sudo pro fix USN-6200-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.9 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9 No subscription required Medium CVE-2020-29599 CVE-2021-20224 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-3610 CVE-2021-39212 CVE-2022-28463 CVE-2022-32545 CVE-2022-32546 CVE-2022-32547 CVE-2023-1289 CVE-2023-1906 CVE-2023-3195 CVE-2023-34151 CVE-2023-3428 Ubuntu 20.04 LTS USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599) It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20224) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20241, CVE-2021-20243) It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20244, CVE-2021-20309) It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20246) It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image data. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20312) It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20313) It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module policy. An attacker could use this issue to read and write certain restricted files. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-39212) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2021-3610, CVE-2023-1906, CVE-2023-3428) It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1289) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted tiff file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-3195) It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2023-34151) Update Instructions: Run `sudo pro fix USN-6200-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.10 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.10 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.10 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.10 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.10 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.10 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.10 No subscription required Medium CVE-2023-1289 CVE-2023-34151 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-37201, CVE-2023-37202, CVE-2023-37205, CVE-2023-37207, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212) Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage. (CVE-2023-3482) Paul Nickerson discovered that Firefox did have insufficient validation in the Drag and Drop API. If a user were tricked into creating a shortcut to local system files, an attacker could execute arbitrary code. (CVE-2023-37203) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using an option element having an expensive computational function. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-37204) Ameen Basha M K discovered that Firefox did not properly validate symlinks in the FileSystem API. If a user were tricked into uploading a symlinked file to a malicious website, an attacker could obtain sensitive information. (CVE-2023-37206) Puf discovered that Firefox did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code. (CVE-2023-37208) Update Instructions: Run `sudo pro fix USN-6201-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ne - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nb - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fa - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fi - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-fy - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-or - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-kab - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-oc - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-cs - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ga - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gd - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-gu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-pa - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-pl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-cy - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-pt - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-szl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hi - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-uk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-he - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hy - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-as - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ar - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ia - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-az - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-id - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mai - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-af - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-is - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-it - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-an - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-bs - 115.0+build2-0ubuntu0.20.04.3 firefox - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ro - 115.0+build2-0ubuntu0.20.04.3 firefox-geckodriver - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ja - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ru - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-br - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-zh-hant - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-zh-hans - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-bn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-be - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-bg - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sl - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-si - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sw - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sv - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-sq - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ko - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-kn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-km - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-kk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ka - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-xh - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ca - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ku - 115.0+build2-0ubuntu0.20.04.3 firefox-mozsymbols - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-lv - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-lt - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-th - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-hsb - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-tg - 115.0+build2-0ubuntu0.20.04.3 firefox-dev - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-te - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-cak - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ta - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-lg - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-csb - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-tr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-nso - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-de - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-da - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ms - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mr - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-my - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-uz - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ml - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mn - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-mk - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ur - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-eu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-et - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-es - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-vi - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-el - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-eo - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-en - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-zu - 115.0+build2-0ubuntu0.20.04.3 firefox-locale-ast - 115.0+build2-0ubuntu0.20.04.3 No subscription required Medium CVE-2023-3482 CVE-2023-37201 CVE-2023-37202 CVE-2023-37203 CVE-2023-37204 CVE-2023-37205 CVE-2023-37206 CVE-2023-37207 CVE-2023-37208 CVE-2023-37209 CVE-2023-37210 CVE-2023-37211 CVE-2023-37212 Ubuntu 20.04 LTS David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. (CVE-2023-25153) It was discovered that containerd incorrectly set up supplementary groups inside a container. An attacker with direct access to the container could possibly use this issue to obtain sensitive information or execute code with higher privileges. (CVE-2023-25173) Update Instructions: Run `sudo pro fix USN-6202-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: containerd - 1.6.12-0ubuntu1~20.04.3 golang-github-containerd-containerd-dev - 1.6.12-0ubuntu1~20.04.3 No subscription required Medium CVE-2023-25153 CVE-2023-25173 Ubuntu 20.04 LTS Seokchan Yoon discovered that Django incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6203-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.18 python-django-doc - 2:2.2.12-1ubuntu0.18 No subscription required Medium CVE-2023-36053 Ubuntu 20.04 LTS Seth Arnold discovered that CPDB incorrectly handled certain characters. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6204-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcpdb-libs-common1 - 1.2.0-0ubuntu7.1 libcpdb-libs-common-dev - 1.2.0-0ubuntu7.1 libcpdb-libs-frontend-dev - 1.2.0-0ubuntu7.1 libcpdb-libs-backend-dev - 1.2.0-0ubuntu7.1 libcpdb-libs-frontend1 - 1.2.0-0ubuntu7.1 No subscription required Medium CVE-2023-34095 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6205-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1103-gke - 5.4.0-1103.110 linux-modules-extra-5.4.0-1103-gke - 5.4.0-1103.110 linux-gke-tools-5.4.0-1103 - 5.4.0-1103.110 linux-buildinfo-5.4.0-1103-gke - 5.4.0-1103.110 linux-image-unsigned-5.4.0-1103-gke - 5.4.0-1103.110 linux-image-5.4.0-1103-gke - 5.4.0-1103.110 linux-headers-5.4.0-1103-gke - 5.4.0-1103.110 linux-modules-5.4.0-1103-gke - 5.4.0-1103.110 linux-gke-headers-5.4.0-1103 - 5.4.0-1103.110 No subscription required linux-modules-extra-gke - 5.4.0.1103.108 linux-image-gke - 5.4.0.1103.108 linux-gke-5.4 - 5.4.0.1103.108 linux-headers-gke-5.4 - 5.4.0.1103.108 linux-image-gke-5.4 - 5.4.0.1103.108 linux-tools-gke-5.4 - 5.4.0.1103.108 linux-modules-extra-gke-5.4 - 5.4.0.1103.108 linux-headers-gke - 5.4.0.1103.108 linux-gke - 5.4.0.1103.108 linux-tools-gke - 5.4.0.1103.108 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Update Instructions: Run `sudo pro fix USN-6207-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-headers-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-cloud-tools-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-image-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-modules-iwlwifi-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1033.38~20.04.1 linux-tools-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-modules-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-image-unsigned-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-buildinfo-5.15.0-1033-intel-iotg - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1033 - 5.15.0-1033.38~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.38~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1033.38~20.04.24 linux-tools-intel - 5.15.0.1033.38~20.04.24 linux-intel-iotg - 5.15.0.1033.38~20.04.24 linux-headers-intel - 5.15.0.1033.38~20.04.24 linux-tools-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-intel - 5.15.0.1033.38~20.04.24 linux-image-intel-iotg - 5.15.0.1033.38~20.04.24 linux-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-image-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-headers-intel-iotg - 5.15.0.1033.38~20.04.24 linux-image-intel - 5.15.0.1033.38~20.04.24 linux-headers-intel-iotg-edge - 5.15.0.1033.38~20.04.24 linux-tools-intel-iotg - 5.15.0.1033.38~20.04.24 No subscription required Medium CVE-2023-1076 CVE-2023-1077 CVE-2023-1079 CVE-2023-1670 CVE-2023-1859 CVE-2023-1998 CVE-2023-25012 CVE-2023-2985 Ubuntu 20.04 LTS Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to crash Gerbv (resulting in a denial of service), or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40391, CVE-2021-40394) Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to disclose information, crash Gerbv (resulting in a denial of service), or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40393) Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to disclose information. (CVE-2021-40400, CVE-2021-40403) Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber files. An attacker could possibly use this issue to disclose information, crash Gerbv (resulting in a denial of service), or execute arbitrary code. (CVE-2021-40401) Update Instructions: Run `sudo pro fix USN-6209-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gerbv - 2.7.0-1ubuntu0.1 No subscription required Medium CVE-2021-40391 CVE-2021-40393 CVE-2021-40394 CVE-2021-40400 CVE-2021-40401 CVE-2021-40403 Ubuntu 20.04 LTS It was discovered that Doorkeeper incorrectly performed authorization checks for public clients that have been previous approved. An attacker could potentially exploit these in order to impersonate another user and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6210-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-doorkeeper - 5.0.2-2ubuntu0.1 No subscription required High CVE-2023-34246 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6212-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-modules-extra-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-headers-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-modules-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-modules-iwlwifi-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-cloud-tools-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-tools-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1034.39~20.04.1 linux-image-unsigned-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-buildinfo-5.15.0-1034-intel-iotg - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.39~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1034 - 5.15.0-1034.39~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1034.39~20.04.25 linux-tools-intel - 5.15.0.1034.39~20.04.25 linux-intel-iotg - 5.15.0.1034.39~20.04.25 linux-headers-intel - 5.15.0.1034.39~20.04.25 linux-tools-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-intel - 5.15.0.1034.39~20.04.25 linux-image-intel-iotg - 5.15.0.1034.39~20.04.25 linux-image-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-headers-intel-iotg - 5.15.0.1034.39~20.04.25 linux-image-intel - 5.15.0.1034.39~20.04.25 linux-headers-intel-iotg-edge - 5.15.0.1034.39~20.04.25 linux-tools-intel-iotg - 5.15.0.1034.39~20.04.25 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6213-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.8 ghostscript-x - 9.50~dfsg-5ubuntu4.8 libgs-dev - 9.50~dfsg-5ubuntu4.8 ghostscript-doc - 9.50~dfsg-5ubuntu4.8 libgs9 - 9.50~dfsg-5ubuntu4.8 libgs9-common - 9.50~dfsg-5ubuntu4.8 No subscription required Medium CVE-2023-36664 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37211) P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code. (CVE-2023-37208) Update Instructions: Run `sudo pro fix USN-6214-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.13.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.13.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.13.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.13.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.13.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-34414 CVE-2023-34416 CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37208 CVE-2023-37211 Ubuntu 20.04 LTS It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606) Update Instructions: Run `sudo pro fix USN-6215-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dwarves - 1.21-0ubuntu1~20.04.1 No subscription required Medium CVE-2022-3534 CVE-2022-3606 Ubuntu 20.04 LTS It was discovered that lib3mf did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted 3MF file, a local attacker could possibly use this issue to cause applications using lib3mf to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6216-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lib3mf1 - 1.8.1+ds-3ubuntu0.2 lib3mf-doc - 1.8.1+ds-3ubuntu0.2 lib3mf-dev - 1.8.1+ds-3ubuntu0.2 No subscription required Medium CVE-2021-21772 Ubuntu 20.04 LTS A use-after-free was discovered in Firefox when handling workers. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6218-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 115.0.2+build1-0ubuntu0.20.04.1 firefox - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 115.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 115.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 115.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 115.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 115.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-3600 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 20.04 LTS. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue exists because of an incomplete fix for CVE-2023-28755. (CVE-2023-36617) Update Instructions: Run `sudo pro fix USN-6219-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.12 ruby2.7-doc - 2.7.0-5ubuntu1.12 libruby2.7 - 2.7.0-5ubuntu1.12 ruby2.7-dev - 2.7.0-5ubuntu1.12 No subscription required Medium CVE-2023-28755 CVE-2023-36617 Ubuntu 20.04 LTS Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Sanan Hasanov discovered that the framebuffer console driver in the Linux kernel did not properly perform checks for font dimension limits. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-3161) Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Update Instructions: Run `sudo pro fix USN-6222-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-tools-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-xilinx-zynqmp-tools-5.4.0-1024 - 5.4.0-1024.28 linux-image-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-buildinfo-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-headers-5.4.0-1024-xilinx-zynqmp - 5.4.0-1024.28 linux-xilinx-zynqmp-headers-5.4.0-1024 - 5.4.0-1024.28 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1024.27 linux-image-xilinx-zynqmp - 5.4.0.1024.27 linux-tools-xilinx-zynqmp - 5.4.0.1024.27 linux-xilinx-zynqmp - 5.4.0.1024.27 No subscription required High CVE-2022-3108 CVE-2022-3707 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-0459 CVE-2023-1073 CVE-2023-1074 CVE-2023-1075 CVE-2023-1076 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1380 CVE-2023-1513 CVE-2023-1670 CVE-2023-1829 CVE-2023-1859 CVE-2023-1998 CVE-2023-2162 CVE-2023-25012 CVE-2023-2612 CVE-2023-26545 CVE-2023-2985 CVE-2023-30456 CVE-2023-31436 CVE-2023-3161 CVE-2023-32233 CVE-2023-32269 Ubuntu 20.04 LTS It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicous domains and cause a denial of service. Update Instructions: Run `sudo pro fix USN-6225-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: knot-resolver - 3.2.1-3ubuntu2.1 knot-resolver-doc - 3.2.1-3ubuntu2.1 knot-resolver-module-http - 3.2.1-3ubuntu2.1 No subscription required Medium CVE-2022-40188 Ubuntu 20.04 LTS It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-25399) A use-after-free was discovered in SciPy when handling reference counts. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-29824) Update Instructions: Run `sudo pro fix USN-6226-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-scipy - 1.3.3-3ubuntu0.1~esm1 python-scipy-doc - 1.3.3-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-25399 CVE-2023-29824 Ubuntu 20.04 LTS It was discovered that wkhtmltopdf was not properly enforcing the same-origin policy when processing certain HTML files. If a user or automated system using wkhtmltopdf were tricked into processing a specially crafted HTML file, an attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6232-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: wkhtmltopdf - 0.12.5-1ubuntu0.1 No subscription required Medium CVE-2020-21365 Ubuntu 20.04 LTS USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated system using YAJL were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service (application abort). (CVE-2017-16516) It was discovered that YAJL was not properly handling memory allocation when dealing with large inputs, which could lead to heap memory corruption. If a user or automated system using YAJL were tricked into running a specially crafted large input, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-24795) It was discovered that memory leaks existed in one of the YAJL parsing functions. An attacker could possibly use this issue to cause a denial of service (memory exhaustion). (CVE-2023-33460) Update Instructions: Run `sudo pro fix USN-6233-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: yajl-tools - 2.1.0-3ubuntu0.20.04.1 libyajl-doc - 2.1.0-3ubuntu0.20.04.1 libyajl-dev - 2.1.0-3ubuntu0.20.04.1 libyajl2 - 2.1.0-3ubuntu0.20.04.1 No subscription required Medium CVE-2017-16516 CVE-2022-24795 CVE-2023-33460 Ubuntu 20.04 LTS Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6234-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-xilinx-zynqmp-headers-5.4.0-1025 - 5.4.0-1025.29 linux-modules-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-image-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-buildinfo-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-tools-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 linux-xilinx-zynqmp-tools-5.4.0-1025 - 5.4.0-1025.29 linux-headers-5.4.0-1025-xilinx-zynqmp - 5.4.0-1025.29 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1025.27 linux-tools-xilinx-zynqmp - 5.4.0.1025.27 linux-headers-xilinx-zynqmp - 5.4.0.1025.27 linux-xilinx-zynqmp - 5.4.0.1025.27 No subscription required High CVE-2023-35788 https://launchpad.net/bugs/2023577 https://launchpad.net/bugs/2023220 Ubuntu 20.04 LTS It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833) It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676) It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097) It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098) It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292) It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293) It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488) Update Instructions: Run `sudo pro fix USN-6236-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: connman - 1.36-2ubuntu0.1 connman-doc - 1.36-2ubuntu0.1 connman-vpn - 1.36-2ubuntu0.1 connman-dev - 1.36-2ubuntu0.1 No subscription required Medium CVE-2021-26675 CVE-2021-26676 CVE-2021-33833 CVE-2022-23096 CVE-2022-23097 CVE-2022-23098 CVE-2022-32292 CVE-2022-32293 CVE-2023-28488 Ubuntu 20.04 LTS Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. (CVE-2023-28321) Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. (CVE-2023-28322) It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-32001) Update Instructions: Run `sudo pro fix USN-6237-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.19 libcurl4-openssl-dev - 7.68.0-1ubuntu2.19 libcurl3-gnutls - 7.68.0-1ubuntu2.19 libcurl4-doc - 7.68.0-1ubuntu2.19 libcurl3-nss - 7.68.0-1ubuntu2.19 libcurl4-nss-dev - 7.68.0-1ubuntu2.19 libcurl4 - 7.68.0-1ubuntu2.19 curl - 7.68.0-1ubuntu2.19 No subscription required Low CVE-2023-28321 CVE-2023-28322 Ubuntu 20.04 LTS It was discovered that Samba incorrectly handled Winbind NTLM authentication responses. An attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-2127) Andreas Schneider discovered that Samba incorrectly enforced SMB2 packet signing. A remote attacker could possibly use this issue to obtain or modify sensitive information. This issue only affected Ubuntu 23.04. (CVE-2023-3347) Florent Saudel and Arnaud Gatignolof discovered that Samba incorrectly handled certain Spotlight requests. A remote attacker could possibly use this issue to cause Samba to consume resources, leading to a denial of service. (CVE-2023-34966, CVE-2023-34967) Ralph Boehme and Stefan Metzmacher discovered that Samba incorrectly handled paths returned by Spotlight requests. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-34968) Update Instructions: Run `sudo pro fix USN-6238-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.3 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.3 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.3 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.3 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.3 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.3 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.3 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.3 No subscription required Medium CVE-2022-2127 CVE-2023-3347 CVE-2023-34966 CVE-2023-34967 CVE-2023-34968 Ubuntu 20.04 LTS It was discovered that ECDSA Util did not properly verify certain signature values. An attacker could possibly use this issue to bypass signature verification. Update Instructions: Run `sudo pro fix USN-6239-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ecdsautils - 0.3.2+git20151018-2+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-24884 Ubuntu 20.04 LTS It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6242-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.8 openssh-server - 1:8.2p1-4ubuntu0.8 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.8 ssh - 1:8.2p1-4ubuntu0.8 openssh-tests - 1:8.2p1-4ubuntu0.8 openssh-sftp-server - 1:8.2p1-4ubuntu0.8 No subscription required Medium CVE-2023-38408 Ubuntu 20.04 LTS It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2017-18638) It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. (CVE-2022-4728, CVE-2022-4729, CVE-2022-4730) Update Instructions: Run `sudo pro fix USN-6243-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: graphite-web - 1.1.4-5ubuntu0.1 No subscription required Medium CVE-2017-18638 CVE-2022-4728 CVE-2022-4729 CVE-2022-4730 Ubuntu 20.04 LTS Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6244-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amd64-microcode - 3.20191218.1ubuntu1.1 No subscription required High CVE-2023-20593 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31248) Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3389) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Lin Ma discovered that a race condition existed in the MCTP implementation in the Linux kernel, leading to a use-after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3439) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6246-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-gkeop-5.15-tools-5.15.0-1024 - 5.15.0-1024.29~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1024 - 5.15.0-1024.29~20.04.1 linux-tools-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-image-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-modules-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-gkeop-5.15-headers-5.15.0-1024 - 5.15.0-1024.29~20.04.1 linux-buildinfo-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-modules-extra-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-cloud-tools-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 linux-headers-5.15.0-1024-gkeop - 5.15.0-1024.29~20.04.1 No subscription required linux-gke-5.15-headers-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-tools-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-gke-5.15-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-modules-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-buildinfo-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-modules-extra-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-image-unsigned-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-modules-iwlwifi-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-headers-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 linux-image-5.15.0-1038-gke - 5.15.0-1038.43~20.04.1 No subscription required linux-modules-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-modules-iwlwifi-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-tools-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-headers-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-gcp-5.15-headers-5.15.0-1038 - 5.15.0-1038.46~20.04.1 linux-image-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-buildinfo-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-gcp-5.15-tools-5.15.0-1038 - 5.15.0-1038.46~20.04.1 linux-modules-extra-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 linux-image-unsigned-5.15.0-1038-gcp - 5.15.0-1038.46~20.04.1 No subscription required linux-buildinfo-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-modules-extra-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-oracle-5.15-tools-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-tools-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-oracle-5.15-headers-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-modules-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-headers-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-image-unsigned-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 linux-image-5.15.0-1039-oracle - 5.15.0-1039.45~20.04.1 No subscription required linux-headers-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-aws-5.15-headers-5.15.0-1040 - 5.15.0-1040.45~20.04.1 linux-modules-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-image-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.45~20.04.1 linux-cloud-tools-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-tools-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-buildinfo-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-modules-extra-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 linux-aws-5.15-tools-5.15.0-1040 - 5.15.0-1040.45~20.04.1 linux-image-unsigned-5.15.0-1040-aws - 5.15.0-1040.45~20.04.1 No subscription required linux-cloud-tools-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-tools-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-image-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-headers-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-modules-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-azure-5.15-headers-5.15.0-1042 - 5.15.0-1042.49~20.04.1 linux-buildinfo-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1042 - 5.15.0-1042.49~20.04.1 linux-azure-5.15-tools-5.15.0-1042 - 5.15.0-1042.49~20.04.1 linux-modules-extra-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 linux-image-unsigned-5.15.0-1042-azure - 5.15.0-1042.49~20.04.1 No subscription required linux-image-5.15.0-1042-azure-fde - 5.15.0-1042.49~20.04.1.1 linux-image-unsigned-5.15.0-1042-azure-fde - 5.15.0-1042.49~20.04.1.1 No subscription required linux-headers-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-modules-extra-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-78.85~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-78.85~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-cloud-tools-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-cloud-tools-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-modules-iwlwifi-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-modules-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 linux-modules-iwlwifi-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-78.85~20.04.1 linux-buildinfo-5.15.0-78-generic-64k - 5.15.0-78.85~20.04.1 linux-headers-5.15.0-78-generic - 5.15.0-78.85~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-78.85~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-image-5.15.0-78-generic-lpae - 5.15.0-78.85~20.04.1 linux-image-unsigned-5.15.0-78-lowlatency - 5.15.0-78.85~20.04.1 linux-hwe-5.15-headers-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-78.85~20.04.1 linux-hwe-5.15-tools-5.15.0-78 - 5.15.0-78.85~20.04.1 linux-tools-5.15.0-78-lowlatency-64k - 5.15.0-78.85~20.04.1 No subscription required linux-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-headers-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-image-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-headers-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-tools-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-image-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-cloud-tools-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-cloud-tools-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-modules-extra-gkeop-edge - 5.15.0.1024.29~20.04.20 linux-tools-gkeop-5.15 - 5.15.0.1024.29~20.04.20 linux-modules-extra-gkeop-5.15 - 5.15.0.1024.29~20.04.20 No subscription required linux-tools-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-headers-gke-edge - 5.15.0.1038.43~20.04.1 linux-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-image-gke-5.15 - 5.15.0.1038.43~20.04.1 linux-tools-gke-edge - 5.15.0.1038.43~20.04.1 linux-image-gke-edge - 5.15.0.1038.43~20.04.1 linux-gke-edge - 5.15.0.1038.43~20.04.1 linux-headers-gke-5.15 - 5.15.0.1038.43~20.04.1 No subscription required linux-headers-gcp - 5.15.0.1038.46~20.04.1 linux-image-gcp-edge - 5.15.0.1038.46~20.04.1 linux-headers-gcp-edge - 5.15.0.1038.46~20.04.1 linux-modules-extra-gcp - 5.15.0.1038.46~20.04.1 linux-gcp-edge - 5.15.0.1038.46~20.04.1 linux-tools-gcp - 5.15.0.1038.46~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1038.46~20.04.1 linux-tools-gcp-edge - 5.15.0.1038.46~20.04.1 linux-gcp - 5.15.0.1038.46~20.04.1 linux-image-gcp - 5.15.0.1038.46~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1039.45~20.04.1 linux-tools-oracle-edge - 5.15.0.1039.45~20.04.1 linux-oracle-edge - 5.15.0.1039.45~20.04.1 linux-image-oracle-edge - 5.15.0.1039.45~20.04.1 linux-headers-oracle-edge - 5.15.0.1039.45~20.04.1 linux-image-oracle - 5.15.0.1039.45~20.04.1 linux-tools-oracle - 5.15.0.1039.45~20.04.1 linux-oracle - 5.15.0.1039.45~20.04.1 No subscription required linux-headers-aws - 5.15.0.1040.45~20.04.29 linux-image-aws - 5.15.0.1040.45~20.04.29 linux-modules-extra-aws-edge - 5.15.0.1040.45~20.04.29 linux-image-aws-edge - 5.15.0.1040.45~20.04.29 linux-aws-edge - 5.15.0.1040.45~20.04.29 linux-aws - 5.15.0.1040.45~20.04.29 linux-headers-aws-edge - 5.15.0.1040.45~20.04.29 linux-modules-extra-aws - 5.15.0.1040.45~20.04.29 linux-tools-aws - 5.15.0.1040.45~20.04.29 linux-tools-aws-edge - 5.15.0.1040.45~20.04.29 No subscription required linux-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-cloud-tools-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-modules-extra-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-tools-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-headers-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-image-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-tools-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-image-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-azure-fde-edge - 5.15.0.1042.49~20.04.1.21 linux-modules-extra-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-cloud-tools-azure-fde - 5.15.0.1042.49~20.04.1.21 linux-headers-azure-fde - 5.15.0.1042.49~20.04.1.21 No subscription required linux-tools-azure-edge - 5.15.0.1042.49~20.04.32 linux-cloud-tools-azure - 5.15.0.1042.49~20.04.32 linux-headers-azure-cvm - 5.15.0.1042.49~20.04.32 linux-tools-azure - 5.15.0.1042.49~20.04.32 linux-cloud-tools-azure-edge - 5.15.0.1042.49~20.04.32 linux-image-azure-cvm - 5.15.0.1042.49~20.04.32 linux-modules-extra-azure-cvm - 5.15.0.1042.49~20.04.32 linux-tools-azure-cvm - 5.15.0.1042.49~20.04.32 linux-modules-extra-azure - 5.15.0.1042.49~20.04.32 linux-image-azure - 5.15.0.1042.49~20.04.32 linux-cloud-tools-azure-cvm - 5.15.0.1042.49~20.04.32 linux-azure-edge - 5.15.0.1042.49~20.04.32 linux-azure-cvm - 5.15.0.1042.49~20.04.32 linux-modules-extra-azure-edge - 5.15.0.1042.49~20.04.32 linux-headers-azure-edge - 5.15.0.1042.49~20.04.32 linux-image-azure-edge - 5.15.0.1042.49~20.04.32 linux-azure - 5.15.0.1042.49~20.04.32 linux-headers-azure - 5.15.0.1042.49~20.04.32 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-image-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-lowlatency-64k-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.35 linux-tools-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-lowlatency-hwe-20.04 - 5.15.0.78.85~20.04.35 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.78.85~20.04.35 No subscription required linux-headers-oem-20.04 - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04b - 5.15.0.78.85~20.04.38 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-oem-20.04b - 5.15.0.78.85~20.04.38 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-extra-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04c - 5.15.0.78.85~20.04.38 linux-headers-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04d - 5.15.0.78.85~20.04.38 linux-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-oem-20.04c - 5.15.0.78.85~20.04.38 linux-image-oem-20.04d - 5.15.0.78.85~20.04.38 linux-headers-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-oem-20.04 - 5.15.0.78.85~20.04.38 linux-image-oem-20.04 - 5.15.0.78.85~20.04.38 linux-oem-20.04b - 5.15.0.78.85~20.04.38 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-oem-20.04d - 5.15.0.78.85~20.04.38 linux-tools-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-oem-20.04 - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-oem-20.04 - 5.15.0.78.85~20.04.38 linux-tools-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-generic-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-tools-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-oem-20.04d - 5.15.0.78.85~20.04.38 linux-oem-20.04c - 5.15.0.78.85~20.04.38 linux-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-tools-virtual-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-image-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-image-generic-64k-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04c - 5.15.0.78.85~20.04.38 linux-headers-virtual-hwe-20.04 - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04d - 5.15.0.78.85~20.04.38 linux-headers-oem-20.04b - 5.15.0.78.85~20.04.38 linux-generic-lpae-hwe-20.04 - 5.15.0.78.85~20.04.38 No subscription required High CVE-2023-3090 CVE-2023-31248 CVE-2023-3389 CVE-2023-3390 CVE-2023-3439 CVE-2023-35001 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6251-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-xilinx-zynqmp-tools-5.4.0-1026 - 5.4.0-1026.30 linux-buildinfo-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-headers-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-modules-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-tools-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 linux-xilinx-zynqmp-headers-5.4.0-1026 - 5.4.0-1026.30 linux-image-5.4.0-1026-xilinx-zynqmp - 5.4.0-1026.30 No subscription required linux-modules-5.4.0-1053-ibm - 5.4.0-1053.58 linux-ibm-source-5.4.0 - 5.4.0-1053.58 linux-ibm-tools-common - 5.4.0-1053.58 linux-ibm-cloud-tools-common - 5.4.0-1053.58 linux-tools-5.4.0-1053-ibm - 5.4.0-1053.58 linux-headers-5.4.0-1053-ibm - 5.4.0-1053.58 linux-image-5.4.0-1053-ibm - 5.4.0-1053.58 linux-modules-extra-5.4.0-1053-ibm - 5.4.0-1053.58 linux-image-unsigned-5.4.0-1053-ibm - 5.4.0-1053.58 linux-buildinfo-5.4.0-1053-ibm - 5.4.0-1053.58 linux-ibm-tools-5.4.0-1053 - 5.4.0-1053.58 linux-ibm-headers-5.4.0-1053 - 5.4.0-1053.58 No subscription required linux-modules-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-gkeop-cloud-tools-5.4.0-1073 - 5.4.0-1073.77 linux-image-unsigned-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-gkeop-source-5.4.0 - 5.4.0-1073.77 linux-gkeop-tools-5.4.0-1073 - 5.4.0-1073.77 linux-gkeop-headers-5.4.0-1073 - 5.4.0-1073.77 linux-buildinfo-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-cloud-tools-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-headers-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-modules-extra-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-image-5.4.0-1073-gkeop - 5.4.0-1073.77 linux-tools-5.4.0-1073-gkeop - 5.4.0-1073.77 No subscription required linux-headers-5.4.0-1090-raspi - 5.4.0-1090.101 linux-buildinfo-5.4.0-1090-raspi - 5.4.0-1090.101 linux-modules-5.4.0-1090-raspi - 5.4.0-1090.101 linux-raspi-tools-5.4.0-1090 - 5.4.0-1090.101 linux-image-5.4.0-1090-raspi - 5.4.0-1090.101 linux-tools-5.4.0-1090-raspi - 5.4.0-1090.101 linux-raspi-headers-5.4.0-1090 - 5.4.0-1090.101 No subscription required linux-modules-5.4.0-1095-kvm - 5.4.0-1095.101 linux-kvm-headers-5.4.0-1095 - 5.4.0-1095.101 linux-buildinfo-5.4.0-1095-kvm - 5.4.0-1095.101 linux-image-5.4.0-1095-kvm - 5.4.0-1095.101 linux-tools-5.4.0-1095-kvm - 5.4.0-1095.101 linux-headers-5.4.0-1095-kvm - 5.4.0-1095.101 linux-image-unsigned-5.4.0-1095-kvm - 5.4.0-1095.101 linux-kvm-tools-5.4.0-1095 - 5.4.0-1095.101 No subscription required linux-gke-headers-5.4.0-1104 - 5.4.0-1104.111 linux-image-unsigned-5.4.0-1104-gke - 5.4.0-1104.111 linux-modules-5.4.0-1104-gke - 5.4.0-1104.111 linux-modules-extra-5.4.0-1104-gke - 5.4.0-1104.111 linux-headers-5.4.0-1104-gke - 5.4.0-1104.111 linux-buildinfo-5.4.0-1104-gke - 5.4.0-1104.111 linux-image-5.4.0-1104-gke - 5.4.0-1104.111 linux-gke-tools-5.4.0-1104 - 5.4.0-1104.111 linux-tools-5.4.0-1104-gke - 5.4.0-1104.111 No subscription required linux-image-5.4.0-1105-oracle - 5.4.0-1105.114 linux-oracle-tools-5.4.0-1105 - 5.4.0-1105.114 linux-modules-5.4.0-1105-oracle - 5.4.0-1105.114 linux-modules-extra-5.4.0-1105-oracle - 5.4.0-1105.114 linux-buildinfo-5.4.0-1105-oracle - 5.4.0-1105.114 linux-oracle-headers-5.4.0-1105 - 5.4.0-1105.114 linux-tools-5.4.0-1105-oracle - 5.4.0-1105.114 linux-headers-5.4.0-1105-oracle - 5.4.0-1105.114 linux-image-unsigned-5.4.0-1105-oracle - 5.4.0-1105.114 No subscription required linux-image-unsigned-5.4.0-1106-aws - 5.4.0-1106.114 linux-tools-5.4.0-1106-aws - 5.4.0-1106.114 linux-buildinfo-5.4.0-1106-aws - 5.4.0-1106.114 linux-aws-headers-5.4.0-1106 - 5.4.0-1106.114 linux-modules-extra-5.4.0-1106-aws - 5.4.0-1106.114 linux-aws-tools-5.4.0-1106 - 5.4.0-1106.114 linux-image-5.4.0-1106-aws - 5.4.0-1106.114 linux-aws-cloud-tools-5.4.0-1106 - 5.4.0-1106.114 linux-modules-5.4.0-1106-aws - 5.4.0-1106.114 linux-headers-5.4.0-1106-aws - 5.4.0-1106.114 linux-cloud-tools-5.4.0-1106-aws - 5.4.0-1106.114 No subscription required linux-tools-5.4.0-1109-gcp - 5.4.0-1109.118 linux-gcp-tools-5.4.0-1109 - 5.4.0-1109.118 linux-headers-5.4.0-1109-gcp - 5.4.0-1109.118 linux-gcp-headers-5.4.0-1109 - 5.4.0-1109.118 linux-image-unsigned-5.4.0-1109-gcp - 5.4.0-1109.118 linux-image-5.4.0-1109-gcp - 5.4.0-1109.118 linux-modules-5.4.0-1109-gcp - 5.4.0-1109.118 linux-buildinfo-5.4.0-1109-gcp - 5.4.0-1109.118 linux-modules-extra-5.4.0-1109-gcp - 5.4.0-1109.118 No subscription required linux-headers-5.4.0-1112-azure - 5.4.0-1112.118 linux-azure-tools-5.4.0-1112 - 5.4.0-1112.118 linux-cloud-tools-5.4.0-1112-azure - 5.4.0-1112.118 linux-buildinfo-5.4.0-1112-azure - 5.4.0-1112.118 linux-azure-headers-5.4.0-1112 - 5.4.0-1112.118 linux-azure-cloud-tools-5.4.0-1112 - 5.4.0-1112.118 linux-modules-extra-5.4.0-1112-azure - 5.4.0-1112.118 linux-tools-5.4.0-1112-azure - 5.4.0-1112.118 linux-image-unsigned-5.4.0-1112-azure - 5.4.0-1112.118 linux-image-5.4.0-1112-azure - 5.4.0-1112.118 linux-modules-5.4.0-1112-azure - 5.4.0-1112.118 No subscription required linux-image-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-tools-common - 5.4.0-155.172 linux-tools-host - 5.4.0-155.172 linux-doc - 5.4.0-155.172 linux-headers-5.4.0-155 - 5.4.0-155.172 linux-modules-extra-5.4.0-155-generic - 5.4.0-155.172 linux-modules-5.4.0-155-generic - 5.4.0-155.172 linux-headers-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-cloud-tools-5.4.0-155-generic - 5.4.0-155.172 linux-libc-dev - 5.4.0-155.172 linux-source-5.4.0 - 5.4.0-155.172 linux-cloud-tools-common - 5.4.0-155.172 linux-image-5.4.0-155-generic - 5.4.0-155.172 linux-tools-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-cloud-tools-5.4.0-155 - 5.4.0-155.172 linux-tools-5.4.0-155 - 5.4.0-155.172 linux-image-unsigned-5.4.0-155-lowlatency - 5.4.0-155.172 linux-headers-5.4.0-155-lowlatency - 5.4.0-155.172 linux-image-unsigned-5.4.0-155-generic - 5.4.0-155.172 linux-buildinfo-5.4.0-155-generic-lpae - 5.4.0-155.172 linux-buildinfo-5.4.0-155-lowlatency - 5.4.0-155.172 linux-modules-5.4.0-155-lowlatency - 5.4.0-155.172 linux-image-5.4.0-155-lowlatency - 5.4.0-155.172 linux-headers-5.4.0-155-generic - 5.4.0-155.172 linux-cloud-tools-5.4.0-155-lowlatency - 5.4.0-155.172 linux-tools-5.4.0-155-generic - 5.4.0-155.172 linux-buildinfo-5.4.0-155-generic - 5.4.0-155.172 linux-tools-5.4.0-155-lowlatency - 5.4.0-155.172 linux-modules-5.4.0-155-generic-lpae - 5.4.0-155.172 No subscription required linux-xilinx-zynqmp - 5.4.0.1026.28 linux-image-xilinx-zynqmp - 5.4.0.1026.28 linux-tools-xilinx-zynqmp - 5.4.0.1026.28 linux-headers-xilinx-zynqmp - 5.4.0.1026.28 No subscription required linux-image-ibm-lts-20.04 - 5.4.0.1053.79 linux-image-ibm - 5.4.0.1053.79 linux-headers-ibm-lts-20.04 - 5.4.0.1053.79 linux-tools-ibm - 5.4.0.1053.79 linux-ibm - 5.4.0.1053.79 linux-modules-extra-ibm - 5.4.0.1053.79 linux-ibm-lts-20.04 - 5.4.0.1053.79 linux-tools-ibm-lts-20.04 - 5.4.0.1053.79 linux-headers-ibm - 5.4.0.1053.79 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1053.79 No subscription required linux-headers-gkeop - 5.4.0.1073.71 linux-cloud-tools-gkeop-5.4 - 5.4.0.1073.71 linux-image-gkeop - 5.4.0.1073.71 linux-modules-extra-gkeop-5.4 - 5.4.0.1073.71 linux-gkeop-5.4 - 5.4.0.1073.71 linux-image-gkeop-5.4 - 5.4.0.1073.71 linux-gkeop - 5.4.0.1073.71 linux-cloud-tools-gkeop - 5.4.0.1073.71 linux-headers-gkeop-5.4 - 5.4.0.1073.71 linux-modules-extra-gkeop - 5.4.0.1073.71 linux-tools-gkeop - 5.4.0.1073.71 linux-tools-gkeop-5.4 - 5.4.0.1073.71 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-raspi2 - 5.4.0.1090.120 linux-headers-raspi2 - 5.4.0.1090.120 linux-image-raspi-hwe-18.04 - 5.4.0.1090.120 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-image-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-tools-raspi - 5.4.0.1090.120 linux-headers-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-headers-raspi-hwe-18.04 - 5.4.0.1090.120 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-raspi-hwe-18.04 - 5.4.0.1090.120 linux-tools-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-raspi2-hwe-18.04 - 5.4.0.1090.120 linux-image-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-image-raspi2 - 5.4.0.1090.120 linux-tools-raspi-hwe-18.04 - 5.4.0.1090.120 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-raspi-hwe-18.04-edge - 5.4.0.1090.120 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1090.120 linux-headers-raspi - 5.4.0.1090.120 linux-image-raspi - 5.4.0.1090.120 linux-tools-raspi2 - 5.4.0.1090.120 linux-raspi - 5.4.0.1090.120 No subscription required linux-kvm - 5.4.0.1095.90 linux-headers-kvm - 5.4.0.1095.90 linux-image-kvm - 5.4.0.1095.90 linux-tools-kvm - 5.4.0.1095.90 No subscription required linux-modules-extra-gke - 5.4.0.1104.109 linux-headers-gke-5.4 - 5.4.0.1104.109 linux-modules-extra-gke-5.4 - 5.4.0.1104.109 linux-gke-5.4 - 5.4.0.1104.109 linux-tools-gke - 5.4.0.1104.109 linux-gke - 5.4.0.1104.109 linux-headers-gke - 5.4.0.1104.109 linux-image-gke - 5.4.0.1104.109 linux-image-gke-5.4 - 5.4.0.1104.109 linux-tools-gke-5.4 - 5.4.0.1104.109 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1105.98 linux-oracle-lts-20.04 - 5.4.0.1105.98 linux-headers-oracle-lts-20.04 - 5.4.0.1105.98 linux-image-oracle-lts-20.04 - 5.4.0.1105.98 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1106.103 linux-image-aws-lts-20.04 - 5.4.0.1106.103 linux-headers-aws-lts-20.04 - 5.4.0.1106.103 linux-tools-aws-lts-20.04 - 5.4.0.1106.103 linux-aws-lts-20.04 - 5.4.0.1106.103 No subscription required linux-gcp-lts-20.04 - 5.4.0.1109.111 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1109.111 linux-headers-gcp-lts-20.04 - 5.4.0.1109.111 linux-image-gcp-lts-20.04 - 5.4.0.1109.111 linux-tools-gcp-lts-20.04 - 5.4.0.1109.111 No subscription required linux-azure-lts-20.04 - 5.4.0.1112.105 linux-image-azure-lts-20.04 - 5.4.0.1112.105 linux-headers-azure-lts-20.04 - 5.4.0.1112.105 linux-modules-extra-azure-lts-20.04 - 5.4.0.1112.105 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1112.105 linux-tools-azure-lts-20.04 - 5.4.0.1112.105 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-cloud-tools-virtual - 5.4.0.155.151 linux-image-generic-hwe-18.04 - 5.4.0.155.151 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-headers-generic-lpae - 5.4.0.155.151 linux-image-virtual - 5.4.0.155.151 linux-oem-osp1-tools-host - 5.4.0.155.151 linux-image-generic - 5.4.0.155.151 linux-tools-lowlatency - 5.4.0.155.151 linux-image-oem - 5.4.0.155.151 linux-headers-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-image-extra-virtual-hwe-18.04 - 5.4.0.155.151 linux-image-oem-osp1 - 5.4.0.155.151 linux-image-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-image-lowlatency - 5.4.0.155.151 linux-crashdump - 5.4.0.155.151 linux-tools-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-headers-generic-hwe-18.04 - 5.4.0.155.151 linux-tools-oem - 5.4.0.155.151 linux-headers-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-source - 5.4.0.155.151 linux-lowlatency - 5.4.0.155.151 linux-tools-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-tools-generic-lpae - 5.4.0.155.151 linux-cloud-tools-generic - 5.4.0.155.151 linux-virtual - 5.4.0.155.151 linux-headers-virtual-hwe-18.04 - 5.4.0.155.151 linux-virtual-hwe-18.04 - 5.4.0.155.151 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-tools-virtual - 5.4.0.155.151 linux-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-generic-lpae - 5.4.0.155.151 linux-headers-oem - 5.4.0.155.151 linux-tools-oem-osp1 - 5.4.0.155.151 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-tools-generic-hwe-18.04-edge - 5.4.0.155.151 linux-image-virtual-hwe-18.04 - 5.4.0.155.151 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-cloud-tools-lowlatency - 5.4.0.155.151 linux-image-generic-hwe-18.04-edge - 5.4.0.155.151 linux-generic-hwe-18.04-edge - 5.4.0.155.151 linux-generic - 5.4.0.155.151 linux-generic-hwe-18.04 - 5.4.0.155.151 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.155.151 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-oem - 5.4.0.155.151 linux-image-extra-virtual - 5.4.0.155.151 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-tools-generic - 5.4.0.155.151 linux-oem-tools-host - 5.4.0.155.151 linux-headers-oem-osp1 - 5.4.0.155.151 linux-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.155.151 linux-headers-generic-hwe-18.04-edge - 5.4.0.155.151 linux-headers-generic - 5.4.0.155.151 linux-oem-osp1 - 5.4.0.155.151 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.155.151 linux-headers-lowlatency - 5.4.0.155.151 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-image-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.155.151 linux-virtual-hwe-18.04-edge - 5.4.0.155.151 linux-headers-virtual - 5.4.0.155.151 linux-tools-virtual-hwe-18.04 - 5.4.0.155.151 linux-lowlatency-hwe-18.04 - 5.4.0.155.151 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.155.151 linux-image-generic-lpae - 5.4.0.155.151 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.155.151 linux-tools-generic-hwe-18.04 - 5.4.0.155.151 linux-image-virtual-hwe-18.04-edge - 5.4.0.155.151 No subscription required High CVE-2023-3090 CVE-2023-32629 CVE-2023-3390 CVE-2023-35001 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31248) Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3389) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Lin Ma discovered that a race condition existed in the MCTP implementation in the Linux kernel, leading to a use-after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3439) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6255-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1036.41~20.04.1 linux-image-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-cloud-tools-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-modules-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-tools-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1036.41~20.04.1 linux-buildinfo-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-modules-extra-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-image-unsigned-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-headers-5.15.0-1036-intel-iotg - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.41~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1036 - 5.15.0-1036.41~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1036.41~20.04.26 linux-intel-iotg - 5.15.0.1036.41~20.04.26 linux-headers-intel - 5.15.0.1036.41~20.04.26 linux-tools-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-intel - 5.15.0.1036.41~20.04.26 linux-image-intel-iotg - 5.15.0.1036.41~20.04.26 linux-image-intel - 5.15.0.1036.41~20.04.26 linux-tools-intel - 5.15.0.1036.41~20.04.26 linux-image-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-headers-intel-iotg - 5.15.0.1036.41~20.04.26 linux-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-headers-intel-iotg-edge - 5.15.0.1036.41~20.04.26 linux-tools-intel-iotg - 5.15.0.1036.41~20.04.26 No subscription required High CVE-2023-3090 CVE-2023-31248 CVE-2023-3389 CVE-2023-3390 CVE-2023-3439 CVE-2023-35001 Ubuntu 20.04 LTS Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3108) Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-3707) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit() function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0458) Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-0459) It was discovered that the Human Interface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the TLS subsystem in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1075) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1076) It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1077) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel contained a type confusion vulnerability in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1078) It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1380) Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-1513) It was discovered that the Xircom PCMCIA network device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1670) It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. (CVE-2023-1829) It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2023-1859) Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998) It was discovered that a use-after-free vulnerability existed in the iSCSI TCP implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2162) It was discovered that the BigBen Interactive Kids' gamepad driver in the Linux kernel did not properly handle device removal, leading to a use- after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-25012) Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2612) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Sanan Hasanov discovered that the framebuffer console driver in the Linux kernel did not properly perform checks for font dimension limits. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-3161) Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) It was discovered that the NET/ROM protocol implementation in the Linux kernel contained a race condition in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32269) Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update Instructions: Run `sudo pro fix USN-6256-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1017-iot - 5.4.0-1017.18 linux-image-5.4.0-1017-iot - 5.4.0-1017.18 linux-iot-tools-common - 5.4.0-1017.18 linux-modules-5.4.0-1017-iot - 5.4.0-1017.18 linux-headers-5.4.0-1017-iot - 5.4.0-1017.18 linux-iot-tools-5.4.0-1017 - 5.4.0-1017.18 linux-tools-5.4.0-1017-iot - 5.4.0-1017.18 linux-iot-headers-5.4.0-1017 - 5.4.0-1017.18 linux-buildinfo-5.4.0-1017-iot - 5.4.0-1017.18 No subscription required linux-tools-iot - 5.4.0.1017.15 linux-iot - 5.4.0.1017.15 linux-headers-iot - 5.4.0.1017.15 linux-image-iot - 5.4.0.1017.15 No subscription required High CVE-2022-3108 CVE-2022-3707 CVE-2022-3903 CVE-2022-4129 CVE-2023-0458 CVE-2023-0459 CVE-2023-1073 CVE-2023-1074 CVE-2023-1075 CVE-2023-1076 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1380 CVE-2023-1513 CVE-2023-1670 CVE-2023-1829 CVE-2023-1859 CVE-2023-1998 CVE-2023-2162 CVE-2023-25012 CVE-2023-2612 CVE-2023-26545 CVE-2023-2985 CVE-2023-30456 CVE-2023-31436 CVE-2023-3161 CVE-2023-32233 CVE-2023-32269 CVE-2023-35788 https://launchpad.net/bugs/2023220 https://launchpad.net/bugs/2023577 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled certain authentication requests. A fully compromised ESXi host can force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. (CVE-2023-20867) Update Instructions: Run `sudo pro fix USN-6257-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.5 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.5 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.5 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.5 No subscription required Low CVE-2023-20867 Ubuntu 20.04 LTS Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-13987) Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI incorrectly handled certain parsing TCP MSS options. An attacker could possibly use this issue to cause a crash or cause unexpected behavior. (CVE-2020-13988) Amine Amri and Stanislav Dashevskyi discovered that Open-iSCSI incorrectly handled certain TCP data. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-17437) Update Instructions: Run `sudo pro fix USN-6259-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-iscsi - 2.0.874-7.1ubuntu6.4 iscsiuio - 2.0.874-7.1ubuntu6.4 No subscription required Low CVE-2020-13987 CVE-2020-13988 CVE-2020-17437 Ubuntu 20.04 LTS It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3090) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3390) Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel did not properly handle certain pointer data type, leading to an out-of- bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35001) Update Instructions: Run `sudo pro fix USN-6261-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1018-iot - 5.4.0-1018.19 linux-image-unsigned-5.4.0-1018-iot - 5.4.0-1018.19 linux-image-5.4.0-1018-iot - 5.4.0-1018.19 linux-iot-headers-5.4.0-1018 - 5.4.0-1018.19 linux-iot-tools-common - 5.4.0-1018.19 linux-modules-5.4.0-1018-iot - 5.4.0-1018.19 linux-buildinfo-5.4.0-1018-iot - 5.4.0-1018.19 linux-tools-5.4.0-1018-iot - 5.4.0-1018.19 linux-iot-tools-5.4.0-1018 - 5.4.0-1018.19 No subscription required linux-tools-iot - 5.4.0.1018.16 linux-headers-iot - 5.4.0.1018.16 linux-iot - 5.4.0.1018.16 linux-image-iot - 5.4.0.1018.16 No subscription required High CVE-2023-3090 CVE-2023-32629 CVE-2023-3390 CVE-2023-35001 Ubuntu 20.04 LTS It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. (CVE-2020-13164) It was discovered that Wireshark did not properly handle certain GVCP packages. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15466) It was discovered that Wireshark did not properly handle certain Kafka packages. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-17498) It was discovered that Wireshark did not properly handle certain TCP packages containing an invalid 0xFFFF checksum. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. (CVE-2020-25862) It was discovered that Wireshark did not properly handle certain MIME packages containing invalid parts. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. (CVE-2020-25863) Update Instructions: Run `sudo pro fix USN-6262-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwsutil-dev - 3.2.3-1ubuntu0.1~esm1 wireshark-dev - 3.2.3-1ubuntu0.1~esm1 tshark - 3.2.3-1ubuntu0.1~esm1 libwireshark-dev - 3.2.3-1ubuntu0.1~esm1 wireshark-qt - 3.2.3-1ubuntu0.1~esm1 libwiretap-dev - 3.2.3-1ubuntu0.1~esm1 libwsutil11 - 3.2.3-1ubuntu0.1~esm1 wireshark-doc - 3.2.3-1ubuntu0.1~esm1 wireshark-common - 3.2.3-1ubuntu0.1~esm1 libwiretap10 - 3.2.3-1ubuntu0.1~esm1 wireshark-gtk - 3.2.3-1ubuntu0.1~esm1 libwireshark13 - 3.2.3-1ubuntu0.1~esm1 libwireshark-data - 3.2.3-1ubuntu0.1~esm1 wireshark - 3.2.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-13164 CVE-2020-15466 CVE-2020-17498 CVE-2020-25862 CVE-2020-25863 Ubuntu 20.04 LTS Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22006) Eirik Bjørsnøs discovered that OpenJDK incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22036) David Stancu discovered that OpenJDK had a flaw in the AES cipher implementation. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22041) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses when using the binary '%' operator. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 17. (CVE-2023-22044) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22045) It was discovered that OpenJDK incorrectly sanitized URIs strings. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22049) It was discovered that OpenJDK incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-25193) Update Instructions: Run `sudo pro fix USN-6263-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jdk - 11.0.20+8-1ubuntu1~20.04 openjdk-11-source - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.20+8-1ubuntu1~20.04 openjdk-11-demo - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jre-zero - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jre-headless - 11.0.20+8-1ubuntu1~20.04 openjdk-11-jre - 11.0.20+8-1ubuntu1~20.04 No subscription required openjdk-17-jdk-headless - 17.0.8+7-1~20.04.2 openjdk-17-jre-headless - 17.0.8+7-1~20.04.2 openjdk-17-jre - 17.0.8+7-1~20.04.2 openjdk-17-jdk - 17.0.8+7-1~20.04.2 openjdk-17-jre-zero - 17.0.8+7-1~20.04.2 openjdk-17-source - 17.0.8+7-1~20.04.2 openjdk-17-demo - 17.0.8+7-1~20.04.2 openjdk-17-doc - 17.0.8+7-1~20.04.2 No subscription required openjdk-8-doc - 8u382-ga-1~20.04.1 openjdk-8-jre-headless - 8u382-ga-1~20.04.1 openjdk-8-jre - 8u382-ga-1~20.04.1 openjdk-8-demo - 8u382-ga-1~20.04.1 openjdk-8-jre-zero - 8u382-ga-1~20.04.1 openjdk-8-jdk - 8u382-ga-1~20.04.1 openjdk-8-source - 8u382-ga-1~20.04.1 openjdk-8-jdk-headless - 8u382-ga-1~20.04.1 No subscription required Medium CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22044 CVE-2023-22045 CVE-2023-22049 CVE-2023-25193 Ubuntu 20.04 LTS USN-6263-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update introduced a regression when opening APK, ZIP or JAR files in OpenJDK 11 and OpenJDK 17. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22006) Eirik Bjørsnøs discovered that OpenJDK incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22036) David Stancu discovered that OpenJDK had a flaw in the AES cipher implementation. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-22041) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses when using the binary '%' operator. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 17. (CVE-2023-22044) Zhiqiang Zang discovered that OpenJDK incorrectly handled array accesses. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22045) It was discovered that OpenJDK incorrectly sanitized URIs strings. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22049) It was discovered that OpenJDK incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17. (CVE-2023-25193) Update Instructions: Run `sudo pro fix USN-6263-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-source - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-jre - 11.0.20.1+1-0ubuntu1~20.04 openjdk-11-demo - 11.0.20.1+1-0ubuntu1~20.04 No subscription required openjdk-17-demo - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jdk - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jdk-headless - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jre-zero - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-source - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jre-headless - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-jre - 17.0.8.1+1~us1-0ubuntu1~20.04 openjdk-17-doc - 17.0.8.1+1~us1-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/2032865 Ubuntu 20.04 LTS Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element. Update Instructions: Run `sudo pro fix USN-6266-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librsvg2-common - 2.48.9-1ubuntu0.20.04.4 gir1.2-rsvg-2.0 - 2.48.9-1ubuntu0.20.04.4 librsvg2-doc - 2.48.9-1ubuntu0.20.04.4 librsvg2-bin - 2.48.9-1ubuntu0.20.04.4 librsvg2-2 - 2.48.9-1ubuntu0.20.04.4 librsvg2-dev - 2.48.9-1ubuntu0.20.04.4 No subscription required Medium CVE-2023-38633 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Update Instructions: Run `sudo pro fix USN-6267-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ne - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nb - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fa - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fi - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-fy - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-or - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-kab - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-oc - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-cs - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ga - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gd - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-gu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-pa - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-pl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-cy - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-pt - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-szl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hi - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-uk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-he - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hy - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-as - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ar - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ia - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-az - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-id - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mai - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-af - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-is - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-it - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-an - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-bs - 116.0+build2-0ubuntu0.20.04.2 firefox - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ro - 116.0+build2-0ubuntu0.20.04.2 firefox-geckodriver - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ja - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ru - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-br - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hant - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-zh-hans - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-bn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-be - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-bg - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sl - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-si - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sw - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sv - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-sq - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ko - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-kn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-km - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-kk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ka - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-xh - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ca - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ku - 116.0+build2-0ubuntu0.20.04.2 firefox-mozsymbols - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-lv - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-lt - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-th - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-hsb - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-tg - 116.0+build2-0ubuntu0.20.04.2 firefox-dev - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-te - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-cak - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ta - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-lg - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-csb - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-tr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-nso - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-de - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-da - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ms - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mr - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-my - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-uz - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ml - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mn - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-mk - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ur - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-eu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-et - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-es - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-vi - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-el - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-eo - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-en - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-zu - 116.0+build2-0ubuntu0.20.04.2 firefox-locale-ast - 116.0+build2-0ubuntu0.20.04.2 No subscription required Medium CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 CVE-2023-4049 CVE-2023-4050 CVE-2023-4051 CVE-2023-4053 CVE-2023-4055 CVE-2023-4056 CVE-2023-4057 CVE-2023-4058 Ubuntu 20.04 LTS USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Update Instructions: Run `sudo pro fix USN-6267-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 116.0.2+build1-0ubuntu0.20.04.1 firefox - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 116.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 116.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 116.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 116.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 116.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2030690 Ubuntu 20.04 LTS USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Update Instructions: Run `sudo pro fix USN-6267-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ne - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nb - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fa - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fi - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-fy - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-or - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-kab - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-oc - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-cs - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ga - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gd - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-gu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-pa - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-pl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-cy - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-pt - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-szl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hi - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-uk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-he - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hy - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-as - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ar - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ia - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-az - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-id - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mai - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-af - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-is - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-it - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-an - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-bs - 116.0.3+build2-0ubuntu0.20.04.1 firefox - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ro - 116.0.3+build2-0ubuntu0.20.04.1 firefox-geckodriver - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ja - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ru - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-br - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-bn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-be - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-bg - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sl - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-si - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sw - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sv - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-sq - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ko - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-kn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-km - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-kk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ka - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-xh - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ca - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ku - 116.0.3+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-lv - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-lt - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-th - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-tg - 116.0.3+build2-0ubuntu0.20.04.1 firefox-dev - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-te - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-cak - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ta - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-lg - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-csb - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-tr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-nso - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-de - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-da - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ms - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mr - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-my - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-uz - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ml - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mn - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-mk - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ur - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-eu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-et - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-es - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-vi - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-el - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-eo - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-en - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-zu - 116.0.3+build2-0ubuntu0.20.04.1 firefox-locale-ast - 116.0.3+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2032143 Ubuntu 20.04 LTS It was discovered that GStreamer Base Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37327) It was discovered that GStreamer Base Plugins incorrectly handled certain subtitles. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37328) Update Instructions: Run `sudo pro fix USN-6268-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-plugins-base - 1.16.3-0ubuntu1.2 libgstreamer-plugins-base1.0-0 - 1.16.3-0ubuntu1.2 gstreamer1.0-x - 1.16.3-0ubuntu1.2 libgstreamer-gl1.0-0 - 1.16.3-0ubuntu1.2 gstreamer1.0-gl - 1.16.3-0ubuntu1.2 gstreamer1.0-alsa - 1.16.3-0ubuntu1.2 libgstreamer-plugins-base1.0-dev - 1.16.3-0ubuntu1.2 gir1.2-gst-plugins-base-1.0 - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-base-doc - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-base-apps - 1.16.3-0ubuntu1.2 No subscription required Medium CVE-2023-37327 CVE-2023-37328 Ubuntu 20.04 LTS It was discovered that GStreamer Good Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37327) Update Instructions: Run `sudo pro fix USN-6269-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.3-0ubuntu1.2 gstreamer1.0-pulseaudio - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-good-doc - 1.16.3-0ubuntu1.2 libgstreamer-plugins-good1.0-dev - 1.16.3-0ubuntu1.2 libgstreamer-plugins-good1.0-0 - 1.16.3-0ubuntu1.2 gstreamer1.0-plugins-good - 1.16.3-0ubuntu1.2 gstreamer1.0-qt5 - 1.16.3-0ubuntu1.2 No subscription required Medium CVE-2023-37327 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2182) It was discovered that Vim incorrectly handled memory when deleting buffers in diff mode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2208) It was discovered that Vim incorrectly handled memory access. An attacker could possibly use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2210) It was discovered that Vim incorrectly handled memory when using nested :source. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2231) It was discovered that Vim did not properly perform bounds checks when processing a menu item with the only modifier. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2257) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. (CVE-2022-2264, CVE-2022-2284, CVE-2022-2289) It was discovered that Vim did not properly perform bounds checks when going over the end of the typahead. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2285) It was discovered that Vim did not properly perform bounds checks when reading the provided string. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2286) It was discovered that Vim incorrectly handled memory when adding words with a control character to the internal spell word list. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-2287) Update Instructions: Run `sudo pro fix USN-6270-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.16 vim-athena - 2:8.1.2269-1ubuntu5.16 vim-tiny - 2:8.1.2269-1ubuntu5.16 vim-gtk - 2:8.1.2269-1ubuntu5.16 vim-gui-common - 2:8.1.2269-1ubuntu5.16 vim - 2:8.1.2269-1ubuntu5.16 vim-doc - 2:8.1.2269-1ubuntu5.16 xxd - 2:8.1.2269-1ubuntu5.16 vim-runtime - 2:8.1.2269-1ubuntu5.16 vim-gtk3 - 2:8.1.2269-1ubuntu5.16 vim-nox - 2:8.1.2269-1ubuntu5.16 No subscription required Medium CVE-2022-2182 CVE-2022-2208 CVE-2022-2210 CVE-2022-2231 CVE-2022-2257 CVE-2022-2264 CVE-2022-2284 CVE-2022-2285 CVE-2022-2286 CVE-2022-2287 CVE-2022-2289 Ubuntu 20.04 LTS Xiang Li discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-30256) Huascar Tejeda discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-31137) Update Instructions: Run `sudo pro fix USN-6271-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: maradns-zoneserver - 2.0.13-1.4+deb11u1build0.20.04.1 duende - 2.0.13-1.4+deb11u1build0.20.04.1 maradns - 2.0.13-1.4+deb11u1build0.20.04.1 maradns-deadwood - 2.0.13-1.4+deb11u1build0.20.04.1 maradns-docs - 2.0.13-1.4+deb11u1build0.20.04.1 No subscription required Medium CVE-2022-30256 CVE-2023-31137 Ubuntu 20.04 LTS Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27337) It was discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-34872) Update Instructions: Run `sudo pro fix USN-6273-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpoppler97 - 0.86.1-0ubuntu1.2 poppler-utils - 0.86.1-0ubuntu1.2 libpoppler-cpp-dev - 0.86.1-0ubuntu1.2 libpoppler-glib-doc - 0.86.1-0ubuntu1.2 gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.2 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.2 libpoppler-glib8 - 0.86.1-0ubuntu1.2 libpoppler-private-dev - 0.86.1-0ubuntu1.2 libpoppler-glib-dev - 0.86.1-0ubuntu1.2 libpoppler-dev - 0.86.1-0ubuntu1.2 libpoppler-qt5-dev - 0.86.1-0ubuntu1.2 libpoppler-qt5-1 - 0.86.1-0ubuntu1.2 No subscription required Medium CVE-2022-27337 CVE-2023-34872 Ubuntu 20.04 LTS Addison Crump discovered that Cargo incorrectly set file permissions on UNIX-like systems when extracting crate archives. If the crate would contain files writable by any user, a local attacker could possibly use this issue to execute code as another user. Update Instructions: Run `sudo pro fix USN-6275-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cargo - 0.67.1+ds0ubuntu0.libgit2-0ubuntu0.20.04.2+esm1 cargo-doc - 0.67.1+ds0ubuntu0.libgit2-0ubuntu0.20.04.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-38497 Ubuntu 20.04 LTS It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2014-5011, CVE-2014-5012, CVE-2014-5013) It was discovered that Dompdf was not properly validating processed HTML content that referenced PHAR files, which could result in the deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-3838) It was discovered that Dompdf was not properly validating processed HTML content that referenced both a remote base and a local file, which could result in the bypass of a chroot check. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-2400) Update Instructions: Run `sudo pro fix USN-6277-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-dompdf - 0.6.2+dfsg-3ubuntu0.20.04.1 No subscription required Medium CVE-2014-5011 CVE-2014-5012 CVE-2014-5013 CVE-2021-3838 CVE-2022-2400 Ubuntu 20.04 LTS It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the best-preference default algorithm. Update Instructions: Run `sudo pro fix USN-6279-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.9 openssh-server - 1:8.2p1-4ubuntu0.9 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.9 ssh - 1:8.2p1-4ubuntu0.9 openssh-tests - 1:8.2p1-4ubuntu0.9 openssh-sftp-server - 1:8.2p1-4ubuntu0.9 No subscription required None https://launchpad.net/bugs/2030275 Ubuntu 20.04 LTS It was discovered that PyPDF2 incorrectly handled PDF files with certain markers. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6280-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pypdf2 - 1.26.0-3ubuntu1.20.04.2 python-pypdf2 - 1.26.0-3ubuntu1.20.04.2 No subscription required Medium CVE-2023-36810 Ubuntu 20.04 LTS Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6281-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: velocity-doc - 1.7-5+deb9u1build0.20.04.1 velocity - 1.7-5+deb9u1build0.20.04.1 No subscription required Medium CVE-2020-13936 Ubuntu 20.04 LTS Jackson Henry discovered that Velocity Tools incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6282-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvelocity-tools-java-doc - 2.0-7ubuntu0.20.04.1 libvelocity-tools-java - 2.0-7ubuntu0.20.04.1 No subscription required Medium CVE-2020-13959 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6284-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1019-iot - 5.4.0-1019.20 linux-headers-5.4.0-1019-iot - 5.4.0-1019.20 linux-image-5.4.0-1019-iot - 5.4.0-1019.20 linux-iot-headers-5.4.0-1019 - 5.4.0-1019.20 linux-iot-tools-5.4.0-1019 - 5.4.0-1019.20 linux-image-unsigned-5.4.0-1019-iot - 5.4.0-1019.20 linux-tools-5.4.0-1019-iot - 5.4.0-1019.20 linux-buildinfo-5.4.0-1019-iot - 5.4.0-1019.20 linux-iot-tools-common - 5.4.0-1019.20 No subscription required linux-modules-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-cloud-tools-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-gkeop-source-5.4.0 - 5.4.0-1074.78 linux-gkeop-cloud-tools-5.4.0-1074 - 5.4.0-1074.78 linux-gkeop-tools-5.4.0-1074 - 5.4.0-1074.78 linux-gkeop-headers-5.4.0-1074 - 5.4.0-1074.78 linux-headers-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-tools-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-modules-extra-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-buildinfo-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-image-unsigned-5.4.0-1074-gkeop - 5.4.0-1074.78 linux-image-5.4.0-1074-gkeop - 5.4.0-1074.78 No subscription required linux-buildinfo-5.4.0-1091-raspi - 5.4.0-1091.102 linux-tools-5.4.0-1091-raspi - 5.4.0-1091.102 linux-modules-5.4.0-1091-raspi - 5.4.0-1091.102 linux-headers-5.4.0-1091-raspi - 5.4.0-1091.102 linux-image-5.4.0-1091-raspi - 5.4.0-1091.102 linux-raspi-tools-5.4.0-1091 - 5.4.0-1091.102 linux-raspi-headers-5.4.0-1091 - 5.4.0-1091.102 No subscription required linux-tools-5.4.0-1096-kvm - 5.4.0-1096.102 linux-kvm-headers-5.4.0-1096 - 5.4.0-1096.102 linux-headers-5.4.0-1096-kvm - 5.4.0-1096.102 linux-image-unsigned-5.4.0-1096-kvm - 5.4.0-1096.102 linux-image-5.4.0-1096-kvm - 5.4.0-1096.102 linux-modules-5.4.0-1096-kvm - 5.4.0-1096.102 linux-buildinfo-5.4.0-1096-kvm - 5.4.0-1096.102 linux-kvm-tools-5.4.0-1096 - 5.4.0-1096.102 No subscription required linux-modules-extra-5.4.0-1106-oracle - 5.4.0-1106.115 linux-oracle-tools-5.4.0-1106 - 5.4.0-1106.115 linux-modules-5.4.0-1106-oracle - 5.4.0-1106.115 linux-buildinfo-5.4.0-1106-oracle - 5.4.0-1106.115 linux-headers-5.4.0-1106-oracle - 5.4.0-1106.115 linux-image-5.4.0-1106-oracle - 5.4.0-1106.115 linux-oracle-headers-5.4.0-1106 - 5.4.0-1106.115 linux-tools-5.4.0-1106-oracle - 5.4.0-1106.115 linux-image-unsigned-5.4.0-1106-oracle - 5.4.0-1106.115 No subscription required linux-modules-5.4.0-1107-aws - 5.4.0-1107.115 linux-buildinfo-5.4.0-1107-aws - 5.4.0-1107.115 linux-aws-tools-5.4.0-1107 - 5.4.0-1107.115 linux-aws-headers-5.4.0-1107 - 5.4.0-1107.115 linux-tools-5.4.0-1107-aws - 5.4.0-1107.115 linux-modules-extra-5.4.0-1107-aws - 5.4.0-1107.115 linux-image-5.4.0-1107-aws - 5.4.0-1107.115 linux-aws-cloud-tools-5.4.0-1107 - 5.4.0-1107.115 linux-image-unsigned-5.4.0-1107-aws - 5.4.0-1107.115 linux-cloud-tools-5.4.0-1107-aws - 5.4.0-1107.115 linux-headers-5.4.0-1107-aws - 5.4.0-1107.115 No subscription required linux-modules-5.4.0-1110-gcp - 5.4.0-1110.119 linux-modules-extra-5.4.0-1110-gcp - 5.4.0-1110.119 linux-image-5.4.0-1110-gcp - 5.4.0-1110.119 linux-gcp-headers-5.4.0-1110 - 5.4.0-1110.119 linux-image-unsigned-5.4.0-1110-gcp - 5.4.0-1110.119 linux-headers-5.4.0-1110-gcp - 5.4.0-1110.119 linux-tools-5.4.0-1110-gcp - 5.4.0-1110.119 linux-buildinfo-5.4.0-1110-gcp - 5.4.0-1110.119 linux-gcp-tools-5.4.0-1110 - 5.4.0-1110.119 No subscription required linux-tools-common - 5.4.0-156.173 linux-modules-5.4.0-156-lowlatency - 5.4.0-156.173 linux-modules-extra-5.4.0-156-generic - 5.4.0-156.173 linux-tools-host - 5.4.0-156.173 linux-doc - 5.4.0-156.173 linux-image-5.4.0-156-generic - 5.4.0-156.173 linux-headers-5.4.0-156 - 5.4.0-156.173 linux-headers-5.4.0-156-lowlatency - 5.4.0-156.173 linux-image-unsigned-5.4.0-156-generic - 5.4.0-156.173 linux-image-unsigned-5.4.0-156-lowlatency - 5.4.0-156.173 linux-libc-dev - 5.4.0-156.173 linux-source-5.4.0 - 5.4.0-156.173 linux-buildinfo-5.4.0-156-generic - 5.4.0-156.173 linux-headers-5.4.0-156-generic - 5.4.0-156.173 linux-buildinfo-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-image-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-modules-5.4.0-156-generic - 5.4.0-156.173 linux-cloud-tools-5.4.0-156-lowlatency - 5.4.0-156.173 linux-tools-5.4.0-156-lowlatency - 5.4.0-156.173 linux-headers-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-buildinfo-5.4.0-156-lowlatency - 5.4.0-156.173 linux-tools-5.4.0-156-generic - 5.4.0-156.173 linux-cloud-tools-5.4.0-156 - 5.4.0-156.173 linux-tools-5.4.0-156 - 5.4.0-156.173 linux-cloud-tools-common - 5.4.0-156.173 linux-cloud-tools-5.4.0-156-generic - 5.4.0-156.173 linux-image-5.4.0-156-lowlatency - 5.4.0-156.173 linux-tools-5.4.0-156-generic-lpae - 5.4.0-156.173 linux-modules-5.4.0-156-generic-lpae - 5.4.0-156.173 No subscription required linux-iot - 5.4.0.1019.17 linux-image-iot - 5.4.0.1019.17 linux-headers-iot - 5.4.0.1019.17 linux-tools-iot - 5.4.0.1019.17 No subscription required linux-headers-gkeop - 5.4.0.1074.72 linux-cloud-tools-gkeop-5.4 - 5.4.0.1074.72 linux-image-gkeop - 5.4.0.1074.72 linux-modules-extra-gkeop-5.4 - 5.4.0.1074.72 linux-gkeop-5.4 - 5.4.0.1074.72 linux-image-gkeop-5.4 - 5.4.0.1074.72 linux-gkeop - 5.4.0.1074.72 linux-cloud-tools-gkeop - 5.4.0.1074.72 linux-headers-gkeop-5.4 - 5.4.0.1074.72 linux-modules-extra-gkeop - 5.4.0.1074.72 linux-tools-gkeop - 5.4.0.1074.72 linux-tools-gkeop-5.4 - 5.4.0.1074.72 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-raspi2 - 5.4.0.1091.121 linux-headers-raspi2 - 5.4.0.1091.121 linux-image-raspi-hwe-18.04 - 5.4.0.1091.121 linux-image-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-headers-raspi-hwe-18.04 - 5.4.0.1091.121 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-headers-raspi - 5.4.0.1091.121 linux-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-headers-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-raspi-hwe-18.04 - 5.4.0.1091.121 linux-tools-raspi - 5.4.0.1091.121 linux-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-image-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-image-raspi2 - 5.4.0.1091.121 linux-tools-raspi-hwe-18.04 - 5.4.0.1091.121 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-tools-raspi2-hwe-18.04 - 5.4.0.1091.121 linux-raspi-hwe-18.04-edge - 5.4.0.1091.121 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1091.121 linux-image-raspi - 5.4.0.1091.121 linux-tools-raspi2 - 5.4.0.1091.121 linux-raspi - 5.4.0.1091.121 No subscription required linux-kvm - 5.4.0.1096.91 linux-headers-kvm - 5.4.0.1096.91 linux-image-kvm - 5.4.0.1096.91 linux-tools-kvm - 5.4.0.1096.91 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1106.99 linux-headers-oracle-lts-20.04 - 5.4.0.1106.99 linux-oracle-lts-20.04 - 5.4.0.1106.99 linux-image-oracle-lts-20.04 - 5.4.0.1106.99 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1107.104 linux-headers-aws-lts-20.04 - 5.4.0.1107.104 linux-tools-aws-lts-20.04 - 5.4.0.1107.104 linux-aws-lts-20.04 - 5.4.0.1107.104 linux-image-aws-lts-20.04 - 5.4.0.1107.104 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1110.112 linux-gcp-lts-20.04 - 5.4.0.1110.112 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1110.112 linux-image-gcp-lts-20.04 - 5.4.0.1110.112 linux-tools-gcp-lts-20.04 - 5.4.0.1110.112 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-cloud-tools-virtual - 5.4.0.156.152 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-image-generic-hwe-18.04 - 5.4.0.156.152 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-headers-generic-lpae - 5.4.0.156.152 linux-image-virtual - 5.4.0.156.152 linux-oem-osp1-tools-host - 5.4.0.156.152 linux-image-generic - 5.4.0.156.152 linux-tools-lowlatency - 5.4.0.156.152 linux-headers-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-image-extra-virtual-hwe-18.04 - 5.4.0.156.152 linux-image-oem-osp1 - 5.4.0.156.152 linux-image-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-crashdump - 5.4.0.156.152 linux-tools-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-headers-generic-hwe-18.04 - 5.4.0.156.152 linux-headers-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.156.152 linux-lowlatency - 5.4.0.156.152 linux-tools-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-tools-generic-lpae - 5.4.0.156.152 linux-cloud-tools-generic - 5.4.0.156.152 linux-oem - 5.4.0.156.152 linux-virtual - 5.4.0.156.152 linux-headers-virtual-hwe-18.04 - 5.4.0.156.152 linux-virtual-hwe-18.04 - 5.4.0.156.152 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-tools-virtual - 5.4.0.156.152 linux-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-generic-lpae - 5.4.0.156.152 linux-headers-oem - 5.4.0.156.152 linux-generic - 5.4.0.156.152 linux-tools-oem-osp1 - 5.4.0.156.152 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-tools-generic-hwe-18.04-edge - 5.4.0.156.152 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-cloud-tools-lowlatency - 5.4.0.156.152 linux-headers-lowlatency - 5.4.0.156.152 linux-image-generic-hwe-18.04-edge - 5.4.0.156.152 linux-generic-hwe-18.04-edge - 5.4.0.156.152 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.156.152 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.156.152 linux-tools-generic - 5.4.0.156.152 linux-source - 5.4.0.156.152 linux-image-extra-virtual - 5.4.0.156.152 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-oem-tools-host - 5.4.0.156.152 linux-headers-oem-osp1 - 5.4.0.156.152 linux-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-image-virtual-hwe-18.04 - 5.4.0.156.152 linux-headers-generic-hwe-18.04-edge - 5.4.0.156.152 linux-headers-generic - 5.4.0.156.152 linux-tools-oem - 5.4.0.156.152 linux-oem-osp1 - 5.4.0.156.152 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.156.152 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-image-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-virtual-hwe-18.04-edge - 5.4.0.156.152 linux-headers-virtual - 5.4.0.156.152 linux-image-oem - 5.4.0.156.152 linux-tools-virtual-hwe-18.04 - 5.4.0.156.152 linux-lowlatency-hwe-18.04 - 5.4.0.156.152 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.156.152 linux-generic-hwe-18.04 - 5.4.0.156.152 linux-image-generic-lpae - 5.4.0.156.152 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.156.152 linux-image-lowlatency - 5.4.0.156.152 linux-tools-generic-hwe-18.04 - 5.4.0.156.152 linux-image-virtual-hwe-18.04-edge - 5.4.0.156.152 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) It was discovered that some Intel(R) Xeon(R) Processors did not properly restrict error injection for Intel(R) SGX or Intel(R) TDX. A local privileged user could use this to further escalate their privileges. (CVE-2022-41804) It was discovered that some 3rd Generation Intel(R) Xeon(R) Scalable processors did not properly restrict access in some situations. A local privileged attacker could use this to obtain sensitive information. (CVE-2023-23908) Update Instructions: Run `sudo pro fix USN-6286-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20230808.0ubuntu0.20.04.1 No subscription required Medium CVE-2022-40982 CVE-2022-41804 CVE-2023-23908 Ubuntu 20.04 LTS Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service. (CVE-2021-4235) It was discovered that the Go yaml package incorrectly handled certain large YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service. (CVE-2022-3064) Update Instructions: Run `sudo pro fix USN-6287-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-yaml.v2-dev - 2.2.2-1ubuntu0.1 golang-gopkg-yaml.v2-dev - 2.2.2-1ubuntu0.1 No subscription required Medium CVE-2021-4235 CVE-2022-3064 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.34 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-34.html https://www.oracle.com/security-alerts/cpujul2023.html Update Instructions: Run `sudo pro fix USN-6288-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.34-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.34-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.34-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-router - 8.0.34-0ubuntu0.20.04.1 mysql-server - 8.0.34-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.34-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-testsuite - 8.0.34-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.34-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.34-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-22005 CVE-2023-22008 CVE-2023-22033 CVE-2023-22038 CVE-2023-22046 CVE-2023-22048 CVE-2023-22053 CVE-2023-22054 CVE-2023-22056 CVE-2023-22057 CVE-2023-22058 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-48281) It was discovered that LibTIFF incorrectly handled certain image files. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. (CVE-2023-2731) It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. (CVE-2023-2908) It was discovered that LibTIFF incorrectly handled certain file paths. If a user were tricked into specifying certain output paths, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-3316) It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2023-3618) It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-25433, CVE-2023-26966) It was discovered that LibTIFF did not properly managed memory when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-26965) It was discovered that LibTIFF contained an arithmetic overflow. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-38288, CVE-2023-38289) Update Instructions: Run `sudo pro fix USN-6290-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.9 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.9 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.9 No subscription required Medium CVE-2022-48281 CVE-2023-25433 CVE-2023-26965 CVE-2023-26966 CVE-2023-2731 CVE-2023-2908 CVE-2023-3316 CVE-2023-3618 CVE-2023-38288 CVE-2023-38289 Ubuntu 20.04 LTS USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions. Update Instructions: Run `sudo pro fix USN-6294-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.31-0ubuntu0.2 haproxy-doc - 2.0.31-0ubuntu0.2 vim-haproxy - 2.0.31-0ubuntu0.2 No subscription required Medium CVE-2023-40225 Ubuntu 20.04 LTS It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser. (CVE-2023-39417) It was discovered that PostgreSQL incorrectly handled the MERGE command. A remote attacker could possibly use this issue to bypass certain UPDATE and SELECT policies. This issue only affected Ubuntu 23.04. (CVE-2023-39418) Update Instructions: Run `sudo pro fix USN-6296-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.16-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.16-0ubuntu0.20.04.1 libecpg-dev - 12.16-0ubuntu0.20.04.1 libecpg6 - 12.16-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.16-0ubuntu0.20.04.1 libpgtypes3 - 12.16-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.16-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.16-0ubuntu0.20.04.1 libpq-dev - 12.16-0ubuntu0.20.04.1 postgresql-doc-12 - 12.16-0ubuntu0.20.04.1 postgresql-12 - 12.16-0ubuntu0.20.04.1 postgresql-client-12 - 12.16-0ubuntu0.20.04.1 libecpg-compat3 - 12.16-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-39417 CVE-2023-39418 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled outputting certain PDF files. A local attacker could potentially use this issue to cause a crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6297-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.9 ghostscript-x - 9.50~dfsg-5ubuntu4.9 libgs-dev - 9.50~dfsg-5ubuntu4.9 ghostscript-doc - 9.50~dfsg-5ubuntu4.9 libgs9 - 9.50~dfsg-5ubuntu4.9 libgs9-common - 9.50~dfsg-5ubuntu4.9 No subscription required Medium CVE-2023-38559 Ubuntu 20.04 LTS Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2018-7727) YiMing Liu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-18442) Update Instructions: Run `sudo pro fix USN-6298-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zziplib-bin - 0.13.62-3.2ubuntu1.1 libzzip-0-13 - 0.13.62-3.2ubuntu1.1 libzzip-dev - 0.13.62-3.2ubuntu1.1 No subscription required Low CVE-2018-7727 CVE-2020-18442 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-36023, CVE-2020-36024) Update Instructions: Run `sudo pro fix USN-6299-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpoppler97 - 0.86.1-0ubuntu1.3 poppler-utils - 0.86.1-0ubuntu1.3 libpoppler-cpp-dev - 0.86.1-0ubuntu1.3 libpoppler-glib-doc - 0.86.1-0ubuntu1.3 gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.3 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.3 libpoppler-glib8 - 0.86.1-0ubuntu1.3 libpoppler-private-dev - 0.86.1-0ubuntu1.3 libpoppler-glib-dev - 0.86.1-0ubuntu1.3 libpoppler-dev - 0.86.1-0ubuntu1.3 libpoppler-qt5-dev - 0.86.1-0ubuntu1.3 libpoppler-qt5-1 - 0.86.1-0ubuntu1.3 No subscription required Medium CVE-2020-36023 CVE-2020-36024 Ubuntu 20.04 LTS William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) Update Instructions: Run `sudo pro fix USN-6300-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-intel-iotg-5.15-tools-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-buildinfo-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-modules-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1037.42~20.04.1 linux-cloud-tools-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-modules-iwlwifi-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-modules-extra-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-headers-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1037.42~20.04.1 linux-image-unsigned-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1037 - 5.15.0-1037.42~20.04.1 linux-tools-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 linux-image-5.15.0-1037-intel-iotg - 5.15.0-1037.42~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-oracle-5.15-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-headers-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-buildinfo-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-tools-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-modules-extra-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-image-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-image-unsigned-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 linux-modules-5.15.0-1040-oracle - 5.15.0-1040.46~20.04.1 No subscription required linux-modules-extra-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-tools-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-aws-5.15-headers-5.15.0-1041 - 5.15.0-1041.46~20.04.1 linux-cloud-tools-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-modules-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1041 - 5.15.0-1041.46~20.04.1 linux-buildinfo-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-image-unsigned-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-image-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 linux-aws-5.15-tools-5.15.0-1041 - 5.15.0-1041.46~20.04.1 linux-headers-5.15.0-1041-aws - 5.15.0-1041.46~20.04.1 No subscription required linux-image-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-hwe-5.15-cloud-tools-5.15.0-79 - 5.15.0-79.86~20.04.2 linux-headers-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-image-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-buildinfo-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-image-unsigned-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-buildinfo-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-hwe-5.15-source-5.15.0 - 5.15.0-79.86~20.04.2 linux-buildinfo-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-image-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-hwe-5.15-tools-common - 5.15.0-79.86~20.04.2 linux-cloud-tools-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-modules-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-modules-iwlwifi-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-tools-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-hwe-5.15-headers-5.15.0-79 - 5.15.0-79.86~20.04.2 linux-modules-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-modules-extra-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-tools-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-headers-5.15.0-79-generic-lpae - 5.15.0-79.86~20.04.2 linux-headers-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-tools-5.15.0-79-generic-64k - 5.15.0-79.86~20.04.2 linux-hwe-5.15-tools-host - 5.15.0-79.86~20.04.2 linux-modules-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-image-unsigned-5.15.0-79-generic - 5.15.0-79.86~20.04.2 linux-hwe-5.15-cloud-tools-common - 5.15.0-79.86~20.04.2 linux-hwe-5.15-tools-5.15.0-79 - 5.15.0-79.86~20.04.2 No subscription required linux-image-unsigned-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-headers-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-cloud-tools-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-image-unsigned-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-79.88~20.04.1 linux-headers-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-image-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-image-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-79.88~20.04.1 linux-tools-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-79 - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-79 - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-79 - 5.15.0-79.88~20.04.1 linux-buildinfo-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 linux-tools-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-buildinfo-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-79.88~20.04.1 linux-modules-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-modules-iwlwifi-5.15.0-79-lowlatency - 5.15.0-79.88~20.04.1 linux-modules-5.15.0-79-lowlatency-64k - 5.15.0-79.88~20.04.1 No subscription required linux-intel - 5.15.0.1037.42~20.04.27 linux-image-intel-iotg-edge - 5.15.0.1037.42~20.04.27 linux-cloud-tools-intel - 5.15.0.1037.42~20.04.27 linux-tools-intel - 5.15.0.1037.42~20.04.27 linux-image-intel-iotg - 5.15.0.1037.42~20.04.27 linux-tools-intel-iotg-edge - 5.15.0.1037.42~20.04.27 linux-intel-iotg-edge - 5.15.0.1037.42~20.04.27 linux-tools-intel-iotg - 5.15.0.1037.42~20.04.27 linux-image-intel - 5.15.0.1037.42~20.04.27 linux-headers-intel - 5.15.0.1037.42~20.04.27 linux-headers-intel-iotg - 5.15.0.1037.42~20.04.27 linux-intel-iotg - 5.15.0.1037.42~20.04.27 linux-headers-intel-iotg-edge - 5.15.0.1037.42~20.04.27 No subscription required linux-headers-oracle - 5.15.0.1040.46~20.04.1 linux-tools-oracle - 5.15.0.1040.46~20.04.1 linux-tools-oracle-edge - 5.15.0.1040.46~20.04.1 linux-oracle-edge - 5.15.0.1040.46~20.04.1 linux-image-oracle-edge - 5.15.0.1040.46~20.04.1 linux-headers-oracle-edge - 5.15.0.1040.46~20.04.1 linux-image-oracle - 5.15.0.1040.46~20.04.1 linux-oracle - 5.15.0.1040.46~20.04.1 No subscription required linux-headers-aws - 5.15.0.1041.46~20.04.30 linux-image-aws - 5.15.0.1041.46~20.04.30 linux-modules-extra-aws-edge - 5.15.0.1041.46~20.04.30 linux-image-aws-edge - 5.15.0.1041.46~20.04.30 linux-aws-edge - 5.15.0.1041.46~20.04.30 linux-aws - 5.15.0.1041.46~20.04.30 linux-headers-aws-edge - 5.15.0.1041.46~20.04.30 linux-modules-extra-aws - 5.15.0.1041.46~20.04.30 linux-tools-aws - 5.15.0.1041.46~20.04.30 linux-tools-aws-edge - 5.15.0.1041.46~20.04.30 No subscription required linux-tools-oem-20.04d - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04c - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04b - 5.15.0.79.86~20.04.39 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-extra-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04 - 5.15.0.79.86~20.04.39 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-tools-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-oem-20.04c - 5.15.0.79.86~20.04.39 linux-image-oem-20.04b - 5.15.0.79.86~20.04.39 linux-image-oem-20.04d - 5.15.0.79.86~20.04.39 linux-headers-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-oem-20.04 - 5.15.0.79.86~20.04.39 linux-image-oem-20.04 - 5.15.0.79.86~20.04.39 linux-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-oem-20.04d - 5.15.0.79.86~20.04.39 linux-oem-20.04c - 5.15.0.79.86~20.04.39 linux-oem-20.04b - 5.15.0.79.86~20.04.39 linux-tools-oem-20.04 - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-oem-20.04 - 5.15.0.79.86~20.04.39 linux-tools-generic-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-image-generic-lpae-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-oem-20.04d - 5.15.0.79.86~20.04.39 linux-tools-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-tools-virtual-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-image-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-generic-64k-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04b - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04c - 5.15.0.79.86~20.04.39 linux-headers-virtual-hwe-20.04 - 5.15.0.79.86~20.04.39 linux-headers-oem-20.04d - 5.15.0.79.86~20.04.39 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-image-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-lowlatency-hwe-20.04 - 5.15.0.79.88~20.04.36 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.79.88~20.04.36 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.79.88~20.04.36 No subscription required Medium CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-2124 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6301-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-buildinfo-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-xilinx-zynqmp-headers-5.4.0-1027 - 5.4.0-1027.31 linux-image-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-tools-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 linux-xilinx-zynqmp-tools-5.4.0-1027 - 5.4.0-1027.31 linux-headers-5.4.0-1027-xilinx-zynqmp - 5.4.0-1027.31 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1027.29 linux-tools-xilinx-zynqmp - 5.4.0.1027.29 linux-headers-xilinx-zynqmp - 5.4.0.1027.29 linux-xilinx-zynqmp - 5.4.0.1027.29 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2522, CVE-2022-2580, CVE-2022-2817, CVE-2022-2819, CVE-2022-2862, CVE-2022-2889, CVE-2022-2982, CVE-2022-3134) It was discovered that Vim did not properly perform bounds checks in the diff mode in certain situations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2598) It was discovered that Vim did not properly perform bounds checks in certain situations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2816) It was discovered that Vim incorrectly handled memory when skipping compiled code. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2874) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3016, CVE-2022-3037) It was discovered that Vim incorrectly handled memory when invalid line number on ":for" is ignored. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3099) It was discovered that Vim incorrectly handled memory when passing invalid arguments to the assert_fails() method. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3153) Update Instructions: Run `sudo pro fix USN-6302-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.17 vim-athena - 2:8.1.2269-1ubuntu5.17 vim-tiny - 2:8.1.2269-1ubuntu5.17 vim-gtk - 2:8.1.2269-1ubuntu5.17 vim-gui-common - 2:8.1.2269-1ubuntu5.17 vim - 2:8.1.2269-1ubuntu5.17 vim-doc - 2:8.1.2269-1ubuntu5.17 xxd - 2:8.1.2269-1ubuntu5.17 vim-runtime - 2:8.1.2269-1ubuntu5.17 vim-gtk3 - 2:8.1.2269-1ubuntu5.17 vim-nox - 2:8.1.2269-1ubuntu5.17 No subscription required Medium CVE-2022-2522 CVE-2022-2580 CVE-2022-2598 CVE-2022-2816 CVE-2022-2817 CVE-2022-2819 CVE-2022-2862 CVE-2022-2874 CVE-2022-2889 CVE-2022-2982 CVE-2022-3016 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6303-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.9+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.9+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.9+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.9+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-20197 Ubuntu 20.04 LTS It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS (CVE-2022-39028) It was discovered that Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information, or execute arbitrary code. (CVE-2023-40303) Update Instructions: Run `sudo pro fix USN-6304-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inetutils-tools - 2:1.9.4-11ubuntu0.2 inetutils-ftpd - 2:1.9.4-11ubuntu0.2 inetutils-talkd - 2:1.9.4-11ubuntu0.2 inetutils-traceroute - 2:1.9.4-11ubuntu0.2 inetutils-talk - 2:1.9.4-11ubuntu0.2 inetutils-telnetd - 2:1.9.4-11ubuntu0.2 inetutils-inetd - 2:1.9.4-11ubuntu0.2 inetutils-ping - 2:1.9.4-11ubuntu0.2 inetutils-syslogd - 2:1.9.4-11ubuntu0.2 inetutils-ftp - 2:1.9.4-11ubuntu0.2 inetutils-telnet - 2:1.9.4-11ubuntu0.2 No subscription required Medium CVE-2022-39028 CVE-2023-40303 Ubuntu 20.04 LTS USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-3823) It was discovered that PHP incorrectly handled certain PHAR files. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. (CVE-2023-3824) Update Instructions: Run `sudo pro fix USN-6305-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.20 php7.4-readline - 7.4.3-4ubuntu2.20 php7.4-dba - 7.4.3-4ubuntu2.20 php7.4-common - 7.4.3-4ubuntu2.20 php7.4-json - 7.4.3-4ubuntu2.20 php7.4-xmlrpc - 7.4.3-4ubuntu2.20 php7.4-intl - 7.4.3-4ubuntu2.20 php7.4-phpdbg - 7.4.3-4ubuntu2.20 php7.4-ldap - 7.4.3-4ubuntu2.20 php7.4-soap - 7.4.3-4ubuntu2.20 php7.4-xsl - 7.4.3-4ubuntu2.20 php7.4-pgsql - 7.4.3-4ubuntu2.20 php7.4-pspell - 7.4.3-4ubuntu2.20 php7.4-zip - 7.4.3-4ubuntu2.20 php7.4-interbase - 7.4.3-4ubuntu2.20 php7.4-enchant - 7.4.3-4ubuntu2.20 php7.4-odbc - 7.4.3-4ubuntu2.20 php7.4 - 7.4.3-4ubuntu2.20 php7.4-mbstring - 7.4.3-4ubuntu2.20 php7.4-imap - 7.4.3-4ubuntu2.20 php7.4-bz2 - 7.4.3-4ubuntu2.20 php7.4-cgi - 7.4.3-4ubuntu2.20 php7.4-bcmath - 7.4.3-4ubuntu2.20 php7.4-dev - 7.4.3-4ubuntu2.20 php7.4-curl - 7.4.3-4ubuntu2.20 php7.4-tidy - 7.4.3-4ubuntu2.20 php7.4-gmp - 7.4.3-4ubuntu2.20 php7.4-sqlite3 - 7.4.3-4ubuntu2.20 php7.4-fpm - 7.4.3-4ubuntu2.20 php7.4-sybase - 7.4.3-4ubuntu2.20 php7.4-cli - 7.4.3-4ubuntu2.20 libphp7.4-embed - 7.4.3-4ubuntu2.20 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.20 php7.4-mysql - 7.4.3-4ubuntu2.20 php7.4-snmp - 7.4.3-4ubuntu2.20 php7.4-xml - 7.4.3-4ubuntu2.20 php7.4-opcache - 7.4.3-4ubuntu2.20 No subscription required Medium CVE-2023-3823 CVE-2023-3824 https://launchpad.net/bugs/2054511 Ubuntu 20.04 LTS It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service (system crash) or might expose sensitive information. Update Instructions: Run `sudo pro fix USN-6307-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcjose0 - 0.6.1+dfsg1-1ubuntu0.1 libcjose-dev - 0.6.1+dfsg1-1ubuntu0.1 No subscription required Medium CVE-2023-37464 Ubuntu 20.04 LTS William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) Update Instructions: Run `sudo pro fix USN-6311-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-5.15-headers-5.15.0-1025 - 5.15.0-1025.30~20.04.1 linux-tools-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-cloud-tools-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1025 - 5.15.0-1025.30~20.04.1 linux-modules-extra-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-headers-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-image-unsigned-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-image-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-gkeop-5.15-tools-5.15.0-1025 - 5.15.0-1025.30~20.04.1 linux-modules-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 linux-buildinfo-5.15.0-1025-gkeop - 5.15.0-1025.30~20.04.1 No subscription required linux-modules-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-buildinfo-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-gke-5.15-headers-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-image-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-headers-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-modules-iwlwifi-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-modules-extra-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-gke-5.15-tools-5.15.0-1039 - 5.15.0-1039.44~20.04.1 linux-image-unsigned-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 linux-tools-5.15.0-1039-gke - 5.15.0-1039.44~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1039 - 5.15.0-1039.47~20.04.1 linux-buildinfo-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-tools-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-modules-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-modules-extra-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-image-unsigned-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-headers-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-modules-iwlwifi-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 linux-gcp-5.15-tools-5.15.0-1039 - 5.15.0-1039.47~20.04.1 linux-image-5.15.0-1039-gcp - 5.15.0-1039.47~20.04.1 No subscription required linux-headers-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-image-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-cloud-tools-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-headers-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-tools-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-cloud-tools-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-image-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-modules-extra-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-modules-extra-gkeop-5.15 - 5.15.0.1025.30~20.04.21 linux-gkeop-edge - 5.15.0.1025.30~20.04.21 linux-tools-gkeop-5.15 - 5.15.0.1025.30~20.04.21 No subscription required linux-gke-edge - 5.15.0.1039.44~20.04.1 linux-headers-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-tools-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-headers-gke-edge - 5.15.0.1039.44~20.04.1 linux-image-gke-edge - 5.15.0.1039.44~20.04.1 linux-tools-gke-edge - 5.15.0.1039.44~20.04.1 linux-gke-5.15 - 5.15.0.1039.44~20.04.1 linux-image-gke-5.15 - 5.15.0.1039.44~20.04.1 No subscription required linux-tools-gcp-edge - 5.15.0.1039.47~20.04.1 linux-tools-gcp - 5.15.0.1039.47~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1039.47~20.04.1 linux-headers-gcp-edge - 5.15.0.1039.47~20.04.1 linux-gcp - 5.15.0.1039.47~20.04.1 linux-gcp-edge - 5.15.0.1039.47~20.04.1 linux-image-gcp - 5.15.0.1039.47~20.04.1 linux-headers-gcp - 5.15.0.1039.47~20.04.1 linux-image-gcp-edge - 5.15.0.1039.47~20.04.1 linux-modules-extra-gcp - 5.15.0.1039.47~20.04.1 No subscription required Medium CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-2124 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6312-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1105-gke - 5.4.0-1105.112 linux-gke-headers-5.4.0-1105 - 5.4.0-1105.112 linux-modules-extra-5.4.0-1105-gke - 5.4.0-1105.112 linux-headers-5.4.0-1105-gke - 5.4.0-1105.112 linux-gke-tools-5.4.0-1105 - 5.4.0-1105.112 linux-image-unsigned-5.4.0-1105-gke - 5.4.0-1105.112 linux-modules-5.4.0-1105-gke - 5.4.0-1105.112 linux-tools-5.4.0-1105-gke - 5.4.0-1105.112 linux-buildinfo-5.4.0-1105-gke - 5.4.0-1105.112 No subscription required linux-image-gke - 5.4.0.1105.110 linux-gke-5.4 - 5.4.0.1105.110 linux-headers-gke - 5.4.0.1105.110 linux-headers-gke-5.4 - 5.4.0.1105.110 linux-image-gke-5.4 - 5.4.0.1105.110 linux-tools-gke-5.4 - 5.4.0.1105.110 linux-modules-extra-gke-5.4 - 5.4.0.1105.110 linux-modules-extra-gke - 5.4.0.1105.110 linux-gke - 5.4.0.1105.110 linux-tools-gke - 5.4.0.1105.110 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277, CVE-2021-32278, CVE-2023-38857, CVE-2023-38858) It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32276) Update Instructions: Run `sudo pro fix USN-6313-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: faad - 2.9.1-1ubuntu0.1 libfaad-dev - 2.9.1-1ubuntu0.1 libfaad2 - 2.9.1-1ubuntu0.1 No subscription required Medium CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278 CVE-2023-38857 CVE-2023-38858 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) Update Instructions: Run `sudo pro fix USN-6314-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1054-ibm - 5.4.0-1054.59 linux-ibm-tools-5.4.0-1054 - 5.4.0-1054.59 linux-image-5.4.0-1054-ibm - 5.4.0-1054.59 linux-ibm-headers-5.4.0-1054 - 5.4.0-1054.59 linux-tools-5.4.0-1054-ibm - 5.4.0-1054.59 linux-headers-5.4.0-1054-ibm - 5.4.0-1054.59 linux-image-unsigned-5.4.0-1054-ibm - 5.4.0-1054.59 linux-buildinfo-5.4.0-1054-ibm - 5.4.0-1054.59 linux-ibm-tools-common - 5.4.0-1054.59 linux-ibm-cloud-tools-common - 5.4.0-1054.59 linux-ibm-source-5.4.0 - 5.4.0-1054.59 linux-modules-extra-5.4.0-1054-ibm - 5.4.0-1054.59 No subscription required linux-bluefield-tools-5.4.0-1068 - 5.4.0-1068.74 linux-bluefield-headers-5.4.0-1068 - 5.4.0-1068.74 linux-modules-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-headers-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-image-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-tools-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-buildinfo-5.4.0-1068-bluefield - 5.4.0-1068.74 linux-image-unsigned-5.4.0-1068-bluefield - 5.4.0-1068.74 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1054.83 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1054.83 linux-ibm-lts-20.04 - 5.4.0.1054.83 linux-tools-ibm-lts-20.04 - 5.4.0.1054.83 linux-image-ibm-lts-20.04 - 5.4.0.1054.83 No subscription required linux-image-bluefield - 5.4.0.1068.63 linux-headers-bluefield - 5.4.0.1068.63 linux-tools-bluefield - 5.4.0.1068.63 linux-bluefield - 5.4.0.1068.63 No subscription required Medium CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6315-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-oracle-5.15-headers-5.15.0-1041 - 5.15.0-1041.47~20.04.1 linux-oracle-5.15-tools-5.15.0-1041 - 5.15.0-1041.47~20.04.1 linux-image-unsigned-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-headers-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-modules-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-modules-extra-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-image-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 linux-buildinfo-5.15.0-1041-oracle - 5.15.0-1041.47~20.04.1 No subscription required linux-image-unsigned-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-cloud-tools-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-image-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-aws-5.15-headers-5.15.0-1043 - 5.15.0-1043.48~20.04.1 linux-buildinfo-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1043 - 5.15.0-1043.48~20.04.1 linux-tools-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-headers-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-modules-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 linux-aws-5.15-tools-5.15.0-1043 - 5.15.0-1043.48~20.04.1 linux-modules-extra-5.15.0-1043-aws - 5.15.0-1043.48~20.04.1 No subscription required linux-image-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-buildinfo-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-cloud-tools-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-hwe-5.15-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-generic-lpae - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-82.91~20.04.1 linux-cloud-tools-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-modules-iwlwifi-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-82.91~20.04.1 linux-modules-extra-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-headers-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-image-unsigned-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-82.91~20.04.1 linux-modules-iwlwifi-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-82.91~20.04.1 linux-tools-5.15.0-82-generic - 5.15.0-82.91~20.04.1 linux-hwe-5.15-headers-5.15.0-82 - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-generic-64k - 5.15.0-82.91~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-82.91~20.04.1 linux-image-5.15.0-82-lowlatency-64k - 5.15.0-82.91~20.04.1 linux-modules-5.15.0-82-lowlatency - 5.15.0-82.91~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1041.47~20.04.1 linux-tools-oracle - 5.15.0.1041.47~20.04.1 linux-tools-oracle-edge - 5.15.0.1041.47~20.04.1 linux-image-oracle-edge - 5.15.0.1041.47~20.04.1 linux-oracle-edge - 5.15.0.1041.47~20.04.1 linux-headers-oracle-edge - 5.15.0.1041.47~20.04.1 linux-image-oracle - 5.15.0.1041.47~20.04.1 linux-oracle - 5.15.0.1041.47~20.04.1 No subscription required linux-headers-aws - 5.15.0.1043.48~20.04.31 linux-image-aws - 5.15.0.1043.48~20.04.31 linux-modules-extra-aws-edge - 5.15.0.1043.48~20.04.31 linux-image-aws-edge - 5.15.0.1043.48~20.04.31 linux-aws-edge - 5.15.0.1043.48~20.04.31 linux-aws - 5.15.0.1043.48~20.04.31 linux-headers-aws-edge - 5.15.0.1043.48~20.04.31 linux-modules-extra-aws - 5.15.0.1043.48~20.04.31 linux-tools-aws - 5.15.0.1043.48~20.04.31 linux-tools-aws-edge - 5.15.0.1043.48~20.04.31 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-image-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-lowlatency-64k-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-tools-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-lowlatency-hwe-20.04 - 5.15.0.82.91~20.04.37 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.82.91~20.04.37 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.37 No subscription required linux-headers-oem-20.04 - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04c - 5.15.0.82.91~20.04.40 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-extra-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04b - 5.15.0.82.91~20.04.40 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04d - 5.15.0.82.91~20.04.40 linux-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-tools-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-oem-20.04c - 5.15.0.82.91~20.04.40 linux-image-oem-20.04b - 5.15.0.82.91~20.04.40 linux-image-oem-20.04d - 5.15.0.82.91~20.04.40 linux-headers-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-oem-20.04 - 5.15.0.82.91~20.04.40 linux-image-oem-20.04 - 5.15.0.82.91~20.04.40 linux-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-oem-20.04c - 5.15.0.82.91~20.04.40 linux-oem-20.04b - 5.15.0.82.91~20.04.40 linux-oem-20.04d - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04b - 5.15.0.82.91~20.04.40 linux-tools-oem-20.04 - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-oem-20.04 - 5.15.0.82.91~20.04.40 linux-tools-generic-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-lpae-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-oem-20.04d - 5.15.0.82.91~20.04.40 linux-tools-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-tools-virtual-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-image-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-image-generic-64k-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04c - 5.15.0.82.91~20.04.40 linux-headers-virtual-hwe-20.04 - 5.15.0.82.91~20.04.40 linux-headers-oem-20.04d - 5.15.0.82.91~20.04.40 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6317-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-buildinfo-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-modules-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-headers-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-xilinx-zynqmp-headers-5.4.0-1028 - 5.4.0-1028.32 linux-tools-5.4.0-1028-xilinx-zynqmp - 5.4.0-1028.32 linux-xilinx-zynqmp-tools-5.4.0-1028 - 5.4.0-1028.32 No subscription required linux-buildinfo-5.4.0-1097-kvm - 5.4.0-1097.103 linux-kvm-headers-5.4.0-1097 - 5.4.0-1097.103 linux-image-unsigned-5.4.0-1097-kvm - 5.4.0-1097.103 linux-headers-5.4.0-1097-kvm - 5.4.0-1097.103 linux-modules-5.4.0-1097-kvm - 5.4.0-1097.103 linux-tools-5.4.0-1097-kvm - 5.4.0-1097.103 linux-image-5.4.0-1097-kvm - 5.4.0-1097.103 linux-kvm-tools-5.4.0-1097 - 5.4.0-1097.103 No subscription required linux-modules-5.4.0-1107-oracle - 5.4.0-1107.116 linux-buildinfo-5.4.0-1107-oracle - 5.4.0-1107.116 linux-oracle-tools-5.4.0-1107 - 5.4.0-1107.116 linux-oracle-headers-5.4.0-1107 - 5.4.0-1107.116 linux-headers-5.4.0-1107-oracle - 5.4.0-1107.116 linux-tools-5.4.0-1107-oracle - 5.4.0-1107.116 linux-modules-extra-5.4.0-1107-oracle - 5.4.0-1107.116 linux-image-unsigned-5.4.0-1107-oracle - 5.4.0-1107.116 linux-image-5.4.0-1107-oracle - 5.4.0-1107.116 No subscription required linux-image-5.4.0-1108-aws - 5.4.0-1108.116 linux-aws-headers-5.4.0-1108 - 5.4.0-1108.116 linux-aws-tools-5.4.0-1108 - 5.4.0-1108.116 linux-buildinfo-5.4.0-1108-aws - 5.4.0-1108.116 linux-image-unsigned-5.4.0-1108-aws - 5.4.0-1108.116 linux-modules-extra-5.4.0-1108-aws - 5.4.0-1108.116 linux-tools-5.4.0-1108-aws - 5.4.0-1108.116 linux-cloud-tools-5.4.0-1108-aws - 5.4.0-1108.116 linux-modules-5.4.0-1108-aws - 5.4.0-1108.116 linux-headers-5.4.0-1108-aws - 5.4.0-1108.116 linux-aws-cloud-tools-5.4.0-1108 - 5.4.0-1108.116 No subscription required linux-headers-5.4.0-1111-gcp - 5.4.0-1111.120 linux-image-unsigned-5.4.0-1111-gcp - 5.4.0-1111.120 linux-gcp-headers-5.4.0-1111 - 5.4.0-1111.120 linux-modules-extra-5.4.0-1111-gcp - 5.4.0-1111.120 linux-image-5.4.0-1111-gcp - 5.4.0-1111.120 linux-tools-5.4.0-1111-gcp - 5.4.0-1111.120 linux-modules-5.4.0-1111-gcp - 5.4.0-1111.120 linux-gcp-tools-5.4.0-1111 - 5.4.0-1111.120 linux-buildinfo-5.4.0-1111-gcp - 5.4.0-1111.120 No subscription required linux-tools-common - 5.4.0-159.176 linux-tools-5.4.0-159-generic - 5.4.0-159.176 linux-image-5.4.0-159-lowlatency - 5.4.0-159.176 linux-modules-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-doc - 5.4.0-159.176 linux-image-unsigned-5.4.0-159-generic - 5.4.0-159.176 linux-buildinfo-5.4.0-159-generic - 5.4.0-159.176 linux-buildinfo-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-headers-5.4.0-159 - 5.4.0-159.176 linux-tools-5.4.0-159-lowlatency - 5.4.0-159.176 linux-headers-5.4.0-159-generic - 5.4.0-159.176 linux-image-5.4.0-159-generic - 5.4.0-159.176 linux-tools-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-libc-dev - 5.4.0-159.176 linux-source-5.4.0 - 5.4.0-159.176 linux-headers-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-headers-5.4.0-159-lowlatency - 5.4.0-159.176 linux-modules-5.4.0-159-lowlatency - 5.4.0-159.176 linux-buildinfo-5.4.0-159-lowlatency - 5.4.0-159.176 linux-tools-host - 5.4.0-159.176 linux-tools-5.4.0-159 - 5.4.0-159.176 linux-cloud-tools-5.4.0-159 - 5.4.0-159.176 linux-cloud-tools-5.4.0-159-generic - 5.4.0-159.176 linux-modules-extra-5.4.0-159-generic - 5.4.0-159.176 linux-cloud-tools-5.4.0-159-lowlatency - 5.4.0-159.176 linux-cloud-tools-common - 5.4.0-159.176 linux-image-5.4.0-159-generic-lpae - 5.4.0-159.176 linux-modules-5.4.0-159-generic - 5.4.0-159.176 linux-image-unsigned-5.4.0-159-lowlatency - 5.4.0-159.176 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1028.30 linux-xilinx-zynqmp - 5.4.0.1028.30 linux-tools-xilinx-zynqmp - 5.4.0.1028.30 linux-headers-xilinx-zynqmp - 5.4.0.1028.30 No subscription required linux-kvm - 5.4.0.1097.92 linux-headers-kvm - 5.4.0.1097.92 linux-image-kvm - 5.4.0.1097.92 linux-tools-kvm - 5.4.0.1097.92 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1107.100 linux-headers-oracle-lts-20.04 - 5.4.0.1107.100 linux-oracle-lts-20.04 - 5.4.0.1107.100 linux-image-oracle-lts-20.04 - 5.4.0.1107.100 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1108.105 linux-image-aws-lts-20.04 - 5.4.0.1108.105 linux-headers-aws-lts-20.04 - 5.4.0.1108.105 linux-tools-aws-lts-20.04 - 5.4.0.1108.105 linux-aws-lts-20.04 - 5.4.0.1108.105 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1111.113 linux-gcp-lts-20.04 - 5.4.0.1111.113 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1111.113 linux-headers-gcp-lts-20.04 - 5.4.0.1111.113 linux-image-gcp-lts-20.04 - 5.4.0.1111.113 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-cloud-tools-virtual - 5.4.0.159.154 linux-image-generic-hwe-18.04 - 5.4.0.159.154 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-headers-generic-lpae - 5.4.0.159.154 linux-image-virtual - 5.4.0.159.154 linux-oem-osp1-tools-host - 5.4.0.159.154 linux-image-generic - 5.4.0.159.154 linux-tools-lowlatency - 5.4.0.159.154 linux-image-oem - 5.4.0.159.154 linux-tools-virtual-hwe-18.04 - 5.4.0.159.154 linux-headers-generic-hwe-18.04 - 5.4.0.159.154 linux-headers-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-image-extra-virtual-hwe-18.04 - 5.4.0.159.154 linux-image-oem-osp1 - 5.4.0.159.154 linux-image-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-crashdump - 5.4.0.159.154 linux-tools-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-headers-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-source - 5.4.0.159.154 linux-lowlatency - 5.4.0.159.154 linux-tools-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-tools-generic-lpae - 5.4.0.159.154 linux-virtual - 5.4.0.159.154 linux-headers-virtual-hwe-18.04 - 5.4.0.159.154 linux-tools-virtual - 5.4.0.159.154 linux-generic - 5.4.0.159.154 linux-virtual-hwe-18.04 - 5.4.0.159.154 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-cloud-tools-generic - 5.4.0.159.154 linux-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-generic-lpae - 5.4.0.159.154 linux-headers-oem - 5.4.0.159.154 linux-tools-oem-osp1 - 5.4.0.159.154 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-tools-generic-hwe-18.04-edge - 5.4.0.159.154 linux-image-virtual-hwe-18.04 - 5.4.0.159.154 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-cloud-tools-lowlatency - 5.4.0.159.154 linux-headers-lowlatency - 5.4.0.159.154 linux-image-generic-hwe-18.04-edge - 5.4.0.159.154 linux-generic-hwe-18.04-edge - 5.4.0.159.154 linux-generic-hwe-18.04 - 5.4.0.159.154 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.159.154 linux-image-generic-lpae - 5.4.0.159.154 linux-oem - 5.4.0.159.154 linux-tools-generic - 5.4.0.159.154 linux-image-extra-virtual - 5.4.0.159.154 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-oem-tools-host - 5.4.0.159.154 linux-tools-oem - 5.4.0.159.154 linux-headers-oem-osp1 - 5.4.0.159.154 linux-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.159.154 linux-headers-generic-hwe-18.04-edge - 5.4.0.159.154 linux-headers-generic - 5.4.0.159.154 linux-image-lowlatency - 5.4.0.159.154 linux-oem-osp1 - 5.4.0.159.154 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.159.154 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-image-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.159.154 linux-virtual-hwe-18.04-edge - 5.4.0.159.154 linux-headers-virtual - 5.4.0.159.154 linux-lowlatency-hwe-18.04 - 5.4.0.159.154 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.159.154 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.159.154 linux-tools-generic-hwe-18.04 - 5.4.0.159.154 linux-image-virtual-hwe-18.04-edge - 5.4.0.159.154 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. Update Instructions: Run `sudo pro fix USN-6319-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amd64-microcode - 3.20191218.1ubuntu1.2 No subscription required High CVE-2023-20569 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4578, CVE-2023-4581, CVE-2023-4583, CVE-2023-4584, CVE-2023-4585) Lukas Bernhard discovered that Firefox did not properly manage memory when the "UpdateRegExpStatics" attempted to access "initialStringHeap". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4577) Malte Jürgens discovered that Firefox did not properly handle search queries if the search query itself was a well formed URL. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-4579) Harveer Singh discovered that Firefox did not properly handle push notifications stored on disk in private browsing mode. An attacker could potentially exploits this issue to access sensitive information. (CVE-2023-4580) Update Instructions: Run `sudo pro fix USN-6320-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 117.0+build2-0ubuntu0.20.04.1 firefox - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 117.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 117.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 117.0+build2-0ubuntu0.20.04.1 firefox-dev - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 117.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 117.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4577 CVE-2023-4578 CVE-2023-4579 CVE-2023-4580 CVE-2023-4581 CVE-2023-4583 CVE-2023-4584 CVE-2023-4585 Ubuntu 20.04 LTS It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-16062, CVE-2018-16403, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150, CVE-2019-7665) It was discovered that elfutils incorrectly handled bounds checks in certain functions when processing malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. (CVE-2020-21047, CVE-2021-33294) Update Instructions: Run `sudo pro fix USN-6322-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libasm1 - 0.176-1.1ubuntu0.1 libdw-dev - 0.176-1.1ubuntu0.1 libelf1 - 0.176-1.1ubuntu0.1 libelf-dev - 0.176-1.1ubuntu0.1 elfutils - 0.176-1.1ubuntu0.1 libdw1 - 0.176-1.1ubuntu0.1 libasm-dev - 0.176-1.1ubuntu0.1 No subscription required Medium CVE-2018-16062 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7149 CVE-2019-7150 CVE-2019-7665 CVE-2020-21047 CVE-2021-33294 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6324-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-headers-5.4.0-1075 - 5.4.0-1075.79 linux-tools-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-image-unsigned-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-image-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-gkeop-source-5.4.0 - 5.4.0-1075.79 linux-headers-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-gkeop-cloud-tools-5.4.0-1075 - 5.4.0-1075.79 linux-gkeop-tools-5.4.0-1075 - 5.4.0-1075.79 linux-modules-extra-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-modules-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-buildinfo-5.4.0-1075-gkeop - 5.4.0-1075.79 linux-cloud-tools-5.4.0-1075-gkeop - 5.4.0-1075.79 No subscription required linux-image-gkeop-5.4 - 5.4.0.1075.73 linux-headers-gkeop - 5.4.0.1075.73 linux-gkeop-5.4 - 5.4.0.1075.73 linux-image-gkeop - 5.4.0.1075.73 linux-modules-extra-gkeop-5.4 - 5.4.0.1075.73 linux-gkeop - 5.4.0.1075.73 linux-cloud-tools-gkeop - 5.4.0.1075.73 linux-modules-extra-gkeop - 5.4.0.1075.73 linux-tools-gkeop - 5.4.0.1075.73 linux-tools-gkeop-5.4 - 5.4.0.1075.73 linux-headers-gkeop-5.4 - 5.4.0.1075.73 linux-cloud-tools-gkeop-5.4 - 5.4.0.1075.73 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6325-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-5.15-headers-5.15.0-1026 - 5.15.0-1026.31~20.04.1 linux-image-unsigned-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-cloud-tools-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-tools-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-modules-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-buildinfo-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-headers-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-modules-extra-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 linux-gkeop-5.15-tools-5.15.0-1026 - 5.15.0-1026.31~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1026 - 5.15.0-1026.31~20.04.1 linux-image-5.15.0-1026-gkeop - 5.15.0-1026.31~20.04.1 No subscription required linux-image-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-image-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-cloud-tools-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-headers-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-headers-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-tools-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-tools-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-cloud-tools-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-gkeop-5.15 - 5.15.0.1026.31~20.04.22 linux-modules-extra-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-gkeop-edge - 5.15.0.1026.31~20.04.22 linux-modules-extra-gkeop-5.15 - 5.15.0.1026.31~20.04.22 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-6326-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-git-doc - 3.0.7-1ubuntu0.1~esm2 python3-git - 3.0.7-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-40267 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6330-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-gcp-5.15-tools-5.15.0-1040 - 5.15.0-1040.48~20.04.1 linux-image-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-modules-extra-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-modules-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-headers-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-image-unsigned-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-tools-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 linux-gcp-5.15-headers-5.15.0-1040 - 5.15.0-1040.48~20.04.1 linux-buildinfo-5.15.0-1040-gcp - 5.15.0-1040.48~20.04.1 No subscription required linux-tools-gcp - 5.15.0.1040.48~20.04.1 linux-image-gcp - 5.15.0.1040.48~20.04.1 linux-tools-gcp-edge - 5.15.0.1040.48~20.04.1 linux-modules-extra-gcp - 5.15.0.1040.48~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1040.48~20.04.1 linux-gcp-edge - 5.15.0.1040.48~20.04.1 linux-headers-gcp-edge - 5.15.0.1040.48~20.04.1 linux-gcp - 5.15.0.1040.48~20.04.1 linux-headers-gcp - 5.15.0.1040.48~20.04.1 linux-image-gcp-edge - 5.15.0.1040.48~20.04.1 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service (infinite recursion). (CVE-2020-36691) Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168) It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2022-1184) It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. (CVE-2022-27672) Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle error conditions in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-3111) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6331-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1114-azure - 5.4.0-1114.120 linux-azure-headers-5.4.0-1114 - 5.4.0-1114.120 linux-azure-cloud-tools-5.4.0-1114 - 5.4.0-1114.120 linux-image-unsigned-5.4.0-1114-azure - 5.4.0-1114.120 linux-headers-5.4.0-1114-azure - 5.4.0-1114.120 linux-cloud-tools-5.4.0-1114-azure - 5.4.0-1114.120 linux-buildinfo-5.4.0-1114-azure - 5.4.0-1114.120 linux-tools-5.4.0-1114-azure - 5.4.0-1114.120 linux-modules-extra-5.4.0-1114-azure - 5.4.0-1114.120 linux-azure-tools-5.4.0-1114 - 5.4.0-1114.120 linux-image-5.4.0-1114-azure - 5.4.0-1114.120 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1114.107 linux-tools-azure-lts-20.04 - 5.4.0.1114.107 linux-modules-extra-azure-lts-20.04 - 5.4.0.1114.107 linux-headers-azure-lts-20.04 - 5.4.0.1114.107 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1114.107 linux-azure-lts-20.04 - 5.4.0.1114.107 No subscription required High CVE-2020-36691 CVE-2022-0168 CVE-2022-1184 CVE-2022-27672 CVE-2022-40982 CVE-2022-4269 CVE-2023-0590 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-20593 CVE-2023-2124 CVE-2023-2194 CVE-2023-28466 CVE-2023-30772 CVE-2023-3111 CVE-2023-3141 CVE-2023-33203 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6332-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-tools-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-headers-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-image-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-azure-5.15-headers-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-cloud-tools-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-modules-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-buildinfo-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-image-unsigned-5.15.0-1045-azure - 5.15.0-1045.52~20.04.1 linux-azure-5.15-tools-5.15.0-1045 - 5.15.0-1045.52~20.04.1 No subscription required linux-modules-extra-azure-cvm - 5.15.0.1045.52~20.04.34 linux-tools-azure-edge - 5.15.0.1045.52~20.04.34 linux-azure - 5.15.0.1045.52~20.04.34 linux-image-azure - 5.15.0.1045.52~20.04.34 linux-cloud-tools-azure - 5.15.0.1045.52~20.04.34 linux-headers-azure-cvm - 5.15.0.1045.52~20.04.34 linux-cloud-tools-azure-edge - 5.15.0.1045.52~20.04.34 linux-cloud-tools-azure-cvm - 5.15.0.1045.52~20.04.34 linux-tools-azure - 5.15.0.1045.52~20.04.34 linux-headers-azure-edge - 5.15.0.1045.52~20.04.34 linux-image-azure-edge - 5.15.0.1045.52~20.04.34 linux-modules-extra-azure - 5.15.0.1045.52~20.04.34 linux-azure-edge - 5.15.0.1045.52~20.04.34 linux-tools-azure-cvm - 5.15.0.1045.52~20.04.34 linux-image-azure-cvm - 5.15.0.1045.52~20.04.34 linux-azure-cvm - 5.15.0.1045.52~20.04.34 linux-modules-extra-azure-edge - 5.15.0.1045.52~20.04.34 linux-headers-azure - 5.15.0.1045.52~20.04.34 No subscription required High CVE-2022-40982 CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-20593 CVE-2023-2124 CVE-2023-21400 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. (CVE-2023-3417) Max Vlasov discovered that Thunderbird Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Thunderbird did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Thunderbird did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4050) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4055, CVE-2023-4056) Update Instructions: Run `sudo pro fix USN-6333-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.15.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.15.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.15.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.15.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-3417 CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056 Ubuntu 20.04 LTS Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. (CVE-2020-6097) Andreas B. Mundt discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. (CVE-2021-41054) Johannes Krupp discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server and make the server to disclose /etc/group data. (CVE-2021-46671) Update Instructions: Run `sudo pro fix USN-6334-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: atftp - 0.7.git20120829-3.1ubuntu0.1 atftpd - 0.7.git20120829-3.1ubuntu0.1 No subscription required Medium CVE-2020-6097 CVE-2021-41054 CVE-2021-46671 Ubuntu 20.04 LTS It was discovered that Docker Registry incorrectly handled certain crafted input, A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-11468) It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-2253) Update Instructions: Run `sudo pro fix USN-6336-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-docker-distribution-dev - 2.7.1+ds2-7ubuntu0.3 docker-registry - 2.7.1+ds2-7ubuntu0.3 No subscription required Medium CVE-2017-11468 CVE-2023-2253 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6339-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-tools-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-hwe-5.15-headers-5.15.0-83 - 5.15.0-83.92~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-modules-extra-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-modules-iwlwifi-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-modules-iwlwifi-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-cloud-tools-5.15.0-83-generic - 5.15.0-83.92~20.04.1 linux-cloud-tools-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-image-unsigned-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-lowlatency-64k - 5.15.0-83.92~20.04.1 linux-modules-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-generic-64k - 5.15.0-83.92~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-83.92~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-83.92~20.04.1 linux-headers-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-83.92~20.04.1 linux-image-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-lowlatency - 5.15.0-83.92~20.04.1 linux-buildinfo-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 linux-tools-5.15.0-83-generic-lpae - 5.15.0-83.92~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-image-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-lowlatency-64k-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-tools-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-lowlatency-hwe-20.04 - 5.15.0.83.92~20.04.38 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.83.92~20.04.38 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.38 No subscription required linux-tools-oem-20.04d - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04c - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04b - 5.15.0.83.92~20.04.41 linux-headers-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-extra-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-tools-oem-20.04 - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04 - 5.15.0.83.92~20.04.41 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-tools-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-oem-20.04c - 5.15.0.83.92~20.04.41 linux-image-oem-20.04b - 5.15.0.83.92~20.04.41 linux-image-oem-20.04d - 5.15.0.83.92~20.04.41 linux-image-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-oem-20.04 - 5.15.0.83.92~20.04.41 linux-image-oem-20.04 - 5.15.0.83.92~20.04.41 linux-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-oem-20.04d - 5.15.0.83.92~20.04.41 linux-oem-20.04c - 5.15.0.83.92~20.04.41 linux-oem-20.04b - 5.15.0.83.92~20.04.41 linux-generic-lpae-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-oem-20.04 - 5.15.0.83.92~20.04.41 linux-tools-generic-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-lpae-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-oem-20.04d - 5.15.0.83.92~20.04.41 linux-tools-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-tools-virtual-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-image-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-image-generic-64k-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04b - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04c - 5.15.0.83.92~20.04.41 linux-headers-virtual-hwe-20.04 - 5.15.0.83.92~20.04.41 linux-headers-oem-20.04d - 5.15.0.83.92~20.04.41 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6339-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-5.15-headers-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-modules-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-headers-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-image-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-cloud-tools-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-buildinfo-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-gkeop-5.15-tools-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-tools-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-modules-extra-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1027 - 5.15.0-1027.32~20.04.1 linux-image-unsigned-5.15.0-1027-gkeop - 5.15.0-1027.32~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1041 - 5.15.0-1041.49~20.04.1 linux-modules-extra-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-tools-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-headers-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-modules-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-buildinfo-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-gcp-5.15-headers-5.15.0-1041 - 5.15.0-1041.49~20.04.1 linux-modules-iwlwifi-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-image-unsigned-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 linux-image-5.15.0-1041-gcp - 5.15.0-1041.49~20.04.1 No subscription required linux-headers-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-image-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-image-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-cloud-tools-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-headers-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-tools-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-cloud-tools-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-modules-extra-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-gkeop-edge - 5.15.0.1027.32~20.04.23 linux-tools-gkeop-5.15 - 5.15.0.1027.32~20.04.23 linux-modules-extra-gkeop-5.15 - 5.15.0.1027.32~20.04.23 No subscription required linux-headers-gcp - 5.15.0.1041.49~20.04.1 linux-tools-gcp - 5.15.0.1041.49~20.04.1 linux-headers-gcp-edge - 5.15.0.1041.49~20.04.1 linux-gcp - 5.15.0.1041.49~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1041.49~20.04.1 linux-tools-gcp-edge - 5.15.0.1041.49~20.04.1 linux-image-gcp-edge - 5.15.0.1041.49~20.04.1 linux-image-gcp - 5.15.0.1041.49~20.04.1 linux-modules-extra-gcp - 5.15.0.1041.49~20.04.1 linux-gcp-edge - 5.15.0.1041.49~20.04.1 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6339-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-azure-5.15-headers-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-modules-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-image-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-image-unsigned-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-cloud-tools-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-modules-extra-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-tools-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-buildinfo-5.15.0-1046-azure - 5.15.0-1046.53~20.04.1 linux-azure-5.15-tools-5.15.0-1046 - 5.15.0-1046.53~20.04.1 No subscription required linux-image-unsigned-5.15.0-1046-azure-fde - 5.15.0-1046.53~20.04.1.1 linux-image-5.15.0-1046-azure-fde - 5.15.0-1046.53~20.04.1.1 No subscription required linux-image-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-modules-extra-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-tools-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-tools-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-modules-extra-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-headers-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-cloud-tools-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-image-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 linux-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-headers-azure-fde - 5.15.0.1046.53~20.04.1.24 linux-cloud-tools-azure-fde-edge - 5.15.0.1046.53~20.04.1.24 No subscription required linux-modules-extra-azure-cvm - 5.15.0.1046.53~20.04.35 linux-tools-azure-cvm - 5.15.0.1046.53~20.04.35 linux-tools-azure-edge - 5.15.0.1046.53~20.04.35 linux-azure - 5.15.0.1046.53~20.04.35 linux-image-azure-edge - 5.15.0.1046.53~20.04.35 linux-image-azure - 5.15.0.1046.53~20.04.35 linux-cloud-tools-azure - 5.15.0.1046.53~20.04.35 linux-headers-azure-cvm - 5.15.0.1046.53~20.04.35 linux-cloud-tools-azure-edge - 5.15.0.1046.53~20.04.35 linux-cloud-tools-azure-cvm - 5.15.0.1046.53~20.04.35 linux-tools-azure - 5.15.0.1046.53~20.04.35 linux-headers-azure-edge - 5.15.0.1046.53~20.04.35 linux-modules-extra-azure - 5.15.0.1046.53~20.04.35 linux-azure-edge - 5.15.0.1046.53~20.04.35 linux-image-azure-cvm - 5.15.0.1046.53~20.04.35 linux-azure-cvm - 5.15.0.1046.53~20.04.35 linux-modules-extra-azure-edge - 5.15.0.1046.53~20.04.35 linux-headers-azure - 5.15.0.1046.53~20.04.35 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) Update Instructions: Run `sudo pro fix USN-6340-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1021-iot - 5.4.0-1021.22 linux-iot-tools-5.4.0-1021 - 5.4.0-1021.22 linux-image-5.4.0-1021-iot - 5.4.0-1021.22 linux-image-unsigned-5.4.0-1021-iot - 5.4.0-1021.22 linux-buildinfo-5.4.0-1021-iot - 5.4.0-1021.22 linux-iot-headers-5.4.0-1021 - 5.4.0-1021.22 linux-modules-5.4.0-1021-iot - 5.4.0-1021.22 linux-tools-5.4.0-1021-iot - 5.4.0-1021.22 linux-iot-tools-common - 5.4.0-1021.22 No subscription required linux-image-unsigned-5.4.0-1098-kvm - 5.4.0-1098.104 linux-kvm-headers-5.4.0-1098 - 5.4.0-1098.104 linux-headers-5.4.0-1098-kvm - 5.4.0-1098.104 linux-modules-5.4.0-1098-kvm - 5.4.0-1098.104 linux-buildinfo-5.4.0-1098-kvm - 5.4.0-1098.104 linux-tools-5.4.0-1098-kvm - 5.4.0-1098.104 linux-image-5.4.0-1098-kvm - 5.4.0-1098.104 linux-kvm-tools-5.4.0-1098 - 5.4.0-1098.104 No subscription required linux-buildinfo-5.4.0-1108-oracle - 5.4.0-1108.117 linux-oracle-tools-5.4.0-1108 - 5.4.0-1108.117 linux-headers-5.4.0-1108-oracle - 5.4.0-1108.117 linux-oracle-headers-5.4.0-1108 - 5.4.0-1108.117 linux-image-5.4.0-1108-oracle - 5.4.0-1108.117 linux-modules-extra-5.4.0-1108-oracle - 5.4.0-1108.117 linux-modules-5.4.0-1108-oracle - 5.4.0-1108.117 linux-tools-5.4.0-1108-oracle - 5.4.0-1108.117 linux-image-unsigned-5.4.0-1108-oracle - 5.4.0-1108.117 No subscription required linux-image-5.4.0-1109-aws - 5.4.0-1109.118 linux-cloud-tools-5.4.0-1109-aws - 5.4.0-1109.118 linux-image-unsigned-5.4.0-1109-aws - 5.4.0-1109.118 linux-aws-headers-5.4.0-1109 - 5.4.0-1109.118 linux-aws-cloud-tools-5.4.0-1109 - 5.4.0-1109.118 linux-modules-extra-5.4.0-1109-aws - 5.4.0-1109.118 linux-aws-tools-5.4.0-1109 - 5.4.0-1109.118 linux-tools-5.4.0-1109-aws - 5.4.0-1109.118 linux-modules-5.4.0-1109-aws - 5.4.0-1109.118 linux-buildinfo-5.4.0-1109-aws - 5.4.0-1109.118 linux-headers-5.4.0-1109-aws - 5.4.0-1109.118 No subscription required linux-tools-5.4.0-1112-gcp - 5.4.0-1112.121 linux-gcp-headers-5.4.0-1112 - 5.4.0-1112.121 linux-modules-extra-5.4.0-1112-gcp - 5.4.0-1112.121 linux-buildinfo-5.4.0-1112-gcp - 5.4.0-1112.121 linux-image-unsigned-5.4.0-1112-gcp - 5.4.0-1112.121 linux-headers-5.4.0-1112-gcp - 5.4.0-1112.121 linux-gcp-tools-5.4.0-1112 - 5.4.0-1112.121 linux-image-5.4.0-1112-gcp - 5.4.0-1112.121 linux-modules-5.4.0-1112-gcp - 5.4.0-1112.121 No subscription required linux-tools-5.4.0-162-lowlatency - 5.4.0-162.179 linux-image-unsigned-5.4.0-162-lowlatency - 5.4.0-162.179 linux-tools-common - 5.4.0-162.179 linux-image-5.4.0-162-generic - 5.4.0-162.179 linux-modules-5.4.0-162-generic - 5.4.0-162.179 linux-tools-host - 5.4.0-162.179 linux-modules-5.4.0-162-lowlatency - 5.4.0-162.179 linux-image-5.4.0-162-lowlatency - 5.4.0-162.179 linux-doc - 5.4.0-162.179 linux-cloud-tools-5.4.0-162-lowlatency - 5.4.0-162.179 linux-tools-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-headers-5.4.0-162-lowlatency - 5.4.0-162.179 linux-buildinfo-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-libc-dev - 5.4.0-162.179 linux-source-5.4.0 - 5.4.0-162.179 linux-tools-5.4.0-162-generic - 5.4.0-162.179 linux-image-unsigned-5.4.0-162-generic - 5.4.0-162.179 linux-headers-5.4.0-162-generic - 5.4.0-162.179 linux-headers-5.4.0-162 - 5.4.0-162.179 linux-buildinfo-5.4.0-162-lowlatency - 5.4.0-162.179 linux-image-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-tools-5.4.0-162 - 5.4.0-162.179 linux-cloud-tools-common - 5.4.0-162.179 linux-cloud-tools-5.4.0-162 - 5.4.0-162.179 linux-buildinfo-5.4.0-162-generic - 5.4.0-162.179 linux-cloud-tools-5.4.0-162-generic - 5.4.0-162.179 linux-modules-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-headers-5.4.0-162-generic-lpae - 5.4.0-162.179 linux-modules-extra-5.4.0-162-generic - 5.4.0-162.179 No subscription required linux-iot - 5.4.0.1021.19 linux-image-iot - 5.4.0.1021.19 linux-headers-iot - 5.4.0.1021.19 linux-tools-iot - 5.4.0.1021.19 No subscription required linux-headers-kvm - 5.4.0.1098.93 linux-kvm - 5.4.0.1098.93 linux-image-kvm - 5.4.0.1098.93 linux-tools-kvm - 5.4.0.1098.93 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1108.101 linux-headers-oracle-lts-20.04 - 5.4.0.1108.101 linux-oracle-lts-20.04 - 5.4.0.1108.101 linux-image-oracle-lts-20.04 - 5.4.0.1108.101 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1109.106 linux-image-aws-lts-20.04 - 5.4.0.1109.106 linux-headers-aws-lts-20.04 - 5.4.0.1109.106 linux-tools-aws-lts-20.04 - 5.4.0.1109.106 linux-aws-lts-20.04 - 5.4.0.1109.106 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1112.114 linux-gcp-lts-20.04 - 5.4.0.1112.114 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1112.114 linux-headers-gcp-lts-20.04 - 5.4.0.1112.114 linux-image-gcp-lts-20.04 - 5.4.0.1112.114 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-cloud-tools-virtual - 5.4.0.162.159 linux-image-generic-hwe-18.04 - 5.4.0.162.159 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-headers-generic-lpae - 5.4.0.162.159 linux-image-virtual - 5.4.0.162.159 linux-oem-osp1-tools-host - 5.4.0.162.159 linux-image-generic - 5.4.0.162.159 linux-image-oem - 5.4.0.162.159 linux-tools-virtual-hwe-18.04 - 5.4.0.162.159 linux-tools-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-headers-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-image-extra-virtual-hwe-18.04 - 5.4.0.162.159 linux-image-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-crashdump - 5.4.0.162.159 linux-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-headers-generic-hwe-18.04 - 5.4.0.162.159 linux-headers-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-lowlatency - 5.4.0.162.159 linux-tools-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-tools-generic-lpae - 5.4.0.162.159 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-cloud-tools-generic - 5.4.0.162.159 linux-virtual - 5.4.0.162.159 linux-headers-virtual-hwe-18.04 - 5.4.0.162.159 linux-tools-generic - 5.4.0.162.159 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-tools-virtual - 5.4.0.162.159 linux-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-generic-lpae - 5.4.0.162.159 linux-headers-oem - 5.4.0.162.159 linux-generic - 5.4.0.162.159 linux-tools-oem-osp1 - 5.4.0.162.159 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.162.159 linux-tools-generic-hwe-18.04-edge - 5.4.0.162.159 linux-image-virtual-hwe-18.04 - 5.4.0.162.159 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-cloud-tools-lowlatency - 5.4.0.162.159 linux-headers-lowlatency - 5.4.0.162.159 linux-image-generic-hwe-18.04-edge - 5.4.0.162.159 linux-generic-hwe-18.04-edge - 5.4.0.162.159 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.162.159 linux-oem - 5.4.0.162.159 linux-source - 5.4.0.162.159 linux-image-extra-virtual - 5.4.0.162.159 linux-image-oem-osp1 - 5.4.0.162.159 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-oem-tools-host - 5.4.0.162.159 linux-tools-oem - 5.4.0.162.159 linux-headers-oem-osp1 - 5.4.0.162.159 linux-virtual-hwe-18.04 - 5.4.0.162.159 linux-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.162.159 linux-headers-generic-hwe-18.04-edge - 5.4.0.162.159 linux-headers-generic - 5.4.0.162.159 linux-oem-osp1 - 5.4.0.162.159 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.162.159 linux-tools-lowlatency - 5.4.0.162.159 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-image-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-virtual-hwe-18.04-edge - 5.4.0.162.159 linux-headers-virtual - 5.4.0.162.159 linux-lowlatency-hwe-18.04 - 5.4.0.162.159 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.162.159 linux-generic-hwe-18.04 - 5.4.0.162.159 linux-image-generic-lpae - 5.4.0.162.159 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.162.159 linux-image-lowlatency - 5.4.0.162.159 linux-tools-generic-hwe-18.04 - 5.4.0.162.159 linux-image-virtual-hwe-18.04-edge - 5.4.0.162.159 No subscription required Medium CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 Ubuntu 20.04 LTS Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) Update Instructions: Run `sudo pro fix USN-6340-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-image-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-xilinx-zynqmp-tools-5.4.0-1029 - 5.4.0-1029.33 linux-buildinfo-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-xilinx-zynqmp-headers-5.4.0-1029 - 5.4.0-1029.33 linux-modules-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 linux-tools-5.4.0-1029-xilinx-zynqmp - 5.4.0-1029.33 No subscription required linux-gkeop-headers-5.4.0-1076 - 5.4.0-1076.80 linux-modules-extra-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-buildinfo-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-gkeop-source-5.4.0 - 5.4.0-1076.80 linux-tools-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-image-unsigned-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-gkeop-tools-5.4.0-1076 - 5.4.0-1076.80 linux-gkeop-cloud-tools-5.4.0-1076 - 5.4.0-1076.80 linux-headers-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-modules-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-image-5.4.0-1076-gkeop - 5.4.0-1076.80 linux-cloud-tools-5.4.0-1076-gkeop - 5.4.0-1076.80 No subscription required linux-modules-5.4.0-1093-raspi - 5.4.0-1093.104 linux-buildinfo-5.4.0-1093-raspi - 5.4.0-1093.104 linux-image-5.4.0-1093-raspi - 5.4.0-1093.104 linux-raspi-headers-5.4.0-1093 - 5.4.0-1093.104 linux-tools-5.4.0-1093-raspi - 5.4.0-1093.104 linux-raspi-tools-5.4.0-1093 - 5.4.0-1093.104 linux-headers-5.4.0-1093-raspi - 5.4.0-1093.104 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1029.31 linux-tools-xilinx-zynqmp - 5.4.0.1029.31 linux-headers-xilinx-zynqmp - 5.4.0.1029.31 linux-xilinx-zynqmp - 5.4.0.1029.31 No subscription required linux-image-gkeop-5.4 - 5.4.0.1076.74 linux-headers-gkeop - 5.4.0.1076.74 linux-modules-extra-gkeop-5.4 - 5.4.0.1076.74 linux-gkeop-5.4 - 5.4.0.1076.74 linux-image-gkeop - 5.4.0.1076.74 linux-gkeop - 5.4.0.1076.74 linux-cloud-tools-gkeop - 5.4.0.1076.74 linux-modules-extra-gkeop - 5.4.0.1076.74 linux-tools-gkeop - 5.4.0.1076.74 linux-tools-gkeop-5.4 - 5.4.0.1076.74 linux-headers-gkeop-5.4 - 5.4.0.1076.74 linux-cloud-tools-gkeop-5.4 - 5.4.0.1076.74 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-raspi-hwe-18.04 - 5.4.0.1093.123 linux-image-raspi - 5.4.0.1093.123 linux-tools-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1093.123 linux-raspi2 - 5.4.0.1093.123 linux-headers-raspi2 - 5.4.0.1093.123 linux-headers-raspi2-hwe-18.04 - 5.4.0.1093.123 linux-image-raspi2 - 5.4.0.1093.123 linux-headers-raspi-hwe-18.04 - 5.4.0.1093.123 linux-image-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-tools-raspi-hwe-18.04 - 5.4.0.1093.123 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-tools-raspi2 - 5.4.0.1093.123 linux-image-raspi-hwe-18.04 - 5.4.0.1093.123 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1093.123 linux-tools-raspi - 5.4.0.1093.123 linux-raspi - 5.4.0.1093.123 linux-headers-raspi - 5.4.0.1093.123 linux-image-raspi2-hwe-18.04 - 5.4.0.1093.123 No subscription required Medium CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 Ubuntu 20.04 LTS It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6345-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsox-fmt-base - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-pulse - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-ao - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-dev - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox3 - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-mp3 - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-all - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 sox - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-alsa - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 libsox-fmt-oss - 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 No subscription required Medium CVE-2023-32627 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6346-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1092-raspi - 5.4.0-1092.103 linux-tools-5.4.0-1092-raspi - 5.4.0-1092.103 linux-buildinfo-5.4.0-1092-raspi - 5.4.0-1092.103 linux-image-5.4.0-1092-raspi - 5.4.0-1092.103 linux-raspi-tools-5.4.0-1092 - 5.4.0-1092.103 linux-modules-5.4.0-1092-raspi - 5.4.0-1092.103 linux-raspi-headers-5.4.0-1092 - 5.4.0-1092.103 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-raspi - 5.4.0.1092.122 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-raspi-hwe-18.04 - 5.4.0.1092.122 linux-tools-raspi - 5.4.0.1092.122 linux-image-raspi - 5.4.0.1092.122 linux-tools-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-raspi2 - 5.4.0.1092.122 linux-headers-raspi2 - 5.4.0.1092.122 linux-headers-raspi2-hwe-18.04 - 5.4.0.1092.122 linux-image-raspi2 - 5.4.0.1092.122 linux-image-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-tools-raspi-hwe-18.04 - 5.4.0.1092.122 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-tools-raspi2 - 5.4.0.1092.122 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1092.122 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1092.122 linux-headers-raspi - 5.4.0.1092.122 linux-headers-raspi-hwe-18.04 - 5.4.0.1092.122 linux-image-raspi-hwe-18.04 - 5.4.0.1092.122 linux-image-raspi2-hwe-18.04 - 5.4.0.1092.122 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269) It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502) Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611) It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855) It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194) It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466) It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772) It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203) It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829) Update Instructions: Run `sudo pro fix USN-6347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1043-azure-fde - 5.15.0-1043.50~20.04.1.1 linux-image-unsigned-5.15.0-1043-azure-fde - 5.15.0-1043.50~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-modules-extra-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-headers-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-image-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-modules-extra-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-tools-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-cloud-tools-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-image-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-cloud-tools-azure-fde-edge - 5.15.0.1043.50~20.04.1.22 linux-tools-azure-fde - 5.15.0.1043.50~20.04.1.22 linux-headers-azure-fde - 5.15.0.1043.50~20.04.1.22 No subscription required Medium CVE-2022-4269 CVE-2022-48502 CVE-2023-0597 CVE-2023-1611 CVE-2023-1855 CVE-2023-1990 CVE-2023-2002 CVE-2023-2124 CVE-2023-2163 CVE-2023-2194 CVE-2023-2235 CVE-2023-2269 CVE-2023-23004 CVE-2023-28466 CVE-2023-30772 CVE-2023-3141 CVE-2023-32248 CVE-2023-3268 CVE-2023-33203 CVE-2023-33288 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update Instructions: Run `sudo pro fix USN-6348-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1038.43~20.04.1 linux-image-unsigned-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-headers-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-tools-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-modules-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-modules-extra-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-image-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-modules-iwlwifi-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1038.43~20.04.1 linux-buildinfo-5.15.0-1038-intel-iotg - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1038 - 5.15.0-1038.43~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.43~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1038.43~20.04.28 linux-tools-intel - 5.15.0.1038.43~20.04.28 linux-intel-iotg - 5.15.0.1038.43~20.04.28 linux-headers-intel - 5.15.0.1038.43~20.04.28 linux-tools-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-intel - 5.15.0.1038.43~20.04.28 linux-image-intel - 5.15.0.1038.43~20.04.28 linux-image-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-image-intel-iotg - 5.15.0.1038.43~20.04.28 linux-headers-intel-iotg - 5.15.0.1038.43~20.04.28 linux-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-headers-intel-iotg-edge - 5.15.0.1038.43~20.04.28 linux-tools-intel-iotg - 5.15.0.1038.43~20.04.28 No subscription required High CVE-2022-40982 CVE-2023-20593 CVE-2023-21400 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3776 CVE-2023-3777 CVE-2023-4004 CVE-2023-4015 Ubuntu 20.04 LTS Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) Update Instructions: Run `sudo pro fix USN-6349-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1115-azure - 5.4.0-1115.122 linux-azure-headers-5.4.0-1115 - 5.4.0-1115.122 linux-cloud-tools-5.4.0-1115-azure - 5.4.0-1115.122 linux-azure-cloud-tools-5.4.0-1115 - 5.4.0-1115.122 linux-tools-5.4.0-1115-azure - 5.4.0-1115.122 linux-image-5.4.0-1115-azure - 5.4.0-1115.122 linux-image-unsigned-5.4.0-1115-azure - 5.4.0-1115.122 linux-modules-5.4.0-1115-azure - 5.4.0-1115.122 linux-modules-extra-5.4.0-1115-azure - 5.4.0-1115.122 linux-azure-tools-5.4.0-1115 - 5.4.0-1115.122 linux-headers-5.4.0-1115-azure - 5.4.0-1115.122 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1115.108 linux-tools-azure-lts-20.04 - 5.4.0.1115.108 linux-azure-lts-20.04 - 5.4.0.1115.108 linux-headers-azure-lts-20.04 - 5.4.0.1115.108 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1115.108 linux-modules-extra-azure-lts-20.04 - 5.4.0.1115.108 No subscription required Medium CVE-2023-2002 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 Ubuntu 20.04 LTS It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update Instructions: Run `sudo pro fix USN-6350-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-modules-extra-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-tools-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1037.40~20.04.1 linux-ibm-5.15-tools-5.15.0-1037 - 5.15.0-1037.40~20.04.1 linux-headers-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-ibm-5.15-headers-5.15.0-1037 - 5.15.0-1037.40~20.04.1 linux-image-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-buildinfo-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 linux-modules-5.15.0-1037-ibm - 5.15.0-1037.40~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1042 - 5.15.0-1042.48~20.04.1 linux-image-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-image-unsigned-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-tools-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-headers-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-oracle-5.15-tools-5.15.0-1042 - 5.15.0-1042.48~20.04.1 linux-modules-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-buildinfo-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 linux-modules-extra-5.15.0-1042-oracle - 5.15.0-1042.48~20.04.1 No subscription required linux-modules-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-buildinfo-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-image-unsigned-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-aws-5.15-tools-5.15.0-1044 - 5.15.0-1044.49~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1044 - 5.15.0-1044.49~20.04.1 linux-aws-5.15-headers-5.15.0-1044 - 5.15.0-1044.49~20.04.1 linux-image-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-headers-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-tools-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-cloud-tools-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 linux-modules-extra-5.15.0-1044-aws - 5.15.0-1044.49~20.04.1 No subscription required linux-image-ibm - 5.15.0.1037.40~20.04.9 linux-ibm-edge - 5.15.0.1037.40~20.04.9 linux-headers-ibm - 5.15.0.1037.40~20.04.9 linux-headers-ibm-edge - 5.15.0.1037.40~20.04.9 linux-tools-ibm-edge - 5.15.0.1037.40~20.04.9 linux-ibm - 5.15.0.1037.40~20.04.9 linux-tools-ibm - 5.15.0.1037.40~20.04.9 linux-image-ibm-edge - 5.15.0.1037.40~20.04.9 No subscription required linux-headers-oracle - 5.15.0.1042.48~20.04.1 linux-headers-oracle-edge - 5.15.0.1042.48~20.04.1 linux-image-oracle - 5.15.0.1042.48~20.04.1 linux-tools-oracle - 5.15.0.1042.48~20.04.1 linux-tools-oracle-edge - 5.15.0.1042.48~20.04.1 linux-oracle-edge - 5.15.0.1042.48~20.04.1 linux-image-oracle-edge - 5.15.0.1042.48~20.04.1 linux-oracle - 5.15.0.1042.48~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1044.49~20.04.32 linux-modules-extra-aws-edge - 5.15.0.1044.49~20.04.32 linux-tools-aws - 5.15.0.1044.49~20.04.32 linux-image-aws-edge - 5.15.0.1044.49~20.04.32 linux-headers-aws-edge - 5.15.0.1044.49~20.04.32 linux-aws-edge - 5.15.0.1044.49~20.04.32 linux-tools-aws-edge - 5.15.0.1044.49~20.04.32 linux-headers-aws - 5.15.0.1044.49~20.04.32 linux-image-aws - 5.15.0.1044.49~20.04.32 linux-aws - 5.15.0.1044.49~20.04.32 No subscription required Medium CVE-2022-48425 CVE-2023-21255 CVE-2023-2898 CVE-2023-31084 CVE-2023-3212 CVE-2023-38426 CVE-2023-38428 CVE-2023-38429 Ubuntu 20.04 LTS It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. (CVE-2020-13933, CVE-2020-17510) Update Instructions: Run `sudo pro fix USN-6352-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libshiro-java - 1.3.2-4ubuntu0.2 No subscription required Medium CVE-2020-13933 CVE-2020-17510 Ubuntu 20.04 LTS Wooseok Kang discovered that PLIB did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TGA file, an attacker could possibly use this issue to cause applications using PLIB to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libplib-dev - 1.8.5-8ubuntu0.20.04.1 libplib1 - 1.8.5-8ubuntu0.20.04.1 No subscription required Medium CVE-2021-38714 Ubuntu 20.04 LTS Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3695) Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3696) Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2021-3697) It was discovered that GRUB2 configuration files were created with the wrong permissions. An attacker could possibly use this to leak encrypted passwords. (CVE-2021-3981) Daniel Axtens discovered that specially crafted IP packets could cause an integer underflow and write past the end of a buffer. An attacker could possibly use this to circumvent secure boot protections. (CVE-2022-28733) Daniel Axtens discovered that specially crafted HTTP headers can cause an out-of-bounds write of a NULL byte. An attacker could possibly use this to corrupt GRUB2's internal data. (CVE-2022-28734) Julian Andres Klode discovered that GRUB2 shim_lock allowed non- kernel files to be loaded. A local attack could possibly use this to circumvent secure boot protections. (CVE-2022-28735) Chris Coulson discovered that executing chainloaders more than once caused a use-after-free vulnerability. A local attack could possibly use this to circumvent secure boot protections. (CVE-2022-28736) Chris Coulson discovered that specially crafted executables could cause shim to make out-of-bound writes. A local attack could possibly use this to circumvent secure boot protections. (CVE-2022-28737) Zhang Boyang discovered that specially crafted unicode sequences could lead to an out-of-bounds write to a heap. A local attacker could possibly use this to circumvent secure boot protections. (CVE-2022-3775) Update Instructions: Run `sudo pro fix USN-6355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-arm64-signed - 1.187.3~20.04.1+2.06-2ubuntu14.1 grub-efi-amd64-signed - 1.187.3~20.04.1+2.06-2ubuntu14.1 No subscription required shim-signed - 1.40.9+15.7-0ubuntu1 No subscription required shim - 15.7-0ubuntu1 No subscription required grub-efi-amd64-bin - 2.06-2ubuntu14.1 grub-efi-amd64 - 2.06-2ubuntu14.1 grub-efi-arm64 - 2.06-2ubuntu14.1 grub-efi-arm64-bin - 2.06-2ubuntu14.1 No subscription required Medium CVE-2022-28737 CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2021-3981 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 CVE-2022-28736 CVE-2022-3775 https://launchpad.net/bugs/2029518 Ubuntu 20.04 LTS Jianjun Chen, Vern Paxson and Jian Jiang discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into receiving crafted inputs, an attacker could possibly use this to falsify the domain of an e-mails origin. (CVE-2020-12272) Patrik Lantz discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-12460) Update Instructions: Run `sudo pro fix USN-6356-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopendmarc-dev - 1.3.2-7ubuntu0.1 opendmarc - 1.3.2-7ubuntu0.1 libopendmarc2 - 1.3.2-7ubuntu0.1 No subscription required Medium CVE-2020-12272 CVE-2020-12460 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6357-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-tools-5.4.0-1056 - 5.4.0-1056.61 linux-ibm-headers-5.4.0-1056 - 5.4.0-1056.61 linux-buildinfo-5.4.0-1056-ibm - 5.4.0-1056.61 linux-modules-5.4.0-1056-ibm - 5.4.0-1056.61 linux-ibm-tools-common - 5.4.0-1056.61 linux-headers-5.4.0-1056-ibm - 5.4.0-1056.61 linux-ibm-cloud-tools-common - 5.4.0-1056.61 linux-modules-extra-5.4.0-1056-ibm - 5.4.0-1056.61 linux-image-5.4.0-1056-ibm - 5.4.0-1056.61 linux-image-unsigned-5.4.0-1056-ibm - 5.4.0-1056.61 linux-ibm-source-5.4.0 - 5.4.0-1056.61 linux-tools-5.4.0-1056-ibm - 5.4.0-1056.61 No subscription required linux-image-ibm-lts-20.04 - 5.4.0.1056.85 linux-ibm-lts-20.04 - 5.4.0.1056.85 linux-headers-ibm-lts-20.04 - 5.4.0.1056.85 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1056.85 linux-tools-ibm-lts-20.04 - 5.4.0.1056.85 No subscription required High CVE-2022-40982 CVE-2023-2002 CVE-2023-20593 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6358-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-redcloth - 4.3.2-3+deb10u1build0.20.04.1 No subscription required Medium CVE-2023-31606 Ubuntu 20.04 LTS It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libflac-doc - 1.3.3-1ubuntu0.2 libflac-dev - 1.3.3-1ubuntu0.2 libflac++-dev - 1.3.3-1ubuntu0.2 flac - 1.3.3-1ubuntu0.2 libflac++6v5 - 1.3.3-1ubuntu0.2 libflac8 - 1.3.3-1ubuntu0.2 No subscription required Medium CVE-2020-22219 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents. Update Instructions: Run `sudo pro fix USN-6361-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.5 cups-bsd - 2.3.1-9ubuntu1.5 cups-common - 2.3.1-9ubuntu1.5 cups-core-drivers - 2.3.1-9ubuntu1.5 cups-server-common - 2.3.1-9ubuntu1.5 libcupsimage2 - 2.3.1-9ubuntu1.5 cups-client - 2.3.1-9ubuntu1.5 cups-ipp-utils - 2.3.1-9ubuntu1.5 libcups2 - 2.3.1-9ubuntu1.5 cups-ppdc - 2.3.1-9ubuntu1.5 cups - 2.3.1-9ubuntu1.5 libcupsimage2-dev - 2.3.1-9ubuntu1.5 cups-daemon - 2.3.1-9ubuntu1.5 No subscription required Medium CVE-2023-32360 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-21710) It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2020-21890) Update Instructions: Run `sudo pro fix USN-6364-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.10 ghostscript-x - 9.50~dfsg-5ubuntu4.10 libgs-dev - 9.50~dfsg-5ubuntu4.10 ghostscript-doc - 9.50~dfsg-5ubuntu4.10 libgs9 - 9.50~dfsg-5ubuntu4.10 libgs9-common - 9.50~dfsg-5ubuntu4.10 No subscription required Medium CVE-2020-21710 CVE-2020-21890 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations. Update Instructions: Run `sudo pro fix USN-6365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.6 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.6 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.6 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.6 No subscription required Medium CVE-2023-20900 Ubuntu 20.04 LTS It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. (CVE-2023-4863) Update Instructions: Run `sudo pro fix USN-6367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ne - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nb - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fa - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fi - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-fy - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-or - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kab - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-oc - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cs - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ga - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gd - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-gu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pa - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cy - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-pt - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-szl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hi - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-he - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hy - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-as - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ar - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ia - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-az - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-id - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mai - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-af - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-is - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-it - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-an - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bs - 117.0.1+build2-0ubuntu0.20.04.1 firefox - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ro - 117.0.1+build2-0ubuntu0.20.04.1 firefox-geckodriver - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ja - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ru - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-br - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-be - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-bg - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sl - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-si - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sw - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sv - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-sq - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ko - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-km - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-kk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ka - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-xh - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ca - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ku - 117.0.1+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lv - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lt - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-th - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tg - 117.0.1+build2-0ubuntu0.20.04.1 firefox-dev - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-te - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-cak - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ta - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-lg - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-csb - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-tr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-nso - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-de - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-da - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ms - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mr - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-my - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-uz - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ml - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mn - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-mk - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ur - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-et - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-es - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-vi - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-el - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-eo - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-en - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-zu - 117.0.1+build2-0ubuntu0.20.04.1 firefox-locale-ast - 117.0.1+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4863 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581, CVE-2023-4584) It was discovered that Thunderbird did not properly manage memory when handling WebP images. If a user were tricked into opening a malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. (CVE-2023-4863) Update Instructions: Run `sudo pro fix USN-6368-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:102.15.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:102.15.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:102.15.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:102.15.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:102.15.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4581 CVE-2023-4584 CVE-2023-4863 Ubuntu 20.04 LTS It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6369-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: webp - 0.6.1-2ubuntu0.20.04.3 libwebp6 - 0.6.1-2ubuntu0.20.04.3 libwebpmux3 - 0.6.1-2ubuntu0.20.04.3 libwebp-dev - 0.6.1-2ubuntu0.20.04.3 libwebpdemux2 - 0.6.1-2ubuntu0.20.04.3 No subscription required Medium CVE-2023-4863 Ubuntu 20.04 LTS It was discovered that ModSecurity incorrectly handled certain nested JSON objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-42717) It was discovered that ModSecurity incorrectly handled certain HTTP multipart requests. A remote attacker could possibly use this issue to bypass ModSecurity restrictions. (CVE-2022-48279) It was discovered that ModSecurity incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause a buffer overflow and a firewall failure. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-24021) Update Instructions: Run `sudo pro fix USN-6370-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-security2 - 2.9.3-1ubuntu0.1 No subscription required Medium CVE-2021-42717 CVE-2022-48279 CVE-2023-24021 Ubuntu 20.04 LTS It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-6371-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh2-1-dev - 1.8.0-2.1ubuntu0.1 libssh2-1 - 1.8.0-2.1ubuntu0.1 No subscription required Medium CVE-2020-22218 Ubuntu 20.04 LTS It was discovered that gawk could be made to read out of bounds when processing certain inputs. If a user or an automated system were tricked into opening a specially crafted input, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6373-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gawk - 1:5.0.1+dfsg-1ubuntu0.1 No subscription required Medium CVE-2023-4156 Ubuntu 20.04 LTS It was discovered that Mutt incorrectly handled certain email header contents. If a user were tricked into opening a specially crafted message, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-4874, CVE-2023-4875) Update Instructions: Run `sudo pro fix USN-6374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mutt - 1.13.2-1ubuntu0.6 No subscription required Medium CVE-2023-4874 CVE-2023-4875 Ubuntu 20.04 LTS It was discovered that c-ares incorrectly parsed certain SOA replies. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6376-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.4 libc-ares-dev - 1.15.0-1ubuntu0.4 No subscription required Medium CVE-2020-22217 Ubuntu 20.04 LTS It was discovered that LibRaw incorrectly handled certain photo files. If a user o automated system were tricked into processing a specially crafted photo file, a remote attacker could possibly cause applications linked against LibRaw to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6377-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-doc - 0.19.5-1ubuntu1.3 libraw-bin - 0.19.5-1ubuntu1.3 libraw19 - 0.19.5-1ubuntu1.3 libraw-dev - 0.19.5-1ubuntu1.3 No subscription required Medium CVE-2020-22628 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain URIs with a very large number of Unicode characters. A remote attacker could possibly use this issue to cause Django to consume resources or crash, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6378-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.19 python-django-doc - 2:2.2.12-1ubuntu0.19 No subscription required Medium CVE-2023-41164 Ubuntu 20.04 LTS It was discovered that vsftpd was vulnerable to the ALPACA TLS protocol content confusion attack. A remote attacker could possibly use this issue to redirect traffic from one subdomain to another. Update Instructions: Run `sudo pro fix USN-6379-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vsftpd - 3.0.5-0ubuntu0.20.04.1 No subscription required Low CVE-2021-3618 Ubuntu 20.04 LTS Rogier Schouten discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-15604) Ethan Rubinson discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-15605) Alyssa Wilk discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-15606) Tobias Niessen discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8174) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-8265, CVE-2020-8287) Update Instructions: Run `sudo pro fix USN-6380-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.1 libnode64 - 10.19.0~dfsg-3ubuntu1.1 nodejs-doc - 10.19.0~dfsg-3ubuntu1.1 nodejs - 10.19.0~dfsg-3ubuntu1.1 No subscription required Medium CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2020-8174 CVE-2020-8265 CVE-2020-8287 Ubuntu 20.04 LTS It was discovered that Memcached incorrectly handled certain multi-packet uploads in UDP. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6382-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: memcached - 1.5.22-2ubuntu0.3 No subscription required Medium CVE-2022-48571 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569) Update Instructions: Run `sudo pro fix USN-6386-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-gkeop-5.15-tools-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-modules-extra-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-modules-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-tools-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-gkeop-5.15-headers-5.15.0-1028 - 5.15.0-1028.33~20.04.1 linux-headers-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-image-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-cloud-tools-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 linux-image-unsigned-5.15.0-1028-gkeop - 5.15.0-1028.33~20.04.1 No subscription required linux-image-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-modules-extra-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-buildinfo-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1038.41~20.04.1 linux-modules-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-headers-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-tools-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-image-unsigned-5.15.0-1038-ibm - 5.15.0-1038.41~20.04.1 linux-ibm-5.15-tools-5.15.0-1038 - 5.15.0-1038.41~20.04.1 linux-ibm-5.15-headers-5.15.0-1038 - 5.15.0-1038.41~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1042 - 5.15.0-1042.50~20.04.1 linux-modules-iwlwifi-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-buildinfo-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-tools-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-modules-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-headers-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-modules-extra-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-image-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 linux-gcp-5.15-headers-5.15.0-1042 - 5.15.0-1042.50~20.04.1 linux-image-unsigned-5.15.0-1042-gcp - 5.15.0-1042.50~20.04.1 No subscription required linux-modules-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-buildinfo-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-cloud-tools-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-aws-5.15-headers-5.15.0-1045 - 5.15.0-1045.50~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.50~20.04.1 linux-image-unsigned-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-headers-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-aws-5.15-tools-5.15.0-1045 - 5.15.0-1045.50~20.04.1 linux-modules-extra-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-image-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 linux-tools-5.15.0-1045-aws - 5.15.0-1045.50~20.04.1 No subscription required linux-modules-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-image-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-headers-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-image-unsigned-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-azure-5.15-headers-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-tools-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-cloud-tools-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-azure-5.15-tools-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-modules-extra-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 linux-buildinfo-5.15.0-1047-azure - 5.15.0-1047.54~20.04.1 No subscription required linux-image-unsigned-5.15.0-1047-azure-fde - 5.15.0-1047.54~20.04.1.1 linux-image-5.15.0-1047-azure-fde - 5.15.0-1047.54~20.04.1.1 No subscription required linux-headers-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-modules-extra-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-modules-iwlwifi-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-cloud-tools-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-84.93~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-84.93~20.04.1 linux-cloud-tools-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-modules-iwlwifi-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-hwe-5.15-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-buildinfo-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-headers-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-hwe-5.15-headers-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-generic-64k - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-generic-lpae - 5.15.0-84.93~20.04.1 linux-tools-5.15.0-84-lowlatency-64k - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-84 - 5.15.0-84.93~20.04.1 linux-image-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-84.93~20.04.1 linux-modules-5.15.0-84-generic - 5.15.0-84.93~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-84.93~20.04.1 linux-image-unsigned-5.15.0-84-lowlatency - 5.15.0-84.93~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-84.93~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-headers-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-tools-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-headers-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-image-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-cloud-tools-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-tools-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-modules-extra-gkeop-edge - 5.15.0.1028.33~20.04.24 linux-modules-extra-gkeop-5.15 - 5.15.0.1028.33~20.04.24 linux-image-gkeop-edge - 5.15.0.1028.33~20.04.24 No subscription required linux-image-ibm - 5.15.0.1038.41~20.04.10 linux-tools-ibm-edge - 5.15.0.1038.41~20.04.10 linux-headers-ibm-edge - 5.15.0.1038.41~20.04.10 linux-headers-ibm - 5.15.0.1038.41~20.04.10 linux-ibm - 5.15.0.1038.41~20.04.10 linux-ibm-edge - 5.15.0.1038.41~20.04.10 linux-tools-ibm - 5.15.0.1038.41~20.04.10 linux-image-ibm-edge - 5.15.0.1038.41~20.04.10 No subscription required linux-image-gcp-edge - 5.15.0.1042.50~20.04.1 linux-headers-gcp-edge - 5.15.0.1042.50~20.04.1 linux-tools-gcp - 5.15.0.1042.50~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1042.50~20.04.1 linux-tools-gcp-edge - 5.15.0.1042.50~20.04.1 linux-headers-gcp - 5.15.0.1042.50~20.04.1 linux-gcp - 5.15.0.1042.50~20.04.1 linux-image-gcp - 5.15.0.1042.50~20.04.1 linux-modules-extra-gcp - 5.15.0.1042.50~20.04.1 linux-gcp-edge - 5.15.0.1042.50~20.04.1 No subscription required linux-headers-aws - 5.15.0.1045.50~20.04.33 linux-image-aws - 5.15.0.1045.50~20.04.33 linux-modules-extra-aws-edge - 5.15.0.1045.50~20.04.33 linux-image-aws-edge - 5.15.0.1045.50~20.04.33 linux-aws-edge - 5.15.0.1045.50~20.04.33 linux-aws - 5.15.0.1045.50~20.04.33 linux-headers-aws-edge - 5.15.0.1045.50~20.04.33 linux-modules-extra-aws - 5.15.0.1045.50~20.04.33 linux-tools-aws - 5.15.0.1045.50~20.04.33 linux-tools-aws-edge - 5.15.0.1045.50~20.04.33 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-tools-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-headers-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-tools-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-modules-extra-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-image-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-image-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-cloud-tools-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-azure-fde-edge - 5.15.0.1047.54~20.04.1.25 linux-modules-extra-azure-fde - 5.15.0.1047.54~20.04.1.25 linux-headers-azure-fde - 5.15.0.1047.54~20.04.1.25 No subscription required linux-cloud-tools-azure - 5.15.0.1047.54~20.04.36 linux-headers-azure-cvm - 5.15.0.1047.54~20.04.36 linux-tools-azure - 5.15.0.1047.54~20.04.36 linux-image-azure-edge - 5.15.0.1047.54~20.04.36 linux-image-azure-cvm - 5.15.0.1047.54~20.04.36 linux-azure-cvm - 5.15.0.1047.54~20.04.36 linux-tools-azure-edge - 5.15.0.1047.54~20.04.36 linux-tools-azure-cvm - 5.15.0.1047.54~20.04.36 linux-cloud-tools-azure-edge - 5.15.0.1047.54~20.04.36 linux-modules-extra-azure - 5.15.0.1047.54~20.04.36 linux-modules-extra-azure-cvm - 5.15.0.1047.54~20.04.36 linux-azure - 5.15.0.1047.54~20.04.36 linux-image-azure - 5.15.0.1047.54~20.04.36 linux-cloud-tools-azure-cvm - 5.15.0.1047.54~20.04.36 linux-headers-azure-edge - 5.15.0.1047.54~20.04.36 linux-azure-edge - 5.15.0.1047.54~20.04.36 linux-modules-extra-azure-edge - 5.15.0.1047.54~20.04.36 linux-headers-azure - 5.15.0.1047.54~20.04.36 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-image-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-lowlatency-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.84.93~20.04.39 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.39 No subscription required linux-tools-oem-20.04c - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04b - 5.15.0.84.93~20.04.42 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-oem-20.04b - 5.15.0.84.93~20.04.42 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-extra-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04d - 5.15.0.84.93~20.04.42 linux-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-oem-20.04c - 5.15.0.84.93~20.04.42 linux-image-oem-20.04d - 5.15.0.84.93~20.04.42 linux-headers-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-oem-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-oem-20.04 - 5.15.0.84.93~20.04.42 linux-headers-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-oem-20.04c - 5.15.0.84.93~20.04.42 linux-oem-20.04b - 5.15.0.84.93~20.04.42 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-oem-20.04d - 5.15.0.84.93~20.04.42 linux-tools-oem-20.04 - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-oem-20.04 - 5.15.0.84.93~20.04.42 linux-tools-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-generic-lpae-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-tools-virtual-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-image-generic-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-oem-20.04d - 5.15.0.84.93~20.04.42 linux-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-tools-virtual-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-image-generic-64k-hwe-20.04 - 5.15.0.84.93~20.04.42 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04b - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04c - 5.15.0.84.93~20.04.42 linux-headers-oem-20.04d - 5.15.0.84.93~20.04.42 No subscription required High CVE-2023-20588 CVE-2023-40283 CVE-2023-4569 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569) Update Instructions: Run `sudo pro fix USN-6386-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-modules-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-modules-iwlwifi-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-image-unsigned-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-modules-extra-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-image-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1040.46~20.04.1 linux-tools-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-buildinfo-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-headers-5.15.0-1040-intel-iotg - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1040.46~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1044 - 5.15.0-1044.50~20.04.1 linux-oracle-5.15-tools-5.15.0-1044 - 5.15.0-1044.50~20.04.1 linux-buildinfo-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-modules-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-image-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-modules-extra-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-tools-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-image-unsigned-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 linux-headers-5.15.0-1044-oracle - 5.15.0-1044.50~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1040.46~20.04.31 linux-intel-iotg - 5.15.0.1040.46~20.04.31 linux-headers-intel - 5.15.0.1040.46~20.04.31 linux-intel - 5.15.0.1040.46~20.04.31 linux-image-intel-iotg - 5.15.0.1040.46~20.04.31 linux-image-intel - 5.15.0.1040.46~20.04.31 linux-image-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-tools-intel - 5.15.0.1040.46~20.04.31 linux-tools-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-headers-intel-iotg - 5.15.0.1040.46~20.04.31 linux-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-headers-intel-iotg-edge - 5.15.0.1040.46~20.04.31 linux-tools-intel-iotg - 5.15.0.1040.46~20.04.31 No subscription required linux-headers-oracle - 5.15.0.1044.50~20.04.1 linux-headers-oracle-edge - 5.15.0.1044.50~20.04.1 linux-tools-oracle - 5.15.0.1044.50~20.04.1 linux-tools-oracle-edge - 5.15.0.1044.50~20.04.1 linux-oracle-edge - 5.15.0.1044.50~20.04.1 linux-image-oracle - 5.15.0.1044.50~20.04.1 linux-image-oracle-edge - 5.15.0.1044.50~20.04.1 linux-oracle - 5.15.0.1044.50~20.04.1 No subscription required High CVE-2023-20588 CVE-2023-40283 CVE-2023-4569 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Update Instructions: Run `sudo pro fix USN-6387-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1022-iot - 5.4.0-1022.23 linux-iot-tools-5.4.0-1022 - 5.4.0-1022.23 linux-image-5.4.0-1022-iot - 5.4.0-1022.23 linux-tools-5.4.0-1022-iot - 5.4.0-1022.23 linux-headers-5.4.0-1022-iot - 5.4.0-1022.23 linux-iot-headers-5.4.0-1022 - 5.4.0-1022.23 linux-modules-5.4.0-1022-iot - 5.4.0-1022.23 linux-iot-tools-common - 5.4.0-1022.23 linux-buildinfo-5.4.0-1022-iot - 5.4.0-1022.23 No subscription required linux-buildinfo-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-tools-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-modules-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-xilinx-zynqmp-headers-5.4.0-1030 - 5.4.0-1030.34 linux-headers-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-image-5.4.0-1030-xilinx-zynqmp - 5.4.0-1030.34 linux-xilinx-zynqmp-tools-5.4.0-1030 - 5.4.0-1030.34 No subscription required linux-modules-extra-5.4.0-1057-ibm - 5.4.0-1057.62 linux-image-unsigned-5.4.0-1057-ibm - 5.4.0-1057.62 linux-image-5.4.0-1057-ibm - 5.4.0-1057.62 linux-headers-5.4.0-1057-ibm - 5.4.0-1057.62 linux-ibm-source-5.4.0 - 5.4.0-1057.62 linux-ibm-tools-common - 5.4.0-1057.62 linux-modules-5.4.0-1057-ibm - 5.4.0-1057.62 linux-buildinfo-5.4.0-1057-ibm - 5.4.0-1057.62 linux-ibm-cloud-tools-common - 5.4.0-1057.62 linux-tools-5.4.0-1057-ibm - 5.4.0-1057.62 linux-ibm-headers-5.4.0-1057 - 5.4.0-1057.62 linux-ibm-tools-5.4.0-1057 - 5.4.0-1057.62 No subscription required linux-image-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-headers-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-modules-extra-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-gkeop-source-5.4.0 - 5.4.0-1077.81 linux-gkeop-tools-5.4.0-1077 - 5.4.0-1077.81 linux-gkeop-cloud-tools-5.4.0-1077 - 5.4.0-1077.81 linux-image-unsigned-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-gkeop-headers-5.4.0-1077 - 5.4.0-1077.81 linux-buildinfo-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-tools-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-cloud-tools-5.4.0-1077-gkeop - 5.4.0-1077.81 linux-modules-5.4.0-1077-gkeop - 5.4.0-1077.81 No subscription required linux-image-5.4.0-1099-kvm - 5.4.0-1099.105 linux-modules-5.4.0-1099-kvm - 5.4.0-1099.105 linux-kvm-headers-5.4.0-1099 - 5.4.0-1099.105 linux-buildinfo-5.4.0-1099-kvm - 5.4.0-1099.105 linux-headers-5.4.0-1099-kvm - 5.4.0-1099.105 linux-tools-5.4.0-1099-kvm - 5.4.0-1099.105 linux-image-unsigned-5.4.0-1099-kvm - 5.4.0-1099.105 linux-kvm-tools-5.4.0-1099 - 5.4.0-1099.105 No subscription required linux-oracle-tools-5.4.0-1109 - 5.4.0-1109.118 linux-tools-5.4.0-1109-oracle - 5.4.0-1109.118 linux-image-unsigned-5.4.0-1109-oracle - 5.4.0-1109.118 linux-modules-5.4.0-1109-oracle - 5.4.0-1109.118 linux-oracle-headers-5.4.0-1109 - 5.4.0-1109.118 linux-image-5.4.0-1109-oracle - 5.4.0-1109.118 linux-headers-5.4.0-1109-oracle - 5.4.0-1109.118 linux-buildinfo-5.4.0-1109-oracle - 5.4.0-1109.118 linux-modules-extra-5.4.0-1109-oracle - 5.4.0-1109.118 No subscription required linux-cloud-tools-5.4.0-1110-aws - 5.4.0-1110.119 linux-buildinfo-5.4.0-1110-aws - 5.4.0-1110.119 linux-modules-extra-5.4.0-1110-aws - 5.4.0-1110.119 linux-aws-tools-5.4.0-1110 - 5.4.0-1110.119 linux-aws-headers-5.4.0-1110 - 5.4.0-1110.119 linux-modules-5.4.0-1110-aws - 5.4.0-1110.119 linux-tools-5.4.0-1110-aws - 5.4.0-1110.119 linux-aws-cloud-tools-5.4.0-1110 - 5.4.0-1110.119 linux-headers-5.4.0-1110-aws - 5.4.0-1110.119 linux-image-5.4.0-1110-aws - 5.4.0-1110.119 linux-image-unsigned-5.4.0-1110-aws - 5.4.0-1110.119 No subscription required linux-tools-5.4.0-1113-gcp - 5.4.0-1113.122 linux-modules-extra-5.4.0-1113-gcp - 5.4.0-1113.122 linux-gcp-headers-5.4.0-1113 - 5.4.0-1113.122 linux-buildinfo-5.4.0-1113-gcp - 5.4.0-1113.122 linux-image-5.4.0-1113-gcp - 5.4.0-1113.122 linux-modules-5.4.0-1113-gcp - 5.4.0-1113.122 linux-image-unsigned-5.4.0-1113-gcp - 5.4.0-1113.122 linux-gcp-tools-5.4.0-1113 - 5.4.0-1113.122 linux-headers-5.4.0-1113-gcp - 5.4.0-1113.122 No subscription required linux-azure-tools-5.4.0-1116 - 5.4.0-1116.123 linux-image-unsigned-5.4.0-1116-azure - 5.4.0-1116.123 linux-buildinfo-5.4.0-1116-azure - 5.4.0-1116.123 linux-tools-5.4.0-1116-azure - 5.4.0-1116.123 linux-cloud-tools-5.4.0-1116-azure - 5.4.0-1116.123 linux-headers-5.4.0-1116-azure - 5.4.0-1116.123 linux-modules-5.4.0-1116-azure - 5.4.0-1116.123 linux-azure-headers-5.4.0-1116 - 5.4.0-1116.123 linux-image-5.4.0-1116-azure - 5.4.0-1116.123 linux-azure-cloud-tools-5.4.0-1116 - 5.4.0-1116.123 linux-modules-extra-5.4.0-1116-azure - 5.4.0-1116.123 No subscription required linux-image-unsigned-5.4.0-163-lowlatency - 5.4.0-163.180 linux-tools-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-tools-common - 5.4.0-163.180 linux-headers-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-tools-host - 5.4.0-163.180 linux-doc - 5.4.0-163.180 linux-modules-5.4.0-163-generic - 5.4.0-163.180 linux-image-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-buildinfo-5.4.0-163-lowlatency - 5.4.0-163.180 linux-image-unsigned-5.4.0-163-generic - 5.4.0-163.180 linux-modules-5.4.0-163-lowlatency - 5.4.0-163.180 linux-buildinfo-5.4.0-163-generic-lpae - 5.4.0-163.180 linux-cloud-tools-5.4.0-163-lowlatency - 5.4.0-163.180 linux-source-5.4.0 - 5.4.0-163.180 linux-image-5.4.0-163-generic - 5.4.0-163.180 linux-image-5.4.0-163-lowlatency - 5.4.0-163.180 linux-headers-5.4.0-163-lowlatency - 5.4.0-163.180 linux-tools-5.4.0-163-generic - 5.4.0-163.180 linux-buildinfo-5.4.0-163-generic - 5.4.0-163.180 linux-headers-5.4.0-163 - 5.4.0-163.180 linux-tools-5.4.0-163 - 5.4.0-163.180 linux-modules-extra-5.4.0-163-generic - 5.4.0-163.180 linux-cloud-tools-common - 5.4.0-163.180 linux-cloud-tools-5.4.0-163 - 5.4.0-163.180 linux-cloud-tools-5.4.0-163-generic - 5.4.0-163.180 linux-tools-5.4.0-163-lowlatency - 5.4.0-163.180 linux-headers-5.4.0-163-generic - 5.4.0-163.180 linux-libc-dev - 5.4.0-163.180 linux-modules-5.4.0-163-generic-lpae - 5.4.0-163.180 No subscription required linux-iot - 5.4.0.1022.20 linux-image-iot - 5.4.0.1022.20 linux-headers-iot - 5.4.0.1022.20 linux-tools-iot - 5.4.0.1022.20 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1030.32 linux-xilinx-zynqmp - 5.4.0.1030.32 linux-tools-xilinx-zynqmp - 5.4.0.1030.32 linux-headers-xilinx-zynqmp - 5.4.0.1030.32 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1057.86 linux-headers-ibm-lts-20.04 - 5.4.0.1057.86 linux-ibm-lts-20.04 - 5.4.0.1057.86 linux-image-ibm-lts-20.04 - 5.4.0.1057.86 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1057.86 No subscription required linux-headers-gkeop - 5.4.0.1077.75 linux-cloud-tools-gkeop-5.4 - 5.4.0.1077.75 linux-image-gkeop - 5.4.0.1077.75 linux-modules-extra-gkeop-5.4 - 5.4.0.1077.75 linux-gkeop-5.4 - 5.4.0.1077.75 linux-headers-gkeop-5.4 - 5.4.0.1077.75 linux-image-gkeop-5.4 - 5.4.0.1077.75 linux-gkeop - 5.4.0.1077.75 linux-cloud-tools-gkeop - 5.4.0.1077.75 linux-tools-gkeop-5.4 - 5.4.0.1077.75 linux-modules-extra-gkeop - 5.4.0.1077.75 linux-tools-gkeop - 5.4.0.1077.75 No subscription required linux-kvm - 5.4.0.1099.94 linux-headers-kvm - 5.4.0.1099.94 linux-image-kvm - 5.4.0.1099.94 linux-tools-kvm - 5.4.0.1099.94 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1109.102 linux-oracle-lts-20.04 - 5.4.0.1109.102 linux-headers-oracle-lts-20.04 - 5.4.0.1109.102 linux-image-oracle-lts-20.04 - 5.4.0.1109.102 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1110.107 linux-image-aws-lts-20.04 - 5.4.0.1110.107 linux-headers-aws-lts-20.04 - 5.4.0.1110.107 linux-tools-aws-lts-20.04 - 5.4.0.1110.107 linux-aws-lts-20.04 - 5.4.0.1110.107 No subscription required linux-gcp-lts-20.04 - 5.4.0.1113.115 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1113.115 linux-headers-gcp-lts-20.04 - 5.4.0.1113.115 linux-image-gcp-lts-20.04 - 5.4.0.1113.115 linux-tools-gcp-lts-20.04 - 5.4.0.1113.115 No subscription required linux-azure-lts-20.04 - 5.4.0.1116.109 linux-image-azure-lts-20.04 - 5.4.0.1116.109 linux-modules-extra-azure-lts-20.04 - 5.4.0.1116.109 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1116.109 linux-tools-azure-lts-20.04 - 5.4.0.1116.109 linux-headers-azure-lts-20.04 - 5.4.0.1116.109 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-cloud-tools-virtual - 5.4.0.163.160 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-image-generic-hwe-18.04 - 5.4.0.163.160 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-headers-generic-lpae - 5.4.0.163.160 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-image-virtual - 5.4.0.163.160 linux-oem-osp1-tools-host - 5.4.0.163.160 linux-image-generic - 5.4.0.163.160 linux-tools-lowlatency - 5.4.0.163.160 linux-image-oem - 5.4.0.163.160 linux-image-extra-virtual-hwe-18.04 - 5.4.0.163.160 linux-headers-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-image-oem-osp1 - 5.4.0.163.160 linux-image-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-crashdump - 5.4.0.163.160 linux-tools-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-headers-generic-hwe-18.04 - 5.4.0.163.160 linux-headers-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.163.160 linux-lowlatency - 5.4.0.163.160 linux-tools-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-tools-generic-lpae - 5.4.0.163.160 linux-cloud-tools-generic - 5.4.0.163.160 linux-virtual - 5.4.0.163.160 linux-headers-virtual-hwe-18.04 - 5.4.0.163.160 linux-virtual-hwe-18.04 - 5.4.0.163.160 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-tools-virtual - 5.4.0.163.160 linux-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-generic-lpae - 5.4.0.163.160 linux-headers-oem - 5.4.0.163.160 linux-generic - 5.4.0.163.160 linux-tools-oem-osp1 - 5.4.0.163.160 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-tools-generic-hwe-18.04-edge - 5.4.0.163.160 linux-image-virtual-hwe-18.04 - 5.4.0.163.160 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-cloud-tools-lowlatency - 5.4.0.163.160 linux-headers-lowlatency - 5.4.0.163.160 linux-image-generic-hwe-18.04-edge - 5.4.0.163.160 linux-generic-hwe-18.04-edge - 5.4.0.163.160 linux-generic-hwe-18.04 - 5.4.0.163.160 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.163.160 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.163.160 linux-oem - 5.4.0.163.160 linux-tools-generic - 5.4.0.163.160 linux-image-extra-virtual - 5.4.0.163.160 linux-oem-tools-host - 5.4.0.163.160 linux-tools-oem - 5.4.0.163.160 linux-headers-oem-osp1 - 5.4.0.163.160 linux-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-source - 5.4.0.163.160 linux-headers-generic-hwe-18.04-edge - 5.4.0.163.160 linux-headers-generic - 5.4.0.163.160 linux-oem-osp1 - 5.4.0.163.160 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.163.160 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-image-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-virtual-hwe-18.04-edge - 5.4.0.163.160 linux-headers-virtual - 5.4.0.163.160 linux-tools-virtual-hwe-18.04 - 5.4.0.163.160 linux-lowlatency-hwe-18.04 - 5.4.0.163.160 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.163.160 linux-image-generic-lpae - 5.4.0.163.160 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.163.160 linux-image-lowlatency - 5.4.0.163.160 linux-tools-generic-hwe-18.04 - 5.4.0.163.160 linux-image-virtual-hwe-18.04-edge - 5.4.0.163.160 No subscription required High CVE-2023-20588 CVE-2023-40283 Ubuntu 20.04 LTS Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128) Update Instructions: Run `sudo pro fix USN-6387-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1071 - 5.4.0-1071.77 linux-buildinfo-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-image-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-modules-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-bluefield-tools-5.4.0-1071 - 5.4.0-1071.77 linux-tools-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-headers-5.4.0-1071-bluefield - 5.4.0-1071.77 linux-image-unsigned-5.4.0-1071-bluefield - 5.4.0-1071.77 No subscription required linux-tools-5.4.0-1094-raspi - 5.4.0-1094.105 linux-raspi-tools-5.4.0-1094 - 5.4.0-1094.105 linux-buildinfo-5.4.0-1094-raspi - 5.4.0-1094.105 linux-headers-5.4.0-1094-raspi - 5.4.0-1094.105 linux-modules-5.4.0-1094-raspi - 5.4.0-1094.105 linux-image-5.4.0-1094-raspi - 5.4.0-1094.105 linux-raspi-headers-5.4.0-1094 - 5.4.0-1094.105 No subscription required linux-image-bluefield - 5.4.0.1071.66 linux-headers-bluefield - 5.4.0.1071.66 linux-tools-bluefield - 5.4.0.1071.66 linux-bluefield - 5.4.0.1071.66 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-raspi-hwe-18.04 - 5.4.0.1094.124 linux-tools-raspi - 5.4.0.1094.124 linux-headers-raspi - 5.4.0.1094.124 linux-image-raspi - 5.4.0.1094.124 linux-tools-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-raspi2 - 5.4.0.1094.124 linux-headers-raspi2 - 5.4.0.1094.124 linux-headers-raspi2-hwe-18.04 - 5.4.0.1094.124 linux-image-raspi2 - 5.4.0.1094.124 linux-image-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-tools-raspi-hwe-18.04 - 5.4.0.1094.124 linux-tools-raspi2 - 5.4.0.1094.124 linux-image-raspi-hwe-18.04 - 5.4.0.1094.124 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1094.124 linux-raspi - 5.4.0.1094.124 linux-headers-raspi-hwe-18.04 - 5.4.0.1094.124 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1094.124 linux-image-raspi2-hwe-18.04 - 5.4.0.1094.124 No subscription required High CVE-2023-20588 CVE-2023-40283 Ubuntu 20.04 LTS It was discovered that Indent incorrectly handled parsing certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use this issue to cause Indent to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6389-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: indent-doc - 2.2.12-1ubuntu0.20.04.1 indent - 2.2.12-1ubuntu0.20.04.1 No subscription required Medium CVE-2023-40305 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2023-3341) Robert Story discovered that Bind incorrectly handled certain DNS-over-TLS queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-4236) Update Instructions: Run `sudo pro fix USN-6390-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.1-0ubuntu2.16 bind9-libs - 1:9.16.1-0ubuntu2.16 bind9utils - 1:9.16.1-0ubuntu2.16 bind9-doc - 1:9.16.1-0ubuntu2.16 bind9-utils - 1:9.16.1-0ubuntu2.16 bind9 - 1:9.16.1-0ubuntu2.16 bind9-dnsutils - 1:9.16.1-0ubuntu2.16 bind9-host - 1:9.16.1-0ubuntu2.16 No subscription required Medium CVE-2023-3341 CVE-2023-4236 Ubuntu 20.04 LTS It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6391-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.6 cups-bsd - 2.3.1-9ubuntu1.6 cups-common - 2.3.1-9ubuntu1.6 cups-core-drivers - 2.3.1-9ubuntu1.6 cups-server-common - 2.3.1-9ubuntu1.6 libcupsimage2 - 2.3.1-9ubuntu1.6 cups-client - 2.3.1-9ubuntu1.6 cups-ipp-utils - 2.3.1-9ubuntu1.6 libcups2 - 2.3.1-9ubuntu1.6 cups-ppdc - 2.3.1-9ubuntu1.6 cups - 2.3.1-9ubuntu1.6 libcupsimage2-dev - 2.3.1-9ubuntu1.6 cups-daemon - 2.3.1-9ubuntu1.6 No subscription required Medium CVE-2023-4504 Ubuntu 20.04 LTS It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash. Update Instructions: Run `sudo pro fix USN-6393-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2022-48541 Ubuntu 20.04 LTS Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update Instructions: Run `sudo pro fix USN-6397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-buildinfo-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-bluefield-tools-5.4.0-1070 - 5.4.0-1070.76 linux-headers-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-bluefield-headers-5.4.0-1070 - 5.4.0-1070.76 linux-modules-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-image-unsigned-5.4.0-1070-bluefield - 5.4.0-1070.76 linux-image-5.4.0-1070-bluefield - 5.4.0-1070.76 No subscription required linux-bluefield - 5.4.0.1070.65 linux-tools-bluefield - 5.4.0.1070.65 linux-image-bluefield - 5.4.0.1070.65 linux-headers-bluefield - 5.4.0.1070.65 No subscription required High CVE-2022-40982 CVE-2023-2002 CVE-2023-20593 CVE-2023-21255 CVE-2023-2163 CVE-2023-2269 CVE-2023-31084 CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 Ubuntu 20.04 LTS It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks. A remote attacker could possibly use this issue to trick the local DLNA server to leak information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-26505) It was discovered that ReadyMedia incorrectly handled certain HTTP requests using chunked transport encoding. A remote attacker could possibly use this issue to cause buffer overflows, resulting in out-of-bounds reads and writes. (CVE-2023-33476) Update Instructions: Run `sudo pro fix USN-6398-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: minidlna - 1.2.1+dfsg-1ubuntu0.20.04.2 No subscription required Medium CVE-2022-26505 CVE-2023-33476 Ubuntu 20.04 LTS It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2023-39350, CVE-2023-39351, CVE-2023-39353, CVE-2023-39354, CVE-2023-40181, CVE-2023-40188, CVE-2023-40589) It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-40186, CVE-2023-40567, CVE-2023-40569) Update Instructions: Run `sudo pro fix USN-6401-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.5 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.5 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.5 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.5 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.5 No subscription required Medium CVE-2023-39350 CVE-2023-39351 CVE-2023-39353 CVE-2023-39354 CVE-2023-40181 CVE-2023-40186 CVE-2023-40188 CVE-2023-40567 CVE-2023-40569 CVE-2023-40589 Ubuntu 20.04 LTS It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service (DoS). Update Instructions: Run `sudo pro fix USN-6402-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtommath-dev - 1.2.0-3ubuntu0.1 libtommath1 - 1.2.0-3ubuntu0.1 libtommath-doc - 1.2.0-3ubuntu0.1 No subscription required Medium CVE-2023-36328 Ubuntu 20.04 LTS It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6403-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvpx-dev - 1.8.2-1ubuntu0.2 libvpx6 - 1.8.2-1ubuntu0.2 vpx-tools - 1.8.2-1ubuntu0.2 libvpx-doc - 1.8.2-1ubuntu0.2 No subscription required High CVE-2023-44488 CVE-2023-5217 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5169, CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5175, CVE-2023-5176) Ronald Crane discovered that Firefox did not properly manage memory when non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5173) Clément Lecigne discovered that Firefox did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-5217) Update Instructions: Run `sudo pro fix USN-6404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 118.0.1+build1-0ubuntu0.20.04.1 firefox - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 118.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 118.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 118.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 118.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 118.0.1+build1-0ubuntu0.20.04.1 No subscription required High CVE-2023-5169 CVE-2023-5170 CVE-2023-5171 CVE-2023-5172 CVE-2023-5173 CVE-2023-5175 CVE-2023-5176 CVE-2023-5217 Ubuntu 20.04 LTS USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5169, CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5175, CVE-2023-5176) Ronald Crane discovered that Firefox did not properly manage memory when non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5173) Clément Lecigne discovered that Firefox did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-5217) Update Instructions: Run `sudo pro fix USN-6404-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ne - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nb - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fa - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fi - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-fy - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-or - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kab - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-oc - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cs - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ga - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gd - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-gu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pa - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cy - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-pt - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-szl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hi - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-he - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hy - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-as - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ar - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ia - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-az - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-id - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mai - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-af - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-is - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-it - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-an - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bs - 118.0.2+build2-0ubuntu0.20.04.1 firefox - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ro - 118.0.2+build2-0ubuntu0.20.04.1 firefox-geckodriver - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ja - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ru - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-br - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-be - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-bg - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sl - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-si - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sw - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sv - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-sq - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ko - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-km - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-kk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ka - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-xh - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ca - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ku - 118.0.2+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lv - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lt - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-th - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-tg - 118.0.2+build2-0ubuntu0.20.04.1 firefox-dev - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-te - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-cak - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ta - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-lg - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-csb - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-tr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-nso - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-de - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-da - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ms - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mr - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-my - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-uz - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ml - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mn - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-mk - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ur - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-et - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-es - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-vi - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-el - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-eo - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-en - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-zu - 118.0.2+build2-0ubuntu0.20.04.1 firefox-locale-ast - 118.0.2+build2-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2038977 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-4057, CVE-2023-4577, CVE-2023-4578, CVE-2023-4583, CVE-2023-4585, CVE-2023-5169, CVE-2023-5171, CVE-2023-5176) Andrew McCreight discovered that Thunderbird did not properly manage during the worker lifecycle. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-3600) Harveer Singh discovered that Thunderbird did not store push notifications in private browsing mode in encrypted form. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-4580) Clément Lecigne discovered that Thunderbird did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-5217) Update Instructions: Run `sudo pro fix USN-6405-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.3.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.3.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.3.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.3.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.3.1+build1-0ubuntu0.20.04.1 No subscription required High CVE-2023-3600 CVE-2023-4057 CVE-2023-4577 CVE-2023-4578 CVE-2023-4580 CVE-2023-4583 CVE-2023-4585 CVE-2023-5169 CVE-2023-5171 CVE-2023-5176 CVE-2023-5217 Ubuntu 20.04 LTS Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-43785) Yair Mizrahi discovered that libx11 incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-43786) Yair Mizrahi discovered that libx11 incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could use this issue to cause libx11 to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-43787) Update Instructions: Run `sudo pro fix USN-6407-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libx11-6 - 2:1.6.9-2ubuntu1.6 libx11-data - 2:1.6.9-2ubuntu1.6 libx11-xcb-dev - 2:1.6.9-2ubuntu1.6 libx11-xcb1 - 2:1.6.9-2ubuntu1.6 libx11-doc - 2:1.6.9-2ubuntu1.6 libx11-dev - 2:1.6.9-2ubuntu1.6 No subscription required Medium CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 Ubuntu 20.04 LTS Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-43786) Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could use this issue to cause libXpm to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-43787) Alan Coopersmith discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to cause libXpm to crash, leading to a denial of service. (CVE-2023-43788, CVE-2023-43789) Update Instructions: Run `sudo pro fix USN-6408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xpmutils - 1:3.5.12-1ubuntu0.20.04.2 libxpm-dev - 1:3.5.12-1ubuntu0.20.04.2 libxpm4 - 1:3.5.12-1ubuntu0.20.04.2 No subscription required Medium CVE-2023-43786 CVE-2023-43787 CVE-2023-43788 CVE-2023-43789 Ubuntu 20.04 LTS It was discovered that a specially crafted file system image could cause a heap-based out-of-bounds write. A local attacker could potentially use this to perform arbitrary code execution bypass and bypass secure boot protections. (CVE-2023-4692) It was discovered that a specially crafted file system image could cause an out-of-bounds read. A physically-present attacker could possibly use this to leak sensitive information to the GRUB pager. (CVE-2023-4693) Update Instructions: Run `sudo pro fix USN-6410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: grub-efi-amd64-signed - 1.187.6~20.04.1+2.06-2ubuntu14.4 grub-efi-arm64-signed - 1.187.6~20.04.1+2.06-2ubuntu14.4 No subscription required Medium CVE-2023-4692 CVE-2023-4693 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly use this issue to perform out-of-bounds reads, resulting in information leakage. (CVE-2023-42114) It was discovered that Exim incorrectly handled validation of user-supplied data. A remote attacker could possibly use this issue to perform out-of-bounds writes, resulting in arbitrary code execution. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-42115) It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly use this issue to perform out-of-bounds writes, resulting in arbitrary code execution. (CVE-2023-42116) Update Instructions: Run `sudo pro fix USN-6411-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.8 eximon4 - 4.93-13ubuntu1.8 exim4 - 4.93-13ubuntu1.8 exim4-base - 4.93-13ubuntu1.8 exim4-config - 4.93-13ubuntu1.8 exim4-daemon-heavy - 4.93-13ubuntu1.8 exim4-daemon-light - 4.93-13ubuntu1.8 No subscription required Medium CVE-2023-42114 CVE-2023-42115 CVE-2023-42116 Ubuntu 20.04 LTS Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6414-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.20 python-django-doc - 2:2.2.12-1ubuntu0.20 No subscription required Medium CVE-2023-43665 Ubuntu 20.04 LTS It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Update Instructions: Run `sudo pro fix USN-6416-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-gkeop-5.15-tools-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-modules-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-buildinfo-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-headers-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-image-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-tools-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-gkeop-5.15-headers-5.15.0-1030 - 5.15.0-1030.35~20.04.1 linux-image-unsigned-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 linux-modules-extra-5.15.0-1030-gkeop - 5.15.0-1030.35~20.04.1 No subscription required linux-ibm-5.15-headers-5.15.0-1040 - 5.15.0-1040.43~20.04.1 linux-ibm-5.15-tools-5.15.0-1040 - 5.15.0-1040.43~20.04.1 linux-image-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-image-unsigned-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1040.43~20.04.1 linux-tools-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-headers-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-buildinfo-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-modules-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 linux-modules-extra-5.15.0-1040-ibm - 5.15.0-1040.43~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1044 - 5.15.0-1044.52~20.04.1 linux-image-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-image-unsigned-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-buildinfo-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-modules-extra-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-modules-iwlwifi-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-tools-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-modules-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 linux-gcp-5.15-headers-5.15.0-1044 - 5.15.0-1044.52~20.04.1 linux-headers-5.15.0-1044-gcp - 5.15.0-1044.52~20.04.1 No subscription required linux-image-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-modules-extra-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-modules-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-aws-5.15-headers-5.15.0-1047 - 5.15.0-1047.52~20.04.1 linux-tools-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1047 - 5.15.0-1047.52~20.04.1 linux-headers-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-image-unsigned-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-buildinfo-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-cloud-tools-5.15.0-1047-aws - 5.15.0-1047.52~20.04.1 linux-aws-5.15-tools-5.15.0-1047 - 5.15.0-1047.52~20.04.1 No subscription required linux-tools-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-headers-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-azure-5.15-headers-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-azure-5.15-tools-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-modules-extra-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-modules-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-image-unsigned-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-buildinfo-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-cloud-tools-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 linux-image-5.15.0-1049-azure - 5.15.0-1049.56~20.04.1 No subscription required linux-image-5.15.0-1049-azure-fde - 5.15.0-1049.56~20.04.1.1 linux-image-unsigned-5.15.0-1049-azure-fde - 5.15.0-1049.56~20.04.1.1 No subscription required linux-headers-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-86 - 5.15.0-86.95~20.04.1 linux-buildinfo-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-buildinfo-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-headers-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-cloud-tools-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-86.95~20.04.1 linux-tools-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-image-unsigned-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-modules-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-86 - 5.15.0-86.95~20.04.1 linux-modules-iwlwifi-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-image-unsigned-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-image-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-image-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-86 - 5.15.0-86.95~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-86.95~20.04.1 linux-modules-5.15.0-86-lowlatency - 5.15.0-86.95~20.04.1 linux-tools-5.15.0-86-lowlatency-64k - 5.15.0-86.95~20.04.1 No subscription required linux-image-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-tools-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-cloud-tools-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-headers-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-headers-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-modules-extra-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-image-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-cloud-tools-gkeop-edge - 5.15.0.1030.35~20.04.26 linux-tools-gkeop-5.15 - 5.15.0.1030.35~20.04.26 linux-modules-extra-gkeop-5.15 - 5.15.0.1030.35~20.04.26 No subscription required linux-image-ibm - 5.15.0.1040.43~20.04.12 linux-tools-ibm - 5.15.0.1040.43~20.04.12 linux-headers-ibm-edge - 5.15.0.1040.43~20.04.12 linux-tools-ibm-edge - 5.15.0.1040.43~20.04.12 linux-ibm - 5.15.0.1040.43~20.04.12 linux-ibm-edge - 5.15.0.1040.43~20.04.12 linux-headers-ibm - 5.15.0.1040.43~20.04.12 linux-image-ibm-edge - 5.15.0.1040.43~20.04.12 No subscription required linux-image-gcp-edge - 5.15.0.1044.52~20.04.1 linux-headers-gcp-edge - 5.15.0.1044.52~20.04.1 linux-modules-extra-gcp - 5.15.0.1044.52~20.04.1 linux-tools-gcp - 5.15.0.1044.52~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1044.52~20.04.1 linux-headers-gcp - 5.15.0.1044.52~20.04.1 linux-gcp - 5.15.0.1044.52~20.04.1 linux-image-gcp - 5.15.0.1044.52~20.04.1 linux-tools-gcp-edge - 5.15.0.1044.52~20.04.1 linux-gcp-edge - 5.15.0.1044.52~20.04.1 No subscription required linux-headers-aws - 5.15.0.1047.52~20.04.35 linux-image-aws - 5.15.0.1047.52~20.04.35 linux-modules-extra-aws-edge - 5.15.0.1047.52~20.04.35 linux-image-aws-edge - 5.15.0.1047.52~20.04.35 linux-aws-edge - 5.15.0.1047.52~20.04.35 linux-aws - 5.15.0.1047.52~20.04.35 linux-headers-aws-edge - 5.15.0.1047.52~20.04.35 linux-modules-extra-aws - 5.15.0.1047.52~20.04.35 linux-tools-aws - 5.15.0.1047.52~20.04.35 linux-tools-aws-edge - 5.15.0.1047.52~20.04.35 No subscription required linux-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-cloud-tools-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-modules-extra-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-tools-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-headers-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-image-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-tools-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-image-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-cloud-tools-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-azure-fde-edge - 5.15.0.1049.56~20.04.1.27 linux-modules-extra-azure-fde - 5.15.0.1049.56~20.04.1.27 linux-headers-azure-fde - 5.15.0.1049.56~20.04.1.27 No subscription required linux-tools-azure-edge - 5.15.0.1049.56~20.04.38 linux-cloud-tools-azure - 5.15.0.1049.56~20.04.38 linux-headers-azure-cvm - 5.15.0.1049.56~20.04.38 linux-image-azure-cvm - 5.15.0.1049.56~20.04.38 linux-tools-azure - 5.15.0.1049.56~20.04.38 linux-image-azure-edge - 5.15.0.1049.56~20.04.38 linux-modules-extra-azure-cvm - 5.15.0.1049.56~20.04.38 linux-tools-azure-cvm - 5.15.0.1049.56~20.04.38 linux-cloud-tools-azure-edge - 5.15.0.1049.56~20.04.38 linux-modules-extra-azure - 5.15.0.1049.56~20.04.38 linux-azure - 5.15.0.1049.56~20.04.38 linux-image-azure - 5.15.0.1049.56~20.04.38 linux-cloud-tools-azure-cvm - 5.15.0.1049.56~20.04.38 linux-headers-azure-edge - 5.15.0.1049.56~20.04.38 linux-azure-edge - 5.15.0.1049.56~20.04.38 linux-azure-cvm - 5.15.0.1049.56~20.04.38 linux-modules-extra-azure-edge - 5.15.0.1049.56~20.04.38 linux-headers-azure - 5.15.0.1049.56~20.04.38 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-image-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-lowlatency-64k-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-tools-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-lowlatency-hwe-20.04 - 5.15.0.86.95~20.04.41 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.86.95~20.04.41 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.86.95~20.04.41 No subscription required High CVE-2023-1206 CVE-2023-20569 CVE-2023-2156 CVE-2023-3338 CVE-2023-38432 CVE-2023-3863 CVE-2023-3865 CVE-2023-3866 CVE-2023-4132 CVE-2023-4155 CVE-2023-4194 CVE-2023-4273 CVE-2023-44466 Ubuntu 20.04 LTS It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Update Instructions: Run `sudo pro fix USN-6416-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.15-headers-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-oracle-5.15-tools-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-image-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-modules-extra-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-modules-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-tools-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-headers-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-image-unsigned-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 linux-buildinfo-5.15.0-1045-oracle - 5.15.0-1045.51~20.04.1 No subscription required linux-cloud-tools-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-headers-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-modules-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-image-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-headers-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-image-unsigned-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-tools-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-86.96~20.04.1 linux-image-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-modules-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-hwe-5.15-tools-5.15.0-86 - 5.15.0-86.96~20.04.1 linux-modules-extra-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-hwe-5.15-headers-5.15.0-86 - 5.15.0-86.96~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-86.96~20.04.1 linux-image-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-headers-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-modules-iwlwifi-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-buildinfo-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-tools-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-86.96~20.04.1 linux-buildinfo-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-modules-5.15.0-86-generic-lpae - 5.15.0-86.96~20.04.1 linux-tools-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-buildinfo-5.15.0-86-generic - 5.15.0-86.96~20.04.1 linux-image-unsigned-5.15.0-86-generic-64k - 5.15.0-86.96~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-86.96~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-86 - 5.15.0-86.96~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1045.51~20.04.1 linux-tools-oracle - 5.15.0.1045.51~20.04.1 linux-tools-oracle-edge - 5.15.0.1045.51~20.04.1 linux-oracle-edge - 5.15.0.1045.51~20.04.1 linux-image-oracle-edge - 5.15.0.1045.51~20.04.1 linux-headers-oracle-edge - 5.15.0.1045.51~20.04.1 linux-image-oracle - 5.15.0.1045.51~20.04.1 linux-oracle - 5.15.0.1045.51~20.04.1 No subscription required linux-tools-oem-20.04d - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04c - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04b - 5.15.0.86.96~20.04.44 linux-image-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-extra-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-tools-oem-20.04 - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04 - 5.15.0.86.96~20.04.44 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-tools-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-oem-20.04c - 5.15.0.86.96~20.04.44 linux-image-oem-20.04b - 5.15.0.86.96~20.04.44 linux-image-oem-20.04d - 5.15.0.86.96~20.04.44 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-oem-20.04 - 5.15.0.86.96~20.04.44 linux-image-oem-20.04 - 5.15.0.86.96~20.04.44 linux-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-oem-20.04d - 5.15.0.86.96~20.04.44 linux-oem-20.04c - 5.15.0.86.96~20.04.44 linux-oem-20.04b - 5.15.0.86.96~20.04.44 linux-generic-lpae-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-oem-20.04 - 5.15.0.86.96~20.04.44 linux-tools-generic-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-lpae-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-oem-20.04d - 5.15.0.86.96~20.04.44 linux-tools-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-tools-virtual-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-image-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-image-generic-64k-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04b - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04c - 5.15.0.86.96~20.04.44 linux-headers-virtual-hwe-20.04 - 5.15.0.86.96~20.04.44 linux-headers-oem-20.04d - 5.15.0.86.96~20.04.44 No subscription required High CVE-2023-1206 CVE-2023-20569 CVE-2023-2156 CVE-2023-3338 CVE-2023-38432 CVE-2023-3863 CVE-2023-3865 CVE-2023-3866 CVE-2023-4132 CVE-2023-4155 CVE-2023-4194 CVE-2023-4273 CVE-2023-44466 Ubuntu 20.04 LTS It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Update Instructions: Run `sudo pro fix USN-6417-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1023-iot - 5.4.0-1023.24 linux-image-unsigned-5.4.0-1023-iot - 5.4.0-1023.24 linux-tools-5.4.0-1023-iot - 5.4.0-1023.24 linux-iot-tools-5.4.0-1023 - 5.4.0-1023.24 linux-buildinfo-5.4.0-1023-iot - 5.4.0-1023.24 linux-iot-headers-5.4.0-1023 - 5.4.0-1023.24 linux-modules-5.4.0-1023-iot - 5.4.0-1023.24 linux-iot-tools-common - 5.4.0-1023.24 linux-headers-5.4.0-1023-iot - 5.4.0-1023.24 No subscription required linux-tools-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-headers-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-buildinfo-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-image-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-xilinx-zynqmp-headers-5.4.0-1031 - 5.4.0-1031.35 linux-modules-5.4.0-1031-xilinx-zynqmp - 5.4.0-1031.35 linux-xilinx-zynqmp-tools-5.4.0-1031 - 5.4.0-1031.35 No subscription required linux-modules-5.4.0-1058-ibm - 5.4.0-1058.63 linux-headers-5.4.0-1058-ibm - 5.4.0-1058.63 linux-ibm-source-5.4.0 - 5.4.0-1058.63 linux-ibm-tools-common - 5.4.0-1058.63 linux-ibm-headers-5.4.0-1058 - 5.4.0-1058.63 linux-tools-5.4.0-1058-ibm - 5.4.0-1058.63 linux-image-5.4.0-1058-ibm - 5.4.0-1058.63 linux-modules-extra-5.4.0-1058-ibm - 5.4.0-1058.63 linux-ibm-tools-5.4.0-1058 - 5.4.0-1058.63 linux-image-unsigned-5.4.0-1058-ibm - 5.4.0-1058.63 linux-buildinfo-5.4.0-1058-ibm - 5.4.0-1058.63 linux-ibm-cloud-tools-common - 5.4.0-1058.63 No subscription required linux-buildinfo-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-tools-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-headers-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-image-unsigned-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-bluefield-tools-5.4.0-1072 - 5.4.0-1072.78 linux-modules-5.4.0-1072-bluefield - 5.4.0-1072.78 linux-bluefield-headers-5.4.0-1072 - 5.4.0-1072.78 linux-image-5.4.0-1072-bluefield - 5.4.0-1072.78 No subscription required linux-cloud-tools-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-gkeop-source-5.4.0 - 5.4.0-1078.82 linux-gkeop-cloud-tools-5.4.0-1078 - 5.4.0-1078.82 linux-gkeop-tools-5.4.0-1078 - 5.4.0-1078.82 linux-buildinfo-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-image-unsigned-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-gkeop-headers-5.4.0-1078 - 5.4.0-1078.82 linux-modules-extra-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-headers-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-tools-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-image-5.4.0-1078-gkeop - 5.4.0-1078.82 linux-modules-5.4.0-1078-gkeop - 5.4.0-1078.82 No subscription required linux-tools-5.4.0-1095-raspi - 5.4.0-1095.106 linux-buildinfo-5.4.0-1095-raspi - 5.4.0-1095.106 linux-image-5.4.0-1095-raspi - 5.4.0-1095.106 linux-headers-5.4.0-1095-raspi - 5.4.0-1095.106 linux-modules-5.4.0-1095-raspi - 5.4.0-1095.106 linux-raspi-tools-5.4.0-1095 - 5.4.0-1095.106 linux-raspi-headers-5.4.0-1095 - 5.4.0-1095.106 No subscription required linux-headers-5.4.0-1100-kvm - 5.4.0-1100.106 linux-buildinfo-5.4.0-1100-kvm - 5.4.0-1100.106 linux-kvm-tools-5.4.0-1100 - 5.4.0-1100.106 linux-image-5.4.0-1100-kvm - 5.4.0-1100.106 linux-kvm-headers-5.4.0-1100 - 5.4.0-1100.106 linux-modules-5.4.0-1100-kvm - 5.4.0-1100.106 linux-image-unsigned-5.4.0-1100-kvm - 5.4.0-1100.106 linux-tools-5.4.0-1100-kvm - 5.4.0-1100.106 No subscription required linux-modules-extra-5.4.0-1110-oracle - 5.4.0-1110.119 linux-image-5.4.0-1110-oracle - 5.4.0-1110.119 linux-oracle-tools-5.4.0-1110 - 5.4.0-1110.119 linux-buildinfo-5.4.0-1110-oracle - 5.4.0-1110.119 linux-image-unsigned-5.4.0-1110-oracle - 5.4.0-1110.119 linux-headers-5.4.0-1110-oracle - 5.4.0-1110.119 linux-oracle-headers-5.4.0-1110 - 5.4.0-1110.119 linux-modules-5.4.0-1110-oracle - 5.4.0-1110.119 linux-tools-5.4.0-1110-oracle - 5.4.0-1110.119 No subscription required linux-modules-extra-5.4.0-1111-aws - 5.4.0-1111.120 linux-image-unsigned-5.4.0-1111-aws - 5.4.0-1111.120 linux-cloud-tools-5.4.0-1111-aws - 5.4.0-1111.120 linux-image-5.4.0-1111-aws - 5.4.0-1111.120 linux-aws-tools-5.4.0-1111 - 5.4.0-1111.120 linux-modules-5.4.0-1111-aws - 5.4.0-1111.120 linux-aws-cloud-tools-5.4.0-1111 - 5.4.0-1111.120 linux-aws-headers-5.4.0-1111 - 5.4.0-1111.120 linux-buildinfo-5.4.0-1111-aws - 5.4.0-1111.120 linux-tools-5.4.0-1111-aws - 5.4.0-1111.120 linux-headers-5.4.0-1111-aws - 5.4.0-1111.120 No subscription required linux-tools-5.4.0-1115-gcp - 5.4.0-1115.124 linux-image-unsigned-5.4.0-1115-gcp - 5.4.0-1115.124 linux-modules-5.4.0-1115-gcp - 5.4.0-1115.124 linux-gcp-headers-5.4.0-1115 - 5.4.0-1115.124 linux-headers-5.4.0-1115-gcp - 5.4.0-1115.124 linux-buildinfo-5.4.0-1115-gcp - 5.4.0-1115.124 linux-image-5.4.0-1115-gcp - 5.4.0-1115.124 linux-modules-extra-5.4.0-1115-gcp - 5.4.0-1115.124 linux-gcp-tools-5.4.0-1115 - 5.4.0-1115.124 No subscription required linux-image-5.4.0-1117-azure - 5.4.0-1117.124 linux-azure-tools-5.4.0-1117 - 5.4.0-1117.124 linux-cloud-tools-5.4.0-1117-azure - 5.4.0-1117.124 linux-azure-headers-5.4.0-1117 - 5.4.0-1117.124 linux-image-unsigned-5.4.0-1117-azure - 5.4.0-1117.124 linux-headers-5.4.0-1117-azure - 5.4.0-1117.124 linux-buildinfo-5.4.0-1117-azure - 5.4.0-1117.124 linux-modules-5.4.0-1117-azure - 5.4.0-1117.124 linux-azure-cloud-tools-5.4.0-1117 - 5.4.0-1117.124 linux-tools-5.4.0-1117-azure - 5.4.0-1117.124 linux-modules-extra-5.4.0-1117-azure - 5.4.0-1117.124 No subscription required linux-tools-common - 5.4.0-164.181 linux-tools-host - 5.4.0-164.181 linux-image-unsigned-5.4.0-164-generic - 5.4.0-164.181 linux-doc - 5.4.0-164.181 linux-cloud-tools-5.4.0-164-generic - 5.4.0-164.181 linux-buildinfo-5.4.0-164-generic - 5.4.0-164.181 linux-libc-dev - 5.4.0-164.181 linux-source-5.4.0 - 5.4.0-164.181 linux-tools-5.4.0-164-generic - 5.4.0-164.181 linux-modules-extra-5.4.0-164-generic - 5.4.0-164.181 linux-image-5.4.0-164-lowlatency - 5.4.0-164.181 linux-image-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-headers-5.4.0-164-generic - 5.4.0-164.181 linux-headers-5.4.0-164 - 5.4.0-164.181 linux-tools-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-modules-5.4.0-164-generic - 5.4.0-164.181 linux-modules-5.4.0-164-lowlatency - 5.4.0-164.181 linux-tools-5.4.0-164-lowlatency - 5.4.0-164.181 linux-buildinfo-5.4.0-164-lowlatency - 5.4.0-164.181 linux-image-5.4.0-164-generic - 5.4.0-164.181 linux-cloud-tools-5.4.0-164-lowlatency - 5.4.0-164.181 linux-tools-5.4.0-164 - 5.4.0-164.181 linux-cloud-tools-common - 5.4.0-164.181 linux-cloud-tools-5.4.0-164 - 5.4.0-164.181 linux-buildinfo-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-headers-5.4.0-164-lowlatency - 5.4.0-164.181 linux-modules-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-headers-5.4.0-164-generic-lpae - 5.4.0-164.181 linux-image-unsigned-5.4.0-164-lowlatency - 5.4.0-164.181 No subscription required linux-iot - 5.4.0.1023.21 linux-image-iot - 5.4.0.1023.21 linux-headers-iot - 5.4.0.1023.21 linux-tools-iot - 5.4.0.1023.21 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1031.32 linux-xilinx-zynqmp - 5.4.0.1031.32 linux-tools-xilinx-zynqmp - 5.4.0.1031.32 linux-headers-xilinx-zynqmp - 5.4.0.1031.32 No subscription required linux-image-ibm-lts-20.04 - 5.4.0.1058.87 linux-headers-ibm-lts-20.04 - 5.4.0.1058.87 linux-ibm-lts-20.04 - 5.4.0.1058.87 linux-tools-ibm-lts-20.04 - 5.4.0.1058.87 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1058.87 No subscription required linux-bluefield - 5.4.0.1072.67 linux-image-bluefield - 5.4.0.1072.67 linux-headers-bluefield - 5.4.0.1072.67 linux-tools-bluefield - 5.4.0.1072.67 No subscription required linux-headers-gkeop - 5.4.0.1078.76 linux-cloud-tools-gkeop-5.4 - 5.4.0.1078.76 linux-image-gkeop - 5.4.0.1078.76 linux-gkeop-5.4 - 5.4.0.1078.76 linux-image-gkeop-5.4 - 5.4.0.1078.76 linux-gkeop - 5.4.0.1078.76 linux-cloud-tools-gkeop - 5.4.0.1078.76 linux-modules-extra-gkeop-5.4 - 5.4.0.1078.76 linux-headers-gkeop-5.4 - 5.4.0.1078.76 linux-modules-extra-gkeop - 5.4.0.1078.76 linux-tools-gkeop - 5.4.0.1078.76 linux-tools-gkeop-5.4 - 5.4.0.1078.76 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-image-raspi2 - 5.4.0.1095.125 linux-raspi2 - 5.4.0.1095.125 linux-headers-raspi2 - 5.4.0.1095.125 linux-image-raspi-hwe-18.04 - 5.4.0.1095.125 linux-image-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-tools-raspi - 5.4.0.1095.125 linux-headers-raspi-hwe-18.04 - 5.4.0.1095.125 linux-headers-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-headers-raspi - 5.4.0.1095.125 linux-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-image-raspi - 5.4.0.1095.125 linux-raspi-hwe-18.04 - 5.4.0.1095.125 linux-tools-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-raspi2-hwe-18.04 - 5.4.0.1095.125 linux-image-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-tools-raspi-hwe-18.04 - 5.4.0.1095.125 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-raspi-hwe-18.04-edge - 5.4.0.1095.125 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1095.125 linux-tools-raspi2 - 5.4.0.1095.125 linux-raspi - 5.4.0.1095.125 No subscription required linux-kvm - 5.4.0.1100.95 linux-headers-kvm - 5.4.0.1100.95 linux-image-kvm - 5.4.0.1100.95 linux-tools-kvm - 5.4.0.1100.95 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1110.103 linux-oracle-lts-20.04 - 5.4.0.1110.103 linux-headers-oracle-lts-20.04 - 5.4.0.1110.103 linux-image-oracle-lts-20.04 - 5.4.0.1110.103 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1111.108 linux-image-aws-lts-20.04 - 5.4.0.1111.108 linux-headers-aws-lts-20.04 - 5.4.0.1111.108 linux-tools-aws-lts-20.04 - 5.4.0.1111.108 linux-aws-lts-20.04 - 5.4.0.1111.108 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1115.117 linux-gcp-lts-20.04 - 5.4.0.1115.117 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1115.117 linux-headers-gcp-lts-20.04 - 5.4.0.1115.117 linux-image-gcp-lts-20.04 - 5.4.0.1115.117 No subscription required linux-azure-lts-20.04 - 5.4.0.1117.110 linux-image-azure-lts-20.04 - 5.4.0.1117.110 linux-modules-extra-azure-lts-20.04 - 5.4.0.1117.110 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1117.110 linux-tools-azure-lts-20.04 - 5.4.0.1117.110 linux-headers-azure-lts-20.04 - 5.4.0.1117.110 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-cloud-tools-virtual - 5.4.0.164.161 linux-headers-generic-hwe-18.04-edge - 5.4.0.164.161 linux-image-generic-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-headers-generic-lpae - 5.4.0.164.161 linux-image-virtual - 5.4.0.164.161 linux-generic-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-lowlatency - 5.4.0.164.161 linux-image-generic - 5.4.0.164.161 linux-tools-lowlatency - 5.4.0.164.161 linux-headers-generic-hwe-18.04 - 5.4.0.164.161 linux-headers-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-image-oem-osp1 - 5.4.0.164.161 linux-headers-oem-osp1 - 5.4.0.164.161 linux-image-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-crashdump - 5.4.0.164.161 linux-tools-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-headers-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-source - 5.4.0.164.161 linux-tools-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-tools-generic-lpae - 5.4.0.164.161 linux-cloud-tools-generic - 5.4.0.164.161 linux-virtual - 5.4.0.164.161 linux-headers-virtual-hwe-18.04 - 5.4.0.164.161 linux-tools-generic - 5.4.0.164.161 linux-virtual-hwe-18.04 - 5.4.0.164.161 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-tools-virtual - 5.4.0.164.161 linux-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-tools-virtual-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-generic-lpae - 5.4.0.164.161 linux-image-generic-hwe-18.04-edge - 5.4.0.164.161 linux-headers-oem - 5.4.0.164.161 linux-image-extra-virtual-hwe-18.04 - 5.4.0.164.161 linux-generic - 5.4.0.164.161 linux-tools-oem-osp1 - 5.4.0.164.161 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-image-virtual-hwe-18.04 - 5.4.0.164.161 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-headers-lowlatency - 5.4.0.164.161 linux-generic-hwe-18.04-edge - 5.4.0.164.161 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.164.161 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-oem - 5.4.0.164.161 linux-tools-generic-hwe-18.04-edge - 5.4.0.164.161 linux-image-extra-virtual - 5.4.0.164.161 linux-oem-tools-host - 5.4.0.164.161 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-oem-osp1-tools-host - 5.4.0.164.161 linux-tools-oem - 5.4.0.164.161 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.164.161 linux-headers-generic - 5.4.0.164.161 linux-oem-osp1 - 5.4.0.164.161 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.164.161 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-image-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.164.161 linux-virtual-hwe-18.04-edge - 5.4.0.164.161 linux-headers-virtual - 5.4.0.164.161 linux-image-oem - 5.4.0.164.161 linux-lowlatency-hwe-18.04 - 5.4.0.164.161 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.164.161 linux-image-generic-lpae - 5.4.0.164.161 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.164.161 linux-image-lowlatency - 5.4.0.164.161 linux-tools-generic-hwe-18.04 - 5.4.0.164.161 linux-lowlatency - 5.4.0.164.161 linux-image-virtual-hwe-18.04-edge - 5.4.0.164.161 No subscription required Medium CVE-2021-4001 CVE-2023-1206 CVE-2023-3212 CVE-2023-3338 CVE-2023-3863 CVE-2023-4194 Ubuntu 20.04 LTS It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 LTS. (CVE-2021-22883) Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-22884) Update Instructions: Run `sudo pro fix USN-6418-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.2 libnode64 - 10.19.0~dfsg-3ubuntu1.2 nodejs-doc - 10.19.0~dfsg-3ubuntu1.2 nodejs - 10.19.0~dfsg-3ubuntu1.2 No subscription required Medium CVE-2021-22883 CVE-2021-22884 Ubuntu 20.04 LTS Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-7103) Esben Sparre Andreasen discovered that jQuery UI did not properly handle values from untrusted sources in the Datepicker widget. A remote attacker could possibly use this issue to perform a cross-site scripting (XSS) attack and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-41182, CVE-2021-41183) It was discovered that jQuery UI did not properly validate values from untrusted sources. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-41184) It was discovered that the jQuery UI checkboxradio widget did not properly decode certain values from HTML entities. An attacker could possibly use this issue to perform a cross-site scripting (XSS) attack and cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-31160) Update Instructions: Run `sudo pro fix USN-6419-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1 libjs-jquery-ui - 1.12.1+dfsg-5ubuntu0.20.04.1 libjs-jquery-ui-docs - 1.12.1+dfsg-5ubuntu0.20.04.1 No subscription required Medium CVE-2016-7103 CVE-2021-41182 CVE-2021-41183 CVE-2021-41184 CVE-2022-31160 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3235, CVE-2022-3278, CVE-2022-3297, CVE-2022-3491) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3352, CVE-2022-4292) It was discovered that Vim incorrectly handled memory when replacing in virtualedit mode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3234) It was discovered that Vim incorrectly handled memory when autocmd changes mark. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3256) It was discovered that Vim did not properly perform checks on array index with negative width window. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-3324) It was discovered that Vim did not properly perform checks on a put command column with a visual block. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3520) It was discovered that Vim incorrectly handled memory when using autocommand to open a window. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3591) It was discovered that Vim incorrectly handled memory when updating buffer of the component autocmd handler. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3705) It was discovered that Vim incorrectly handled floating point comparison with incorrect operator. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. and Ubuntu 22.04 LTS. (CVE-2022-4293) Update Instructions: Run `sudo pro fix USN-6420-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.18 vim-athena - 2:8.1.2269-1ubuntu5.18 vim-tiny - 2:8.1.2269-1ubuntu5.18 vim-gtk - 2:8.1.2269-1ubuntu5.18 vim-gui-common - 2:8.1.2269-1ubuntu5.18 vim - 2:8.1.2269-1ubuntu5.18 vim-doc - 2:8.1.2269-1ubuntu5.18 xxd - 2:8.1.2269-1ubuntu5.18 vim-runtime - 2:8.1.2269-1ubuntu5.18 vim-gtk3 - 2:8.1.2269-1ubuntu5.18 vim-nox - 2:8.1.2269-1ubuntu5.18 No subscription required Medium CVE-2022-3234 CVE-2022-3235 CVE-2022-3256 CVE-2022-3278 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4292 CVE-2022-4293 Ubuntu 20.04 LTS It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37706) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2022-21723, CVE-2022-23537, CVE-2022-23547, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24793, CVE-2022-31031, CVE-2022-39244) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-21722) It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-27585) Update Instructions: Run `sudo pro fix USN-6422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: jami-daemon - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 ring - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 ring-daemon - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 jami - 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 No subscription required Medium CVE-2021-37706 CVE-2021-43299 CVE-2021-43300 CVE-2021-43301 CVE-2021-43302 CVE-2021-43303 CVE-2021-43804 CVE-2021-43845 CVE-2022-21722 CVE-2022-21723 CVE-2022-23537 CVE-2022-23547 CVE-2022-23608 CVE-2022-24754 CVE-2022-24763 CVE-2022-24764 CVE-2022-24793 CVE-2022-31031 CVE-2022-39244 CVE-2023-27585 Ubuntu 20.04 LTS It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcue-dev - 2.2.1-2ubuntu0.1 libcue2 - 2.2.1-2ubuntu0.1 No subscription required Medium CVE-2023-43641 Ubuntu 20.04 LTS It was discovered that kramdown did not restrict Rouge formatters to the correct namespace. An attacker could use this issue to cause kramdown to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6424-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kramdown - 1.17.0-4ubuntu0.2 ruby-kramdown - 1.17.0-4ubuntu0.2 No subscription required Medium CVE-2021-28834 Ubuntu 20.04 LTS Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. (CVE-2023-4091) Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. (CVE-2023-4154) Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2023-42669) Kirin van der Veer discovered that Samba incorrectly handled certain RPC service listeners. A remote attacker could possibly use this issue to cause Samba to start multiple incompatible RPC listeners, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-42670) Update Instructions: Run `sudo pro fix USN-6425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.6 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.6 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.6 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.6 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.6 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.6 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.6 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.6 No subscription required Medium CVE-2023-4091 CVE-2023-4154 CVE-2023-42669 CVE-2023-42670 Ubuntu 20.04 LTS USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Ubuntu 20.04 LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. (CVE-2023-4091) Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. (CVE-2023-4154) Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2023-42669) Kirin van der Veer discovered that Samba incorrectly handled certain RPC service listeners. A remote attacker could possibly use this issue to cause Samba to start multiple incompatible RPC listeners, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-42670) Update Instructions: Run `sudo pro fix USN-6425-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libnss-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libpam-winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libsmbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.7 ctdb - 2:4.15.13+dfsg-0ubuntu0.20.04.7 smbclient - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libwbclient0 - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-testsuite - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-common-bin - 2:4.15.13+dfsg-0ubuntu0.20.04.7 winbind - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-dsdb-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.7 libsmbclient-dev - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-vfs-modules - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-common - 2:4.15.13+dfsg-0ubuntu0.20.04.7 registry-tools - 2:4.15.13+dfsg-0ubuntu0.20.04.7 samba-libs - 2:4.15.13+dfsg-0ubuntu0.20.04.7 python3-samba - 2:4.15.13+dfsg-0ubuntu0.20.04.7 No subscription required None https://launchpad.net/bugs/2039031 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6428-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.10 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.10 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.10 No subscription required Low CVE-2023-1916 Ubuntu 20.04 LTS Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546) Update Instructions: Run `sudo pro fix USN-6429-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.20 libcurl4-openssl-dev - 7.68.0-1ubuntu2.20 libcurl3-gnutls - 7.68.0-1ubuntu2.20 libcurl4-doc - 7.68.0-1ubuntu2.20 libcurl3-nss - 7.68.0-1ubuntu2.20 libcurl4-nss-dev - 7.68.0-1ubuntu2.20 libcurl4 - 7.68.0-1ubuntu2.20 curl - 7.68.0-1ubuntu2.20 No subscription required High CVE-2023-38545 CVE-2023-38546 Ubuntu 20.04 LTS It was discovered that FFmpeg did not properly handle certain inputs in vf_lagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22024) It was discovered that FFmpeg incorrectly managed memory in avienc.c, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22039) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in frame.c. An attacker could possibly use this issue to cause a denial of service via application crash. This issue affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22040) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in fifo.c. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22043) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in vf_tile.c. If a user or automated system were tricked into processing a specially crafted MOV file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22051) It was discovered that FFmpeg incorrectly handled certain MOV files in timecode.c, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service using a crafted MOV file. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-28429) Update Instructions: Run `sudo pro fix USN-6430-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.7-0ubuntu0.1+esm2 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm2 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm2 libavformat58 - 7:4.2.7-0ubuntu0.1+esm2 libavresample4 - 7:4.2.7-0ubuntu0.1+esm2 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm2 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm2 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm2 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm2 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm2 libswresample3 - 7:4.2.7-0ubuntu0.1+esm2 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm2 libswscale5 - 7:4.2.7-0ubuntu0.1+esm2 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm2 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm2 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm2 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm2 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm2 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm2 libavutil56 - 7:4.2.7-0ubuntu0.1+esm2 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm2 ffmpeg - 7:4.2.7-0ubuntu0.1+esm2 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm2 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-22024 CVE-2020-22039 CVE-2020-22040 CVE-2020-22043 CVE-2020-22051 CVE-2021-28429 Ubuntu 20.04 LTS It was discovered that iperf3 did not properly manage certain inputs, which could lead to a crash. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-38403) Jorge Sancho Larraz discovered that iperf3 did not properly manage certain inputs, which could cause the server process to stop responding, waiting for input on the control connection. A remote attacker could possibly use this issue to cause a denial of service. (LP: #2038654) Update Instructions: Run `sudo pro fix USN-6431-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: iperf3 - 3.7-3ubuntu0.1~esm1 libiperf0 - 3.7-3ubuntu0.1~esm1 libiperf-dev - 3.7-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-38403 https://launchpad.net/bugs/2038654 Ubuntu 20.04 LTS It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41358) It was discovered that the Quagga BGP daemon did not properly manage memory when reading initial bytes of ORF header. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41360) Update Instructions: Run `sudo pro fix USN-6432-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: quagga-ripngd - 1.2.4-4ubuntu0.1 quagga-isisd - 1.2.4-4ubuntu0.1 quagga-ospfd - 1.2.4-4ubuntu0.1 quagga-pimd - 1.2.4-4ubuntu0.1 quagga-ripd - 1.2.4-4ubuntu0.1 quagga-ospf6d - 1.2.4-4ubuntu0.1 quagga - 1.2.4-4ubuntu0.1 quagga-doc - 1.2.4-4ubuntu0.1 quagga-core - 1.2.4-4ubuntu0.1 quagga-bgpd - 1.2.4-4ubuntu0.1 No subscription required Medium CVE-2023-41358 CVE-2023-41360 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6433-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.11 ghostscript-x - 9.50~dfsg-5ubuntu4.11 libgs-dev - 9.50~dfsg-5ubuntu4.11 ghostscript-doc - 9.50~dfsg-5ubuntu4.11 libgs9 - 9.50~dfsg-5ubuntu4.11 libgs9-common - 9.50~dfsg-5ubuntu4.11 No subscription required Medium CVE-2023-43115 Ubuntu 20.04 LTS Francois Diakhate discovered that PMIx did not properly handle race conditions in the pmix library, which could lead to unwanted privilege escalation. An attacker could possibly use this issue to obtain ownership of an arbitrary file on the filesystem, under the default configuration of the application. Update Instructions: Run `sudo pro fix USN-6434-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpmix-dev - 3.1.5-1ubuntu0.1~esm1 libpmix2 - 3.1.5-1ubuntu0.1~esm1 libpmi2-pmix - 3.1.5-1ubuntu0.1~esm1 libpmi-pmix-dev - 3.1.5-1ubuntu0.1~esm1 libpmi1-pmix - 3.1.5-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-41915 Ubuntu 20.04 LTS USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3446) Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3817) Update Instructions: Run `sudo pro fix USN-6435-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.20 libssl-dev - 1.1.1f-1ubuntu2.20 openssl - 1.1.1f-1ubuntu2.20 libssl-doc - 1.1.1f-1ubuntu2.20 No subscription required Low CVE-2023-3446 CVE-2023-3817 Ubuntu 20.04 LTS It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41358) It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41360) It was discovered that FRR did not properly validate the attributes in the BGP FlowSpec functionality. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41909) Update Instructions: Run `sudo pro fix USN-6436-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr-doc - 7.2.1-1ubuntu0.2+esm1 frr - 7.2.1-1ubuntu0.2+esm1 frr-rpki-rtrlib - 7.2.1-1ubuntu0.2+esm1 frr-pythontools - 7.2.1-1ubuntu0.2+esm1 frr-snmp - 7.2.1-1ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-41358 CVE-2023-41360 CVE-2023-41909 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Update Instructions: Run `sudo pro fix USN-6441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-modules-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-headers-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-xilinx-zynqmp-headers-5.4.0-1032 - 5.4.0-1032.36 linux-tools-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-image-5.4.0-1032-xilinx-zynqmp - 5.4.0-1032.36 linux-xilinx-zynqmp-tools-5.4.0-1032 - 5.4.0-1032.36 No subscription required linux-image-unsigned-5.4.0-1059-ibm - 5.4.0-1059.64 linux-headers-5.4.0-1059-ibm - 5.4.0-1059.64 linux-modules-5.4.0-1059-ibm - 5.4.0-1059.64 linux-ibm-source-5.4.0 - 5.4.0-1059.64 linux-ibm-tools-common - 5.4.0-1059.64 linux-ibm-cloud-tools-common - 5.4.0-1059.64 linux-tools-5.4.0-1059-ibm - 5.4.0-1059.64 linux-image-5.4.0-1059-ibm - 5.4.0-1059.64 linux-buildinfo-5.4.0-1059-ibm - 5.4.0-1059.64 linux-modules-extra-5.4.0-1059-ibm - 5.4.0-1059.64 linux-ibm-tools-5.4.0-1059 - 5.4.0-1059.64 linux-ibm-headers-5.4.0-1059 - 5.4.0-1059.64 No subscription required linux-tools-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-gkeop-cloud-tools-5.4.0-1079 - 5.4.0-1079.83 linux-modules-extra-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-gkeop-source-5.4.0 - 5.4.0-1079.83 linux-gkeop-tools-5.4.0-1079 - 5.4.0-1079.83 linux-gkeop-headers-5.4.0-1079 - 5.4.0-1079.83 linux-image-unsigned-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-headers-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-cloud-tools-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-buildinfo-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-image-5.4.0-1079-gkeop - 5.4.0-1079.83 linux-modules-5.4.0-1079-gkeop - 5.4.0-1079.83 No subscription required linux-kvm-tools-5.4.0-1101 - 5.4.0-1101.107 linux-buildinfo-5.4.0-1101-kvm - 5.4.0-1101.107 linux-image-5.4.0-1101-kvm - 5.4.0-1101.107 linux-headers-5.4.0-1101-kvm - 5.4.0-1101.107 linux-kvm-headers-5.4.0-1101 - 5.4.0-1101.107 linux-image-unsigned-5.4.0-1101-kvm - 5.4.0-1101.107 linux-tools-5.4.0-1101-kvm - 5.4.0-1101.107 linux-modules-5.4.0-1101-kvm - 5.4.0-1101.107 No subscription required linux-image-unsigned-5.4.0-1111-oracle - 5.4.0-1111.120 linux-modules-5.4.0-1111-oracle - 5.4.0-1111.120 linux-oracle-headers-5.4.0-1111 - 5.4.0-1111.120 linux-oracle-tools-5.4.0-1111 - 5.4.0-1111.120 linux-image-5.4.0-1111-oracle - 5.4.0-1111.120 linux-buildinfo-5.4.0-1111-oracle - 5.4.0-1111.120 linux-tools-5.4.0-1111-oracle - 5.4.0-1111.120 linux-modules-extra-5.4.0-1111-oracle - 5.4.0-1111.120 linux-headers-5.4.0-1111-oracle - 5.4.0-1111.120 No subscription required linux-tools-5.4.0-1112-aws - 5.4.0-1112.121 linux-aws-tools-5.4.0-1112 - 5.4.0-1112.121 linux-image-unsigned-5.4.0-1112-aws - 5.4.0-1112.121 linux-headers-5.4.0-1112-aws - 5.4.0-1112.121 linux-aws-headers-5.4.0-1112 - 5.4.0-1112.121 linux-cloud-tools-5.4.0-1112-aws - 5.4.0-1112.121 linux-modules-5.4.0-1112-aws - 5.4.0-1112.121 linux-aws-cloud-tools-5.4.0-1112 - 5.4.0-1112.121 linux-buildinfo-5.4.0-1112-aws - 5.4.0-1112.121 linux-image-5.4.0-1112-aws - 5.4.0-1112.121 linux-modules-extra-5.4.0-1112-aws - 5.4.0-1112.121 No subscription required linux-image-unsigned-5.4.0-1116-gcp - 5.4.0-1116.125 linux-image-5.4.0-1116-gcp - 5.4.0-1116.125 linux-gcp-headers-5.4.0-1116 - 5.4.0-1116.125 linux-headers-5.4.0-1116-gcp - 5.4.0-1116.125 linux-modules-5.4.0-1116-gcp - 5.4.0-1116.125 linux-tools-5.4.0-1116-gcp - 5.4.0-1116.125 linux-buildinfo-5.4.0-1116-gcp - 5.4.0-1116.125 linux-gcp-tools-5.4.0-1116 - 5.4.0-1116.125 linux-modules-extra-5.4.0-1116-gcp - 5.4.0-1116.125 No subscription required linux-cloud-tools-5.4.0-1118-azure - 5.4.0-1118.125 linux-azure-tools-5.4.0-1118 - 5.4.0-1118.125 linux-buildinfo-5.4.0-1118-azure - 5.4.0-1118.125 linux-image-unsigned-5.4.0-1118-azure - 5.4.0-1118.125 linux-modules-5.4.0-1118-azure - 5.4.0-1118.125 linux-image-5.4.0-1118-azure - 5.4.0-1118.125 linux-tools-5.4.0-1118-azure - 5.4.0-1118.125 linux-headers-5.4.0-1118-azure - 5.4.0-1118.125 linux-azure-headers-5.4.0-1118 - 5.4.0-1118.125 linux-azure-cloud-tools-5.4.0-1118 - 5.4.0-1118.125 linux-modules-extra-5.4.0-1118-azure - 5.4.0-1118.125 No subscription required linux-tools-common - 5.4.0-165.182 linux-tools-host - 5.4.0-165.182 linux-doc - 5.4.0-165.182 linux-image-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-image-5.4.0-165-lowlatency - 5.4.0-165.182 linux-image-unsigned-5.4.0-165-lowlatency - 5.4.0-165.182 linux-modules-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-headers-5.4.0-165-lowlatency - 5.4.0-165.182 linux-libc-dev - 5.4.0-165.182 linux-source-5.4.0 - 5.4.0-165.182 linux-buildinfo-5.4.0-165-generic - 5.4.0-165.182 linux-modules-5.4.0-165-lowlatency - 5.4.0-165.182 linux-buildinfo-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-cloud-tools-5.4.0-165 - 5.4.0-165.182 linux-modules-5.4.0-165-generic - 5.4.0-165.182 linux-image-5.4.0-165-generic - 5.4.0-165.182 linux-tools-5.4.0-165-generic - 5.4.0-165.182 linux-headers-5.4.0-165 - 5.4.0-165.182 linux-modules-extra-5.4.0-165-generic - 5.4.0-165.182 linux-image-unsigned-5.4.0-165-generic - 5.4.0-165.182 linux-tools-5.4.0-165 - 5.4.0-165.182 linux-headers-5.4.0-165-generic - 5.4.0-165.182 linux-cloud-tools-common - 5.4.0-165.182 linux-headers-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-buildinfo-5.4.0-165-lowlatency - 5.4.0-165.182 linux-cloud-tools-5.4.0-165-lowlatency - 5.4.0-165.182 linux-tools-5.4.0-165-generic-lpae - 5.4.0-165.182 linux-cloud-tools-5.4.0-165-generic - 5.4.0-165.182 linux-tools-5.4.0-165-lowlatency - 5.4.0-165.182 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1032.32 linux-xilinx-zynqmp - 5.4.0.1032.32 linux-headers-xilinx-zynqmp - 5.4.0.1032.32 linux-tools-xilinx-zynqmp - 5.4.0.1032.32 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1059.88 linux-headers-ibm-lts-20.04 - 5.4.0.1059.88 linux-ibm-lts-20.04 - 5.4.0.1059.88 linux-image-ibm-lts-20.04 - 5.4.0.1059.88 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1059.88 No subscription required linux-headers-gkeop - 5.4.0.1079.77 linux-cloud-tools-gkeop-5.4 - 5.4.0.1079.77 linux-image-gkeop - 5.4.0.1079.77 linux-modules-extra-gkeop-5.4 - 5.4.0.1079.77 linux-gkeop-5.4 - 5.4.0.1079.77 linux-image-gkeop-5.4 - 5.4.0.1079.77 linux-gkeop - 5.4.0.1079.77 linux-cloud-tools-gkeop - 5.4.0.1079.77 linux-headers-gkeop-5.4 - 5.4.0.1079.77 linux-modules-extra-gkeop - 5.4.0.1079.77 linux-tools-gkeop - 5.4.0.1079.77 linux-tools-gkeop-5.4 - 5.4.0.1079.77 No subscription required linux-kvm - 5.4.0.1101.96 linux-headers-kvm - 5.4.0.1101.96 linux-image-kvm - 5.4.0.1101.96 linux-tools-kvm - 5.4.0.1101.96 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1111.104 linux-headers-oracle-lts-20.04 - 5.4.0.1111.104 linux-oracle-lts-20.04 - 5.4.0.1111.104 linux-image-oracle-lts-20.04 - 5.4.0.1111.104 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1112.109 linux-image-aws-lts-20.04 - 5.4.0.1112.109 linux-headers-aws-lts-20.04 - 5.4.0.1112.109 linux-tools-aws-lts-20.04 - 5.4.0.1112.109 linux-aws-lts-20.04 - 5.4.0.1112.109 No subscription required linux-gcp-lts-20.04 - 5.4.0.1116.118 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1116.118 linux-headers-gcp-lts-20.04 - 5.4.0.1116.118 linux-image-gcp-lts-20.04 - 5.4.0.1116.118 linux-tools-gcp-lts-20.04 - 5.4.0.1116.118 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1118.111 linux-azure-lts-20.04 - 5.4.0.1118.111 linux-modules-extra-azure-lts-20.04 - 5.4.0.1118.111 linux-image-azure-lts-20.04 - 5.4.0.1118.111 linux-tools-azure-lts-20.04 - 5.4.0.1118.111 linux-headers-azure-lts-20.04 - 5.4.0.1118.111 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-cloud-tools-virtual - 5.4.0.165.162 linux-image-generic-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-lpae - 5.4.0.165.162 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-image-virtual - 5.4.0.165.162 linux-generic-hwe-18.04 - 5.4.0.165.162 linux-oem-osp1-tools-host - 5.4.0.165.162 linux-cloud-tools-lowlatency - 5.4.0.165.162 linux-image-generic - 5.4.0.165.162 linux-tools-lowlatency - 5.4.0.165.162 linux-image-oem - 5.4.0.165.162 linux-tools-virtual-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-hwe-18.04 - 5.4.0.165.162 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-headers-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-image-extra-virtual-hwe-18.04 - 5.4.0.165.162 linux-image-oem-osp1 - 5.4.0.165.162 linux-image-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-crashdump - 5.4.0.165.162 linux-tools-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-headers-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-source - 5.4.0.165.162 linux-lowlatency - 5.4.0.165.162 linux-tools-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-tools-generic-lpae - 5.4.0.165.162 linux-cloud-tools-generic - 5.4.0.165.162 linux-virtual - 5.4.0.165.162 linux-headers-virtual-hwe-18.04 - 5.4.0.165.162 linux-virtual-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-headers-virtual - 5.4.0.165.162 linux-tools-virtual - 5.4.0.165.162 linux-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-generic-lpae - 5.4.0.165.162 linux-headers-oem - 5.4.0.165.162 linux-generic - 5.4.0.165.162 linux-tools-oem-osp1 - 5.4.0.165.162 linux-tools-generic-hwe-18.04-edge - 5.4.0.165.162 linux-image-virtual-hwe-18.04 - 5.4.0.165.162 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-oem-tools-host - 5.4.0.165.162 linux-headers-lowlatency - 5.4.0.165.162 linux-image-generic-hwe-18.04-edge - 5.4.0.165.162 linux-generic-hwe-18.04-edge - 5.4.0.165.162 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-oem - 5.4.0.165.162 linux-tools-generic - 5.4.0.165.162 linux-image-extra-virtual - 5.4.0.165.162 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-tools-oem - 5.4.0.165.162 linux-headers-oem-osp1 - 5.4.0.165.162 linux-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-hwe-18.04-edge - 5.4.0.165.162 linux-headers-generic - 5.4.0.165.162 linux-image-lowlatency - 5.4.0.165.162 linux-oem-osp1 - 5.4.0.165.162 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.165.162 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-image-lowlatency-hwe-18.04 - 5.4.0.165.162 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.165.162 linux-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.165.162 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.165.162 linux-image-generic-lpae - 5.4.0.165.162 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.165.162 linux-image-virtual-hwe-18.04-edge - 5.4.0.165.162 linux-tools-generic-hwe-18.04 - 5.4.0.165.162 No subscription required High CVE-2023-34319 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Update Instructions: Run `sudo pro fix USN-6441-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1024-iot - 5.4.0-1024.25 linux-image-5.4.0-1024-iot - 5.4.0-1024.25 linux-headers-5.4.0-1024-iot - 5.4.0-1024.25 linux-buildinfo-5.4.0-1024-iot - 5.4.0-1024.25 linux-tools-5.4.0-1024-iot - 5.4.0-1024.25 linux-iot-headers-5.4.0-1024 - 5.4.0-1024.25 linux-modules-5.4.0-1024-iot - 5.4.0-1024.25 linux-iot-tools-common - 5.4.0-1024.25 linux-iot-tools-5.4.0-1024 - 5.4.0-1024.25 No subscription required linux-headers-5.4.0-1096-raspi - 5.4.0-1096.107 linux-tools-5.4.0-1096-raspi - 5.4.0-1096.107 linux-raspi-tools-5.4.0-1096 - 5.4.0-1096.107 linux-image-5.4.0-1096-raspi - 5.4.0-1096.107 linux-buildinfo-5.4.0-1096-raspi - 5.4.0-1096.107 linux-raspi-headers-5.4.0-1096 - 5.4.0-1096.107 linux-modules-5.4.0-1096-raspi - 5.4.0-1096.107 No subscription required linux-tools-iot - 5.4.0.1024.22 linux-headers-iot - 5.4.0.1024.22 linux-iot - 5.4.0.1024.22 linux-image-iot - 5.4.0.1024.22 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-raspi-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi2 - 5.4.0.1096.126 linux-tools-raspi - 5.4.0.1096.126 linux-image-raspi - 5.4.0.1096.126 linux-tools-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1096.126 linux-raspi2 - 5.4.0.1096.126 linux-headers-raspi2 - 5.4.0.1096.126 linux-headers-raspi2-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-tools-raspi-hwe-18.04 - 5.4.0.1096.126 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1096.126 linux-tools-raspi2 - 5.4.0.1096.126 linux-raspi - 5.4.0.1096.126 linux-headers-raspi - 5.4.0.1096.126 linux-headers-raspi-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi-hwe-18.04 - 5.4.0.1096.126 linux-image-raspi2-hwe-18.04 - 5.4.0.1096.126 No subscription required High CVE-2023-34319 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Update Instructions: Run `sudo pro fix USN-6442-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-modules-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-bluefield-tools-5.4.0-1073 - 5.4.0-1073.79 linux-bluefield-headers-5.4.0-1073 - 5.4.0-1073.79 linux-tools-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-image-unsigned-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-headers-5.4.0-1073-bluefield - 5.4.0-1073.79 linux-buildinfo-5.4.0-1073-bluefield - 5.4.0-1073.79 No subscription required linux-bluefield - 5.4.0.1073.68 linux-tools-bluefield - 5.4.0.1073.68 linux-image-bluefield - 5.4.0.1073.68 linux-headers-bluefield - 5.4.0.1073.68 No subscription required High CVE-2023-34319 CVE-2023-4004 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 Ubuntu 20.04 LTS It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service (excessive CPU consumption). (CVE-2023-1206) Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2023-20569) It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handle user-supplied data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-2156) Davide Ornaghi discovered that the DECnet network protocol implementation in the Linux kernel contained a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Please note that kernel support for the DECnet has been removed to resolve this CVE. (CVE-2023-3338) Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate command payload size, leading to a out-of-bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38432) It was discovered that the NFC implementation in the Linux kernel contained a use-after-free vulnerability when performing peer-to-peer communication in certain conditions. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3863) Laurence Wit discovered that the KSMBD implementation in the Linux kernel did not properly validate a buffer size in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-3865) Laurence Wit discovered that the KSMBD implementation in the Linux kernel contained a null pointer dereference vulnerability when handling handling chained requests. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-3866) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Andy Nguyen discovered that the KVM implementation for AMD processors in the Linux kernel with Secure Encrypted Virtualization (SEV) contained a race condition when accessing the GHCB page. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2023-4155) It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-4194) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Maxim Suhanov discovered that the exFAT file system implementation in the Linux kernel did not properly check a file name length, leading to an out- of-bounds write vulnerability. An attacker could use this to construct a malicious exFAT image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4273) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Thelford Williams discovered that the Ceph file system messenger protocol implementation in the Linux kernel did not properly validate frame segment length in certain situation, leading to a buffer overflow vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-44466) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6445-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-modules-extra-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-headers-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-buildinfo-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1043 - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1043 - 5.15.0-1043.49~20.04.1 linux-modules-iwlwifi-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-cloud-tools-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-tools-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1043.49~20.04.1 linux-image-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1043 - 5.15.0-1043.49~20.04.1 linux-modules-5.15.0-1043-intel-iotg - 5.15.0-1043.49~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1043.49~20.04.33 linux-tools-intel - 5.15.0.1043.49~20.04.33 linux-intel-iotg - 5.15.0.1043.49~20.04.33 linux-headers-intel - 5.15.0.1043.49~20.04.33 linux-tools-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-intel - 5.15.0.1043.49~20.04.33 linux-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-image-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-image-intel-iotg - 5.15.0.1043.49~20.04.33 linux-headers-intel-iotg - 5.15.0.1043.49~20.04.33 linux-image-intel - 5.15.0.1043.49~20.04.33 linux-headers-intel-iotg-edge - 5.15.0.1043.49~20.04.33 linux-tools-intel-iotg - 5.15.0.1043.49~20.04.33 No subscription required High CVE-2023-1206 CVE-2023-20569 CVE-2023-2156 CVE-2023-3338 CVE-2023-34319 CVE-2023-38432 CVE-2023-3863 CVE-2023-3865 CVE-2023-3866 CVE-2023-4132 CVE-2023-4155 CVE-2023-4194 CVE-2023-4244 CVE-2023-4273 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-44466 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6446-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-ibm-5.15-headers-5.15.0-1041 - 5.15.0-1041.44~20.04.1 linux-ibm-5.15-tools-5.15.0-1041 - 5.15.0-1041.44~20.04.1 linux-image-unsigned-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-modules-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-image-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-headers-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1041.44~20.04.1 linux-buildinfo-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-modules-extra-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 linux-tools-5.15.0-1041-ibm - 5.15.0-1041.44~20.04.1 No subscription required linux-cloud-tools-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-aws-5.15-headers-5.15.0-1048 - 5.15.0-1048.53~20.04.1 linux-modules-extra-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-headers-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-image-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1048 - 5.15.0-1048.53~20.04.1 linux-image-unsigned-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-tools-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-aws-5.15-tools-5.15.0-1048 - 5.15.0-1048.53~20.04.1 linux-modules-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 linux-buildinfo-5.15.0-1048-aws - 5.15.0-1048.53~20.04.1 No subscription required linux-image-unsigned-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-azure-5.15-headers-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-tools-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-buildinfo-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-cloud-tools-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-modules-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-headers-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-modules-extra-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-image-5.15.0-1050-azure - 5.15.0-1050.57~20.04.1 linux-azure-5.15-tools-5.15.0-1050 - 5.15.0-1050.57~20.04.1 No subscription required linux-image-5.15.0-1050-azure-fde - 5.15.0-1050.57~20.04.1.1 linux-image-unsigned-5.15.0-1050-azure-fde - 5.15.0-1050.57~20.04.1.1 No subscription required linux-lowlatency-hwe-5.15-headers-5.15.0-87 - 5.15.0-87.96~20.04.1 linux-image-unsigned-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-tools-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-87.96~20.04.1 linux-image-unsigned-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-modules-iwlwifi-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-87.96~20.04.1 linux-buildinfo-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-buildinfo-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-headers-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-87 - 5.15.0-87.96~20.04.1 linux-tools-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-modules-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-87 - 5.15.0-87.96~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-87.96~20.04.1 linux-modules-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-cloud-tools-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-image-5.15.0-87-lowlatency-64k - 5.15.0-87.96~20.04.1 linux-image-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 linux-headers-5.15.0-87-lowlatency - 5.15.0-87.96~20.04.1 No subscription required linux-hwe-5.15-cloud-tools-5.15.0-87 - 5.15.0-87.97~20.04.1 linux-headers-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-image-unsigned-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-cloud-tools-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-tools-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-87.97~20.04.1 linux-image-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-buildinfo-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-modules-iwlwifi-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-headers-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-hwe-5.15-tools-5.15.0-87 - 5.15.0-87.97~20.04.1 linux-image-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-hwe-5.15-headers-5.15.0-87 - 5.15.0-87.97~20.04.1 linux-modules-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-tools-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-image-unsigned-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-modules-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-modules-extra-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-headers-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-87.97~20.04.1 linux-buildinfo-5.15.0-87-generic - 5.15.0-87.97~20.04.1 linux-buildinfo-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-image-5.15.0-87-generic-lpae - 5.15.0-87.97~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-87.97~20.04.1 linux-tools-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-modules-5.15.0-87-generic-64k - 5.15.0-87.97~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-87.97~20.04.1 No subscription required linux-image-ibm - 5.15.0.1041.44~20.04.13 linux-tools-ibm - 5.15.0.1041.44~20.04.13 linux-headers-ibm-edge - 5.15.0.1041.44~20.04.13 linux-tools-ibm-edge - 5.15.0.1041.44~20.04.13 linux-ibm - 5.15.0.1041.44~20.04.13 linux-ibm-edge - 5.15.0.1041.44~20.04.13 linux-headers-ibm - 5.15.0.1041.44~20.04.13 linux-image-ibm-edge - 5.15.0.1041.44~20.04.13 No subscription required linux-image-aws - 5.15.0.1048.53~20.04.36 linux-headers-aws - 5.15.0.1048.53~20.04.36 linux-modules-extra-aws-edge - 5.15.0.1048.53~20.04.36 linux-image-aws-edge - 5.15.0.1048.53~20.04.36 linux-aws-edge - 5.15.0.1048.53~20.04.36 linux-aws - 5.15.0.1048.53~20.04.36 linux-tools-aws - 5.15.0.1048.53~20.04.36 linux-headers-aws-edge - 5.15.0.1048.53~20.04.36 linux-modules-extra-aws - 5.15.0.1048.53~20.04.36 linux-tools-aws-edge - 5.15.0.1048.53~20.04.36 No subscription required linux-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-cloud-tools-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-tools-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-headers-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-image-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-tools-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-modules-extra-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-image-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-cloud-tools-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-azure-fde-edge - 5.15.0.1050.57~20.04.1.28 linux-modules-extra-azure-fde - 5.15.0.1050.57~20.04.1.28 linux-headers-azure-fde - 5.15.0.1050.57~20.04.1.28 No subscription required linux-cloud-tools-azure - 5.15.0.1050.57~20.04.39 linux-tools-azure - 5.15.0.1050.57~20.04.39 linux-image-azure-edge - 5.15.0.1050.57~20.04.39 linux-image-azure-cvm - 5.15.0.1050.57~20.04.39 linux-modules-extra-azure-cvm - 5.15.0.1050.57~20.04.39 linux-tools-azure-edge - 5.15.0.1050.57~20.04.39 linux-tools-azure-cvm - 5.15.0.1050.57~20.04.39 linux-cloud-tools-azure-edge - 5.15.0.1050.57~20.04.39 linux-modules-extra-azure - 5.15.0.1050.57~20.04.39 linux-headers-azure-cvm - 5.15.0.1050.57~20.04.39 linux-azure - 5.15.0.1050.57~20.04.39 linux-image-azure - 5.15.0.1050.57~20.04.39 linux-headers-azure-edge - 5.15.0.1050.57~20.04.39 linux-azure-edge - 5.15.0.1050.57~20.04.39 linux-cloud-tools-azure-cvm - 5.15.0.1050.57~20.04.39 linux-azure-cvm - 5.15.0.1050.57~20.04.39 linux-modules-extra-azure-edge - 5.15.0.1050.57~20.04.39 linux-headers-azure - 5.15.0.1050.57~20.04.39 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-image-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-lowlatency-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.87.96~20.04.42 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.87.96~20.04.42 No subscription required linux-headers-oem-20.04 - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04d - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04c - 5.15.0.87.97~20.04.45 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-oem-20.04b - 5.15.0.87.97~20.04.45 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-extra-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04b - 5.15.0.87.97~20.04.45 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-tools-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-oem-20.04c - 5.15.0.87.97~20.04.45 linux-image-oem-20.04d - 5.15.0.87.97~20.04.45 linux-oem-20.04 - 5.15.0.87.97~20.04.45 linux-image-oem-20.04 - 5.15.0.87.97~20.04.45 linux-oem-20.04b - 5.15.0.87.97~20.04.45 linux-oem-20.04d - 5.15.0.87.97~20.04.45 linux-tools-oem-20.04 - 5.15.0.87.97~20.04.45 linux-oem-20.04c - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-oem-20.04 - 5.15.0.87.97~20.04.45 linux-tools-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-generic-lpae-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-tools-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-image-generic-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-oem-20.04d - 5.15.0.87.97~20.04.45 linux-tools-generic-64k-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-tools-virtual-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04b - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04c - 5.15.0.87.97~20.04.45 linux-headers-virtual-hwe-20.04 - 5.15.0.87.97~20.04.45 linux-headers-oem-20.04d - 5.15.0.87.97~20.04.45 No subscription required High CVE-2023-34319 CVE-2023-4244 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6446-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-headers-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-modules-extra-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-modules-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1031 - 5.15.0-1031.37~20.04.1 linux-gkeop-5.15-tools-5.15.0-1031 - 5.15.0-1031.37~20.04.1 linux-image-unsigned-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-gkeop-5.15-headers-5.15.0-1031 - 5.15.0-1031.37~20.04.1 linux-cloud-tools-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-image-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 linux-tools-5.15.0-1031-gkeop - 5.15.0-1031.37~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1045 - 5.15.0-1045.53~20.04.2 linux-headers-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-modules-iwlwifi-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-image-unsigned-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-modules-extra-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-image-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-modules-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-gcp-5.15-headers-5.15.0-1045 - 5.15.0-1045.53~20.04.2 linux-tools-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 linux-buildinfo-5.15.0-1045-gcp - 5.15.0-1045.53~20.04.2 No subscription required linux-headers-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-image-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-image-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-cloud-tools-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-headers-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-tools-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-cloud-tools-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-modules-extra-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-gkeop-edge - 5.15.0.1031.37~20.04.27 linux-tools-gkeop-5.15 - 5.15.0.1031.37~20.04.27 linux-modules-extra-gkeop-5.15 - 5.15.0.1031.37~20.04.27 No subscription required linux-tools-gcp-edge - 5.15.0.1045.53~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1045.53~20.04.1 linux-headers-gcp-edge - 5.15.0.1045.53~20.04.1 linux-gcp - 5.15.0.1045.53~20.04.1 linux-headers-gcp - 5.15.0.1045.53~20.04.1 linux-image-gcp-edge - 5.15.0.1045.53~20.04.1 linux-tools-gcp - 5.15.0.1045.53~20.04.1 linux-image-gcp - 5.15.0.1045.53~20.04.1 linux-modules-extra-gcp - 5.15.0.1045.53~20.04.1 linux-gcp-edge - 5.15.0.1045.53~20.04.1 No subscription required High CVE-2023-34319 CVE-2023-4244 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service (host system crash) or possibly execute arbitrary code. (CVE-2023-34319) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42752) Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did not properly calculate array offsets, leading to a out-of-bounds write vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-42753) Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP) classifier implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). Please note that kernel packet classifier support for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755) Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-42756) Bing-Jhong Billy Jheng discovered that the Unix domain socket implementation in the Linux kernel contained a race condition in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4622) Budimir Markovic discovered that the qdisc implementation in the Linux kernel did not properly validate inner classes, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4623) Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-4881) It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4921) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle removal of rules from chain bindings in certain circumstances, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-5197) Update Instructions: Run `sudo pro fix USN-6446-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-oracle-5.15-headers-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-modules-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-oracle-5.15-tools-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-modules-extra-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-image-unsigned-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-tools-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-buildinfo-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-image-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 linux-headers-5.15.0-1046-oracle - 5.15.0-1046.52~20.04.1 No subscription required linux-oracle - 5.15.0.1046.52~20.04.1 linux-tools-oracle-edge - 5.15.0.1046.52~20.04.1 linux-headers-oracle - 5.15.0.1046.52~20.04.1 linux-image-oracle-edge - 5.15.0.1046.52~20.04.1 linux-oracle-edge - 5.15.0.1046.52~20.04.1 linux-image-oracle - 5.15.0.1046.52~20.04.1 linux-tools-oracle - 5.15.0.1046.52~20.04.1 linux-headers-oracle-edge - 5.15.0.1046.52~20.04.1 No subscription required High CVE-2023-34319 CVE-2023-4244 CVE-2023-42752 CVE-2023-42753 CVE-2023-42755 CVE-2023-42756 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-5197 Ubuntu 20.04 LTS It was discovered that AOM incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135, CVE-2021-30473, CVE-2021-30474, CVE-2021-30475) Update Instructions: Run `sudo pro fix USN-6447-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaom-doc - 1.0.0.errata1-3+deb11u1build0.20.04.1 libaom-dev - 1.0.0.errata1-3+deb11u1build0.20.04.1 aom-tools - 1.0.0.errata1-3+deb11u1build0.20.04.1 libaom0 - 1.0.0.errata1-3+deb11u1build0.20.04.1 No subscription required Medium CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135 CVE-2021-30473 CVE-2021-30474 CVE-2021-30475 Ubuntu 20.04 LTS Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6448-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: sofia-sip-doc - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua-glib3 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua0 - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 sofia-sip-bin - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua-glib-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 libsofia-sip-ua-dev - 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 No subscription required Medium CVE-2023-32307 Ubuntu 20.04 LTS It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22038) It was discovered that FFmpeg incorrectly handled certain input files, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20898, CVE-2021-38090, CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094) It was discovered that FFmpeg incorrectly managed memory, resulting in a memory leak. If a user or automated system were tricked into processing a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-48434) Update Instructions: Run `sudo pro fix USN-6449-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.7-0ubuntu0.1+esm3 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm3 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm3 libavformat58 - 7:4.2.7-0ubuntu0.1+esm3 libavresample4 - 7:4.2.7-0ubuntu0.1+esm3 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm3 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm3 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm3 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm3 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm3 libswresample3 - 7:4.2.7-0ubuntu0.1+esm3 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm3 libswscale5 - 7:4.2.7-0ubuntu0.1+esm3 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm3 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm3 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm3 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm3 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm3 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm3 libavutil56 - 7:4.2.7-0ubuntu0.1+esm3 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm3 ffmpeg - 7:4.2.7-0ubuntu0.1+esm3 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm3 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-20898 CVE-2020-22038 CVE-2021-38090 CVE-2021-38091 CVE-2021-38092 CVE-2021-38093 CVE-2021-38094 CVE-2022-48434 Ubuntu 20.04 LTS USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22038) It was discovered that FFmpeg incorrectly handled certain input files, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20898, CVE-2021-38090, CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094) It was discovered that FFmpeg incorrectly managed memory, resulting in a memory leak. If a user or automated system were tricked into processing a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-48434) Update Instructions: Run `sudo pro fix USN-6449-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:4.2.7-0ubuntu0.1+esm4 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm4 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm4 libavformat58 - 7:4.2.7-0ubuntu0.1+esm4 libavresample4 - 7:4.2.7-0ubuntu0.1+esm4 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm4 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm4 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm4 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm4 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm4 libswresample3 - 7:4.2.7-0ubuntu0.1+esm4 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm4 libswscale5 - 7:4.2.7-0ubuntu0.1+esm4 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm4 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm4 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm4 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm4 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm4 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm4 libavutil56 - 7:4.2.7-0ubuntu0.1+esm4 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm4 ffmpeg - 7:4.2.7-0ubuntu0.1+esm4 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm4 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm4 Available with Ubuntu Pro: https://ubuntu.com/pro None https://launchpad.net/bugs/2042743 Ubuntu 20.04 LTS It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. (CVE-2023-3896) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-4733, CVE-2023-4750) It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4734) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-4735, CVE-2023-5344) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-4738) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-4751) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4752, CVE-2023-5535) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4781) It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-5441) Update Instructions: Run `sudo pro fix USN-6452-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.20 vim-athena - 2:8.1.2269-1ubuntu5.20 vim-tiny - 2:8.1.2269-1ubuntu5.20 vim-gtk - 2:8.1.2269-1ubuntu5.20 vim-gui-common - 2:8.1.2269-1ubuntu5.20 vim - 2:8.1.2269-1ubuntu5.20 vim-doc - 2:8.1.2269-1ubuntu5.20 xxd - 2:8.1.2269-1ubuntu5.20 vim-runtime - 2:8.1.2269-1ubuntu5.20 vim-gtk3 - 2:8.1.2269-1ubuntu5.20 vim-nox - 2:8.1.2269-1ubuntu5.20 No subscription required Medium CVE-2023-3896 CVE-2023-4733 CVE-2023-4734 CVE-2023-4735 CVE-2023-4738 CVE-2023-4750 CVE-2023-4751 CVE-2023-4752 CVE-2023-4781 CVE-2023-5344 CVE-2023-5441 CVE-2023-5535 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5367) Sri discovered that the X.Org X Server incorrectly handled detroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5380) Update Instructions: Run `sudo pro fix USN-6453-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.9 xwayland - 2:1.20.13-1ubuntu1~20.04.9 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.9 xdmx - 2:1.20.13-1ubuntu1~20.04.9 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.9 xvfb - 2:1.20.13-1ubuntu1~20.04.9 xnest - 2:1.20.13-1ubuntu1~20.04.9 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.9 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.9 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.9 xserver-common - 2:1.20.13-1ubuntu1~20.04.9 No subscription required Medium CVE-2023-5367 CVE-2023-5380 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-42117) It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-42119) Update Instructions: Run `sudo pro fix USN-6455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.9 eximon4 - 4.93-13ubuntu1.9 exim4 - 4.93-13ubuntu1.9 exim4-base - 4.93-13ubuntu1.9 exim4-config - 4.93-13ubuntu1.9 exim4-daemon-heavy - 4.93-13ubuntu1.9 exim4-daemon-light - 4.93-13ubuntu1.9 No subscription required Medium CVE-2023-42117 CVE-2023-42119 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5722, CVE-2023-5724, CVE-2023-5728, CVE-2023-5729, CVE-2023-5730, CVE-2023-5731) Kelsey Gilbert discovered that Firefox did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Daniel Veditz discovered that Firefox did not properly validate a cookie containing invalid characters. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5723) Shaheen Fazim discovered that Firefox did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6456-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 119.0+build2-0ubuntu0.20.04.1 firefox - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 119.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 119.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 119.0+build2-0ubuntu0.20.04.1 firefox-dev - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 119.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 119.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5721 CVE-2023-5722 CVE-2023-5723 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5729 CVE-2023-5730 CVE-2023-5731 Ubuntu 20.04 LTS USN-6456-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-5722, CVE-2023-5724, CVE-2023-5728, CVE-2023-5729, CVE-2023-5730, CVE-2023-5731) Kelsey Gilbert discovered that Firefox did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Daniel Veditz discovered that Firefox did not properly validate a cookie containing invalid characters. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-5723) Shaheen Fazim discovered that Firefox did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6456-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 119.0.1+build1-0ubuntu0.20.04.1 firefox - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 119.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 119.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 119.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 119.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 119.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2043441 Ubuntu 20.04 LTS It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2022-29500) It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow an unprivileged user to send data to an arbitrary unix socket in the host. An attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2022-29501) It was discovered that Slurm did not properly handle validation logic when processing input and output data with the srun client, which could lead to the interception of process I/O. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-29502) Update Instructions: Run `sudo pro fix USN-6458-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpmi0-dev - 19.05.5-1ubuntu0.1~esm2 slurmctld - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-basic-plugins-dev - 19.05.5-1ubuntu0.1~esm2 libslurm-perl - 19.05.5-1ubuntu0.1~esm2 libpmi0 - 19.05.5-1ubuntu0.1~esm2 slurm-wlm - 19.05.5-1ubuntu0.1~esm2 libslurm-dev - 19.05.5-1ubuntu0.1~esm2 slurm-client - 19.05.5-1ubuntu0.1~esm2 libpam-slurm - 19.05.5-1ubuntu0.1~esm2 slurmd - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-torque - 19.05.5-1ubuntu0.1~esm2 slurm-client-emulator - 19.05.5-1ubuntu0.1~esm2 libpam-slurm-adopt - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-emulator - 19.05.5-1ubuntu0.1~esm2 libpmi2-0 - 19.05.5-1ubuntu0.1~esm2 slurmdbd - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-doc - 19.05.5-1ubuntu0.1~esm2 libslurm34 - 19.05.5-1ubuntu0.1~esm2 libpmi2-0-dev - 19.05.5-1ubuntu0.1~esm2 libslurmdb-perl - 19.05.5-1ubuntu0.1~esm2 sview - 19.05.5-1ubuntu0.1~esm2 slurm-wlm-basic-plugins - 19.05.5-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-29500 CVE-2022-29501 CVE-2022-29502 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-35.html https://www.oracle.com/security-alerts/cpuoct2023.html Update Instructions: Run `sudo pro fix USN-6459-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.35-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.35-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.35-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-router - 8.0.35-0ubuntu0.20.04.1 mysql-server - 8.0.35-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.35-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-testsuite - 8.0.35-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.35-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.35-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-22032 CVE-2023-22059 CVE-2023-22064 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22112 CVE-2023-22114 Ubuntu 20.04 LTS Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Update Instructions: Run `sudo pro fix USN-6462-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-tools-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-headers-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-xilinx-zynqmp-headers-5.4.0-1033 - 5.4.0-1033.37 linux-modules-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-image-5.4.0-1033-xilinx-zynqmp - 5.4.0-1033.37 linux-xilinx-zynqmp-tools-5.4.0-1033 - 5.4.0-1033.37 No subscription required linux-buildinfo-5.4.0-1060-ibm - 5.4.0-1060.65 linux-ibm-source-5.4.0 - 5.4.0-1060.65 linux-image-unsigned-5.4.0-1060-ibm - 5.4.0-1060.65 linux-modules-extra-5.4.0-1060-ibm - 5.4.0-1060.65 linux-ibm-tools-common - 5.4.0-1060.65 linux-headers-5.4.0-1060-ibm - 5.4.0-1060.65 linux-ibm-headers-5.4.0-1060 - 5.4.0-1060.65 linux-modules-5.4.0-1060-ibm - 5.4.0-1060.65 linux-ibm-cloud-tools-common - 5.4.0-1060.65 linux-ibm-tools-5.4.0-1060 - 5.4.0-1060.65 linux-image-5.4.0-1060-ibm - 5.4.0-1060.65 linux-tools-5.4.0-1060-ibm - 5.4.0-1060.65 No subscription required linux-headers-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-image-unsigned-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-buildinfo-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-bluefield-tools-5.4.0-1074 - 5.4.0-1074.80 linux-tools-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-image-5.4.0-1074-bluefield - 5.4.0-1074.80 linux-bluefield-headers-5.4.0-1074 - 5.4.0-1074.80 linux-modules-5.4.0-1074-bluefield - 5.4.0-1074.80 No subscription required linux-gkeop-headers-5.4.0-1080 - 5.4.0-1080.84 linux-cloud-tools-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-gkeop-source-5.4.0 - 5.4.0-1080.84 linux-image-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-modules-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-image-unsigned-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-headers-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-gkeop-cloud-tools-5.4.0-1080 - 5.4.0-1080.84 linux-gkeop-tools-5.4.0-1080 - 5.4.0-1080.84 linux-tools-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-modules-extra-5.4.0-1080-gkeop - 5.4.0-1080.84 linux-buildinfo-5.4.0-1080-gkeop - 5.4.0-1080.84 No subscription required linux-headers-5.4.0-1097-raspi - 5.4.0-1097.109 linux-raspi-tools-5.4.0-1097 - 5.4.0-1097.109 linux-modules-5.4.0-1097-raspi - 5.4.0-1097.109 linux-tools-5.4.0-1097-raspi - 5.4.0-1097.109 linux-image-5.4.0-1097-raspi - 5.4.0-1097.109 linux-buildinfo-5.4.0-1097-raspi - 5.4.0-1097.109 linux-raspi-headers-5.4.0-1097 - 5.4.0-1097.109 No subscription required linux-kvm-headers-5.4.0-1102 - 5.4.0-1102.108 linux-kvm-tools-5.4.0-1102 - 5.4.0-1102.108 linux-image-5.4.0-1102-kvm - 5.4.0-1102.108 linux-image-unsigned-5.4.0-1102-kvm - 5.4.0-1102.108 linux-tools-5.4.0-1102-kvm - 5.4.0-1102.108 linux-modules-5.4.0-1102-kvm - 5.4.0-1102.108 linux-headers-5.4.0-1102-kvm - 5.4.0-1102.108 linux-buildinfo-5.4.0-1102-kvm - 5.4.0-1102.108 No subscription required linux-image-5.4.0-1112-oracle - 5.4.0-1112.121 linux-image-unsigned-5.4.0-1112-oracle - 5.4.0-1112.121 linux-modules-extra-5.4.0-1112-oracle - 5.4.0-1112.121 linux-modules-5.4.0-1112-oracle - 5.4.0-1112.121 linux-oracle-tools-5.4.0-1112 - 5.4.0-1112.121 linux-headers-5.4.0-1112-oracle - 5.4.0-1112.121 linux-buildinfo-5.4.0-1112-oracle - 5.4.0-1112.121 linux-tools-5.4.0-1112-oracle - 5.4.0-1112.121 linux-oracle-headers-5.4.0-1112 - 5.4.0-1112.121 No subscription required linux-headers-5.4.0-1113-aws - 5.4.0-1113.123 linux-cloud-tools-5.4.0-1113-aws - 5.4.0-1113.123 linux-image-5.4.0-1113-aws - 5.4.0-1113.123 linux-buildinfo-5.4.0-1113-aws - 5.4.0-1113.123 linux-aws-headers-5.4.0-1113 - 5.4.0-1113.123 linux-image-unsigned-5.4.0-1113-aws - 5.4.0-1113.123 linux-aws-tools-5.4.0-1113 - 5.4.0-1113.123 linux-modules-5.4.0-1113-aws - 5.4.0-1113.123 linux-tools-5.4.0-1113-aws - 5.4.0-1113.123 linux-aws-cloud-tools-5.4.0-1113 - 5.4.0-1113.123 linux-modules-extra-5.4.0-1113-aws - 5.4.0-1113.123 No subscription required linux-tools-5.4.0-1117-gcp - 5.4.0-1117.126 linux-gcp-tools-5.4.0-1117 - 5.4.0-1117.126 linux-buildinfo-5.4.0-1117-gcp - 5.4.0-1117.126 linux-gcp-headers-5.4.0-1117 - 5.4.0-1117.126 linux-headers-5.4.0-1117-gcp - 5.4.0-1117.126 linux-image-5.4.0-1117-gcp - 5.4.0-1117.126 linux-image-unsigned-5.4.0-1117-gcp - 5.4.0-1117.126 linux-modules-5.4.0-1117-gcp - 5.4.0-1117.126 linux-modules-extra-5.4.0-1117-gcp - 5.4.0-1117.126 No subscription required linux-azure-cloud-tools-5.4.0-1119 - 5.4.0-1119.126 linux-modules-extra-5.4.0-1119-azure - 5.4.0-1119.126 linux-azure-tools-5.4.0-1119 - 5.4.0-1119.126 linux-modules-5.4.0-1119-azure - 5.4.0-1119.126 linux-buildinfo-5.4.0-1119-azure - 5.4.0-1119.126 linux-image-5.4.0-1119-azure - 5.4.0-1119.126 linux-headers-5.4.0-1119-azure - 5.4.0-1119.126 linux-image-unsigned-5.4.0-1119-azure - 5.4.0-1119.126 linux-cloud-tools-5.4.0-1119-azure - 5.4.0-1119.126 linux-azure-headers-5.4.0-1119 - 5.4.0-1119.126 linux-tools-5.4.0-1119-azure - 5.4.0-1119.126 No subscription required linux-buildinfo-5.4.0-166-generic - 5.4.0-166.183 linux-tools-5.4.0-166-generic - 5.4.0-166.183 linux-image-5.4.0-166-generic - 5.4.0-166.183 linux-tools-host - 5.4.0-166.183 linux-tools-common - 5.4.0-166.183 linux-headers-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-doc - 5.4.0-166.183 linux-modules-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-image-unsigned-5.4.0-166-generic - 5.4.0-166.183 linux-tools-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-image-5.4.0-166-lowlatency - 5.4.0-166.183 linux-cloud-tools-5.4.0-166-generic - 5.4.0-166.183 linux-modules-5.4.0-166-generic - 5.4.0-166.183 linux-source-5.4.0 - 5.4.0-166.183 linux-buildinfo-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-headers-5.4.0-166-generic - 5.4.0-166.183 linux-cloud-tools-5.4.0-166-lowlatency - 5.4.0-166.183 linux-modules-5.4.0-166-lowlatency - 5.4.0-166.183 linux-cloud-tools-common - 5.4.0-166.183 linux-image-unsigned-5.4.0-166-lowlatency - 5.4.0-166.183 linux-headers-5.4.0-166 - 5.4.0-166.183 linux-headers-5.4.0-166-lowlatency - 5.4.0-166.183 linux-tools-5.4.0-166 - 5.4.0-166.183 linux-image-5.4.0-166-generic-lpae - 5.4.0-166.183 linux-tools-5.4.0-166-lowlatency - 5.4.0-166.183 linux-buildinfo-5.4.0-166-lowlatency - 5.4.0-166.183 linux-libc-dev - 5.4.0-166.183 linux-cloud-tools-5.4.0-166 - 5.4.0-166.183 linux-modules-extra-5.4.0-166-generic - 5.4.0-166.183 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1033.33 linux-xilinx-zynqmp - 5.4.0.1033.33 linux-tools-xilinx-zynqmp - 5.4.0.1033.33 linux-headers-xilinx-zynqmp - 5.4.0.1033.33 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1060.89 linux-headers-ibm-lts-20.04 - 5.4.0.1060.89 linux-ibm-lts-20.04 - 5.4.0.1060.89 linux-image-ibm-lts-20.04 - 5.4.0.1060.89 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1060.89 No subscription required linux-bluefield - 5.4.0.1074.69 linux-image-bluefield - 5.4.0.1074.69 linux-headers-bluefield - 5.4.0.1074.69 linux-tools-bluefield - 5.4.0.1074.69 No subscription required linux-headers-gkeop - 5.4.0.1080.78 linux-cloud-tools-gkeop-5.4 - 5.4.0.1080.78 linux-image-gkeop - 5.4.0.1080.78 linux-modules-extra-gkeop-5.4 - 5.4.0.1080.78 linux-gkeop-5.4 - 5.4.0.1080.78 linux-image-gkeop-5.4 - 5.4.0.1080.78 linux-gkeop - 5.4.0.1080.78 linux-cloud-tools-gkeop - 5.4.0.1080.78 linux-headers-gkeop-5.4 - 5.4.0.1080.78 linux-modules-extra-gkeop - 5.4.0.1080.78 linux-tools-gkeop - 5.4.0.1080.78 linux-tools-gkeop-5.4 - 5.4.0.1080.78 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-headers-raspi2 - 5.4.0.1097.127 linux-image-raspi - 5.4.0.1097.127 linux-image-raspi-hwe-18.04 - 5.4.0.1097.127 linux-image-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-tools-raspi - 5.4.0.1097.127 linux-headers-raspi-hwe-18.04 - 5.4.0.1097.127 linux-headers-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-image-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-headers-raspi - 5.4.0.1097.127 linux-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-raspi-hwe-18.04 - 5.4.0.1097.127 linux-tools-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-raspi-hwe-18.04-edge - 5.4.0.1097.127 linux-raspi2-hwe-18.04 - 5.4.0.1097.127 linux-image-raspi2 - 5.4.0.1097.127 linux-tools-raspi-hwe-18.04 - 5.4.0.1097.127 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1097.127 linux-raspi2 - 5.4.0.1097.127 linux-tools-raspi2 - 5.4.0.1097.127 linux-raspi - 5.4.0.1097.127 No subscription required linux-kvm - 5.4.0.1102.97 linux-headers-kvm - 5.4.0.1102.97 linux-image-kvm - 5.4.0.1102.97 linux-tools-kvm - 5.4.0.1102.97 No subscription required linux-oracle-lts-20.04 - 5.4.0.1112.105 linux-headers-oracle-lts-20.04 - 5.4.0.1112.105 linux-tools-oracle-lts-20.04 - 5.4.0.1112.105 linux-image-oracle-lts-20.04 - 5.4.0.1112.105 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1113.110 linux-headers-aws-lts-20.04 - 5.4.0.1113.110 linux-tools-aws-lts-20.04 - 5.4.0.1113.110 linux-modules-extra-aws-lts-20.04 - 5.4.0.1113.110 linux-aws-lts-20.04 - 5.4.0.1113.110 No subscription required linux-gcp-lts-20.04 - 5.4.0.1117.119 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1117.119 linux-headers-gcp-lts-20.04 - 5.4.0.1117.119 linux-image-gcp-lts-20.04 - 5.4.0.1117.119 linux-tools-gcp-lts-20.04 - 5.4.0.1117.119 No subscription required linux-azure-lts-20.04 - 5.4.0.1119.112 linux-image-azure-lts-20.04 - 5.4.0.1119.112 linux-modules-extra-azure-lts-20.04 - 5.4.0.1119.112 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1119.112 linux-tools-azure-lts-20.04 - 5.4.0.1119.112 linux-headers-azure-lts-20.04 - 5.4.0.1119.112 No subscription required linux-cloud-tools-virtual - 5.4.0.166.163 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-headers-generic-lpae - 5.4.0.166.163 linux-image-virtual - 5.4.0.166.163 linux-oem-osp1-tools-host - 5.4.0.166.163 linux-image-generic - 5.4.0.166.163 linux-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-image-oem - 5.4.0.166.163 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.166.163 linux-tools-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-headers-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-image-extra-virtual-hwe-18.04 - 5.4.0.166.163 linux-image-oem-osp1 - 5.4.0.166.163 linux-image-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-crashdump - 5.4.0.166.163 linux-headers-generic-hwe-18.04 - 5.4.0.166.163 linux-headers-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-lowlatency - 5.4.0.166.163 linux-tools-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-tools-generic-lpae - 5.4.0.166.163 linux-cloud-tools-generic - 5.4.0.166.163 linux-virtual - 5.4.0.166.163 linux-image-generic-hwe-18.04 - 5.4.0.166.163 linux-virtual-hwe-18.04 - 5.4.0.166.163 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-headers-virtual - 5.4.0.166.163 linux-tools-virtual - 5.4.0.166.163 linux-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-generic-lpae - 5.4.0.166.163 linux-headers-oem - 5.4.0.166.163 linux-headers-oem-osp1 - 5.4.0.166.163 linux-generic - 5.4.0.166.163 linux-tools-oem-osp1 - 5.4.0.166.163 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-image-lowlatency - 5.4.0.166.163 linux-image-virtual-hwe-18.04 - 5.4.0.166.163 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-cloud-tools-lowlatency - 5.4.0.166.163 linux-headers-lowlatency - 5.4.0.166.163 linux-generic-hwe-18.04-edge - 5.4.0.166.163 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.166.163 linux-generic-hwe-18.04 - 5.4.0.166.163 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-oem - 5.4.0.166.163 linux-tools-generic - 5.4.0.166.163 linux-source - 5.4.0.166.163 linux-image-extra-virtual - 5.4.0.166.163 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-oem-tools-host - 5.4.0.166.163 linux-tools-oem - 5.4.0.166.163 linux-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.166.163 linux-headers-generic-hwe-18.04-edge - 5.4.0.166.163 linux-headers-generic - 5.4.0.166.163 linux-headers-virtual-hwe-18.04 - 5.4.0.166.163 linux-oem-osp1 - 5.4.0.166.163 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.166.163 linux-tools-lowlatency - 5.4.0.166.163 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-image-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.166.163 linux-lowlatency-hwe-18.04 - 5.4.0.166.163 linux-image-generic-lpae - 5.4.0.166.163 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.166.163 linux-image-virtual-hwe-18.04-edge - 5.4.0.166.163 linux-tools-generic-hwe-18.04 - 5.4.0.166.163 linux-image-generic-hwe-18.04-edge - 5.4.0.166.163 linux-tools-virtual-hwe-18.04 - 5.4.0.166.163 linux-tools-generic-hwe-18.04-edge - 5.4.0.166.163 No subscription required Medium CVE-2023-0597 CVE-2023-31083 CVE-2023-3772 CVE-2023-4132 Ubuntu 20.04 LTS Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Update Instructions: Run `sudo pro fix USN-6462-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1025-iot - 5.4.0-1025.26 linux-headers-5.4.0-1025-iot - 5.4.0-1025.26 linux-tools-5.4.0-1025-iot - 5.4.0-1025.26 linux-iot-tools-common - 5.4.0-1025.26 linux-modules-5.4.0-1025-iot - 5.4.0-1025.26 linux-iot-tools-5.4.0-1025 - 5.4.0-1025.26 linux-buildinfo-5.4.0-1025-iot - 5.4.0-1025.26 linux-iot-headers-5.4.0-1025 - 5.4.0-1025.26 linux-image-5.4.0-1025-iot - 5.4.0-1025.26 No subscription required linux-tools-iot - 5.4.0.1025.23 linux-iot - 5.4.0.1025.23 linux-headers-iot - 5.4.0.1025.23 linux-image-iot - 5.4.0.1025.23 No subscription required Medium CVE-2023-0597 CVE-2023-31083 CVE-2023-3772 CVE-2023-4132 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. (CVE-2023-34058) Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. (CVE-2023-34059) Update Instructions: Run `sudo pro fix USN-6463-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.7 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.7 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.7 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.7 No subscription required Medium CVE-2023-34058 CVE-2023-34059 Ubuntu 20.04 LTS Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) Update Instructions: Run `sudo pro fix USN-6465-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-modules-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-gkeop-5.15-tools-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-headers-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-cloud-tools-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-modules-extra-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-image-unsigned-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-gkeop-5.15-headers-5.15.0-1032 - 5.15.0-1032.38~20.04.1 linux-buildinfo-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 linux-tools-5.15.0-1032-gkeop - 5.15.0-1032.38~20.04.1 No subscription required linux-ibm-5.15-headers-5.15.0-1042 - 5.15.0-1042.45~20.04.1 linux-modules-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-ibm-5.15-tools-5.15.0-1042 - 5.15.0-1042.45~20.04.1 linux-buildinfo-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-modules-extra-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1042.45~20.04.1 linux-image-unsigned-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-headers-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-image-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 linux-tools-5.15.0-1042-ibm - 5.15.0-1042.45~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1046 - 5.15.0-1046.54~20.04.1 linux-buildinfo-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-headers-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-image-unsigned-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-modules-extra-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-image-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-modules-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-gcp-5.15-headers-5.15.0-1046 - 5.15.0-1046.54~20.04.1 linux-tools-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 linux-modules-iwlwifi-5.15.0-1046-gcp - 5.15.0-1046.54~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1047 - 5.15.0-1047.53~20.04.1 linux-oracle-5.15-tools-5.15.0-1047 - 5.15.0-1047.53~20.04.1 linux-modules-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-image-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-image-unsigned-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-headers-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-modules-extra-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-tools-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 linux-buildinfo-5.15.0-1047-oracle - 5.15.0-1047.53~20.04.1 No subscription required linux-image-unsigned-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-tools-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-aws-5.15-headers-5.15.0-1049 - 5.15.0-1049.54~20.04.1 linux-cloud-tools-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-headers-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.54~20.04.1 linux-buildinfo-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-modules-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-image-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 linux-aws-5.15-tools-5.15.0-1049 - 5.15.0-1049.54~20.04.1 linux-modules-extra-5.15.0-1049-aws - 5.15.0-1049.54~20.04.1 No subscription required linux-image-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-cloud-tools-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-azure-5.15-headers-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-azure-5.15-tools-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-buildinfo-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-image-unsigned-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-headers-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-modules-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-tools-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 linux-modules-extra-5.15.0-1051-azure - 5.15.0-1051.59~20.04.1 No subscription required linux-image-unsigned-5.15.0-1051-azure-fde - 5.15.0-1051.59~20.04.1.1 linux-image-5.15.0-1051-azure-fde - 5.15.0-1051.59~20.04.1.1 No subscription required linux-hwe-5.15-cloud-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-cloud-tools-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-cloud-tools-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-hwe-5.15-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-modules-iwlwifi-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-modules-extra-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-hwe-5.15-headers-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-tools-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-modules-iwlwifi-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-88 - 5.15.0-88.98~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-88.98~20.04.1 linux-image-unsigned-5.15.0-88-lowlatency-64k - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-modules-5.15.0-88-lowlatency - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-88.98~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-generic-lpae - 5.15.0-88.98~20.04.1 linux-buildinfo-5.15.0-88-generic-64k - 5.15.0-88.98~20.04.1 linux-headers-5.15.0-88-generic - 5.15.0-88.98~20.04.1 linux-image-5.15.0-88-generic - 5.15.0-88.98~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-headers-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-headers-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-tools-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-image-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-image-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-cloud-tools-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-modules-extra-gkeop-edge - 5.15.0.1032.38~20.04.28 linux-tools-gkeop-5.15 - 5.15.0.1032.38~20.04.28 linux-modules-extra-gkeop-5.15 - 5.15.0.1032.38~20.04.28 No subscription required linux-image-ibm - 5.15.0.1042.45~20.04.14 linux-tools-ibm-edge - 5.15.0.1042.45~20.04.14 linux-tools-ibm - 5.15.0.1042.45~20.04.14 linux-headers-ibm-edge - 5.15.0.1042.45~20.04.14 linux-ibm - 5.15.0.1042.45~20.04.14 linux-headers-ibm - 5.15.0.1042.45~20.04.14 linux-ibm-edge - 5.15.0.1042.45~20.04.14 linux-image-ibm-edge - 5.15.0.1042.45~20.04.14 No subscription required linux-headers-gcp - 5.15.0.1046.54~20.04.1 linux-image-gcp-edge - 5.15.0.1046.54~20.04.1 linux-headers-gcp-edge - 5.15.0.1046.54~20.04.1 linux-modules-extra-gcp - 5.15.0.1046.54~20.04.1 linux-tools-gcp - 5.15.0.1046.54~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1046.54~20.04.1 linux-gcp - 5.15.0.1046.54~20.04.1 linux-image-gcp - 5.15.0.1046.54~20.04.1 linux-tools-gcp-edge - 5.15.0.1046.54~20.04.1 linux-gcp-edge - 5.15.0.1046.54~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1047.53~20.04.1 linux-tools-oracle - 5.15.0.1047.53~20.04.1 linux-tools-oracle-edge - 5.15.0.1047.53~20.04.1 linux-oracle-edge - 5.15.0.1047.53~20.04.1 linux-headers-oracle-edge - 5.15.0.1047.53~20.04.1 linux-image-oracle-edge - 5.15.0.1047.53~20.04.1 linux-image-oracle - 5.15.0.1047.53~20.04.1 linux-oracle - 5.15.0.1047.53~20.04.1 No subscription required linux-headers-aws - 5.15.0.1049.54~20.04.37 linux-image-aws - 5.15.0.1049.54~20.04.37 linux-image-aws-edge - 5.15.0.1049.54~20.04.37 linux-aws-edge - 5.15.0.1049.54~20.04.37 linux-aws - 5.15.0.1049.54~20.04.37 linux-modules-extra-aws-edge - 5.15.0.1049.54~20.04.37 linux-headers-aws-edge - 5.15.0.1049.54~20.04.37 linux-modules-extra-aws - 5.15.0.1049.54~20.04.37 linux-tools-aws - 5.15.0.1049.54~20.04.37 linux-tools-aws-edge - 5.15.0.1049.54~20.04.37 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-tools-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-headers-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-headers-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-tools-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-modules-extra-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-image-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-image-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-cloud-tools-azure-fde - 5.15.0.1051.59~20.04.1.29 linux-azure-fde-edge - 5.15.0.1051.59~20.04.1.29 linux-modules-extra-azure-fde - 5.15.0.1051.59~20.04.1.29 No subscription required linux-cloud-tools-azure - 5.15.0.1051.59~20.04.40 linux-headers-azure-cvm - 5.15.0.1051.59~20.04.40 linux-tools-azure - 5.15.0.1051.59~20.04.40 linux-image-azure-edge - 5.15.0.1051.59~20.04.40 linux-image-azure-cvm - 5.15.0.1051.59~20.04.40 linux-modules-extra-azure-cvm - 5.15.0.1051.59~20.04.40 linux-tools-azure-cvm - 5.15.0.1051.59~20.04.40 linux-cloud-tools-azure-edge - 5.15.0.1051.59~20.04.40 linux-modules-extra-azure - 5.15.0.1051.59~20.04.40 linux-image-azure - 5.15.0.1051.59~20.04.40 linux-cloud-tools-azure-cvm - 5.15.0.1051.59~20.04.40 linux-headers-azure-edge - 5.15.0.1051.59~20.04.40 linux-azure-edge - 5.15.0.1051.59~20.04.40 linux-azure-cvm - 5.15.0.1051.59~20.04.40 linux-modules-extra-azure-edge - 5.15.0.1051.59~20.04.40 linux-tools-azure-edge - 5.15.0.1051.59~20.04.40 linux-azure - 5.15.0.1051.59~20.04.40 linux-headers-azure - 5.15.0.1051.59~20.04.40 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-image-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-lowlatency-64k-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-tools-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-lowlatency-hwe-20.04 - 5.15.0.88.98~20.04.43 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.43 No subscription required linux-tools-oem-20.04d - 5.15.0.88.98~20.04.46 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-headers-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-oem-20.04b - 5.15.0.88.98~20.04.46 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04 - 5.15.0.88.98~20.04.46 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-extra-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04c - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04b - 5.15.0.88.98~20.04.46 linux-headers-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-tools-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-oem-20.04c - 5.15.0.88.98~20.04.46 linux-image-oem-20.04d - 5.15.0.88.98~20.04.46 linux-headers-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-oem-20.04 - 5.15.0.88.98~20.04.46 linux-image-oem-20.04 - 5.15.0.88.98~20.04.46 linux-oem-20.04c - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-oem-20.04d - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04d - 5.15.0.88.98~20.04.46 linux-tools-oem-20.04 - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04c - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-oem-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-oem-20.04b - 5.15.0.88.98~20.04.46 linux-generic-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-oem-20.04d - 5.15.0.88.98~20.04.46 linux-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-tools-virtual-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-image-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-image-generic-64k-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.88.98~20.04.46 linux-headers-oem-20.04b - 5.15.0.88.98~20.04.46 linux-image-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 linux-headers-virtual-hwe-20.04 - 5.15.0.88.98~20.04.46 No subscription required Medium CVE-2023-31083 CVE-2023-3772 Ubuntu 20.04 LTS USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory details: Robert Morris discovered that Kerberos did not properly handle memory access when processing RPC data through kadmind, which could lead to the freeing of uninitialized memory. An authenticated remote attacker could possibly use this issue to cause kadmind to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6467-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libk5crypto3 - 1.17-6ubuntu4.4 krb5-kpropd - 1.17-6ubuntu4.4 krb5-user - 1.17-6ubuntu4.4 libgssrpc4 - 1.17-6ubuntu4.4 libkrb5support0 - 1.17-6ubuntu4.4 krb5-doc - 1.17-6ubuntu4.4 libkrb5-dev - 1.17-6ubuntu4.4 krb5-pkinit - 1.17-6ubuntu4.4 libkrb5-3 - 1.17-6ubuntu4.4 krb5-kdc-ldap - 1.17-6ubuntu4.4 krb5-otp - 1.17-6ubuntu4.4 krb5-gss-samples - 1.17-6ubuntu4.4 libkdb5-9 - 1.17-6ubuntu4.4 krb5-locales - 1.17-6ubuntu4.4 libgssapi-krb5-2 - 1.17-6ubuntu4.4 krb5-kdc - 1.17-6ubuntu4.4 libkrad-dev - 1.17-6ubuntu4.4 krb5-k5tls - 1.17-6ubuntu4.4 libkrad0 - 1.17-6ubuntu4.4 krb5-multidev - 1.17-6ubuntu4.4 libkadm5srv-mit11 - 1.17-6ubuntu4.4 libkadm5clnt-mit11 - 1.17-6ubuntu4.4 krb5-admin-server - 1.17-6ubuntu4.4 No subscription required Medium CVE-2023-36054 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-5724, CVE-2023-5728, CVE-2023-5730, CVE-2023-5732) Kelsey Gilbert discovered that Thunderbird did not properly manage certain browser prompts and dialogs due to an insufficient activation-delay. An attacker could potentially exploit this issue to perform clickjacking. (CVE-2023-5721) Shaheen Fazim discovered that Thunderbird did not properly validate the URLs open by installed WebExtension. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-5725) Update Instructions: Run `sudo pro fix USN-6468-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.4.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.4.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.4.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.4.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.4.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5721 CVE-2023-5732 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5730 Ubuntu 20.04 LTS Ashley Newson discovered that xrdp incorrectly handled memory when processing certain incoming connections. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6469-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xrdp - 0.9.12-1ubuntu0.1 No subscription required Medium CVE-2020-4044 Ubuntu 20.04 LTS It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-40743) Update Instructions: Run `sudo pro fix USN-6470-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libaxis-java-doc - 1.4-28+deb10u1build0.20.04.1 libaxis-java - 1.4-28+deb10u1build0.20.04.1 No subscription required Medium CVE-2023-40743 Ubuntu 20.04 LTS It was discovered that libsndfile contained multiple arithmetic overflows. If a user or automated system were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6471-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsndfile1 - 1.0.28-7ubuntu0.2 libsndfile1-dev - 1.0.28-7ubuntu0.2 sndfile-programs - 1.0.28-7ubuntu0.2 No subscription required Medium CVE-2022-33065 Ubuntu 20.04 LTS It was discovered that GNU Scientific Library incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgslcblas0 - 2.5+dfsg-6+deb10u1build0.20.04.1 libgsl23 - 2.5+dfsg-6+deb10u1build0.20.04.1 gsl-bin - 2.5+dfsg-6+deb10u1build0.20.04.1 libgsl-dev - 2.5+dfsg-6+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-35357 Ubuntu 20.04 LTS It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091) It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-43804) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-45803) Update Instructions: Run `sudo pro fix USN-6473-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.3 No subscription required Medium CVE-2018-25091 CVE-2023-43804 CVE-2023-45803 Ubuntu 20.04 LTS USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091) It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-43804) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-45803) Update Instructions: Run `sudo pro fix USN-6473-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.10 python3-pip - 20.0.2-5ubuntu1.10 No subscription required Medium CVE-2018-25091 CVE-2023-43804 CVE-2023-45803 Ubuntu 20.04 LTS It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. (CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822) It was discovered that xrdp improperly handled session establishment errors. An attacker could potentially use this issue to bypass the OS-level session restrictions by PAM. (CVE-2023-40184) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds writes. An attacker could possibly use this issue to cause memory corruption or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23468) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23480, CVE-2022-23482, CVE-2022-23484) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23477, CVE-2022-23493) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds writes. An attacker could possibly use this issue to cause memory corruption or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-23478) It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-23613) Update Instructions: Run `sudo pro fix USN-6474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xrdp - 0.9.12-1ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-23468 CVE-2022-23477 CVE-2022-23478 CVE-2022-23479 CVE-2022-23480 CVE-2022-23481 CVE-2022-23482 CVE-2022-23483 CVE-2022-23484 CVE-2022-23493 CVE-2022-23613 CVE-2023-40184 CVE-2023-42822 Ubuntu 20.04 LTS It was discovered that the procps-ng ps tool incorrectly handled memory. An attacker could possibly use this issue to cause procps-ng to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6477-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libprocps8 - 2:3.3.16-1ubuntu2.4 libprocps-dev - 2:3.3.16-1ubuntu2.4 procps - 2:3.3.16-1ubuntu2.4 No subscription required Low CVE-2023-4016 Ubuntu 20.04 LTS It was discovered that Traceroute did not properly parse command line arguments. An attacker could possibly use this issue to execute arbitrary commands. Update Instructions: Run `sudo pro fix USN-6478-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: traceroute - 1:2.1.0-2ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-46316 Ubuntu 20.04 LTS It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6482-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: quagga-ripngd - 1.2.4-4ubuntu0.4 quagga-isisd - 1.2.4-4ubuntu0.4 quagga-ospfd - 1.2.4-4ubuntu0.4 quagga-pimd - 1.2.4-4ubuntu0.4 quagga-ripd - 1.2.4-4ubuntu0.4 quagga-ospf6d - 1.2.4-4ubuntu0.4 quagga - 1.2.4-4ubuntu0.4 quagga-doc - 1.2.4-4ubuntu0.4 quagga-core - 1.2.4-4ubuntu0.4 quagga-bgpd - 1.2.4-4ubuntu0.4 No subscription required Medium CVE-2022-37032 CVE-2023-46753 Ubuntu 20.04 LTS Neeraj Pal discovered that HTML Tidy incorrectly handled parsing certain HTML data. If a user or automated system were tricked into parsing specially crafted HTML data, a remote attacker could cause HTML Tidy to consume resources, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tidy - 2:5.6.0-11ubuntu0.20.04.1 libtidy5deb1 - 2:5.6.0-11ubuntu0.20.04.1 libtidy-dev - 2:5.6.0-11ubuntu0.20.04.1 No subscription required Medium CVE-2021-33391 Ubuntu 20.04 LTS Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel(R) Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang (resulting in a denial of service), gain access to sensitive information or possibly escalate their privileges. Update Instructions: Run `sudo pro fix USN-6485-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20231114.0ubuntu0.20.04.1 No subscription required High CVE-2023-23583 Ubuntu 20.04 LTS Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473) Update Instructions: Run `sudo pro fix USN-6487-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavahi-compat-libdnssd-dev - 0.7-4ubuntu7.3 libavahi-ui-gtk3-0 - 0.7-4ubuntu7.3 libavahi-core7 - 0.7-4ubuntu7.3 libavahi-client3 - 0.7-4ubuntu7.3 libavahi-core-dev - 0.7-4ubuntu7.3 libavahi-client-dev - 0.7-4ubuntu7.3 avahi-ui-utils - 0.7-4ubuntu7.3 libavahi-gobject-dev - 0.7-4ubuntu7.3 avahi-dnsconfd - 0.7-4ubuntu7.3 libavahi-compat-libdnssd1 - 0.7-4ubuntu7.3 libavahi-common3 - 0.7-4ubuntu7.3 avahi-daemon - 0.7-4ubuntu7.3 avahi-discover - 0.7-4ubuntu7.3 libavahi-common-dev - 0.7-4ubuntu7.3 libavahi-common-data - 0.7-4ubuntu7.3 avahi-utils - 0.7-4ubuntu7.3 libavahi-ui-gtk3-dev - 0.7-4ubuntu7.3 libavahi-glib-dev - 0.7-4ubuntu7.3 libavahi-gobject0 - 0.7-4ubuntu7.3 gir1.2-avahi-0.6 - 0.7-4ubuntu7.3 avahi-autoipd - 0.7-4ubuntu7.3 python-avahi - 0.7-4ubuntu7.3 libavahi-glib1 - 0.7-4ubuntu7.3 No subscription required Medium CVE-2023-38469 CVE-2023-38470 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 Ubuntu 20.04 LTS Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: strongswan-nm - 5.8.2-1ubuntu3.6 strongswan-scepclient - 5.8.2-1ubuntu3.6 libcharon-extra-plugins - 5.8.2-1ubuntu3.6 libcharon-standard-plugins - 5.8.2-1ubuntu3.6 libstrongswan-extra-plugins - 5.8.2-1ubuntu3.6 strongswan-charon - 5.8.2-1ubuntu3.6 libstrongswan - 5.8.2-1ubuntu3.6 strongswan-libcharon - 5.8.2-1ubuntu3.6 strongswan-swanctl - 5.8.2-1ubuntu3.6 libstrongswan-standard-plugins - 5.8.2-1ubuntu3.6 strongswan-starter - 5.8.2-1ubuntu3.6 libcharon-extauth-plugins - 5.8.2-1ubuntu3.6 charon-systemd - 5.8.2-1ubuntu3.6 strongswan - 5.8.2-1ubuntu3.6 strongswan-tnc-server - 5.8.2-1ubuntu3.6 strongswan-tnc-client - 5.8.2-1ubuntu3.6 strongswan-tnc-base - 5.8.2-1ubuntu3.6 charon-cmd - 5.8.2-1ubuntu3.6 strongswan-pki - 5.8.2-1ubuntu3.6 strongswan-tnc-ifmap - 5.8.2-1ubuntu3.6 strongswan-tnc-pdp - 5.8.2-1ubuntu3.6 No subscription required Medium CVE-2023-41913 Ubuntu 20.04 LTS Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys. Update Instructions: Run `sudo pro fix USN-6489-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tang - 7-1ubuntu0.2 No subscription required Medium CVE-2023-1672 Ubuntu 20.04 LTS Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-32212) Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-32213, CVE-2022-32214, CVE-2022-32215) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-35256) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-43548) Update Instructions: Run `sudo pro fix USN-6491-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.3 libnode64 - 10.19.0~dfsg-3ubuntu1.3 nodejs-doc - 10.19.0~dfsg-3ubuntu1.3 nodejs - 10.19.0~dfsg-3ubuntu1.3 No subscription required Medium CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-35256 CVE-2022-43548 Ubuntu 20.04 LTS Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-34431) Zhanxiang Song discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause an authorisation bypass. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2021-34434) Zhanxiang Song, Bin Yuan, DeQing Zou, and Hai Jin discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-41039) Zhengjie Du discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0809) It was discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-3592) Mischa Bachmann discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-28366) Update Instructions: Run `sudo pro fix USN-6492-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mosquitto-dev - 1.6.9-1ubuntu0.1~esm1 libmosquitto-dev - 1.6.9-1ubuntu0.1~esm1 libmosquitto1 - 1.6.9-1ubuntu0.1~esm1 mosquitto - 1.6.9-1ubuntu0.1~esm1 libmosquittopp1 - 1.6.9-1ubuntu0.1~esm1 libmosquittopp-dev - 1.6.9-1ubuntu0.1~esm1 mosquitto-clients - 1.6.9-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-34431 CVE-2021-34434 CVE-2021-41039 CVE-2023-0809 CVE-2023-28366 CVE-2023-3592 Ubuntu 20.04 LTS On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured. Update Instructions: Run `sudo pro fix USN-6493-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hibagent - 1.0.1-0ubuntu1.20.04.2 No subscription required None https://launchpad.net/bugs/2043739 Ubuntu 20.04 LTS Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6495-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1026-iot - 5.4.0-1026.27 linux-image-unsigned-5.4.0-1026-iot - 5.4.0-1026.27 linux-iot-tools-5.4.0-1026 - 5.4.0-1026.27 linux-headers-5.4.0-1026-iot - 5.4.0-1026.27 linux-image-5.4.0-1026-iot - 5.4.0-1026.27 linux-modules-5.4.0-1026-iot - 5.4.0-1026.27 linux-tools-5.4.0-1026-iot - 5.4.0-1026.27 linux-iot-headers-5.4.0-1026 - 5.4.0-1026.27 linux-iot-tools-common - 5.4.0-1026.27 No subscription required linux-tools-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-headers-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-buildinfo-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-modules-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-image-5.4.0-1034-xilinx-zynqmp - 5.4.0-1034.38 linux-xilinx-zynqmp-tools-5.4.0-1034 - 5.4.0-1034.38 linux-xilinx-zynqmp-headers-5.4.0-1034 - 5.4.0-1034.38 No subscription required linux-headers-5.4.0-1061-ibm - 5.4.0-1061.66 linux-tools-5.4.0-1061-ibm - 5.4.0-1061.66 linux-image-unsigned-5.4.0-1061-ibm - 5.4.0-1061.66 linux-ibm-tools-5.4.0-1061 - 5.4.0-1061.66 linux-ibm-source-5.4.0 - 5.4.0-1061.66 linux-ibm-tools-common - 5.4.0-1061.66 linux-modules-5.4.0-1061-ibm - 5.4.0-1061.66 linux-ibm-headers-5.4.0-1061 - 5.4.0-1061.66 linux-image-5.4.0-1061-ibm - 5.4.0-1061.66 linux-modules-extra-5.4.0-1061-ibm - 5.4.0-1061.66 linux-ibm-cloud-tools-common - 5.4.0-1061.66 linux-buildinfo-5.4.0-1061-ibm - 5.4.0-1061.66 No subscription required linux-image-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-image-unsigned-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-bluefield-tools-5.4.0-1075 - 5.4.0-1075.81 linux-buildinfo-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-tools-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-headers-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-modules-5.4.0-1075-bluefield - 5.4.0-1075.81 linux-bluefield-headers-5.4.0-1075 - 5.4.0-1075.81 No subscription required linux-headers-5.4.0-1098-raspi - 5.4.0-1098.110 linux-tools-5.4.0-1098-raspi - 5.4.0-1098.110 linux-modules-5.4.0-1098-raspi - 5.4.0-1098.110 linux-image-5.4.0-1098-raspi - 5.4.0-1098.110 linux-raspi-tools-5.4.0-1098 - 5.4.0-1098.110 linux-buildinfo-5.4.0-1098-raspi - 5.4.0-1098.110 linux-raspi-headers-5.4.0-1098 - 5.4.0-1098.110 No subscription required linux-buildinfo-5.4.0-1103-kvm - 5.4.0-1103.110 linux-kvm-headers-5.4.0-1103 - 5.4.0-1103.110 linux-kvm-tools-5.4.0-1103 - 5.4.0-1103.110 linux-headers-5.4.0-1103-kvm - 5.4.0-1103.110 linux-modules-5.4.0-1103-kvm - 5.4.0-1103.110 linux-image-unsigned-5.4.0-1103-kvm - 5.4.0-1103.110 linux-tools-5.4.0-1103-kvm - 5.4.0-1103.110 linux-image-5.4.0-1103-kvm - 5.4.0-1103.110 No subscription required linux-modules-extra-5.4.0-1113-oracle - 5.4.0-1113.122 linux-buildinfo-5.4.0-1113-oracle - 5.4.0-1113.122 linux-headers-5.4.0-1113-oracle - 5.4.0-1113.122 linux-oracle-tools-5.4.0-1113 - 5.4.0-1113.122 linux-tools-5.4.0-1113-oracle - 5.4.0-1113.122 linux-oracle-headers-5.4.0-1113 - 5.4.0-1113.122 linux-image-5.4.0-1113-oracle - 5.4.0-1113.122 linux-image-unsigned-5.4.0-1113-oracle - 5.4.0-1113.122 linux-modules-5.4.0-1113-oracle - 5.4.0-1113.122 No subscription required linux-tools-5.4.0-1114-aws - 5.4.0-1114.124 linux-modules-5.4.0-1114-aws - 5.4.0-1114.124 linux-aws-tools-5.4.0-1114 - 5.4.0-1114.124 linux-buildinfo-5.4.0-1114-aws - 5.4.0-1114.124 linux-aws-headers-5.4.0-1114 - 5.4.0-1114.124 linux-aws-cloud-tools-5.4.0-1114 - 5.4.0-1114.124 linux-image-5.4.0-1114-aws - 5.4.0-1114.124 linux-headers-5.4.0-1114-aws - 5.4.0-1114.124 linux-modules-extra-5.4.0-1114-aws - 5.4.0-1114.124 linux-cloud-tools-5.4.0-1114-aws - 5.4.0-1114.124 linux-image-unsigned-5.4.0-1114-aws - 5.4.0-1114.124 No subscription required linux-tools-common - 5.4.0-167.184 linux-headers-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-cloud-tools-5.4.0-167-lowlatency - 5.4.0-167.184 linux-tools-host - 5.4.0-167.184 linux-doc - 5.4.0-167.184 linux-image-5.4.0-167-lowlatency - 5.4.0-167.184 linux-buildinfo-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-modules-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-buildinfo-5.4.0-167-lowlatency - 5.4.0-167.184 linux-libc-dev - 5.4.0-167.184 linux-source-5.4.0 - 5.4.0-167.184 linux-modules-extra-5.4.0-167-generic - 5.4.0-167.184 linux-modules-5.4.0-167-generic - 5.4.0-167.184 linux-image-5.4.0-167-generic - 5.4.0-167.184 linux-tools-5.4.0-167-generic - 5.4.0-167.184 linux-image-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-headers-5.4.0-167 - 5.4.0-167.184 linux-image-unsigned-5.4.0-167-generic - 5.4.0-167.184 linux-modules-5.4.0-167-lowlatency - 5.4.0-167.184 linux-tools-5.4.0-167-generic-lpae - 5.4.0-167.184 linux-tools-5.4.0-167 - 5.4.0-167.184 linux-cloud-tools-common - 5.4.0-167.184 linux-cloud-tools-5.4.0-167 - 5.4.0-167.184 linux-headers-5.4.0-167-generic - 5.4.0-167.184 linux-tools-5.4.0-167-lowlatency - 5.4.0-167.184 linux-buildinfo-5.4.0-167-generic - 5.4.0-167.184 linux-headers-5.4.0-167-lowlatency - 5.4.0-167.184 linux-image-unsigned-5.4.0-167-lowlatency - 5.4.0-167.184 linux-cloud-tools-5.4.0-167-generic - 5.4.0-167.184 No subscription required linux-iot - 5.4.0.1026.24 linux-image-iot - 5.4.0.1026.24 linux-headers-iot - 5.4.0.1026.24 linux-tools-iot - 5.4.0.1026.24 No subscription required linux-xilinx-zynqmp - 5.4.0.1034.34 linux-image-xilinx-zynqmp - 5.4.0.1034.34 linux-tools-xilinx-zynqmp - 5.4.0.1034.34 linux-headers-xilinx-zynqmp - 5.4.0.1034.34 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1061.90 linux-headers-ibm-lts-20.04 - 5.4.0.1061.90 linux-ibm-lts-20.04 - 5.4.0.1061.90 linux-image-ibm-lts-20.04 - 5.4.0.1061.90 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1061.90 No subscription required linux-bluefield - 5.4.0.1075.70 linux-image-bluefield - 5.4.0.1075.70 linux-headers-bluefield - 5.4.0.1075.70 linux-tools-bluefield - 5.4.0.1075.70 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-raspi2 - 5.4.0.1098.128 linux-headers-raspi2 - 5.4.0.1098.128 linux-image-raspi-hwe-18.04 - 5.4.0.1098.128 linux-image-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-tools-raspi - 5.4.0.1098.128 linux-headers-raspi-hwe-18.04 - 5.4.0.1098.128 linux-headers-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-image-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-headers-raspi - 5.4.0.1098.128 linux-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-raspi-hwe-18.04 - 5.4.0.1098.128 linux-tools-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-raspi2-hwe-18.04 - 5.4.0.1098.128 linux-image-raspi2 - 5.4.0.1098.128 linux-tools-raspi-hwe-18.04 - 5.4.0.1098.128 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-raspi-hwe-18.04-edge - 5.4.0.1098.128 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1098.128 linux-image-raspi - 5.4.0.1098.128 linux-tools-raspi2 - 5.4.0.1098.128 linux-raspi - 5.4.0.1098.128 No subscription required linux-kvm - 5.4.0.1103.99 linux-headers-kvm - 5.4.0.1103.99 linux-tools-kvm - 5.4.0.1103.99 linux-image-kvm - 5.4.0.1103.99 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1113.106 linux-headers-oracle-lts-20.04 - 5.4.0.1113.106 linux-oracle-lts-20.04 - 5.4.0.1113.106 linux-image-oracle-lts-20.04 - 5.4.0.1113.106 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1114.111 linux-image-aws-lts-20.04 - 5.4.0.1114.111 linux-headers-aws-lts-20.04 - 5.4.0.1114.111 linux-tools-aws-lts-20.04 - 5.4.0.1114.111 linux-aws-lts-20.04 - 5.4.0.1114.111 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-cloud-tools-virtual - 5.4.0.167.164 linux-image-generic-hwe-18.04 - 5.4.0.167.164 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-image-virtual - 5.4.0.167.164 linux-oem-osp1-tools-host - 5.4.0.167.164 linux-cloud-tools-lowlatency - 5.4.0.167.164 linux-image-generic - 5.4.0.167.164 linux-tools-lowlatency - 5.4.0.167.164 linux-image-oem - 5.4.0.167.164 linux-headers-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-headers-virtual-hwe-18.04 - 5.4.0.167.164 linux-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-image-extra-virtual-hwe-18.04 - 5.4.0.167.164 linux-image-oem-osp1 - 5.4.0.167.164 linux-image-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-crashdump - 5.4.0.167.164 linux-tools-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-headers-generic-hwe-18.04 - 5.4.0.167.164 linux-headers-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-headers-generic-lpae - 5.4.0.167.164 linux-source - 5.4.0.167.164 linux-lowlatency - 5.4.0.167.164 linux-tools-generic-lpae - 5.4.0.167.164 linux-cloud-tools-generic - 5.4.0.167.164 linux-virtual - 5.4.0.167.164 linux-virtual-hwe-18.04 - 5.4.0.167.164 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-tools-virtual - 5.4.0.167.164 linux-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-generic-lpae - 5.4.0.167.164 linux-headers-oem - 5.4.0.167.164 linux-generic - 5.4.0.167.164 linux-tools-oem-osp1 - 5.4.0.167.164 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-tools-generic-hwe-18.04-edge - 5.4.0.167.164 linux-image-lowlatency - 5.4.0.167.164 linux-image-virtual-hwe-18.04 - 5.4.0.167.164 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-oem-tools-host - 5.4.0.167.164 linux-headers-lowlatency - 5.4.0.167.164 linux-image-generic-hwe-18.04-edge - 5.4.0.167.164 linux-generic-hwe-18.04-edge - 5.4.0.167.164 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.167.164 linux-generic-hwe-18.04 - 5.4.0.167.164 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-oem - 5.4.0.167.164 linux-tools-generic - 5.4.0.167.164 linux-image-extra-virtual - 5.4.0.167.164 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.167.164 linux-tools-oem - 5.4.0.167.164 linux-headers-oem-osp1 - 5.4.0.167.164 linux-tools-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-headers-generic-hwe-18.04-edge - 5.4.0.167.164 linux-headers-generic - 5.4.0.167.164 linux-oem-osp1 - 5.4.0.167.164 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.167.164 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-image-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.167.164 linux-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-headers-virtual - 5.4.0.167.164 linux-tools-virtual-hwe-18.04 - 5.4.0.167.164 linux-lowlatency-hwe-18.04 - 5.4.0.167.164 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.167.164 linux-image-generic-lpae - 5.4.0.167.164 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.167.164 linux-image-virtual-hwe-18.04-edge - 5.4.0.167.164 linux-tools-generic-hwe-18.04 - 5.4.0.167.164 No subscription required Medium CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6495-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-modules-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-buildinfo-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-gkeop-tools-5.4.0-1081 - 5.4.0-1081.85 linux-gkeop-source-5.4.0 - 5.4.0-1081.85 linux-gkeop-cloud-tools-5.4.0-1081 - 5.4.0-1081.85 linux-gkeop-headers-5.4.0-1081 - 5.4.0-1081.85 linux-image-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-headers-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-image-unsigned-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-tools-5.4.0-1081-gkeop - 5.4.0-1081.85 linux-cloud-tools-5.4.0-1081-gkeop - 5.4.0-1081.85 No subscription required linux-modules-extra-5.4.0-1118-gcp - 5.4.0-1118.127 linux-headers-5.4.0-1118-gcp - 5.4.0-1118.127 linux-gcp-headers-5.4.0-1118 - 5.4.0-1118.127 linux-buildinfo-5.4.0-1118-gcp - 5.4.0-1118.127 linux-image-unsigned-5.4.0-1118-gcp - 5.4.0-1118.127 linux-gcp-tools-5.4.0-1118 - 5.4.0-1118.127 linux-tools-5.4.0-1118-gcp - 5.4.0-1118.127 linux-image-5.4.0-1118-gcp - 5.4.0-1118.127 linux-modules-5.4.0-1118-gcp - 5.4.0-1118.127 No subscription required linux-image-5.4.0-1120-azure - 5.4.0-1120.127 linux-cloud-tools-5.4.0-1120-azure - 5.4.0-1120.127 linux-azure-tools-5.4.0-1120 - 5.4.0-1120.127 linux-modules-5.4.0-1120-azure - 5.4.0-1120.127 linux-modules-extra-5.4.0-1120-azure - 5.4.0-1120.127 linux-headers-5.4.0-1120-azure - 5.4.0-1120.127 linux-azure-headers-5.4.0-1120 - 5.4.0-1120.127 linux-image-unsigned-5.4.0-1120-azure - 5.4.0-1120.127 linux-azure-cloud-tools-5.4.0-1120 - 5.4.0-1120.127 linux-tools-5.4.0-1120-azure - 5.4.0-1120.127 linux-buildinfo-5.4.0-1120-azure - 5.4.0-1120.127 No subscription required linux-image-gkeop-5.4 - 5.4.0.1081.79 linux-headers-gkeop - 5.4.0.1081.79 linux-gkeop-5.4 - 5.4.0.1081.79 linux-cloud-tools-gkeop-5.4 - 5.4.0.1081.79 linux-image-gkeop - 5.4.0.1081.79 linux-modules-extra-gkeop-5.4 - 5.4.0.1081.79 linux-gkeop - 5.4.0.1081.79 linux-cloud-tools-gkeop - 5.4.0.1081.79 linux-modules-extra-gkeop - 5.4.0.1081.79 linux-tools-gkeop - 5.4.0.1081.79 linux-tools-gkeop-5.4 - 5.4.0.1081.79 linux-headers-gkeop-5.4 - 5.4.0.1081.79 No subscription required linux-modules-extra-gcp-lts-20.04 - 5.4.0.1118.120 linux-headers-gcp-lts-20.04 - 5.4.0.1118.120 linux-gcp-lts-20.04 - 5.4.0.1118.120 linux-image-gcp-lts-20.04 - 5.4.0.1118.120 linux-tools-gcp-lts-20.04 - 5.4.0.1118.120 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1120.113 linux-azure-lts-20.04 - 5.4.0.1120.113 linux-image-azure-lts-20.04 - 5.4.0.1120.113 linux-tools-azure-lts-20.04 - 5.4.0.1120.113 linux-modules-extra-azure-lts-20.04 - 5.4.0.1120.113 linux-headers-azure-lts-20.04 - 5.4.0.1120.113 No subscription required Medium CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6496-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-buildinfo-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-ibm-5.15-tools-5.15.0-1043 - 5.15.0-1043.46~20.04.1 linux-ibm-5.15-headers-5.15.0-1043 - 5.15.0-1043.46~20.04.1 linux-image-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-headers-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1043.46~20.04.1 linux-modules-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-tools-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 linux-image-unsigned-5.15.0-1043-ibm - 5.15.0-1043.46~20.04.1 No subscription required linux-oracle-5.15-tools-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-tools-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-oracle-5.15-headers-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-image-unsigned-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-image-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-buildinfo-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-modules-extra-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-headers-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 linux-modules-5.15.0-1048-oracle - 5.15.0-1048.54~20.04.1 No subscription required linux-buildinfo-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-image-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-aws-5.15-headers-5.15.0-1050 - 5.15.0-1050.55~20.04.1 linux-modules-extra-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-modules-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-tools-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.55~20.04.1 linux-image-unsigned-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-cloud-tools-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 linux-aws-5.15-tools-5.15.0-1050 - 5.15.0-1050.55~20.04.1 linux-headers-5.15.0-1050-aws - 5.15.0-1050.55~20.04.1 No subscription required linux-tools-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-modules-iwlwifi-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-89.99~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-modules-extra-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-hwe-5.15-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-hwe-5.15-headers-5.15.0-89 - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-buildinfo-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-cloud-tools-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-headers-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-modules-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-cloud-tools-5.15.0-89-lowlatency - 5.15.0-89.99~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-generic-64k - 5.15.0-89.99~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-89.99~20.04.1 linux-image-unsigned-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-tools-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-generic-lpae - 5.15.0-89.99~20.04.1 linux-modules-iwlwifi-5.15.0-89-generic - 5.15.0-89.99~20.04.1 linux-image-5.15.0-89-lowlatency-64k - 5.15.0-89.99~20.04.1 No subscription required linux-image-ibm - 5.15.0.1043.46~20.04.15 linux-tools-ibm - 5.15.0.1043.46~20.04.15 linux-headers-ibm-edge - 5.15.0.1043.46~20.04.15 linux-tools-ibm-edge - 5.15.0.1043.46~20.04.15 linux-ibm - 5.15.0.1043.46~20.04.15 linux-ibm-edge - 5.15.0.1043.46~20.04.15 linux-headers-ibm - 5.15.0.1043.46~20.04.15 linux-image-ibm-edge - 5.15.0.1043.46~20.04.15 No subscription required linux-headers-oracle - 5.15.0.1048.54~20.04.1 linux-tools-oracle-edge - 5.15.0.1048.54~20.04.1 linux-oracle-edge - 5.15.0.1048.54~20.04.1 linux-image-oracle-edge - 5.15.0.1048.54~20.04.1 linux-headers-oracle-edge - 5.15.0.1048.54~20.04.1 linux-image-oracle - 5.15.0.1048.54~20.04.1 linux-tools-oracle - 5.15.0.1048.54~20.04.1 linux-oracle - 5.15.0.1048.54~20.04.1 No subscription required linux-headers-aws - 5.15.0.1050.55~20.04.38 linux-image-aws - 5.15.0.1050.55~20.04.38 linux-modules-extra-aws-edge - 5.15.0.1050.55~20.04.38 linux-image-aws-edge - 5.15.0.1050.55~20.04.38 linux-aws-edge - 5.15.0.1050.55~20.04.38 linux-aws - 5.15.0.1050.55~20.04.38 linux-headers-aws-edge - 5.15.0.1050.55~20.04.38 linux-modules-extra-aws - 5.15.0.1050.55~20.04.38 linux-tools-aws - 5.15.0.1050.55~20.04.38 linux-tools-aws-edge - 5.15.0.1050.55~20.04.38 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-image-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-lowlatency-64k-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-tools-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-lowlatency-hwe-20.04 - 5.15.0.89.99~20.04.44 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.44 No subscription required linux-headers-oem-20.04 - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04c - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04b - 5.15.0.89.99~20.04.47 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-extra-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04d - 5.15.0.89.99~20.04.47 linux-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-tools-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-oem-20.04c - 5.15.0.89.99~20.04.47 linux-image-oem-20.04b - 5.15.0.89.99~20.04.47 linux-image-oem-20.04d - 5.15.0.89.99~20.04.47 linux-headers-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-oem-20.04 - 5.15.0.89.99~20.04.47 linux-image-oem-20.04 - 5.15.0.89.99~20.04.47 linux-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-oem-20.04d - 5.15.0.89.99~20.04.47 linux-oem-20.04b - 5.15.0.89.99~20.04.47 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-oem-20.04 - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-oem-20.04 - 5.15.0.89.99~20.04.47 linux-tools-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-generic-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-generic-lpae-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-oem-20.04d - 5.15.0.89.99~20.04.47 linux-oem-20.04c - 5.15.0.89.99~20.04.47 linux-tools-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-tools-virtual-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-image-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-image-generic-64k-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04b - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04c - 5.15.0.89.99~20.04.47 linux-headers-virtual-hwe-20.04 - 5.15.0.89.99~20.04.47 linux-headers-oem-20.04d - 5.15.0.89.99~20.04.47 No subscription required Medium CVE-2023-25775 CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6496-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-image-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-cloud-tools-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-modules-extra-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-headers-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-buildinfo-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-gkeop-5.15-headers-5.15.0-1033 - 5.15.0-1033.39~20.04.1 linux-tools-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-modules-5.15.0-1033-gkeop - 5.15.0-1033.39~20.04.1 linux-gkeop-5.15-tools-5.15.0-1033 - 5.15.0-1033.39~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1047 - 5.15.0-1047.55~20.04.1 linux-tools-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-image-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-modules-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-gcp-5.15-headers-5.15.0-1047 - 5.15.0-1047.55~20.04.1 linux-modules-extra-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-image-unsigned-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-buildinfo-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 linux-headers-5.15.0-1047-gcp - 5.15.0-1047.55~20.04.1 No subscription required linux-headers-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-cloud-tools-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-image-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-azure-5.15-tools-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-modules-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-azure-5.15-headers-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-tools-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-image-unsigned-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-buildinfo-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 linux-modules-extra-5.15.0-1052-azure - 5.15.0-1052.60~20.04.1 No subscription required linux-image-5.15.0-1052-azure-fde - 5.15.0-1052.60~20.04.1.1 linux-image-unsigned-5.15.0-1052-azure-fde - 5.15.0-1052.60~20.04.1.1 No subscription required linux-image-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-image-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-cloud-tools-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-headers-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-headers-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-tools-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-cloud-tools-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-modules-extra-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-gkeop-edge - 5.15.0.1033.39~20.04.29 linux-tools-gkeop-5.15 - 5.15.0.1033.39~20.04.29 linux-modules-extra-gkeop-5.15 - 5.15.0.1033.39~20.04.29 No subscription required linux-tools-gcp-edge - 5.15.0.1047.55~20.04.1 linux-headers-gcp-edge - 5.15.0.1047.55~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1047.55~20.04.1 linux-headers-gcp - 5.15.0.1047.55~20.04.1 linux-gcp - 5.15.0.1047.55~20.04.1 linux-image-gcp-edge - 5.15.0.1047.55~20.04.1 linux-tools-gcp - 5.15.0.1047.55~20.04.1 linux-image-gcp - 5.15.0.1047.55~20.04.1 linux-modules-extra-gcp - 5.15.0.1047.55~20.04.1 linux-gcp-edge - 5.15.0.1047.55~20.04.1 No subscription required linux-modules-extra-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-modules-extra-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-tools-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-tools-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-image-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-headers-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-cloud-tools-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-image-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-azure-fde - 5.15.0.1052.60~20.04.1.30 linux-cloud-tools-azure-fde-edge - 5.15.0.1052.60~20.04.1.30 linux-headers-azure-fde - 5.15.0.1052.60~20.04.1.30 No subscription required linux-modules-extra-azure-edge - 5.15.0.1052.60~20.04.41 linux-tools-azure-cvm - 5.15.0.1052.60~20.04.41 linux-azure - 5.15.0.1052.60~20.04.41 linux-image-azure - 5.15.0.1052.60~20.04.41 linux-cloud-tools-azure - 5.15.0.1052.60~20.04.41 linux-tools-azure-edge - 5.15.0.1052.60~20.04.41 linux-headers-azure-cvm - 5.15.0.1052.60~20.04.41 linux-cloud-tools-azure-edge - 5.15.0.1052.60~20.04.41 linux-cloud-tools-azure-cvm - 5.15.0.1052.60~20.04.41 linux-tools-azure - 5.15.0.1052.60~20.04.41 linux-headers-azure-edge - 5.15.0.1052.60~20.04.41 linux-image-azure-edge - 5.15.0.1052.60~20.04.41 linux-modules-extra-azure - 5.15.0.1052.60~20.04.41 linux-azure-edge - 5.15.0.1052.60~20.04.41 linux-azure-cvm - 5.15.0.1052.60~20.04.41 linux-modules-extra-azure-cvm - 5.15.0.1052.60~20.04.41 linux-headers-azure - 5.15.0.1052.60~20.04.41 linux-image-azure-cvm - 5.15.0.1052.60~20.04.41 No subscription required Medium CVE-2023-25775 CVE-2023-31085 CVE-2023-45871 Ubuntu 20.04 LTS It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information. Update Instructions: Run `sudo pro fix USN-6499-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.9 libgnutls28-dev - 3.6.13-2ubuntu1.9 libgnutls-openssl27 - 3.6.13-2ubuntu1.9 libgnutls30 - 3.6.13-2ubuntu1.9 libgnutls-dane0 - 3.6.13-2ubuntu1.9 gnutls-bin - 3.6.13-2ubuntu1.9 guile-gnutls - 3.6.13-2ubuntu1.9 libgnutlsxx28 - 3.6.13-2ubuntu1.9 No subscription required Medium CVE-2023-5981 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-46724) Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-46728) Keran Mu and Jianjun Chen discovered that Squid incorrectly handled the chunked decoder. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. (CVE-2023-46846) Joshua Rogers discovered that Squid incorrectly handled HTTP Digest Authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46847) Joshua Rogers discovered that Squid incorrectly handled certain FTP urls. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46848) Update Instructions: Run `sudo pro fix USN-6500-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.8 squidclient - 4.10-1ubuntu1.8 squid - 4.10-1ubuntu1.8 squid-cgi - 4.10-1ubuntu1.8 squid-purge - 4.10-1ubuntu1.8 No subscription required Medium CVE-2023-46724 CVE-2023-46728 CVE-2023-46846 CVE-2023-46847 CVE-2023-46848 Ubuntu 20.04 LTS It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6501-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.8.2-0ubuntu1.5 No subscription required Medium CVE-2023-46118 Ubuntu 20.04 LTS It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6505-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.40.0-1ubuntu0.2 libnghttp2-doc - 1.40.0-1ubuntu0.2 libnghttp2-dev - 1.40.0-1ubuntu0.2 nghttp2-proxy - 1.40.0-1ubuntu0.2 nghttp2 - 1.40.0-1ubuntu0.2 nghttp2-client - 1.40.0-1ubuntu0.2 nghttp2-server - 1.40.0-1ubuntu0.2 No subscription required High CVE-2023-44487 Ubuntu 20.04 LTS David Shoon discovered that the Apache HTTP Server mod_macro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2023-31122) Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and Choongin Lee discovered that the Apache HTTP Server incorrectly handled certain HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-43622) Will Dormann and David Warren discovered that the Apache HTTP Server incorrectly handled memory when handling HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2023-45802) Update Instructions: Run `sudo pro fix USN-6506-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.15 libapache2-mod-md - 2.4.41-4ubuntu3.15 apache2-utils - 2.4.41-4ubuntu3.15 apache2-dev - 2.4.41-4ubuntu3.15 apache2-suexec-pristine - 2.4.41-4ubuntu3.15 apache2-suexec-custom - 2.4.41-4ubuntu3.15 apache2 - 2.4.41-4ubuntu3.15 apache2-doc - 2.4.41-4ubuntu3.15 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.15 apache2-ssl-dev - 2.4.41-4ubuntu3.15 apache2-bin - 2.4.41-4ubuntu3.15 No subscription required Medium CVE-2023-31122 CVE-2023-43622 CVE-2023-45802 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-23804) It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-37050, CVE-2022-37051, CVE-2022-37052, CVE-2022-38349) Update Instructions: Run `sudo pro fix USN-6508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpoppler97 - 0.86.1-0ubuntu1.4 poppler-utils - 0.86.1-0ubuntu1.4 libpoppler-cpp-dev - 0.86.1-0ubuntu1.4 libpoppler-glib-doc - 0.86.1-0ubuntu1.4 gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.4 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.4 libpoppler-glib8 - 0.86.1-0ubuntu1.4 libpoppler-private-dev - 0.86.1-0ubuntu1.4 libpoppler-glib-dev - 0.86.1-0ubuntu1.4 libpoppler-dev - 0.86.1-0ubuntu1.4 libpoppler-qt5-dev - 0.86.1-0ubuntu1.4 libpoppler-qt5-1 - 0.86.1-0ubuntu1.4 No subscription required Medium CVE-2020-23804 CVE-2022-37050 CVE-2022-37051 CVE-2022-37052 CVE-2022-38349 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6210, CVE-2023-6211, CVE-2023-6212, CVE-2023-6213) It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Firefox incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered that Firefox incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6509-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 120.0+build2-0ubuntu0.20.04.1 firefox - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 120.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 120.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 120.0+build2-0ubuntu0.20.04.1 firefox-dev - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 120.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 120.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6210 CVE-2023-6211 CVE-2023-6212 CVE-2023-6213 Ubuntu 20.04 LTS USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6210, CVE-2023-6211, CVE-2023-6212, CVE-2023-6213) It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Firefox incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6509-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 120.0.1+build1-0ubuntu0.20.04.1 firefox - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 120.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 120.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 120.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 120.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 120.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2045518 Ubuntu 20.04 LTS It was discovered that the OpenZFS sharenfs feature incorrectly handled IPv6 address data. This could result in IPv6 restrictions not being applied, contrary to expectations. Update Instructions: Run `sudo pro fix USN-6511-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzfs2linux - 0.8.3-1ubuntu12.16 libzpool2linux - 0.8.3-1ubuntu12.16 spl-dkms - 0.8.3-1ubuntu12.16 zfs-initramfs - 0.8.3-1ubuntu12.16 python3-pyzfs - 0.8.3-1ubuntu12.16 zfs-dracut - 0.8.3-1ubuntu12.16 pyzfs-doc - 0.8.3-1ubuntu12.16 libnvpair1linux - 0.8.3-1ubuntu12.16 zfsutils-linux - 0.8.3-1ubuntu12.16 spl - 0.8.3-1ubuntu12.16 zfs-test - 0.8.3-1ubuntu12.16 libzfslinux-dev - 0.8.3-1ubuntu12.16 libuutil1linux - 0.8.3-1ubuntu12.16 zfs-zed - 0.8.3-1ubuntu12.16 zfs-dkms - 0.8.3-1ubuntu12.16 No subscription required Medium CVE-2013-20001 Ubuntu 20.04 LTS It was discovered that LibTIFF could be made to run into an infinite loop. If a user or an automated system were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-40090) It was discovered that LibTIFF could be made leak memory. If a user or an automated system were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-3576) Update Instructions: Run `sudo pro fix USN-6512-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.11 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.11 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.11 No subscription required Medium CVE-2022-40090 CVE-2023-3576 Ubuntu 20.04 LTS USN-6513-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. (CVE-2022-48564) It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake. (CVE-2023-40217) Update Instructions: Run `sudo pro fix USN-6513-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3.8-minimal - 3.8.10-0ubuntu1~20.04.9 python3.8-full - 3.8.10-0ubuntu1~20.04.9 python3.8-examples - 3.8.10-0ubuntu1~20.04.9 python3.8-dev - 3.8.10-0ubuntu1~20.04.9 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.9 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.9 python3.8-venv - 3.8.10-0ubuntu1~20.04.9 libpython3.8 - 3.8.10-0ubuntu1~20.04.9 idle-python3.8 - 3.8.10-0ubuntu1~20.04.9 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.9 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.9 python3.8 - 3.8.10-0ubuntu1~20.04.9 python3.8-doc - 3.8.10-0ubuntu1~20.04.9 No subscription required Medium CVE-2023-40217 Ubuntu 20.04 LTS It was discovered that Open vSwitch did not correctly handle OpenFlow rules for ICMPv6 Neighbour Advertisement packets. A local attacker could possibly use this issue to redirect traffic to arbitrary IP addresses. Update Instructions: Run `sudo pro fix USN-6514-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.8-0ubuntu1.3 openvswitch-switch - 2.13.8-0ubuntu1.3 openvswitch-pki - 2.13.8-0ubuntu1.3 openvswitch-common - 2.13.8-0ubuntu1.3 openvswitch-testcontroller - 2.13.8-0ubuntu1.3 openvswitch-vtep - 2.13.8-0ubuntu1.3 openvswitch-source - 2.13.8-0ubuntu1.3 python3-openvswitch - 2.13.8-0ubuntu1.3 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.3 openvswitch-test - 2.13.8-0ubuntu1.3 No subscription required Medium CVE-2023-5366 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6212) It was discovered that Thudnerbird did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6204) It discovered that Thunderbird incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6205) It discovered that Thunderbird incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6207) It discovered that Thudnerbird incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6208) Rachmat Abdul Rokhim discovered that Thunderbird incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-6209) Update Instructions: Run `sudo pro fix USN-6515-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.5.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.5.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.5.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.5.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.5.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6212 Ubuntu 20.04 LTS Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-31083) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-3772) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Update Instructions: Run `sudo pro fix USN-6516-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-modules-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-buildinfo-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-modules-extra-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-tools-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-cloud-tools-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-modules-iwlwifi-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1045 - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1045.51~20.04.1 linux-image-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1045.51~20.04.1 linux-image-unsigned-5.15.0-1045-intel-iotg - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1045.51~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1045 - 5.15.0-1045.51~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1045.51~20.04.35 linux-tools-intel - 5.15.0.1045.51~20.04.35 linux-intel-iotg - 5.15.0.1045.51~20.04.35 linux-headers-intel - 5.15.0.1045.51~20.04.35 linux-tools-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-intel - 5.15.0.1045.51~20.04.35 linux-image-intel-iotg - 5.15.0.1045.51~20.04.35 linux-image-intel - 5.15.0.1045.51~20.04.35 linux-image-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-headers-intel-iotg - 5.15.0.1045.51~20.04.35 linux-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-headers-intel-iotg-edge - 5.15.0.1045.51~20.04.35 linux-tools-intel-iotg - 5.15.0.1045.51~20.04.35 No subscription required Medium CVE-2023-25775 CVE-2023-31083 CVE-2023-31085 CVE-2023-3772 CVE-2023-45871 Ubuntu 20.04 LTS It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-48522) Nathan Mills discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-47038) Update Instructions: Run `sudo pro fix USN-6517-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: perl-modules-5.30 - 5.30.0-9ubuntu0.5 libperl-dev - 5.30.0-9ubuntu0.5 perl-doc - 5.30.0-9ubuntu0.5 perl - 5.30.0-9ubuntu0.5 perl-base - 5.30.0-9ubuntu0.5 libperl5.30 - 5.30.0-9ubuntu0.5 perl-debug - 5.30.0-9ubuntu0.5 No subscription required Medium CVE-2022-48522 CVE-2023-47038 Ubuntu 20.04 LTS It was discovered that GIMP incorrectly handled certain image files. If a user were tricked into opening a specially crafted image, an attacker could use this issue to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6521-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgimp2.0-doc - 2.10.18-1ubuntu0.1 libgimp2.0-dev - 2.10.18-1ubuntu0.1 libgimp2.0 - 2.10.18-1ubuntu0.1 gimp-data - 2.10.18-1ubuntu0.1 gimp - 2.10.18-1ubuntu0.1 No subscription required Medium CVE-2022-30067 CVE-2022-32990 CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2022-41877) It was discovered that FreeRDP incorrectly handled certain surface updates. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-39352, CVE-2023-39356) Update Instructions: Run `sudo pro fix USN-6522-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-shadow-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-wayland - 2.2.0+dfsg1-0ubuntu0.20.04.6 libwinpr2-dev - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-shadow2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libuwac0-0 - 2.2.0+dfsg1-0ubuntu0.20.04.6 freerdp2-x11 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libwinpr2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libuwac0-dev - 2.2.0+dfsg1-0ubuntu0.20.04.6 libwinpr-tools2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-shadow-subsystem2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 libfreerdp-client2-2 - 2.2.0+dfsg1-0ubuntu0.20.04.6 winpr-utils - 2.2.0+dfsg1-0ubuntu0.20.04.6 No subscription required Medium CVE-2022-41877 CVE-2023-39352 CVE-2023-39356 Ubuntu 20.04 LTS Nicky Mouha discovered that PyPy incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause PyPy to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6524-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy3-dev - 7.3.1+dfsg-4ubuntu0.1 pypy3-lib-testsuite - 7.3.1+dfsg-4ubuntu0.1 pypy3-tk - 7.3.1+dfsg-4ubuntu0.1 pypy3-lib - 7.3.1+dfsg-4ubuntu0.1 pypy3-doc - 7.3.1+dfsg-4ubuntu0.1 pypy3 - 7.3.1+dfsg-4ubuntu0.1 No subscription required Medium CVE-2022-37454 Ubuntu 20.04 LTS Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-sha3 - 1.0.2-4ubuntu0.1 No subscription required Medium CVE-2022-37454 Ubuntu 20.04 LTS It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6526-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgstreamer-plugins-bad1.0-0 - 1.16.3-0ubuntu1.1 gir1.2-gst-plugins-bad-1.0 - 1.16.3-0ubuntu1.1 gstreamer1.0-opencv - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-bad - 1.16.3-0ubuntu1.1 libgstreamer-opencv1.0-0 - 1.16.3-0ubuntu1.1 gstreamer1.0-plugins-bad-doc - 1.16.3-0ubuntu1.1 libgstreamer-plugins-bad1.0-dev - 1.16.3-0ubuntu1.1 No subscription required Medium CVE-2023-37329 CVE-2023-40474 CVE-2023-40475 CVE-2023-40476 CVE-2023-44429 CVE-2023-44446 Ubuntu 20.04 LTS Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081) Update Instructions: Run `sudo pro fix USN-6527-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.21+9-0ubuntu1~20.04 openjdk-11-source - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jdk - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.21+9-0ubuntu1~20.04 openjdk-11-jre - 11.0.21+9-0ubuntu1~20.04 openjdk-11-demo - 11.0.21+9-0ubuntu1~20.04 No subscription required openjdk-17-demo - 17.0.9+9-1~20.04 openjdk-17-jdk - 17.0.9+9-1~20.04 openjdk-17-jdk-headless - 17.0.9+9-1~20.04 openjdk-17-jre-zero - 17.0.9+9-1~20.04 openjdk-17-source - 17.0.9+9-1~20.04 openjdk-17-jre-headless - 17.0.9+9-1~20.04 openjdk-17-jre - 17.0.9+9-1~20.04 openjdk-17-doc - 17.0.9+9-1~20.04 No subscription required Medium CVE-2023-22025 CVE-2023-22081 Ubuntu 20.04 LTS It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode blocks in certain situations. An attacker could possibly use this to cause a denial of service. (CVE-2022-40433) Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512 instructions. (CVE-2023-22025) It was discovered that the CORBA implementation in OpenJDK did not properly perform deserialization of IOR string objects. An attacker could possibly use this to bypass Java sandbox restrictions. (CVE-2023-22067) It was discovered that OpenJDK did not properly perform PKIX certification path validation in certain situations. An attacker could use this to cause a denial of service. (CVE-2023-22081) Update Instructions: Run `sudo pro fix USN-6528-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u392-ga-1~20.04 openjdk-8-jdk - 8u392-ga-1~20.04 openjdk-8-jre-headless - 8u392-ga-1~20.04 openjdk-8-jre - 8u392-ga-1~20.04 openjdk-8-jdk-headless - 8u392-ga-1~20.04 openjdk-8-source - 8u392-ga-1~20.04 openjdk-8-jre-zero - 8u392-ga-1~20.04 openjdk-8-demo - 8u392-ga-1~20.04 No subscription required Medium CVE-2023-22025 CVE-2023-22067 CVE-2023-22081 Ubuntu 20.04 LTS It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-38562, CVE-2022-25802, CVE-2023-41259, CVE-2023-41260) Update Instructions: Run `sudo pro fix USN-6529-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rt4-standalone - 4.4.3-2+deb10u3build0.20.04.1 rt4-db-postgresql - 4.4.3-2+deb10u3build0.20.04.1 rt4-db-mysql - 4.4.3-2+deb10u3build0.20.04.1 rt4-apache2 - 4.4.3-2+deb10u3build0.20.04.1 rt4-db-sqlite - 4.4.3-2+deb10u3build0.20.04.1 rt4-clients - 4.4.3-2+deb10u3build0.20.04.1 request-tracker4 - 4.4.3-2+deb10u3build0.20.04.1 rt4-fcgi - 4.4.3-2+deb10u3build0.20.04.1 rt4-doc-html - 4.4.3-2+deb10u3build0.20.04.1 No subscription required Medium CVE-2021-38562 CVE-2022-25802 CVE-2023-41259 CVE-2023-41260 Ubuntu 20.04 LTS It was discovered that HAProxy incorrectly handled URI components containing the hash character (#). A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules. Update Instructions: Run `sudo pro fix USN-6530-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: haproxy - 2.0.31-0ubuntu0.3 haproxy-doc - 2.0.31-0ubuntu0.3 vim-haproxy - 2.0.31-0ubuntu0.3 No subscription required Medium CVE-2023-45539 Ubuntu 20.04 LTS Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. (CVE-2022-24834) SeungHyun Lee discovered that Redis incorrectly handled specially crafted commands. An attacker could possibly use this issue to trigger an integer overflow, which might cause Redis to allocate impossible amounts of memory, resulting in a denial of service via an application crash. (CVE-2022-35977) Tom Levy discovered that Redis incorrectly handled crafted string matching patterns. An attacker could possibly use this issue to cause Redis to hang, resulting in a denial of service. (CVE-2022-36021) Yupeng Yang discovered that Redis incorrectly handled specially crafted commands. An attacker could possibly use this issue to trigger an integer overflow, resulting in a denial of service via an application crash. (CVE-2023-25155) It was discovered that Redis incorrectly handled a specially crafted command. An attacker could possibly use this issue to create an invalid hash field, which could potentially cause Redis to crash on future access. (CVE-2023-28856) Alexander Aleksandrovič Klimov discovered that Redis incorrectly listened to a Unix socket before setting proper permissions. A local attacker could possibly use this issue to connect, bypassing intended permissions. (CVE-2023-45145) Update Instructions: Run `sudo pro fix USN-6531-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis - 5:5.0.7-2ubuntu0.1+esm2 redis-server - 5:5.0.7-2ubuntu0.1+esm2 redis-sentinel - 5:5.0.7-2ubuntu0.1+esm2 redis-tools - 5:5.0.7-2ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24834 CVE-2022-35977 CVE-2022-36021 CVE-2023-25155 CVE-2023-28856 CVE-2023-45145 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. (CVE-2023-46218) Maksymilian Arciemowicz discovered that curl incorrectly handled long file names when saving HSTS data. This could result in curl losing HSTS data, and subsequent requests to a site would be done without it, contrary to expectations. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-46219) Update Instructions: Run `sudo pro fix USN-6535-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.21 libcurl4-openssl-dev - 7.68.0-1ubuntu2.21 libcurl3-gnutls - 7.68.0-1ubuntu2.21 libcurl4-doc - 7.68.0-1ubuntu2.21 libcurl3-nss - 7.68.0-1ubuntu2.21 libcurl4-nss-dev - 7.68.0-1ubuntu2.21 libcurl4 - 7.68.0-1ubuntu2.21 curl - 7.68.0-1ubuntu2.21 No subscription required Medium CVE-2023-46218 CVE-2023-46219 Ubuntu 20.04 LTS Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-5868) Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. (CVE-2023-5869) Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations. (CVE-2023-5870) Update Instructions: Run `sudo pro fix USN-6538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.17-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.17-0ubuntu0.20.04.1 libecpg-dev - 12.17-0ubuntu0.20.04.1 libecpg6 - 12.17-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.17-0ubuntu0.20.04.1 libpgtypes3 - 12.17-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.17-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.17-0ubuntu0.20.04.1 libpq-dev - 12.17-0ubuntu0.20.04.1 postgresql-doc-12 - 12.17-0ubuntu0.20.04.1 postgresql-12 - 12.17-0ubuntu0.20.04.1 postgresql-client-12 - 12.17-0ubuntu0.20.04.1 libecpg-compat3 - 12.17-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 Ubuntu 20.04 LTS It was discovered that the python-cryptography Cipher.update_into function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-23931) It was dicovered that python-cryptography incorrectly handled loading certain PKCS7 certificates. A remote attacker could possibly use this issue to cause python-cryptography to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-49083) Update Instructions: Run `sudo pro fix USN-6539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cryptography - 2.8-3ubuntu0.2 python-cryptography - 2.8-3ubuntu0.2 python-cryptography-doc - 2.8-3ubuntu0.2 No subscription required Medium CVE-2023-23931 CVE-2023-49083 Ubuntu 20.04 LTS It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable. Update Instructions: Run `sudo pro fix USN-6540-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.7 bluez-tests - 5.53-0ubuntu3.7 bluez-obexd - 5.53-0ubuntu3.7 bluetooth - 5.53-0ubuntu3.7 bluez - 5.53-0ubuntu3.7 bluez-hcidump - 5.53-0ubuntu3.7 bluez-cups - 5.53-0ubuntu3.7 libbluetooth-dev - 5.53-0ubuntu3.7 No subscription required Medium CVE-2023-45866 Ubuntu 20.04 LTS It was discovered that the GNU C Library was not properly handling certain memory operations. An attacker could possibly use this issue to cause a denial of service (application crash). (CVE-2023-4806, CVE-2023-4813) It was discovered that the GNU C library was not properly implementing a fix for CVE-2023-4806 in certain cases, which could lead to a memory leak. An attacker could possibly use this issue to cause a denial of service (application crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-5156) Update Instructions: Run `sudo pro fix USN-6541-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc6-i386 - 2.31-0ubuntu9.14 libc6-dev-s390 - 2.31-0ubuntu9.14 glibc-source - 2.31-0ubuntu9.14 libc-bin - 2.31-0ubuntu9.14 libc6-x32 - 2.31-0ubuntu9.14 libc6-prof - 2.31-0ubuntu9.14 libc6-s390 - 2.31-0ubuntu9.14 libc6-armel - 2.31-0ubuntu9.14 libc6-pic - 2.31-0ubuntu9.14 libc6-dev-armel - 2.31-0ubuntu9.14 glibc-doc - 2.31-0ubuntu9.14 libc6-dev - 2.31-0ubuntu9.14 libc6-amd64 - 2.31-0ubuntu9.14 libc6-dev-amd64 - 2.31-0ubuntu9.14 libc6 - 2.31-0ubuntu9.14 locales-all - 2.31-0ubuntu9.14 libc6-dev-x32 - 2.31-0ubuntu9.14 locales - 2.31-0ubuntu9.14 libc6-lse - 2.31-0ubuntu9.14 libc6-dev-i386 - 2.31-0ubuntu9.14 libc-dev-bin - 2.31-0ubuntu9.14 nscd - 2.31-0ubuntu9.14 No subscription required Medium CVE-2023-4806 CVE-2023-4813 CVE-2023-5156 Ubuntu 20.04 LTS Wang Zhong discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6542-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtinyxml-doc - 2.6.2-4+deb10u1build0.20.04.1 libtinyxml-dev - 2.6.2-4+deb10u1build0.20.04.1 libtinyxml2.6.2v5 - 2.6.2-4+deb10u1build0.20.04.1 No subscription required Medium CVE-2021-42260 Ubuntu 20.04 LTS It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tar-scripts - 1.30+dfsg-7ubuntu0.20.04.4 tar - 1.30+dfsg-7ubuntu0.20.04.4 No subscription required Medium CVE-2023-39804 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2022-38533) It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-4285, CVE-2020-19726, CVE-2021-46174) It was discovered that GNU binutils contained a reachable assertion, which could lead to an intentional assertion failure when processing certain crafted DWARF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-35205) Update Instructions: Run `sudo pro fix USN-6544-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.7 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.7 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.7 binutils-ia64-linux-gnu - 2.34-6ubuntu1.7 binutils-multiarch - 2.34-6ubuntu1.7 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.7 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.7 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.7 binutils-m68k-linux-gnu - 2.34-6ubuntu1.7 binutils-for-build - 2.34-6ubuntu1.7 binutils-s390x-linux-gnu - 2.34-6ubuntu1.7 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.7 binutils-multiarch-dev - 2.34-6ubuntu1.7 binutils-i686-gnu - 2.34-6ubuntu1.7 libctf-nobfd0 - 2.34-6ubuntu1.7 binutils-for-host - 2.34-6ubuntu1.7 binutils-doc - 2.34-6ubuntu1.7 libctf0 - 2.34-6ubuntu1.7 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.7 binutils-source - 2.34-6ubuntu1.7 binutils-i686-linux-gnu - 2.34-6ubuntu1.7 binutils-common - 2.34-6ubuntu1.7 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.7 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.7 binutils-sh4-linux-gnu - 2.34-6ubuntu1.7 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.7 binutils-hppa-linux-gnu - 2.34-6ubuntu1.7 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.7 libbinutils - 2.34-6ubuntu1.7 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.7 binutils-alpha-linux-gnu - 2.34-6ubuntu1.7 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.7 binutils - 2.34-6ubuntu1.7 No subscription required Medium CVE-2020-19726 CVE-2021-46174 CVE-2022-35205 CVE-2022-38533 CVE-2022-4285 Ubuntu 20.04 LTS USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary GStreamer plugins. (CVE-2023-6185) Reginaldo Silva discovered that LibreOffice incorrectly handled certain non-typical hyperlinks. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary scripts. (CVE-2023-6186) Update Instructions: Run `sudo pro fix USN-6546-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.9 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.9 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.9 libreoffice - 1:6.4.7-0ubuntu0.20.04.9 libjuh-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.9 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.9 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.9 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.9 libridl-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.9 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.9 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.9 libjurt-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.9 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.9 libunoil-java - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.9 python3-uno - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.9 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.9 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.9 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.9 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.9 ure - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.9 python3-access2base - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.9 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.9 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.9 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.9 No subscription required Medium CVE-2023-6185 CVE-2023-6186 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-tools-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-image-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-xilinx-zynqmp-headers-5.4.0-1035 - 5.4.0-1035.39 linux-buildinfo-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-modules-5.4.0-1035-xilinx-zynqmp - 5.4.0-1035.39 linux-xilinx-zynqmp-tools-5.4.0-1035 - 5.4.0-1035.39 No subscription required linux-image-unsigned-5.4.0-1063-ibm - 5.4.0-1063.68 linux-ibm-tools-5.4.0-1063 - 5.4.0-1063.68 linux-image-5.4.0-1063-ibm - 5.4.0-1063.68 linux-ibm-source-5.4.0 - 5.4.0-1063.68 linux-headers-5.4.0-1063-ibm - 5.4.0-1063.68 linux-buildinfo-5.4.0-1063-ibm - 5.4.0-1063.68 linux-ibm-headers-5.4.0-1063 - 5.4.0-1063.68 linux-modules-extra-5.4.0-1063-ibm - 5.4.0-1063.68 linux-modules-5.4.0-1063-ibm - 5.4.0-1063.68 linux-ibm-cloud-tools-common - 5.4.0-1063.68 linux-ibm-tools-common - 5.4.0-1063.68 linux-tools-5.4.0-1063-ibm - 5.4.0-1063.68 No subscription required linux-headers-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-modules-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-tools-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-buildinfo-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-image-5.4.0-1076-bluefield - 5.4.0-1076.82 linux-bluefield-tools-5.4.0-1076 - 5.4.0-1076.82 linux-bluefield-headers-5.4.0-1076 - 5.4.0-1076.82 linux-image-unsigned-5.4.0-1076-bluefield - 5.4.0-1076.82 No subscription required linux-kvm-headers-5.4.0-1104 - 5.4.0-1104.111 linux-tools-5.4.0-1104-kvm - 5.4.0-1104.111 linux-kvm-tools-5.4.0-1104 - 5.4.0-1104.111 linux-headers-5.4.0-1104-kvm - 5.4.0-1104.111 linux-image-5.4.0-1104-kvm - 5.4.0-1104.111 linux-modules-5.4.0-1104-kvm - 5.4.0-1104.111 linux-image-unsigned-5.4.0-1104-kvm - 5.4.0-1104.111 linux-buildinfo-5.4.0-1104-kvm - 5.4.0-1104.111 No subscription required linux-buildinfo-5.4.0-1116-aws - 5.4.0-1116.126 linux-modules-5.4.0-1116-aws - 5.4.0-1116.126 linux-tools-5.4.0-1116-aws - 5.4.0-1116.126 linux-aws-headers-5.4.0-1116 - 5.4.0-1116.126 linux-image-5.4.0-1116-aws - 5.4.0-1116.126 linux-aws-tools-5.4.0-1116 - 5.4.0-1116.126 linux-cloud-tools-5.4.0-1116-aws - 5.4.0-1116.126 linux-aws-cloud-tools-5.4.0-1116 - 5.4.0-1116.126 linux-headers-5.4.0-1116-aws - 5.4.0-1116.126 linux-image-unsigned-5.4.0-1116-aws - 5.4.0-1116.126 linux-modules-extra-5.4.0-1116-aws - 5.4.0-1116.126 No subscription required linux-image-unsigned-5.4.0-1120-gcp - 5.4.0-1120.129 linux-modules-extra-5.4.0-1120-gcp - 5.4.0-1120.129 linux-image-5.4.0-1120-gcp - 5.4.0-1120.129 linux-gcp-tools-5.4.0-1120 - 5.4.0-1120.129 linux-buildinfo-5.4.0-1120-gcp - 5.4.0-1120.129 linux-tools-5.4.0-1120-gcp - 5.4.0-1120.129 linux-headers-5.4.0-1120-gcp - 5.4.0-1120.129 linux-gcp-headers-5.4.0-1120 - 5.4.0-1120.129 linux-modules-5.4.0-1120-gcp - 5.4.0-1120.129 No subscription required linux-headers-5.4.0-1121-azure - 5.4.0-1121.128 linux-modules-5.4.0-1121-azure - 5.4.0-1121.128 linux-cloud-tools-5.4.0-1121-azure - 5.4.0-1121.128 linux-modules-extra-5.4.0-1121-azure - 5.4.0-1121.128 linux-azure-cloud-tools-5.4.0-1121 - 5.4.0-1121.128 linux-azure-headers-5.4.0-1121 - 5.4.0-1121.128 linux-tools-5.4.0-1121-azure - 5.4.0-1121.128 linux-image-unsigned-5.4.0-1121-azure - 5.4.0-1121.128 linux-azure-tools-5.4.0-1121 - 5.4.0-1121.128 linux-buildinfo-5.4.0-1121-azure - 5.4.0-1121.128 linux-image-5.4.0-1121-azure - 5.4.0-1121.128 No subscription required linux-tools-common - 5.4.0-169.187 linux-tools-host - 5.4.0-169.187 linux-cloud-tools-5.4.0-169-lowlatency - 5.4.0-169.187 linux-doc - 5.4.0-169.187 linux-modules-5.4.0-169-generic - 5.4.0-169.187 linux-buildinfo-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-libc-dev - 5.4.0-169.187 linux-source-5.4.0 - 5.4.0-169.187 linux-headers-5.4.0-169 - 5.4.0-169.187 linux-headers-5.4.0-169-generic - 5.4.0-169.187 linux-modules-extra-5.4.0-169-generic - 5.4.0-169.187 linux-modules-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-headers-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-image-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-image-5.4.0-169-lowlatency - 5.4.0-169.187 linux-tools-5.4.0-169-generic - 5.4.0-169.187 linux-tools-5.4.0-169 - 5.4.0-169.187 linux-buildinfo-5.4.0-169-lowlatency - 5.4.0-169.187 linux-cloud-tools-5.4.0-169 - 5.4.0-169.187 linux-buildinfo-5.4.0-169-generic - 5.4.0-169.187 linux-cloud-tools-common - 5.4.0-169.187 linux-tools-5.4.0-169-generic-lpae - 5.4.0-169.187 linux-image-unsigned-5.4.0-169-generic - 5.4.0-169.187 linux-headers-5.4.0-169-lowlatency - 5.4.0-169.187 linux-cloud-tools-5.4.0-169-generic - 5.4.0-169.187 linux-tools-5.4.0-169-lowlatency - 5.4.0-169.187 linux-modules-5.4.0-169-lowlatency - 5.4.0-169.187 linux-image-5.4.0-169-generic - 5.4.0-169.187 linux-image-unsigned-5.4.0-169-lowlatency - 5.4.0-169.187 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1035.35 linux-xilinx-zynqmp - 5.4.0.1035.35 linux-tools-xilinx-zynqmp - 5.4.0.1035.35 linux-headers-xilinx-zynqmp - 5.4.0.1035.35 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1063.92 linux-headers-ibm-lts-20.04 - 5.4.0.1063.92 linux-ibm-lts-20.04 - 5.4.0.1063.92 linux-image-ibm-lts-20.04 - 5.4.0.1063.92 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1063.92 No subscription required linux-bluefield - 5.4.0.1076.71 linux-image-bluefield - 5.4.0.1076.71 linux-headers-bluefield - 5.4.0.1076.71 linux-tools-bluefield - 5.4.0.1076.71 No subscription required linux-kvm - 5.4.0.1104.100 linux-headers-kvm - 5.4.0.1104.100 linux-image-kvm - 5.4.0.1104.100 linux-tools-kvm - 5.4.0.1104.100 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1116.113 linux-image-aws-lts-20.04 - 5.4.0.1116.113 linux-headers-aws-lts-20.04 - 5.4.0.1116.113 linux-tools-aws-lts-20.04 - 5.4.0.1116.113 linux-aws-lts-20.04 - 5.4.0.1116.113 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1120.122 linux-gcp-lts-20.04 - 5.4.0.1120.122 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1120.122 linux-headers-gcp-lts-20.04 - 5.4.0.1120.122 linux-image-gcp-lts-20.04 - 5.4.0.1120.122 No subscription required linux-azure-lts-20.04 - 5.4.0.1121.114 linux-image-azure-lts-20.04 - 5.4.0.1121.114 linux-modules-extra-azure-lts-20.04 - 5.4.0.1121.114 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1121.114 linux-tools-azure-lts-20.04 - 5.4.0.1121.114 linux-headers-azure-lts-20.04 - 5.4.0.1121.114 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-image-virtual-hwe-18.04 - 5.4.0.169.167 linux-image-generic-hwe-18.04 - 5.4.0.169.167 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-headers-generic-lpae - 5.4.0.169.167 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-image-virtual - 5.4.0.169.167 linux-generic-hwe-18.04 - 5.4.0.169.167 linux-image-generic - 5.4.0.169.167 linux-tools-lowlatency - 5.4.0.169.167 linux-image-oem - 5.4.0.169.167 linux-tools-virtual-hwe-18.04 - 5.4.0.169.167 linux-headers-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-cloud-tools-virtual - 5.4.0.169.167 linux-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-image-extra-virtual-hwe-18.04 - 5.4.0.169.167 linux-image-oem-osp1 - 5.4.0.169.167 linux-headers-oem - 5.4.0.169.167 linux-image-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-crashdump - 5.4.0.169.167 linux-tools-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-headers-generic-hwe-18.04 - 5.4.0.169.167 linux-headers-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.169.167 linux-lowlatency - 5.4.0.169.167 linux-tools-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-tools-generic-lpae - 5.4.0.169.167 linux-cloud-tools-generic - 5.4.0.169.167 linux-headers-virtual-hwe-18.04 - 5.4.0.169.167 linux-virtual-hwe-18.04 - 5.4.0.169.167 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-tools-virtual - 5.4.0.169.167 linux-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-generic - 5.4.0.169.167 linux-tools-oem-osp1 - 5.4.0.169.167 linux-virtual - 5.4.0.169.167 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-tools-generic-hwe-18.04-edge - 5.4.0.169.167 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-oem-tools-host - 5.4.0.169.167 linux-headers-lowlatency - 5.4.0.169.167 linux-image-generic-hwe-18.04-edge - 5.4.0.169.167 linux-generic-hwe-18.04-edge - 5.4.0.169.167 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.169.167 linux-cloud-tools-lowlatency - 5.4.0.169.167 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-oem - 5.4.0.169.167 linux-tools-generic - 5.4.0.169.167 linux-source - 5.4.0.169.167 linux-image-extra-virtual - 5.4.0.169.167 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-oem-osp1-tools-host - 5.4.0.169.167 linux-tools-oem - 5.4.0.169.167 linux-headers-oem-osp1 - 5.4.0.169.167 linux-generic-lpae - 5.4.0.169.167 linux-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-headers-generic-hwe-18.04-edge - 5.4.0.169.167 linux-headers-generic - 5.4.0.169.167 linux-oem-osp1 - 5.4.0.169.167 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.169.167 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-image-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.169.167 linux-virtual-hwe-18.04-edge - 5.4.0.169.167 linux-headers-virtual - 5.4.0.169.167 linux-lowlatency-hwe-18.04 - 5.4.0.169.167 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.169.167 linux-image-generic-lpae - 5.4.0.169.167 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.169.167 linux-image-lowlatency - 5.4.0.169.167 linux-tools-generic-hwe-18.04 - 5.4.0.169.167 linux-image-virtual-hwe-18.04-edge - 5.4.0.169.167 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1100-raspi - 5.4.0-1100.112 linux-tools-5.4.0-1100-raspi - 5.4.0-1100.112 linux-raspi-headers-5.4.0-1100 - 5.4.0-1100.112 linux-headers-5.4.0-1100-raspi - 5.4.0-1100.112 linux-buildinfo-5.4.0-1100-raspi - 5.4.0-1100.112 linux-image-5.4.0-1100-raspi - 5.4.0-1100.112 linux-raspi-tools-5.4.0-1100 - 5.4.0-1100.112 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-raspi - 5.4.0.1100.130 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-raspi-hwe-18.04 - 5.4.0.1100.130 linux-tools-raspi - 5.4.0.1100.130 linux-image-raspi - 5.4.0.1100.130 linux-tools-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-raspi2 - 5.4.0.1100.130 linux-headers-raspi2 - 5.4.0.1100.130 linux-headers-raspi2-hwe-18.04 - 5.4.0.1100.130 linux-image-raspi2 - 5.4.0.1100.130 linux-tools-raspi-hwe-18.04 - 5.4.0.1100.130 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-tools-raspi2 - 5.4.0.1100.130 linux-image-raspi-hwe-18.04 - 5.4.0.1100.130 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-headers-raspi - 5.4.0.1100.130 linux-headers-raspi-hwe-18.04 - 5.4.0.1100.130 linux-image-raspi-hwe-18.04-edge - 5.4.0.1100.130 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1100.130 linux-image-raspi2-hwe-18.04 - 5.4.0.1100.130 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1115-oracle - 5.4.0-1115.124 linux-oracle-tools-5.4.0-1115 - 5.4.0-1115.124 linux-modules-extra-5.4.0-1115-oracle - 5.4.0-1115.124 linux-image-5.4.0-1115-oracle - 5.4.0-1115.124 linux-tools-5.4.0-1115-oracle - 5.4.0-1115.124 linux-oracle-headers-5.4.0-1115 - 5.4.0-1115.124 linux-modules-5.4.0-1115-oracle - 5.4.0-1115.124 linux-image-unsigned-5.4.0-1115-oracle - 5.4.0-1115.124 linux-buildinfo-5.4.0-1115-oracle - 5.4.0-1115.124 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1115.108 linux-image-oracle-lts-20.04 - 5.4.0.1115.108 linux-headers-oracle-lts-20.04 - 5.4.0.1115.108 linux-oracle-lts-20.04 - 5.4.0.1115.108 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-gkeop-tools-5.4.0-1083 - 5.4.0-1083.87 linux-modules-extra-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-gkeop-source-5.4.0 - 5.4.0-1083.87 linux-tools-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-headers-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-image-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-cloud-tools-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-gkeop-cloud-tools-5.4.0-1083 - 5.4.0-1083.87 linux-gkeop-headers-5.4.0-1083 - 5.4.0-1083.87 linux-modules-5.4.0-1083-gkeop - 5.4.0-1083.87 linux-image-unsigned-5.4.0-1083-gkeop - 5.4.0-1083.87 No subscription required linux-image-gkeop-5.4 - 5.4.0.1083.81 linux-gkeop-5.4 - 5.4.0.1083.81 linux-cloud-tools-gkeop-5.4 - 5.4.0.1083.81 linux-image-gkeop - 5.4.0.1083.81 linux-modules-extra-gkeop-5.4 - 5.4.0.1083.81 linux-gkeop - 5.4.0.1083.81 linux-headers-gkeop - 5.4.0.1083.81 linux-modules-extra-gkeop - 5.4.0.1083.81 linux-tools-gkeop - 5.4.0.1083.81 linux-tools-gkeop-5.4 - 5.4.0.1083.81 linux-cloud-tools-gkeop - 5.4.0.1083.81 linux-headers-gkeop-5.4 - 5.4.0.1083.81 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update Instructions: Run `sudo pro fix USN-6548-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1028-iot - 5.4.0-1028.29 linux-modules-5.4.0-1028-iot - 5.4.0-1028.29 linux-iot-tools-common - 5.4.0-1028.29 linux-image-unsigned-5.4.0-1028-iot - 5.4.0-1028.29 linux-tools-5.4.0-1028-iot - 5.4.0-1028.29 linux-iot-headers-5.4.0-1028 - 5.4.0-1028.29 linux-iot-tools-5.4.0-1028 - 5.4.0-1028.29 linux-headers-5.4.0-1028-iot - 5.4.0-1028.29 linux-buildinfo-5.4.0-1028-iot - 5.4.0-1028.29 No subscription required linux-tools-iot - 5.4.0.1028.26 linux-iot - 5.4.0.1028.26 linux-headers-iot - 5.4.0.1028.26 linux-image-iot - 5.4.0.1028.26 No subscription required High CVE-2023-3006 CVE-2023-37453 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-42754 CVE-2023-5178 CVE-2023-5717 CVE-2023-6176 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-image-unsigned-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-ibm-5.15-tools-5.15.0-1044 - 5.15.0-1044.47~20.04.1 linux-ibm-5.15-headers-5.15.0-1044 - 5.15.0-1044.47~20.04.1 linux-image-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-buildinfo-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-headers-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1044.47~20.04.1 linux-modules-extra-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 linux-modules-5.15.0-1044-ibm - 5.15.0-1044.47~20.04.1 No subscription required linux-oracle-5.15-tools-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-oracle-5.15-headers-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-modules-extra-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-headers-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-image-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-modules-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-tools-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-buildinfo-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 linux-image-unsigned-5.15.0-1049-oracle - 5.15.0-1049.55~20.04.1 No subscription required linux-aws-5.15-headers-5.15.0-1051 - 5.15.0-1051.56~20.04.1 linux-cloud-tools-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-buildinfo-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-modules-extra-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-tools-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.56~20.04.1 linux-modules-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-headers-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-image-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-image-unsigned-5.15.0-1051-aws - 5.15.0-1051.56~20.04.1 linux-aws-5.15-tools-5.15.0-1051 - 5.15.0-1051.56~20.04.1 No subscription required linux-modules-extra-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-azure-5.15-tools-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-azure-5.15-headers-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-modules-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-headers-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-image-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-cloud-tools-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-image-unsigned-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-tools-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 linux-buildinfo-5.15.0-1053-azure - 5.15.0-1053.61~20.04.1 No subscription required linux-image-unsigned-5.15.0-1053-azure-fde - 5.15.0-1053.61~20.04.1.1 linux-image-5.15.0-1053-azure-fde - 5.15.0-1053.61~20.04.1.1 No subscription required linux-tools-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-modules-iwlwifi-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-hwe-5.15-headers-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-hwe-5.15-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-generic-64k - 5.15.0-91.101~20.04.1 linux-cloud-tools-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-generic-lpae - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-modules-extra-5.15.0-91-generic - 5.15.0-91.101~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-91.101~20.04.1 No subscription required linux-ibm-edge - 5.15.0.1044.47~20.04.16 linux-image-ibm - 5.15.0.1044.47~20.04.16 linux-tools-ibm - 5.15.0.1044.47~20.04.16 linux-headers-ibm-edge - 5.15.0.1044.47~20.04.16 linux-tools-ibm-edge - 5.15.0.1044.47~20.04.16 linux-ibm - 5.15.0.1044.47~20.04.16 linux-headers-ibm - 5.15.0.1044.47~20.04.16 linux-image-ibm-edge - 5.15.0.1044.47~20.04.16 No subscription required linux-headers-oracle - 5.15.0.1049.55~20.04.1 linux-tools-oracle - 5.15.0.1049.55~20.04.1 linux-tools-oracle-edge - 5.15.0.1049.55~20.04.1 linux-oracle-edge - 5.15.0.1049.55~20.04.1 linux-image-oracle-edge - 5.15.0.1049.55~20.04.1 linux-headers-oracle-edge - 5.15.0.1049.55~20.04.1 linux-image-oracle - 5.15.0.1049.55~20.04.1 linux-oracle - 5.15.0.1049.55~20.04.1 No subscription required linux-headers-aws - 5.15.0.1051.56~20.04.39 linux-image-aws - 5.15.0.1051.56~20.04.39 linux-modules-extra-aws-edge - 5.15.0.1051.56~20.04.39 linux-image-aws-edge - 5.15.0.1051.56~20.04.39 linux-aws-edge - 5.15.0.1051.56~20.04.39 linux-aws - 5.15.0.1051.56~20.04.39 linux-tools-aws - 5.15.0.1051.56~20.04.39 linux-headers-aws-edge - 5.15.0.1051.56~20.04.39 linux-modules-extra-aws - 5.15.0.1051.56~20.04.39 linux-tools-aws-edge - 5.15.0.1051.56~20.04.39 No subscription required linux-image-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-cloud-tools-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-modules-extra-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-tools-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-headers-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-tools-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-image-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-cloud-tools-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-azure-fde-edge - 5.15.0.1053.61~20.04.1.31 linux-modules-extra-azure-fde - 5.15.0.1053.61~20.04.1.31 linux-headers-azure-fde - 5.15.0.1053.61~20.04.1.31 No subscription required linux-tools-azure-edge - 5.15.0.1053.61~20.04.42 linux-cloud-tools-azure - 5.15.0.1053.61~20.04.42 linux-tools-azure - 5.15.0.1053.61~20.04.42 linux-image-azure-edge - 5.15.0.1053.61~20.04.42 linux-image-azure-cvm - 5.15.0.1053.61~20.04.42 linux-modules-extra-azure-cvm - 5.15.0.1053.61~20.04.42 linux-tools-azure-cvm - 5.15.0.1053.61~20.04.42 linux-cloud-tools-azure-edge - 5.15.0.1053.61~20.04.42 linux-modules-extra-azure - 5.15.0.1053.61~20.04.42 linux-headers-azure-cvm - 5.15.0.1053.61~20.04.42 linux-image-azure - 5.15.0.1053.61~20.04.42 linux-cloud-tools-azure-cvm - 5.15.0.1053.61~20.04.42 linux-headers-azure-edge - 5.15.0.1053.61~20.04.42 linux-azure-edge - 5.15.0.1053.61~20.04.42 linux-azure-cvm - 5.15.0.1053.61~20.04.42 linux-modules-extra-azure-edge - 5.15.0.1053.61~20.04.42 linux-azure - 5.15.0.1053.61~20.04.42 linux-headers-azure - 5.15.0.1053.61~20.04.42 No subscription required linux-headers-oem-20.04 - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04d - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04b - 5.15.0.91.101~20.04.48 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-extra-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-oem-20.04c - 5.15.0.91.101~20.04.48 linux-image-oem-20.04b - 5.15.0.91.101~20.04.48 linux-image-oem-20.04d - 5.15.0.91.101~20.04.48 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-oem-20.04 - 5.15.0.91.101~20.04.48 linux-image-oem-20.04 - 5.15.0.91.101~20.04.48 linux-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-oem-20.04d - 5.15.0.91.101~20.04.48 linux-oem-20.04c - 5.15.0.91.101~20.04.48 linux-oem-20.04b - 5.15.0.91.101~20.04.48 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04 - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-oem-20.04 - 5.15.0.91.101~20.04.48 linux-tools-generic-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-tools-oem-20.04c - 5.15.0.91.101~20.04.48 linux-image-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-oem-20.04d - 5.15.0.91.101~20.04.48 linux-tools-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-tools-virtual-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-image-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-image-generic-64k-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04b - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04c - 5.15.0.91.101~20.04.48 linux-headers-virtual-hwe-20.04 - 5.15.0.91.101~20.04.48 linux-headers-oem-20.04d - 5.15.0.91.101~20.04.48 linux-generic-lpae-hwe-20.04 - 5.15.0.91.101~20.04.48 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-tools-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-modules-extra-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-image-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-gkeop-5.15-tools-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-gkeop-5.15-headers-5.15.0-1034 - 5.15.0-1034.40~20.04.1 linux-headers-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-cloud-tools-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-modules-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 linux-image-unsigned-5.15.0-1034-gkeop - 5.15.0-1034.40~20.04.1 No subscription required linux-image-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-image-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-cloud-tools-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-headers-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-headers-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-tools-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-cloud-tools-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-modules-extra-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-gkeop-edge - 5.15.0.1034.40~20.04.30 linux-tools-gkeop-5.15 - 5.15.0.1034.40~20.04.30 linux-modules-extra-gkeop-5.15 - 5.15.0.1034.40~20.04.30 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-91.101~20.04.1 linux-image-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-cloud-tools-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-headers-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-modules-iwlwifi-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-buildinfo-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-modules-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-91.101~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-91 - 5.15.0-91.101~20.04.1 linux-tools-5.15.0-91-lowlatency-64k - 5.15.0-91.101~20.04.1 linux-image-unsigned-5.15.0-91-lowlatency - 5.15.0-91.101~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-lowlatency-64k-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-image-lowlatency-hwe-20.04 - 5.15.0.91.101~20.04.45 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.91.101~20.04.45 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.91.101~20.04.45 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update Instructions: Run `sudo pro fix USN-6549-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-iwlwifi-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-image-unsigned-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1046.52~20.04.1 linux-modules-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1046.52~20.04.1 linux-modules-extra-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-headers-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-cloud-tools-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-buildinfo-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-tools-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1046 - 5.15.0-1046.52~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1046.52~20.04.1 linux-image-5.15.0-1046-intel-iotg - 5.15.0-1046.52~20.04.1 No subscription required linux-gcp-5.15-tools-5.15.0-1048 - 5.15.0-1048.56~20.04.1 linux-gcp-5.15-headers-5.15.0-1048 - 5.15.0-1048.56~20.04.1 linux-buildinfo-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-modules-iwlwifi-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-image-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-modules-extra-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-image-unsigned-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-modules-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-headers-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 linux-tools-5.15.0-1048-gcp - 5.15.0-1048.56~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1046.52~20.04.36 linux-intel-iotg - 5.15.0.1046.52~20.04.36 linux-image-intel - 5.15.0.1046.52~20.04.36 linux-headers-intel - 5.15.0.1046.52~20.04.36 linux-tools-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-intel - 5.15.0.1046.52~20.04.36 linux-image-intel-iotg - 5.15.0.1046.52~20.04.36 linux-image-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-tools-intel - 5.15.0.1046.52~20.04.36 linux-headers-intel-iotg - 5.15.0.1046.52~20.04.36 linux-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-headers-intel-iotg-edge - 5.15.0.1046.52~20.04.36 linux-tools-intel-iotg - 5.15.0.1046.52~20.04.36 No subscription required linux-headers-gcp - 5.15.0.1048.56~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1048.56~20.04.1 linux-gcp - 5.15.0.1048.56~20.04.1 linux-image-gcp-edge - 5.15.0.1048.56~20.04.1 linux-headers-gcp-edge - 5.15.0.1048.56~20.04.1 linux-tools-gcp-edge - 5.15.0.1048.56~20.04.1 linux-image-gcp - 5.15.0.1048.56~20.04.1 linux-modules-extra-gcp - 5.15.0.1048.56~20.04.1 linux-tools-gcp - 5.15.0.1048.56~20.04.1 linux-gcp-edge - 5.15.0.1048.56~20.04.1 No subscription required Medium CVE-2023-37453 CVE-2023-3773 CVE-2023-39189 CVE-2023-39192 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-42754 CVE-2023-5158 CVE-2023-5178 CVE-2023-5717 Ubuntu 20.04 LTS It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. (CVE-2022-29221) It was discovered that Moment.js, that is integrated in the PostfixAdmin code, was using an inefficient parsing algorithm when processing date strings in the RFC 2822 standard. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-31129) It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly escaping JavaScript code. An attacker could possibly use this issue to conduct cross-site scripting attacks (XSS). (CVE-2023-28447) Update Instructions: Run `sudo pro fix USN-6550-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfixadmin - 3.2.1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-29221 CVE-2022-31129 CVE-2023-28447 Ubuntu 20.04 LTS Florent Saudel and Arnaud Gatignol discovered that Netatalk incorrectly handled certain specially crafted Spotlight requests. A remote attacker could possibly use this issue to cause heap corruption and execute arbitrary code. (CVE-2023-42464) Update Instructions: Run `sudo pro fix USN-6552-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netatalk - 3.1.12~ds-4ubuntu0.20.04.3 No subscription required Medium CVE-2023-42464 Ubuntu 20.04 LTS Nina Jensen discovered that Pydantic incorrectly handled user input in the date and datetime fields. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2021-29510) Update Instructions: Run `sudo pro fix USN-6553-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pydantic - 1.2-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-29510 Ubuntu 20.04 LTS Zygmunt Krynicki discovered that GNOME Settings did not accurately reflect the SSH remote login status when the system was configured to use systemd socket activation for OpenSSH. Remote SSH access may be unknowingly enabled, contrary to expectation. Update Instructions: Run `sudo pro fix USN-6554-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnome-control-center - 1:3.36.5-0ubuntu4.1 gnome-control-center-dev - 1:3.36.5-0ubuntu4.1 gnome-control-center-faces - 1:3.36.5-0ubuntu4.1 gnome-control-center-data - 1:3.36.5-0ubuntu4.1 No subscription required Medium CVE-2023-5616 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-6377) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information. (CVE-2023-6478) Update Instructions: Run `sudo pro fix USN-6555-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.12 xwayland - 2:1.20.13-1ubuntu1~20.04.12 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.12 xdmx - 2:1.20.13-1ubuntu1~20.04.12 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.12 xvfb - 2:1.20.13-1ubuntu1~20.04.12 xnest - 2:1.20.13-1ubuntu1~20.04.12 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.12 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.12 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.12 xserver-common - 2:1.20.13-1ubuntu1~20.04.12 No subscription required Medium CVE-2023-6377 CVE-2023-6478 Ubuntu 20.04 LTS It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1725) It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1771) It was discovered that Vim could be made to write out of bounds with a put command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1886) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1897, CVE-2022-2000) It was discovered that Vim did not properly manage memory in the spell command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2042) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-46246, CVE-2023-48231) It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-48232) It was discovered that Vim contained multiple arithmetic overflows. An attacker could possibly use these issues to cause a denial of service. (CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237) It was discovered that Vim did not properly manage memory in the substitute command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-48706) Update Instructions: Run `sudo pro fix USN-6557-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.21 vim-athena - 2:8.1.2269-1ubuntu5.21 vim-tiny - 2:8.1.2269-1ubuntu5.21 vim-gtk - 2:8.1.2269-1ubuntu5.21 vim-gui-common - 2:8.1.2269-1ubuntu5.21 vim - 2:8.1.2269-1ubuntu5.21 vim-doc - 2:8.1.2269-1ubuntu5.21 xxd - 2:8.1.2269-1ubuntu5.21 vim-runtime - 2:8.1.2269-1ubuntu5.21 vim-gtk3 - 2:8.1.2269-1ubuntu5.21 vim-nox - 2:8.1.2269-1ubuntu5.21 No subscription required Medium CVE-2022-1725 CVE-2022-1771 CVE-2022-1886 CVE-2022-1897 CVE-2022-2000 CVE-2022-2042 CVE-2023-46246 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233 CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706 Ubuntu 20.04 LTS It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-13440) It was discovered that audiofile could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-17095) It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2019-13147) It was discovered that audiofile could be made to leak memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to obtain sensitive information. (CVE-2022-24599) Update Instructions: Run `sudo pro fix USN-6558-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: audiofile-tools - 0.3.6-5+deb10u1build0.20.04.1 libaudiofile-dev - 0.3.6-5+deb10u1build0.20.04.1 libaudiofile1 - 0.3.6-5+deb10u1build0.20.04.1 No subscription required Medium CVE-2018-13440 CVE-2018-17095 CVE-2019-13147 CVE-2022-24599 Ubuntu 20.04 LTS It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-0201) Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-44981) Update Instructions: Run `sudo pro fix USN-6559-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-zookeeper - 3.4.13-5ubuntu0.1 libzookeeper-java - 3.4.13-5ubuntu0.1 libzookeeper-java-doc - 3.4.13-5ubuntu0.1 zookeeperd - 3.4.13-5ubuntu0.1 zookeeper - 3.4.13-5ubuntu0.1 libzookeeper-st-dev - 3.4.13-5ubuntu0.1 zookeeper-bin - 3.4.13-5ubuntu0.1 libzookeeper-mt-dev - 3.4.13-5ubuntu0.1 libzookeeper-mt2 - 3.4.13-5ubuntu0.1 libzookeeper-st2 - 3.4.13-5ubuntu0.1 No subscription required Medium CVE-2019-0201 CVE-2023-44981 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. (CVE-2023-48795) Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-28531) Update Instructions: Run `sudo pro fix USN-6560-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.10 openssh-server - 1:8.2p1-4ubuntu0.10 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.10 ssh - 1:8.2p1-4ubuntu0.10 openssh-tests - 1:8.2p1-4ubuntu0.10 openssh-sftp-server - 1:8.2p1-4ubuntu0.10 No subscription required Medium CVE-2023-28531 CVE-2023-48795 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6561-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.4 libssh-doc - 0.9.3-2ubuntu2.4 libssh-4 - 0.9.3-2ubuntu2.4 libssh-dev - 0.9.3-2ubuntu2.4 libssh-gcrypt-4 - 0.9.3-2ubuntu2.4 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.(CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6866, CVE-2023-6867, CVE-2023-6861, CVE-2023-6869, CVE-2023-6871, CVE-2023-6872, CVE-2023-6863, CVE-2023-6864, CVE-2023-6873) DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) George Pantela and Hubert Kario discovered that Firefox using multiple NSS NIST curves which were susceptible to a side-channel attack known as "Minerva". An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6135) Andrew Osmond discovered that Firefox did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6562-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 121.0+build1-0ubuntu0.20.04.1 firefox - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 121.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 121.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-tg - 121.0+build1-0ubuntu0.20.04.1 firefox-dev - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 121.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 121.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-6856 CVE-2023-6135 CVE-2023-6865 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6866 CVE-2023-6860 CVE-2023-6867 CVE-2023-6861 CVE-2023-6869 CVE-2023-6871 CVE-2023-6872 CVE-2023-6863 CVE-2023-6864 CVE-2023-6873 Ubuntu 20.04 LTS USN-6562-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.(CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6866, CVE-2023-6867, CVE-2023-6861, CVE-2023-6869, CVE-2023-6871, CVE-2023-6872, CVE-2023-6863, CVE-2023-6864, CVE-2023-6873) DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) George Pantela and Hubert Kario discovered that Firefox using multiple NSS NIST curves which were susceptible to a side-channel attack known as "Minerva". An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2023-6135) Andrew Osmond discovered that Firefox did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6562-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 121.0.1+build1-0ubuntu0.20.04.1 firefox - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 121.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 121.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 121.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 121.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 121.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2048961 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.(CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6861, CVE-2023-6862, CVE-2023-6863, CVE-2023-6864) Marcus Brinkmann discovered that Thunderbird did not properly parse a PGP/MIME payload that contains digitally signed text. An attacker could potentially exploit this issue to spoof an email message. (CVE-2023-50762) Marcus Brinkmann discovered that Thunderbird did not properly compare the signature creation date with the message date and time when using digitally signed S/MIME email message. An attacker could potentially exploit this issue to spoof date and time of an email message. (CVE-2023-50761) DoHyun Lee discovered that Thunderbird did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2023-6856) Andrew Osmond discovered that Thunderbird did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2023-6860) Update Instructions: Run `sudo pro fix USN-6563-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.6.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.6.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.6.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.6.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.6.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-50762 CVE-2023-50761 CVE-2023-6856 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6860 CVE-2023-6861 CVE-2023-6862 CVE-2023-6863 CVE-2023-6864 Ubuntu 20.04 LTS It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-41617) It was discovered that OpenSSH incorrectly added destination constraints when PKCS#11 token keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-51384) It was discovered that OpenSSH incorrectly handled user names or host names with shell metacharacters. An attacker could possibly use this issue to perform OS command injection. (CVE-2023-51385) Update Instructions: Run `sudo pro fix USN-6565-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.11 openssh-server - 1:8.2p1-4ubuntu0.11 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.11 ssh - 1:8.2p1-4ubuntu0.11 openssh-tests - 1:8.2p1-4ubuntu0.11 openssh-sftp-server - 1:8.2p1-4ubuntu0.11 No subscription required Medium CVE-2021-41617 CVE-2023-51384 CVE-2023-51385 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled certain protection mechanisms when using a CLI script with the --safe option, contrary to expectations. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-46908) It was discovered that SQLite incorrectly handled certain memory operations in the sessions extension. A remote attacker could possibly use this issue to cause SQLite to crash, resulting in a denial of service. (CVE-2023-7104) Update Instructions: Run `sudo pro fix USN-6566-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.6 sqlite3-doc - 3.31.1-4ubuntu0.6 libsqlite3-0 - 3.31.1-4ubuntu0.6 libsqlite3-tcl - 3.31.1-4ubuntu0.6 sqlite3 - 3.31.1-4ubuntu0.6 libsqlite3-dev - 3.31.1-4ubuntu0.6 No subscription required Medium CVE-2022-46908 CVE-2023-7104 Ubuntu 20.04 LTS Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-14394) It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and esclate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-24165) It was discovered that QEMU incorrectly handled the Intel HD audio device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-3611) It was discovered that QEMU incorrectly handled the ATI VGA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3638) It was discovered that QEMU incorrectly handled the VMWare paravirtual RDMA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. (CVE-2023-1544) It was discovered that QEMU incorrectly handled the 9p passthrough filesystem. A malicious guest attacker could possibly use this issue to open special files and escape the exported 9p tree. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-2861) It was discovered that QEMU incorrectly handled the virtual crypto device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3180) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote authenticated attacker could possibly use this issue to cause QEMU to stop responding, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3255) It was discovered that QEMU incorrectly handled net device hot-unplugging. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3301) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3354) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-40360) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 23.10. (CVE-2023-4135) It was discovered that QEMU incorrectly handled SCSI devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-42467) It was discovered that QEMU incorrectly handled certain disk offsets. A malicious guest attacker could possibly use this issue to gain control of the host in certain nested virtualization scenarios. (CVE-2023-5088) Update Instructions: Run `sudo pro fix USN-6567-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-common - 1:4.2-3ubuntu6.28 qemu-system-data - 1:4.2-3ubuntu6.28 qemu-system-misc - 1:4.2-3ubuntu6.28 qemu-block-extra - 1:4.2-3ubuntu6.28 qemu-system-s390x - 1:4.2-3ubuntu6.28 qemu-user - 1:4.2-3ubuntu6.28 qemu - 1:4.2-3ubuntu6.28 qemu-guest-agent - 1:4.2-3ubuntu6.28 qemu-system - 1:4.2-3ubuntu6.28 qemu-utils - 1:4.2-3ubuntu6.28 qemu-user-static - 1:4.2-3ubuntu6.28 qemu-system-gui - 1:4.2-3ubuntu6.28 qemu-kvm - 1:4.2-3ubuntu6.28 qemu-user-binfmt - 1:4.2-3ubuntu6.28 qemu-system-x86 - 1:4.2-3ubuntu6.28 qemu-system-arm - 1:4.2-3ubuntu6.28 qemu-system-sparc - 1:4.2-3ubuntu6.28 qemu-system-x86-microvm - 1:4.2-3ubuntu6.28 qemu-system-ppc - 1:4.2-3ubuntu6.28 qemu-system-mips - 1:4.2-3ubuntu6.28 qemu-system-x86-xen - 1:4.2-3ubuntu6.28 No subscription required Medium CVE-2020-14394 CVE-2020-24165 CVE-2021-3611 CVE-2021-3638 CVE-2023-1544 CVE-2023-2861 CVE-2023-3180 CVE-2023-3255 CVE-2023-3301 CVE-2023-3354 CVE-2023-40360 CVE-2023-4135 CVE-2023-42467 CVE-2023-5088 Ubuntu 20.04 LTS USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-14394) It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and esclate privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-24165) It was discovered that QEMU incorrectly handled the Intel HD audio device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-3611) It was discovered that QEMU incorrectly handled the ATI VGA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-3638) It was discovered that QEMU incorrectly handled the VMWare paravirtual RDMA device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. (CVE-2023-1544) It was discovered that QEMU incorrectly handled the 9p passthrough filesystem. A malicious guest attacker could possibly use this issue to open special files and escape the exported 9p tree. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-2861) It was discovered that QEMU incorrectly handled the virtual crypto device. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3180) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote authenticated attacker could possibly use this issue to cause QEMU to stop responding, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3255) It was discovered that QEMU incorrectly handled net device hot-unplugging. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3301) It was discovered that QEMU incorrectly handled the built-in VNC server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3354) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-40360) It was discovered that QEMU incorrectly handled NVME devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 23.10. (CVE-2023-4135) It was discovered that QEMU incorrectly handled SCSI devices. A malicious guest attacker could use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-42467) It was discovered that QEMU incorrectly handled certain disk offsets. A malicious guest attacker could possibly use this issue to gain control of the host in certain nested virtualization scenarios. (CVE-2023-5088) Update Instructions: Run `sudo pro fix USN-6567-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-system-x86-microvm - 1:4.2-3ubuntu6.29 qemu-system-common - 1:4.2-3ubuntu6.29 qemu-system-data - 1:4.2-3ubuntu6.29 qemu-system-misc - 1:4.2-3ubuntu6.29 qemu-utils - 1:4.2-3ubuntu6.29 qemu-block-extra - 1:4.2-3ubuntu6.29 qemu-system-s390x - 1:4.2-3ubuntu6.29 qemu-kvm - 1:4.2-3ubuntu6.29 qemu-user - 1:4.2-3ubuntu6.29 qemu-guest-agent - 1:4.2-3ubuntu6.29 qemu-system - 1:4.2-3ubuntu6.29 qemu-system-x86-xen - 1:4.2-3ubuntu6.29 qemu-user-static - 1:4.2-3ubuntu6.29 qemu - 1:4.2-3ubuntu6.29 qemu-user-binfmt - 1:4.2-3ubuntu6.29 qemu-system-x86 - 1:4.2-3ubuntu6.29 qemu-system-sparc - 1:4.2-3ubuntu6.29 qemu-system-gui - 1:4.2-3ubuntu6.29 qemu-system-arm - 1:4.2-3ubuntu6.29 qemu-system-ppc - 1:4.2-3ubuntu6.29 qemu-system-mips - 1:4.2-3ubuntu6.29 No subscription required None https://launchpad.net/bugs/2065579 Ubuntu 20.04 LTS The ClamAV package was updated to a new upstream version to remain compatible with signature database downloads. Update Instructions: Run `sudo pro fix USN-6568-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamav-dev - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.11+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.11+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.11+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.11+dfsg-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2046581 Ubuntu 20.04 LTS it was discovered that libclamunrar incorrectly handled directories when extracting RAR archives. A remote attacker could possibly use this issue to overwrite arbitrary files and execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2022-30333) It was discovered that libclamunrar incorrectly validated certain structures when extracting RAR archives. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-40477) Update Instructions: Run `sudo pro fix USN-6569-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libclamunrar9 - 0.103.11-0ubuntu0.20.04.1 No subscription required High CVE-2022-30333 CVE-2023-40477 Ubuntu 20.04 LTS Youssef Rebahi-Gilbert discovered that Monit did not properly process credentials for disabled accounts. An attacker could possibly use this issue to login to the platform with an expired account and a valid password. Update Instructions: Run `sudo pro fix USN-6571-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: monit - 1:5.26.0-4ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-26563 Ubuntu 20.04 LTS Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-39318, CVE-2023-39319) It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time. (CVE-2023-39323) It was discovered that Go did not limit the number of simultaneously executing handler goroutines in the net/http module. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2023-39325, CVE-2023-44487) It was discovered that the Go net/http module did not properly validate the chunk extensions reading from a request or response body. An attacker could possibly use this issue to read sensitive information. (CVE-2023-39326) It was discovered that Go did not properly validate the insecure "git://" protocol when using go get to fetch a module with the ".git" suffix. An attacker could possibly use this issue to bypass secure protocol checks. (CVE-2023-45285) Update Instructions: Run `sudo pro fix USN-6574-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.20-doc - 1.20.3-1ubuntu0.1~20.04.1 golang-1.20-src - 1.20.3-1ubuntu0.1~20.04.1 golang-1.20-go - 1.20.3-1ubuntu0.1~20.04.1 golang-1.20 - 1.20.3-1ubuntu0.1~20.04.1 No subscription required golang-1.21-src - 1.21.1-1~ubuntu20.04.2 golang-1.21 - 1.21.1-1~ubuntu20.04.2 golang-1.21-doc - 1.21.1-1~ubuntu20.04.2 golang-1.21-go - 1.21.1-1~ubuntu20.04.2 No subscription required High CVE-2023-39318 CVE-2023-39319 CVE-2023-39323 CVE-2023-39325 CVE-2023-39326 CVE-2023-44487 CVE-2023-45285 Ubuntu 20.04 LTS It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly use this issue to perform HTML and script injection attacks. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39348) It was discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay responses and manipulate the responses of second requests. (CVE-2023-46137) Update Instructions: Run `sudo pro fix USN-6575-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: twisted-doc - 18.9.0-11ubuntu0.20.04.3 python3-twisted - 18.9.0-11ubuntu0.20.04.3 python3-twisted-bin - 18.9.0-11ubuntu0.20.04.3 No subscription required Medium CVE-2022-39348 CVE-2023-46137 Ubuntu 20.04 LTS USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. Original advisory details: It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6579-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxerces-c-dev - 3.2.2+debian-1ubuntu0.1 libxerces-c3.2 - 3.2.2+debian-1ubuntu0.1 libxerces-c-samples - 3.2.2+debian-1ubuntu0.1 libxerces-c-doc - 3.2.2+debian-1ubuntu0.1 No subscription required Medium CVE-2018-1311 Ubuntu 20.04 LTS It was discovered that w3m incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6580-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: w3m-img - 0.5.3-37ubuntu0.2 w3m - 0.5.3-37ubuntu0.2 No subscription required Medium CVE-2023-4255 Ubuntu 20.04 LTS It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. (CVE-2022-44840, CVE-2022-45703) It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service. (CVE-2022-47007, CVE-2022-47008, CVE-2022-47010, CVE-2022-47011) Update Instructions: Run `sudo pro fix USN-6581-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.8 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.8 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.8 binutils-ia64-linux-gnu - 2.34-6ubuntu1.8 binutils-multiarch - 2.34-6ubuntu1.8 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.8 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.8 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.8 binutils-m68k-linux-gnu - 2.34-6ubuntu1.8 binutils-for-build - 2.34-6ubuntu1.8 binutils-s390x-linux-gnu - 2.34-6ubuntu1.8 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.8 binutils-multiarch-dev - 2.34-6ubuntu1.8 binutils-i686-gnu - 2.34-6ubuntu1.8 libctf-nobfd0 - 2.34-6ubuntu1.8 binutils-for-host - 2.34-6ubuntu1.8 binutils-doc - 2.34-6ubuntu1.8 libctf0 - 2.34-6ubuntu1.8 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.8 binutils-source - 2.34-6ubuntu1.8 binutils-i686-linux-gnu - 2.34-6ubuntu1.8 binutils-common - 2.34-6ubuntu1.8 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.8 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.8 binutils-sh4-linux-gnu - 2.34-6ubuntu1.8 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.8 binutils-hppa-linux-gnu - 2.34-6ubuntu1.8 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.8 libbinutils - 2.34-6ubuntu1.8 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.8 binutils-alpha-linux-gnu - 2.34-6ubuntu1.8 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.8 binutils - 2.34-6ubuntu1.8 No subscription required Medium CVE-2022-44840 CVE-2022-45703 CVE-2022-47007 CVE-2022-47008 CVE-2022-47010 CVE-2022-47011 Ubuntu 20.04 LTS Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-20314) It was discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-33912, CVE-2021-33913) Update Instructions: Run `sudo pro fix USN-6584-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libspf2-2 - 1.2.10-7+deb9u2build0.20.04.1 libmail-spf-xs-perl - 1.2.10-7+deb9u2build0.20.04.1 libspf2-dev - 1.2.10-7+deb9u2build0.20.04.1 spfquery - 1.2.10-7+deb9u2build0.20.04.1 No subscription required Medium CVE-2021-20314 CVE-2021-33912 CVE-2021-33913 Ubuntu 20.04 LTS It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-12211) It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-12213) It was discovered that FreeImage incorrectly processed certain images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-21427, CVE-2020-21428) It was discovered that FreeImage incorrectly processed certain images. If a user or automated system were tricked into opening a specially crafted PFM file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22524) Update Instructions: Run `sudo pro fix USN-6586-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreeimage3 - 3.18.0+ds2-1ubuntu3.1 libfreeimage-dev - 3.18.0+ds2-1ubuntu3.1 libfreeimageplus3 - 3.18.0+ds2-1ubuntu3.1 libfreeimageplus-dev - 3.18.0+ds2-1ubuntu3.1 libfreeimageplus-doc - 3.18.0+ds2-1ubuntu3.1 No subscription required Medium CVE-2019-12211 CVE-2019-12213 CVE-2020-21427 CVE-2020-21428 CVE-2020-22524 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21886) Update Instructions: Run `sudo pro fix USN-6587-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.14 xwayland - 2:1.20.13-1ubuntu1~20.04.14 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.14 xdmx - 2:1.20.13-1ubuntu1~20.04.14 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.14 xvfb - 2:1.20.13-1ubuntu1~20.04.14 xnest - 2:1.20.13-1ubuntu1~20.04.14 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.14 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.14 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.14 xserver-common - 2:1.20.13-1ubuntu1~20.04.14 No subscription required Medium CVE-2023-6816 CVE-2024-0229 CVE-2024-0408 CVE-2024-0409 CVE-2024-21885 CVE-2024-21886 Ubuntu 20.04 LTS USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. (CVE-2024-21886) Update Instructions: Run `sudo pro fix USN-6587-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.15 xwayland - 2:1.20.13-1ubuntu1~20.04.15 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.15 xdmx - 2:1.20.13-1ubuntu1~20.04.15 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.15 xvfb - 2:1.20.13-1ubuntu1~20.04.15 xnest - 2:1.20.13-1ubuntu1~20.04.15 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.15 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.15 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.15 xserver-common - 2:1.20.13-1ubuntu1~20.04.15 No subscription required None https://launchpad.net/bugs/2051536 Ubuntu 20.04 LTS Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6588-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-runtime - 1.3.1-5ubuntu4.7 libpam0g-dev - 1.3.1-5ubuntu4.7 libpam-modules - 1.3.1-5ubuntu4.7 libpam-modules-bin - 1.3.1-5ubuntu4.7 libpam-doc - 1.3.1-5ubuntu4.7 libpam-cracklib - 1.3.1-5ubuntu4.7 libpam0g - 1.3.1-5ubuntu4.7 No subscription required Medium CVE-2024-22365 Ubuntu 20.04 LTS Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6589-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: filezilla-common - 3.46.3-1ubuntu0.1 filezilla - 3.46.3-1ubuntu0.1 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2018-1311) It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, which could lead to an out-of-bounds access via an HTTP request. If a user or automated system were tricked into processing a specially crafted XSD file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-37536) Update Instructions: Run `sudo pro fix USN-6590-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxerces-c-dev - 3.2.2+debian-1ubuntu0.2 libxerces-c3.2 - 3.2.2+debian-1ubuntu0.2 libxerces-c-samples - 3.2.2+debian-1ubuntu0.2 libxerces-c-doc - 3.2.2+debian-1ubuntu0.2 No subscription required Medium CVE-2018-1311 CVE-2023-37536 Ubuntu 20.04 LTS Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility. Information can be found at https://www.postfix.org/smtp-smuggling.html. Update Instructions: Run `sudo pro fix USN-6591-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfix-doc - 3.4.13-0ubuntu1.3 postfix - 3.4.13-0ubuntu1.3 postfix-sqlite - 3.4.13-0ubuntu1.3 postfix-cdb - 3.4.13-0ubuntu1.3 postfix-pcre - 3.4.13-0ubuntu1.3 postfix-lmdb - 3.4.13-0ubuntu1.3 postfix-pgsql - 3.4.13-0ubuntu1.3 postfix-mysql - 3.4.13-0ubuntu1.3 postfix-ldap - 3.4.13-0ubuntu1.3 No subscription required Medium CVE-2023-51764 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2049337 Ubuntu 20.04 LTS USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability. We apologize for the inconvenience. Original advisory details: Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility. Information can be found at https://www.postfix.org/smtp-smuggling.html. Update Instructions: Run `sudo pro fix USN-6591-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: postfix-doc - 3.4.13-0ubuntu1.4 postfix - 3.4.13-0ubuntu1.4 postfix-sqlite - 3.4.13-0ubuntu1.4 postfix-cdb - 3.4.13-0ubuntu1.4 postfix-pcre - 3.4.13-0ubuntu1.4 postfix-lmdb - 3.4.13-0ubuntu1.4 postfix-pgsql - 3.4.13-0ubuntu1.4 postfix-mysql - 3.4.13-0ubuntu1.4 postfix-ldap - 3.4.13-0ubuntu1.4 No subscription required Medium CVE-2023-51764 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2049337 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/2050834 Ubuntu 20.04 LTS It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this issue to inject malicious code into the command of the features mentioned through the hostname parameter. (CVE-2023-6004) It was discovered that libssh incorrectly handled return codes when performing message digest operations. A remote attacker could possibly use this issue to cause libssh to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6918) Update Instructions: Run `sudo pro fix USN-6592-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssh-gcrypt-dev - 0.9.3-2ubuntu2.5 libssh-doc - 0.9.3-2ubuntu2.5 libssh-4 - 0.9.3-2ubuntu2.5 libssh-dev - 0.9.3-2ubuntu2.5 libssh-gcrypt-4 - 0.9.3-2ubuntu2.5 No subscription required Medium CVE-2023-6004 CVE-2023-6918 Ubuntu 20.04 LTS It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-0553) It was discovered that GnuTLS incorrectly handled certain certificate chains with a cross-signing loop. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2024-0567) Update Instructions: Run `sudo pro fix USN-6593-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.10 libgnutls28-dev - 3.6.13-2ubuntu1.10 libgnutls-openssl27 - 3.6.13-2ubuntu1.10 libgnutls30 - 3.6.13-2ubuntu1.10 libgnutls-dane0 - 3.6.13-2ubuntu1.10 gnutls-bin - 3.6.13-2ubuntu1.10 guile-gnutls - 3.6.13-2ubuntu1.10 libgnutlsxx28 - 3.6.13-2ubuntu1.10 No subscription required Medium CVE-2024-0553 CVE-2024-0567 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-49285) Joshua Rogers discovered that Squid incorrectly handled Helper process management. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-49286) Joshua Rogers discovered that Squid incorrectly handled HTTP request parsing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-50269) Update Instructions: Run `sudo pro fix USN-6594-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.9 squidclient - 4.10-1ubuntu1.9 squid - 4.10-1ubuntu1.9 squid-cgi - 4.10-1ubuntu1.9 squid-purge - 4.10-1ubuntu1.9 No subscription required Medium CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Ubuntu 20.04 LTS It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked into opening a specially crafted invalid X.509 certificate, a remote attacker could possibly use this issue to perform spoofing and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6596-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache-session-ldap-perl - 0.4-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-36658 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-6598-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-paramiko - 2.6.0-2ubuntu0.3 paramiko-doc - 2.6.0-2ubuntu0.3 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-28493) It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS. (CVE-2024-22195) Update Instructions: Run `sudo pro fix USN-6599-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2 - 2.10.1-2ubuntu0.2 python-jinja2-doc - 2.10.1-2ubuntu0.2 python3-jinja2 - 2.10.1-2ubuntu0.2 No subscription required Medium CVE-2020-28493 CVE-2024-22195 Ubuntu 20.04 LTS Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10. CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Update Instructions: Run `sudo pro fix USN-6600-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mariadb-plugin-cracklib-password-check - 1:10.3.39-0ubuntu0.20.04.2 mariadb-backup - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-connect - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-spider - 1:10.3.39-0ubuntu0.20.04.2 libmariadbclient-dev - 1:10.3.39-0ubuntu0.20.04.2 libmariadb-dev - 1:10.3.39-0ubuntu0.20.04.2 libmariadb3 - 1:10.3.39-0ubuntu0.20.04.2 libmariadbd19 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-client-core-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-tokudb - 1:10.3.39-0ubuntu0.20.04.2 mariadb-client - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-gssapi-client - 1:10.3.39-0ubuntu0.20.04.2 mariadb-server-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-server-core-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-test-data - 1:10.3.39-0ubuntu0.20.04.2 mariadb-client-10.3 - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-rocksdb - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-mroonga - 1:10.3.39-0ubuntu0.20.04.2 libmariadbd-dev - 1:10.3.39-0ubuntu0.20.04.2 libmariadb-dev-compat - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-gssapi-server - 1:10.3.39-0ubuntu0.20.04.2 mariadb-server - 1:10.3.39-0ubuntu0.20.04.2 mariadb-common - 1:10.3.39-0ubuntu0.20.04.2 mariadb-plugin-oqgraph - 1:10.3.39-0ubuntu0.20.04.2 mariadb-test - 1:10.3.39-0ubuntu0.20.04.2 No subscription required Medium CVE-2022-47015 CVE-2023-22084 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Update Instructions: Run `sudo pro fix USN-6605-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1029-iot - 5.4.0-1029.30 linux-image-5.4.0-1029-iot - 5.4.0-1029.30 linux-modules-5.4.0-1029-iot - 5.4.0-1029.30 linux-buildinfo-5.4.0-1029-iot - 5.4.0-1029.30 linux-tools-5.4.0-1029-iot - 5.4.0-1029.30 linux-iot-headers-5.4.0-1029 - 5.4.0-1029.30 linux-image-unsigned-5.4.0-1029-iot - 5.4.0-1029.30 linux-iot-tools-5.4.0-1029 - 5.4.0-1029.30 linux-iot-tools-common - 5.4.0-1029.30 No subscription required linux-modules-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-image-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-headers-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-buildinfo-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 linux-xilinx-zynqmp-tools-5.4.0-1036 - 5.4.0-1036.40 linux-xilinx-zynqmp-headers-5.4.0-1036 - 5.4.0-1036.40 linux-tools-5.4.0-1036-xilinx-zynqmp - 5.4.0-1036.40 No subscription required linux-tools-5.4.0-1064-ibm - 5.4.0-1064.69 linux-ibm-source-5.4.0 - 5.4.0-1064.69 linux-image-unsigned-5.4.0-1064-ibm - 5.4.0-1064.69 linux-modules-extra-5.4.0-1064-ibm - 5.4.0-1064.69 linux-ibm-tools-common - 5.4.0-1064.69 linux-ibm-cloud-tools-common - 5.4.0-1064.69 linux-ibm-headers-5.4.0-1064 - 5.4.0-1064.69 linux-headers-5.4.0-1064-ibm - 5.4.0-1064.69 linux-ibm-tools-5.4.0-1064 - 5.4.0-1064.69 linux-image-5.4.0-1064-ibm - 5.4.0-1064.69 linux-modules-5.4.0-1064-ibm - 5.4.0-1064.69 linux-buildinfo-5.4.0-1064-ibm - 5.4.0-1064.69 No subscription required linux-tools-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-headers-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-buildinfo-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-image-unsigned-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-modules-5.4.0-1077-bluefield - 5.4.0-1077.83 linux-bluefield-tools-5.4.0-1077 - 5.4.0-1077.83 linux-bluefield-headers-5.4.0-1077 - 5.4.0-1077.83 linux-image-5.4.0-1077-bluefield - 5.4.0-1077.83 No subscription required linux-gkeop-headers-5.4.0-1084 - 5.4.0-1084.88 linux-modules-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-gkeop-source-5.4.0 - 5.4.0-1084.88 linux-buildinfo-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-modules-extra-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-cloud-tools-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-gkeop-cloud-tools-5.4.0-1084 - 5.4.0-1084.88 linux-gkeop-tools-5.4.0-1084 - 5.4.0-1084.88 linux-image-unsigned-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-headers-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-image-5.4.0-1084-gkeop - 5.4.0-1084.88 linux-tools-5.4.0-1084-gkeop - 5.4.0-1084.88 No subscription required linux-modules-5.4.0-1101-raspi - 5.4.0-1101.113 linux-image-5.4.0-1101-raspi - 5.4.0-1101.113 linux-headers-5.4.0-1101-raspi - 5.4.0-1101.113 linux-tools-5.4.0-1101-raspi - 5.4.0-1101.113 linux-raspi-headers-5.4.0-1101 - 5.4.0-1101.113 linux-raspi-tools-5.4.0-1101 - 5.4.0-1101.113 linux-buildinfo-5.4.0-1101-raspi - 5.4.0-1101.113 No subscription required linux-headers-5.4.0-1116-oracle - 5.4.0-1116.125 linux-image-unsigned-5.4.0-1116-oracle - 5.4.0-1116.125 linux-buildinfo-5.4.0-1116-oracle - 5.4.0-1116.125 linux-oracle-headers-5.4.0-1116 - 5.4.0-1116.125 linux-oracle-tools-5.4.0-1116 - 5.4.0-1116.125 linux-modules-5.4.0-1116-oracle - 5.4.0-1116.125 linux-image-5.4.0-1116-oracle - 5.4.0-1116.125 linux-tools-5.4.0-1116-oracle - 5.4.0-1116.125 linux-modules-extra-5.4.0-1116-oracle - 5.4.0-1116.125 No subscription required linux-modules-extra-5.4.0-1117-aws - 5.4.0-1117.127 linux-headers-5.4.0-1117-aws - 5.4.0-1117.127 linux-aws-headers-5.4.0-1117 - 5.4.0-1117.127 linux-aws-tools-5.4.0-1117 - 5.4.0-1117.127 linux-modules-5.4.0-1117-aws - 5.4.0-1117.127 linux-tools-5.4.0-1117-aws - 5.4.0-1117.127 linux-aws-cloud-tools-5.4.0-1117 - 5.4.0-1117.127 linux-cloud-tools-5.4.0-1117-aws - 5.4.0-1117.127 linux-buildinfo-5.4.0-1117-aws - 5.4.0-1117.127 linux-image-unsigned-5.4.0-1117-aws - 5.4.0-1117.127 linux-image-5.4.0-1117-aws - 5.4.0-1117.127 No subscription required linux-gcp-headers-5.4.0-1121 - 5.4.0-1121.130 linux-modules-extra-5.4.0-1121-gcp - 5.4.0-1121.130 linux-image-unsigned-5.4.0-1121-gcp - 5.4.0-1121.130 linux-image-5.4.0-1121-gcp - 5.4.0-1121.130 linux-buildinfo-5.4.0-1121-gcp - 5.4.0-1121.130 linux-modules-5.4.0-1121-gcp - 5.4.0-1121.130 linux-tools-5.4.0-1121-gcp - 5.4.0-1121.130 linux-headers-5.4.0-1121-gcp - 5.4.0-1121.130 linux-gcp-tools-5.4.0-1121 - 5.4.0-1121.130 No subscription required linux-modules-extra-5.4.0-1122-azure - 5.4.0-1122.129 linux-tools-5.4.0-1122-azure - 5.4.0-1122.129 linux-azure-cloud-tools-5.4.0-1122 - 5.4.0-1122.129 linux-image-5.4.0-1122-azure - 5.4.0-1122.129 linux-image-unsigned-5.4.0-1122-azure - 5.4.0-1122.129 linux-cloud-tools-5.4.0-1122-azure - 5.4.0-1122.129 linux-azure-headers-5.4.0-1122 - 5.4.0-1122.129 linux-modules-5.4.0-1122-azure - 5.4.0-1122.129 linux-azure-tools-5.4.0-1122 - 5.4.0-1122.129 linux-buildinfo-5.4.0-1122-azure - 5.4.0-1122.129 linux-headers-5.4.0-1122-azure - 5.4.0-1122.129 No subscription required linux-buildinfo-5.4.0-170-generic - 5.4.0-170.188 linux-tools-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-cloud-tools-5.4.0-170 - 5.4.0-170.188 linux-tools-host - 5.4.0-170.188 linux-image-unsigned-5.4.0-170-generic - 5.4.0-170.188 linux-tools-common - 5.4.0-170.188 linux-modules-5.4.0-170-lowlatency - 5.4.0-170.188 linux-doc - 5.4.0-170.188 linux-buildinfo-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-image-5.4.0-170-generic - 5.4.0-170.188 linux-libc-dev - 5.4.0-170.188 linux-image-5.4.0-170-lowlatency - 5.4.0-170.188 linux-cloud-tools-common - 5.4.0-170.188 linux-image-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-modules-extra-5.4.0-170-generic - 5.4.0-170.188 linux-tools-5.4.0-170-generic - 5.4.0-170.188 linux-modules-5.4.0-170-generic - 5.4.0-170.188 linux-headers-5.4.0-170 - 5.4.0-170.188 linux-modules-5.4.0-170-generic-lpae - 5.4.0-170.188 linux-headers-5.4.0-170-lowlatency - 5.4.0-170.188 linux-cloud-tools-5.4.0-170-lowlatency - 5.4.0-170.188 linux-headers-5.4.0-170-generic - 5.4.0-170.188 linux-source-5.4.0 - 5.4.0-170.188 linux-image-unsigned-5.4.0-170-lowlatency - 5.4.0-170.188 linux-buildinfo-5.4.0-170-lowlatency - 5.4.0-170.188 linux-tools-5.4.0-170 - 5.4.0-170.188 linux-cloud-tools-5.4.0-170-generic - 5.4.0-170.188 linux-tools-5.4.0-170-lowlatency - 5.4.0-170.188 linux-headers-5.4.0-170-generic-lpae - 5.4.0-170.188 No subscription required linux-iot - 5.4.0.1029.27 linux-image-iot - 5.4.0.1029.27 linux-headers-iot - 5.4.0.1029.27 linux-tools-iot - 5.4.0.1029.27 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1036.36 linux-xilinx-zynqmp - 5.4.0.1036.36 linux-tools-xilinx-zynqmp - 5.4.0.1036.36 linux-headers-xilinx-zynqmp - 5.4.0.1036.36 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1064.93 linux-image-ibm-lts-20.04 - 5.4.0.1064.93 linux-ibm-lts-20.04 - 5.4.0.1064.93 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1064.93 linux-headers-ibm-lts-20.04 - 5.4.0.1064.93 No subscription required linux-bluefield - 5.4.0.1077.72 linux-image-bluefield - 5.4.0.1077.72 linux-tools-bluefield - 5.4.0.1077.72 linux-headers-bluefield - 5.4.0.1077.72 No subscription required linux-headers-gkeop - 5.4.0.1084.82 linux-cloud-tools-gkeop-5.4 - 5.4.0.1084.82 linux-image-gkeop - 5.4.0.1084.82 linux-modules-extra-gkeop-5.4 - 5.4.0.1084.82 linux-image-gkeop-5.4 - 5.4.0.1084.82 linux-gkeop - 5.4.0.1084.82 linux-cloud-tools-gkeop - 5.4.0.1084.82 linux-headers-gkeop-5.4 - 5.4.0.1084.82 linux-modules-extra-gkeop - 5.4.0.1084.82 linux-tools-gkeop - 5.4.0.1084.82 linux-tools-gkeop-5.4 - 5.4.0.1084.82 linux-gkeop-5.4 - 5.4.0.1084.82 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-raspi2 - 5.4.0.1101.131 linux-headers-raspi2 - 5.4.0.1101.131 linux-image-raspi-hwe-18.04 - 5.4.0.1101.131 linux-tools-raspi - 5.4.0.1101.131 linux-headers-raspi-hwe-18.04 - 5.4.0.1101.131 linux-headers-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-headers-raspi - 5.4.0.1101.131 linux-image-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-raspi-hwe-18.04 - 5.4.0.1101.131 linux-tools-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-raspi2-hwe-18.04 - 5.4.0.1101.131 linux-image-raspi2 - 5.4.0.1101.131 linux-tools-raspi-hwe-18.04 - 5.4.0.1101.131 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-image-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-raspi-hwe-18.04-edge - 5.4.0.1101.131 linux-raspi - 5.4.0.1101.131 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1101.131 linux-image-raspi - 5.4.0.1101.131 linux-tools-raspi2 - 5.4.0.1101.131 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1116.109 linux-oracle-lts-20.04 - 5.4.0.1116.109 linux-headers-oracle-lts-20.04 - 5.4.0.1116.109 linux-image-oracle-lts-20.04 - 5.4.0.1116.109 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1117.114 linux-headers-aws-lts-20.04 - 5.4.0.1117.114 linux-tools-aws-lts-20.04 - 5.4.0.1117.114 linux-modules-extra-aws-lts-20.04 - 5.4.0.1117.114 linux-aws-lts-20.04 - 5.4.0.1117.114 No subscription required linux-gcp-lts-20.04 - 5.4.0.1121.123 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1121.123 linux-headers-gcp-lts-20.04 - 5.4.0.1121.123 linux-image-gcp-lts-20.04 - 5.4.0.1121.123 linux-tools-gcp-lts-20.04 - 5.4.0.1121.123 No subscription required linux-azure-lts-20.04 - 5.4.0.1122.115 linux-image-azure-lts-20.04 - 5.4.0.1122.115 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1122.115 linux-modules-extra-azure-lts-20.04 - 5.4.0.1122.115 linux-tools-azure-lts-20.04 - 5.4.0.1122.115 linux-headers-azure-lts-20.04 - 5.4.0.1122.115 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-cloud-tools-virtual - 5.4.0.170.168 linux-headers-virtual-hwe-18.04 - 5.4.0.170.168 linux-image-generic-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-headers-generic-lpae - 5.4.0.170.168 linux-image-virtual - 5.4.0.170.168 linux-generic-hwe-18.04 - 5.4.0.170.168 linux-oem-osp1-tools-host - 5.4.0.170.168 linux-image-generic - 5.4.0.170.168 linux-tools-lowlatency - 5.4.0.170.168 linux-image-oem - 5.4.0.170.168 linux-image-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-headers-generic-hwe-18.04 - 5.4.0.170.168 linux-headers-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-image-extra-virtual-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.170.168 linux-image-oem-osp1 - 5.4.0.170.168 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-image-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-crashdump - 5.4.0.170.168 linux-tools-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-headers-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-source - 5.4.0.170.168 linux-lowlatency - 5.4.0.170.168 linux-tools-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-tools-generic-lpae - 5.4.0.170.168 linux-tools-virtual - 5.4.0.170.168 linux-virtual - 5.4.0.170.168 linux-virtual-hwe-18.04 - 5.4.0.170.168 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-cloud-tools-generic - 5.4.0.170.168 linux-tools-oem - 5.4.0.170.168 linux-generic-lpae - 5.4.0.170.168 linux-headers-oem - 5.4.0.170.168 linux-generic - 5.4.0.170.168 linux-tools-oem-osp1 - 5.4.0.170.168 linux-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-image-virtual-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-lowlatency - 5.4.0.170.168 linux-headers-lowlatency - 5.4.0.170.168 linux-generic-hwe-18.04-edge - 5.4.0.170.168 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-oem - 5.4.0.170.168 linux-tools-generic - 5.4.0.170.168 linux-image-extra-virtual - 5.4.0.170.168 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-oem-tools-host - 5.4.0.170.168 linux-headers-oem-osp1 - 5.4.0.170.168 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.170.168 linux-headers-generic-hwe-18.04-edge - 5.4.0.170.168 linux-headers-generic - 5.4.0.170.168 linux-oem-osp1 - 5.4.0.170.168 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.170.168 linux-virtual-hwe-18.04-edge - 5.4.0.170.168 linux-headers-virtual - 5.4.0.170.168 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.170.168 linux-tools-virtual-hwe-18.04 - 5.4.0.170.168 linux-lowlatency-hwe-18.04 - 5.4.0.170.168 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.170.168 linux-image-generic-lpae - 5.4.0.170.168 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.170.168 linux-image-lowlatency - 5.4.0.170.168 linux-tools-generic-hwe-18.04 - 5.4.0.170.168 linux-image-generic-hwe-18.04-edge - 5.4.0.170.168 linux-tools-generic-hwe-18.04-edge - 5.4.0.170.168 linux-image-virtual-hwe-18.04-edge - 5.4.0.170.168 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6931 CVE-2023-6932 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Update Instructions: Run `sudo pro fix USN-6605-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1105-kvm - 5.4.0-1105.112 linux-kvm-headers-5.4.0-1105 - 5.4.0-1105.112 linux-image-unsigned-5.4.0-1105-kvm - 5.4.0-1105.112 linux-kvm-tools-5.4.0-1105 - 5.4.0-1105.112 linux-modules-5.4.0-1105-kvm - 5.4.0-1105.112 linux-buildinfo-5.4.0-1105-kvm - 5.4.0-1105.112 linux-headers-5.4.0-1105-kvm - 5.4.0-1105.112 linux-image-5.4.0-1105-kvm - 5.4.0-1105.112 No subscription required linux-tools-kvm - 5.4.0.1105.101 linux-kvm - 5.4.0.1105.101 linux-headers-kvm - 5.4.0.1105.101 linux-image-kvm - 5.4.0.1105.101 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6931 CVE-2023-6932 Ubuntu 20.04 LTS It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5345) Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6607-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-buildinfo-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-tools-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-image-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-headers-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-modules-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-azure-5.15-tools-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-azure-5.15-headers-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-modules-extra-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-cloud-tools-5.15.0-1054-azure - 5.15.0-1054.62~20.04.1 No subscription required linux-image-unsigned-5.15.0-1054-azure-fde - 5.15.0-1054.62~20.04.1.1 linux-image-5.15.0-1054-azure-fde - 5.15.0-1054.62~20.04.1.1 No subscription required linux-modules-extra-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-image-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-modules-extra-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-tools-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-cloud-tools-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-tools-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-headers-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-azure-fde - 5.15.0.1054.62~20.04.1.32 linux-image-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-cloud-tools-azure-fde-edge - 5.15.0.1054.62~20.04.1.32 linux-headers-azure-fde - 5.15.0.1054.62~20.04.1.32 No subscription required linux-tools-azure-cvm - 5.15.0.1054.62~20.04.43 linux-tools-azure-edge - 5.15.0.1054.62~20.04.43 linux-azure - 5.15.0.1054.62~20.04.43 linux-image-azure - 5.15.0.1054.62~20.04.43 linux-cloud-tools-azure - 5.15.0.1054.62~20.04.43 linux-headers-azure-cvm - 5.15.0.1054.62~20.04.43 linux-modules-extra-azure-cvm - 5.15.0.1054.62~20.04.43 linux-cloud-tools-azure-edge - 5.15.0.1054.62~20.04.43 linux-cloud-tools-azure-cvm - 5.15.0.1054.62~20.04.43 linux-tools-azure - 5.15.0.1054.62~20.04.43 linux-headers-azure-edge - 5.15.0.1054.62~20.04.43 linux-image-azure-edge - 5.15.0.1054.62~20.04.43 linux-modules-extra-azure - 5.15.0.1054.62~20.04.43 linux-azure-edge - 5.15.0.1054.62~20.04.43 linux-image-azure-cvm - 5.15.0.1054.62~20.04.43 linux-azure-cvm - 5.15.0.1054.62~20.04.43 linux-modules-extra-azure-edge - 5.15.0.1054.62~20.04.43 linux-headers-azure - 5.15.0.1054.62~20.04.43 No subscription required High CVE-2023-5345 CVE-2023-6040 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6609-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-gkeop-5.15-tools-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-buildinfo-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-cloud-tools-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-tools-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-modules-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-image-unsigned-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-headers-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 linux-gkeop-5.15-headers-5.15.0-1035 - 5.15.0-1035.41~20.04.1 linux-image-5.15.0-1035-gkeop - 5.15.0-1035.41~20.04.1 No subscription required linux-ibm-5.15-source-5.15.0 - 5.15.0-1045.48~20.04.1 linux-image-unsigned-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-ibm-5.15-tools-5.15.0-1045 - 5.15.0-1045.48~20.04.1 linux-ibm-5.15-headers-5.15.0-1045 - 5.15.0-1045.48~20.04.1 linux-headers-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-modules-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-buildinfo-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-image-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-tools-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 linux-modules-extra-5.15.0-1045-ibm - 5.15.0-1045.48~20.04.1 No subscription required linux-headers-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-gcp-5.15-tools-5.15.0-1049 - 5.15.0-1049.57~20.04.1 linux-image-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-modules-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-tools-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-modules-iwlwifi-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-modules-extra-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-buildinfo-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-image-unsigned-5.15.0-1049-gcp - 5.15.0-1049.57~20.04.1 linux-gcp-5.15-headers-5.15.0-1049 - 5.15.0-1049.57~20.04.1 No subscription required linux-cloud-tools-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-tools-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-aws-5.15-headers-5.15.0-1052 - 5.15.0-1052.57~20.04.1 linux-headers-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-image-unsigned-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-modules-extra-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-aws-5.15-tools-5.15.0-1052 - 5.15.0-1052.57~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.57~20.04.1 linux-modules-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-image-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 linux-buildinfo-5.15.0-1052-aws - 5.15.0-1052.57~20.04.1 No subscription required linux-headers-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-92.102~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-hwe-5.15-headers-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-cloud-tools-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-modules-iwlwifi-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-hwe-5.15-tools-5.15.0-92 - 5.15.0-92.102~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-headers-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-modules-extra-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-generic - 5.15.0-92.102~20.04.1 linux-cloud-tools-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-image-5.15.0-92-lowlatency-64k - 5.15.0-92.102~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-92.102~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-92.102~20.04.1 linux-modules-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-generic-lpae - 5.15.0-92.102~20.04.1 linux-buildinfo-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-tools-5.15.0-92-generic-64k - 5.15.0-92.102~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-92.102~20.04.1 linux-image-unsigned-5.15.0-92-lowlatency - 5.15.0-92.102~20.04.1 linux-modules-iwlwifi-5.15.0-92-generic - 5.15.0-92.102~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-image-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-headers-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-tools-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-headers-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-image-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-cloud-tools-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-modules-extra-gkeop-edge - 5.15.0.1035.41~20.04.31 linux-tools-gkeop-5.15 - 5.15.0.1035.41~20.04.31 linux-modules-extra-gkeop-5.15 - 5.15.0.1035.41~20.04.31 No subscription required linux-image-ibm - 5.15.0.1045.48~20.04.17 linux-tools-ibm - 5.15.0.1045.48~20.04.17 linux-headers-ibm-edge - 5.15.0.1045.48~20.04.17 linux-tools-ibm-edge - 5.15.0.1045.48~20.04.17 linux-ibm - 5.15.0.1045.48~20.04.17 linux-ibm-edge - 5.15.0.1045.48~20.04.17 linux-headers-ibm - 5.15.0.1045.48~20.04.17 linux-image-ibm-edge - 5.15.0.1045.48~20.04.17 No subscription required linux-image-gcp-edge - 5.15.0.1049.57~20.04.1 linux-headers-gcp-edge - 5.15.0.1049.57~20.04.1 linux-tools-gcp - 5.15.0.1049.57~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1049.57~20.04.1 linux-gcp - 5.15.0.1049.57~20.04.1 linux-headers-gcp - 5.15.0.1049.57~20.04.1 linux-image-gcp - 5.15.0.1049.57~20.04.1 linux-modules-extra-gcp - 5.15.0.1049.57~20.04.1 linux-tools-gcp-edge - 5.15.0.1049.57~20.04.1 linux-gcp-edge - 5.15.0.1049.57~20.04.1 No subscription required linux-headers-aws - 5.15.0.1052.57~20.04.40 linux-image-aws - 5.15.0.1052.57~20.04.40 linux-modules-extra-aws-edge - 5.15.0.1052.57~20.04.40 linux-image-aws-edge - 5.15.0.1052.57~20.04.40 linux-aws-edge - 5.15.0.1052.57~20.04.40 linux-aws - 5.15.0.1052.57~20.04.40 linux-headers-aws-edge - 5.15.0.1052.57~20.04.40 linux-modules-extra-aws - 5.15.0.1052.57~20.04.40 linux-tools-aws - 5.15.0.1052.57~20.04.40 linux-tools-aws-edge - 5.15.0.1052.57~20.04.40 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-image-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-lowlatency-64k-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-lowlatency-hwe-20.04 - 5.15.0.92.102~20.04.46 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.46 No subscription required linux-tools-oem-20.04d - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04c - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04b - 5.15.0.92.102~20.04.49 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-extra-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04d - 5.15.0.92.102~20.04.49 linux-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04 - 5.15.0.92.102~20.04.49 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-tools-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-oem-20.04c - 5.15.0.92.102~20.04.49 linux-image-oem-20.04b - 5.15.0.92.102~20.04.49 linux-image-oem-20.04d - 5.15.0.92.102~20.04.49 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-oem-20.04 - 5.15.0.92.102~20.04.49 linux-image-oem-20.04 - 5.15.0.92.102~20.04.49 linux-oem-20.04c - 5.15.0.92.102~20.04.49 linux-oem-20.04b - 5.15.0.92.102~20.04.49 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-oem-20.04d - 5.15.0.92.102~20.04.49 linux-tools-oem-20.04 - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-oem-20.04 - 5.15.0.92.102~20.04.49 linux-tools-generic-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-image-generic-lpae-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-tools-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-oem-20.04d - 5.15.0.92.102~20.04.49 linux-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-tools-virtual-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-generic-64k-hwe-20.04 - 5.15.0.92.102~20.04.49 linux-image-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04b - 5.15.0.92.102~20.04.49 linux-headers-oem-20.04c - 5.15.0.92.102~20.04.49 linux-headers-virtual-hwe-20.04 - 5.15.0.92.102~20.04.49 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 20.04 LTS Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) Update Instructions: Run `sudo pro fix USN-6609-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-headers-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-image-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-oracle-5.15-tools-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-buildinfo-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-oracle-5.15-headers-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-image-unsigned-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-modules-extra-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 linux-modules-5.15.0-1050-oracle - 5.15.0-1050.56~20.04.1 No subscription required linux-image-oracle-edge - 5.15.0.1050.56~20.04.1 linux-tools-oracle-edge - 5.15.0.1050.56~20.04.1 linux-headers-oracle - 5.15.0.1050.56~20.04.1 linux-oracle - 5.15.0.1050.56~20.04.1 linux-oracle-edge - 5.15.0.1050.56~20.04.1 linux-image-oracle - 5.15.0.1050.56~20.04.1 linux-tools-oracle - 5.15.0.1050.56~20.04.1 linux-headers-oracle-edge - 5.15.0.1050.56~20.04.1 No subscription required High CVE-2023-6040 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2024-0193 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755) Cornel Ionce discovered that Firefox did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Update Instructions: Run `sudo pro fix USN-6610-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 122.0+build2-0ubuntu0.20.04.1 firefox - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 122.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 122.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 122.0+build2-0ubuntu0.20.04.1 firefox-dev - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 122.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 122.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0741 CVE-2024-0742 CVE-2024-0743 CVE-2024-0744 CVE-2024-0745 CVE-2024-0746 CVE-2024-0747 CVE-2024-0748 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0754 CVE-2024-0755 Ubuntu 20.04 LTS USN-6610-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755) Cornel Ionce discovered that Firefox did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Update Instructions: Run `sudo pro fix USN-6610-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 122.0.1+build1-0ubuntu0.20.04.1 firefox - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 122.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 122.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 122.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 122.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 122.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2052580 Ubuntu 20.04 LTS It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. Update Instructions: Run `sudo pro fix USN-6611-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4-dev - 4.93-13ubuntu1.10 eximon4 - 4.93-13ubuntu1.10 exim4 - 4.93-13ubuntu1.10 exim4-base - 4.93-13ubuntu1.10 exim4-config - 4.93-13ubuntu1.10 exim4-daemon-heavy - 4.93-13ubuntu1.10 exim4-daemon-light - 4.93-13ubuntu1.10 No subscription required Medium CVE-2023-51766 Ubuntu 20.04 LTS It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6612-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtinyxml-doc - 2.6.2-4+deb10u2build0.20.04.1 libtinyxml-dev - 2.6.2-4+deb10u2build0.20.04.1 libtinyxml2.6.2v5 - 2.6.2-4+deb10u2build0.20.04.1 No subscription required Medium CVE-2023-34194 Ubuntu 20.04 LTS Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An uprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket. Update Instructions: Run `sudo pro fix USN-6613-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ceph-mds - 15.2.17-0ubuntu0.20.04.6 python3-rbd - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-modules-core - 15.2.17-0ubuntu0.20.04.6 ceph-mgr - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-cephadm - 15.2.17-0ubuntu0.20.04.6 ceph - 15.2.17-0ubuntu0.20.04.6 ceph-osd - 15.2.17-0ubuntu0.20.04.6 rbd-mirror - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-diskprediction-local - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-dashboard - 15.2.17-0ubuntu0.20.04.6 librbd-dev - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-rook - 15.2.17-0ubuntu0.20.04.6 rbd-fuse - 15.2.17-0ubuntu0.20.04.6 libradospp-dev - 15.2.17-0ubuntu0.20.04.6 librados-dev - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-diskprediction-cloud - 15.2.17-0ubuntu0.20.04.6 python3-ceph - 15.2.17-0ubuntu0.20.04.6 cephadm - 15.2.17-0ubuntu0.20.04.6 libradosstriper-dev - 15.2.17-0ubuntu0.20.04.6 librados2 - 15.2.17-0ubuntu0.20.04.6 ceph-mon - 15.2.17-0ubuntu0.20.04.6 libcephfs2 - 15.2.17-0ubuntu0.20.04.6 ceph-immutable-object-cache - 15.2.17-0ubuntu0.20.04.6 librgw2 - 15.2.17-0ubuntu0.20.04.6 rbd-nbd - 15.2.17-0ubuntu0.20.04.6 radosgw - 15.2.17-0ubuntu0.20.04.6 librbd1 - 15.2.17-0ubuntu0.20.04.6 python3-rgw - 15.2.17-0ubuntu0.20.04.6 python3-ceph-common - 15.2.17-0ubuntu0.20.04.6 libcephfs-dev - 15.2.17-0ubuntu0.20.04.6 rados-objclass-dev - 15.2.17-0ubuntu0.20.04.6 libradosstriper1 - 15.2.17-0ubuntu0.20.04.6 python3-ceph-argparse - 15.2.17-0ubuntu0.20.04.6 librgw-dev - 15.2.17-0ubuntu0.20.04.6 python3-rados - 15.2.17-0ubuntu0.20.04.6 ceph-base - 15.2.17-0ubuntu0.20.04.6 ceph-mgr-k8sevents - 15.2.17-0ubuntu0.20.04.6 python3-cephfs - 15.2.17-0ubuntu0.20.04.6 ceph-fuse - 15.2.17-0ubuntu0.20.04.6 cephfs-shell - 15.2.17-0ubuntu0.20.04.6 ceph-common - 15.2.17-0ubuntu0.20.04.6 libcephfs-java - 15.2.17-0ubuntu0.20.04.6 ceph-resource-agents - 15.2.17-0ubuntu0.20.04.6 libcephfs-jni - 15.2.17-0ubuntu0.20.04.6 No subscription required Medium CVE-2023-43040 Ubuntu 20.04 LTS It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack. Update Instructions: Run `sudo pro fix USN-6614-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amanda-client - 1:3.5.1-2ubuntu0.4 amanda-common - 1:3.5.1-2ubuntu0.4 amanda-server - 1:3.5.1-2ubuntu0.4 No subscription required Medium CVE-2023-30577 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-36.html https://www.oracle.com/security-alerts/cpujan2024.html Update Instructions: Run `sudo pro fix USN-6615-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.36-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.36-0ubuntu0.20.04.1 libmysqlclient-dev - 8.0.36-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-router - 8.0.36-0ubuntu0.20.04.1 mysql-server - 8.0.36-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.36-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-testsuite - 8.0.36-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.36-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.36-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 Ubuntu 20.04 LTS It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6616-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libldap-2.4-2 - 2.4.49+dfsg-2ubuntu1.10 slapd-smbk5pwd - 2.4.49+dfsg-2ubuntu1.10 slapd-contrib - 2.4.49+dfsg-2ubuntu1.10 libldap-common - 2.4.49+dfsg-2ubuntu1.10 slapi-dev - 2.4.49+dfsg-2ubuntu1.10 ldap-utils - 2.4.49+dfsg-2ubuntu1.10 libldap2-dev - 2.4.49+dfsg-2ubuntu1.10 slapd - 2.4.49+dfsg-2ubuntu1.10 No subscription required Low CVE-2023-2953 Ubuntu 20.04 LTS It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-21594) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-21595, CVE-2020-21596, CVE-2020-21599, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602, CVE-2020-21603, CVE-2020-21604, CVE-2020-21605) It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-21597, CVE-2020-21598, CVE-2020-21606, CVE-2021-36408) Update Instructions: Run `sudo pro fix USN-6617-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.1 libde265-examples - 1.0.4-1ubuntu0.1 libde265-dev - 1.0.4-1ubuntu0.1 No subscription required Medium CVE-2020-21594 CVE-2020-21595 CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2020-21599 CVE-2020-21600 CVE-2020-21601 CVE-2020-21602 CVE-2020-21603 CVE-2020-21604 CVE-2020-21605 CVE-2020-21606 CVE-2021-36408 Ubuntu 20.04 LTS It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-44271) Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code. (CVE-2023-50447) Update Instructions: Run `sudo pro fix USN-6618-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.8 python-pil-doc - 7.0.0-4ubuntu0.8 python3-pil - 7.0.0-4ubuntu0.8 No subscription required Medium CVE-2023-44271 CVE-2023-50447 Ubuntu 20.04 LTS Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions. Update Instructions: Run `sudo pro fix USN-6619-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-opencontainers-runc-dev - 1.1.7-0ubuntu1~20.04.2 runc - 1.1.7-0ubuntu1~20.04.2 No subscription required High CVE-2024-21626 Ubuntu 20.04 LTS It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6621-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-5341 Ubuntu 20.04 LTS David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. (CVE-2023-5678) Sverker Eriksson discovered that OpenSSL incorrectly handled POLY1304 MAC on the PowerPC architecture. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-6129) It was discovered that OpenSSL incorrectly handled excessively long RSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-6237) Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed PKCS12 files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2024-0727) Update Instructions: Run `sudo pro fix USN-6622-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.21 libssl-dev - 1.1.1f-1ubuntu2.21 openssl - 1.1.1f-1ubuntu2.21 libssl-doc - 1.1.1f-1ubuntu2.21 No subscription required Low CVE-2023-5678 CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain inputs that uses intcomma template filter. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6623-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.21 python-django-doc - 2:2.2.12-1ubuntu0.21 No subscription required Medium CVE-2024-24680 Ubuntu 20.04 LTS Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) Update Instructions: Run `sudo pro fix USN-6625-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1030-iot - 5.4.0-1030.31 linux-iot-tools-5.4.0-1030 - 5.4.0-1030.31 linux-image-5.4.0-1030-iot - 5.4.0-1030.31 linux-iot-tools-common - 5.4.0-1030.31 linux-tools-5.4.0-1030-iot - 5.4.0-1030.31 linux-headers-5.4.0-1030-iot - 5.4.0-1030.31 linux-image-unsigned-5.4.0-1030-iot - 5.4.0-1030.31 linux-buildinfo-5.4.0-1030-iot - 5.4.0-1030.31 linux-iot-headers-5.4.0-1030 - 5.4.0-1030.31 No subscription required linux-image-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-buildinfo-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-tools-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-modules-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-headers-5.4.0-1037-xilinx-zynqmp - 5.4.0-1037.41 linux-xilinx-zynqmp-headers-5.4.0-1037 - 5.4.0-1037.41 linux-xilinx-zynqmp-tools-5.4.0-1037 - 5.4.0-1037.41 No subscription required linux-modules-extra-5.4.0-1065-ibm - 5.4.0-1065.70 linux-ibm-tools-5.4.0-1065 - 5.4.0-1065.70 linux-ibm-tools-common - 5.4.0-1065.70 linux-image-unsigned-5.4.0-1065-ibm - 5.4.0-1065.70 linux-ibm-headers-5.4.0-1065 - 5.4.0-1065.70 linux-buildinfo-5.4.0-1065-ibm - 5.4.0-1065.70 linux-tools-5.4.0-1065-ibm - 5.4.0-1065.70 linux-ibm-source-5.4.0 - 5.4.0-1065.70 linux-ibm-cloud-tools-common - 5.4.0-1065.70 linux-modules-5.4.0-1065-ibm - 5.4.0-1065.70 linux-headers-5.4.0-1065-ibm - 5.4.0-1065.70 linux-image-5.4.0-1065-ibm - 5.4.0-1065.70 No subscription required linux-modules-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-headers-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-image-unsigned-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-bluefield-tools-5.4.0-1078 - 5.4.0-1078.84 linux-buildinfo-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-image-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-tools-5.4.0-1078-bluefield - 5.4.0-1078.84 linux-bluefield-headers-5.4.0-1078 - 5.4.0-1078.84 No subscription required linux-cloud-tools-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-gkeop-headers-5.4.0-1085 - 5.4.0-1085.89 linux-image-unsigned-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-gkeop-source-5.4.0 - 5.4.0-1085.89 linux-headers-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-buildinfo-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-gkeop-cloud-tools-5.4.0-1085 - 5.4.0-1085.89 linux-gkeop-tools-5.4.0-1085 - 5.4.0-1085.89 linux-image-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-modules-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-modules-extra-5.4.0-1085-gkeop - 5.4.0-1085.89 linux-tools-5.4.0-1085-gkeop - 5.4.0-1085.89 No subscription required linux-buildinfo-5.4.0-1106-kvm - 5.4.0-1106.113 linux-modules-5.4.0-1106-kvm - 5.4.0-1106.113 linux-image-5.4.0-1106-kvm - 5.4.0-1106.113 linux-kvm-tools-5.4.0-1106 - 5.4.0-1106.113 linux-tools-5.4.0-1106-kvm - 5.4.0-1106.113 linux-kvm-headers-5.4.0-1106 - 5.4.0-1106.113 linux-headers-5.4.0-1106-kvm - 5.4.0-1106.113 linux-image-unsigned-5.4.0-1106-kvm - 5.4.0-1106.113 No subscription required linux-modules-5.4.0-1117-oracle - 5.4.0-1117.126 linux-oracle-headers-5.4.0-1117 - 5.4.0-1117.126 linux-oracle-tools-5.4.0-1117 - 5.4.0-1117.126 linux-headers-5.4.0-1117-oracle - 5.4.0-1117.126 linux-tools-5.4.0-1117-oracle - 5.4.0-1117.126 linux-image-unsigned-5.4.0-1117-oracle - 5.4.0-1117.126 linux-modules-extra-5.4.0-1117-oracle - 5.4.0-1117.126 linux-buildinfo-5.4.0-1117-oracle - 5.4.0-1117.126 linux-image-5.4.0-1117-oracle - 5.4.0-1117.126 No subscription required linux-cloud-tools-5.4.0-1118-aws - 5.4.0-1118.128 linux-modules-5.4.0-1118-aws - 5.4.0-1118.128 linux-aws-tools-5.4.0-1118 - 5.4.0-1118.128 linux-image-unsigned-5.4.0-1118-aws - 5.4.0-1118.128 linux-aws-headers-5.4.0-1118 - 5.4.0-1118.128 linux-buildinfo-5.4.0-1118-aws - 5.4.0-1118.128 linux-image-5.4.0-1118-aws - 5.4.0-1118.128 linux-aws-cloud-tools-5.4.0-1118 - 5.4.0-1118.128 linux-modules-extra-5.4.0-1118-aws - 5.4.0-1118.128 linux-headers-5.4.0-1118-aws - 5.4.0-1118.128 linux-tools-5.4.0-1118-aws - 5.4.0-1118.128 No subscription required linux-image-unsigned-5.4.0-1123-azure - 5.4.0-1123.130 linux-modules-5.4.0-1123-azure - 5.4.0-1123.130 linux-azure-cloud-tools-5.4.0-1123 - 5.4.0-1123.130 linux-cloud-tools-5.4.0-1123-azure - 5.4.0-1123.130 linux-azure-headers-5.4.0-1123 - 5.4.0-1123.130 linux-headers-5.4.0-1123-azure - 5.4.0-1123.130 linux-buildinfo-5.4.0-1123-azure - 5.4.0-1123.130 linux-azure-tools-5.4.0-1123 - 5.4.0-1123.130 linux-image-5.4.0-1123-azure - 5.4.0-1123.130 linux-tools-5.4.0-1123-azure - 5.4.0-1123.130 linux-modules-extra-5.4.0-1123-azure - 5.4.0-1123.130 No subscription required linux-modules-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-tools-common - 5.4.0-171.189 linux-buildinfo-5.4.0-171-lowlatency - 5.4.0-171.189 linux-cloud-tools-5.4.0-171-generic - 5.4.0-171.189 linux-doc - 5.4.0-171.189 linux-tools-5.4.0-171-generic - 5.4.0-171.189 linux-buildinfo-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-tools-5.4.0-171-lowlatency - 5.4.0-171.189 linux-modules-extra-5.4.0-171-generic - 5.4.0-171.189 linux-image-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-libc-dev - 5.4.0-171.189 linux-source-5.4.0 - 5.4.0-171.189 linux-tools-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-image-unsigned-5.4.0-171-lowlatency - 5.4.0-171.189 linux-headers-5.4.0-171 - 5.4.0-171.189 linux-buildinfo-5.4.0-171-generic - 5.4.0-171.189 linux-image-5.4.0-171-lowlatency - 5.4.0-171.189 linux-headers-5.4.0-171-generic-lpae - 5.4.0-171.189 linux-headers-5.4.0-171-lowlatency - 5.4.0-171.189 linux-tools-host - 5.4.0-171.189 linux-cloud-tools-common - 5.4.0-171.189 linux-image-unsigned-5.4.0-171-generic - 5.4.0-171.189 linux-cloud-tools-5.4.0-171-lowlatency - 5.4.0-171.189 linux-modules-5.4.0-171-lowlatency - 5.4.0-171.189 linux-tools-5.4.0-171 - 5.4.0-171.189 linux-cloud-tools-5.4.0-171 - 5.4.0-171.189 linux-image-5.4.0-171-generic - 5.4.0-171.189 linux-modules-5.4.0-171-generic - 5.4.0-171.189 linux-headers-5.4.0-171-generic - 5.4.0-171.189 No subscription required linux-iot - 5.4.0.1030.28 linux-image-iot - 5.4.0.1030.28 linux-headers-iot - 5.4.0.1030.28 linux-tools-iot - 5.4.0.1030.28 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1037.37 linux-xilinx-zynqmp - 5.4.0.1037.37 linux-tools-xilinx-zynqmp - 5.4.0.1037.37 linux-headers-xilinx-zynqmp - 5.4.0.1037.37 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1065.94 linux-headers-ibm-lts-20.04 - 5.4.0.1065.94 linux-image-ibm-lts-20.04 - 5.4.0.1065.94 linux-ibm-lts-20.04 - 5.4.0.1065.94 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1065.94 No subscription required linux-bluefield - 5.4.0.1078.73 linux-image-bluefield - 5.4.0.1078.73 linux-headers-bluefield - 5.4.0.1078.73 linux-tools-bluefield - 5.4.0.1078.73 No subscription required linux-headers-gkeop - 5.4.0.1085.83 linux-cloud-tools-gkeop-5.4 - 5.4.0.1085.83 linux-image-gkeop - 5.4.0.1085.83 linux-modules-extra-gkeop-5.4 - 5.4.0.1085.83 linux-gkeop-5.4 - 5.4.0.1085.83 linux-headers-gkeop-5.4 - 5.4.0.1085.83 linux-image-gkeop-5.4 - 5.4.0.1085.83 linux-gkeop - 5.4.0.1085.83 linux-modules-extra-gkeop - 5.4.0.1085.83 linux-tools-gkeop - 5.4.0.1085.83 linux-tools-gkeop-5.4 - 5.4.0.1085.83 linux-cloud-tools-gkeop - 5.4.0.1085.83 No subscription required linux-kvm - 5.4.0.1106.102 linux-headers-kvm - 5.4.0.1106.102 linux-image-kvm - 5.4.0.1106.102 linux-tools-kvm - 5.4.0.1106.102 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1117.110 linux-oracle-lts-20.04 - 5.4.0.1117.110 linux-headers-oracle-lts-20.04 - 5.4.0.1117.110 linux-image-oracle-lts-20.04 - 5.4.0.1117.110 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1118.115 linux-headers-aws-lts-20.04 - 5.4.0.1118.115 linux-tools-aws-lts-20.04 - 5.4.0.1118.115 linux-modules-extra-aws-lts-20.04 - 5.4.0.1118.115 linux-aws-lts-20.04 - 5.4.0.1118.115 No subscription required linux-azure-lts-20.04 - 5.4.0.1123.116 linux-image-azure-lts-20.04 - 5.4.0.1123.116 linux-modules-extra-azure-lts-20.04 - 5.4.0.1123.116 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1123.116 linux-tools-azure-lts-20.04 - 5.4.0.1123.116 linux-headers-azure-lts-20.04 - 5.4.0.1123.116 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-virtual - 5.4.0.171.169 linux-image-generic-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-headers-generic-lpae - 5.4.0.171.169 linux-image-virtual - 5.4.0.171.169 linux-generic-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-lowlatency - 5.4.0.171.169 linux-image-generic - 5.4.0.171.169 linux-tools-lowlatency - 5.4.0.171.169 linux-image-oem - 5.4.0.171.169 linux-headers-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-image-extra-virtual-hwe-18.04 - 5.4.0.171.169 linux-image-oem-osp1 - 5.4.0.171.169 linux-image-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-crashdump - 5.4.0.171.169 linux-tools-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-headers-generic-hwe-18.04 - 5.4.0.171.169 linux-headers-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-source - 5.4.0.171.169 linux-lowlatency - 5.4.0.171.169 linux-tools-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-tools-generic-lpae - 5.4.0.171.169 linux-cloud-tools-generic - 5.4.0.171.169 linux-virtual - 5.4.0.171.169 linux-headers-virtual-hwe-18.04 - 5.4.0.171.169 linux-tools-generic - 5.4.0.171.169 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-tools-virtual - 5.4.0.171.169 linux-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-generic-lpae - 5.4.0.171.169 linux-headers-oem - 5.4.0.171.169 linux-generic - 5.4.0.171.169 linux-tools-oem-osp1 - 5.4.0.171.169 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-image-virtual-hwe-18.04 - 5.4.0.171.169 linux-oem-tools-host - 5.4.0.171.169 linux-headers-lowlatency - 5.4.0.171.169 linux-image-generic-hwe-18.04-edge - 5.4.0.171.169 linux-generic-hwe-18.04-edge - 5.4.0.171.169 linux-tools-generic-hwe-18.04-edge - 5.4.0.171.169 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.171.169 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-oem - 5.4.0.171.169 linux-image-extra-virtual - 5.4.0.171.169 linux-oem-osp1-tools-host - 5.4.0.171.169 linux-tools-oem - 5.4.0.171.169 linux-headers-oem-osp1 - 5.4.0.171.169 linux-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-tools-generic-hwe-18.04 - 5.4.0.171.169 linux-headers-generic-hwe-18.04-edge - 5.4.0.171.169 linux-headers-generic - 5.4.0.171.169 linux-oem-osp1 - 5.4.0.171.169 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.171.169 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-image-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.171.169 linux-virtual-hwe-18.04-edge - 5.4.0.171.169 linux-headers-virtual - 5.4.0.171.169 linux-virtual-hwe-18.04 - 5.4.0.171.169 linux-lowlatency-hwe-18.04 - 5.4.0.171.169 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.171.169 linux-image-generic-lpae - 5.4.0.171.169 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.171.169 linux-image-lowlatency - 5.4.0.171.169 linux-tools-virtual-hwe-18.04 - 5.4.0.171.169 linux-image-virtual-hwe-18.04-edge - 5.4.0.171.169 No subscription required Medium CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46343 Ubuntu 20.04 LTS Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) Update Instructions: Run `sudo pro fix USN-6625-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1122-gcp - 5.4.0-1122.131 linux-image-5.4.0-1122-gcp - 5.4.0-1122.131 linux-image-unsigned-5.4.0-1122-gcp - 5.4.0-1122.131 linux-gcp-headers-5.4.0-1122 - 5.4.0-1122.131 linux-modules-extra-5.4.0-1122-gcp - 5.4.0-1122.131 linux-headers-5.4.0-1122-gcp - 5.4.0-1122.131 linux-modules-5.4.0-1122-gcp - 5.4.0-1122.131 linux-gcp-tools-5.4.0-1122 - 5.4.0-1122.131 linux-buildinfo-5.4.0-1122-gcp - 5.4.0-1122.131 No subscription required linux-image-gcp-lts-20.04 - 5.4.0.1122.124 linux-tools-gcp-lts-20.04 - 5.4.0.1122.124 linux-headers-gcp-lts-20.04 - 5.4.0.1122.124 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1122.124 linux-gcp-lts-20.04 - 5.4.0.1122.124 No subscription required Medium CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46343 Ubuntu 20.04 LTS Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) Update Instructions: Run `sudo pro fix USN-6625-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1102-raspi - 5.4.0-1102.114 linux-raspi-headers-5.4.0-1102 - 5.4.0-1102.114 linux-buildinfo-5.4.0-1102-raspi - 5.4.0-1102.114 linux-headers-5.4.0-1102-raspi - 5.4.0-1102.114 linux-image-5.4.0-1102-raspi - 5.4.0-1102.114 linux-raspi-tools-5.4.0-1102 - 5.4.0-1102.114 linux-modules-5.4.0-1102-raspi - 5.4.0-1102.114 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-raspi - 5.4.0.1102.132 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-raspi-hwe-18.04 - 5.4.0.1102.132 linux-tools-raspi - 5.4.0.1102.132 linux-image-raspi - 5.4.0.1102.132 linux-tools-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-raspi2 - 5.4.0.1102.132 linux-headers-raspi2 - 5.4.0.1102.132 linux-headers-raspi2-hwe-18.04 - 5.4.0.1102.132 linux-image-raspi2 - 5.4.0.1102.132 linux-image-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-tools-raspi-hwe-18.04 - 5.4.0.1102.132 linux-tools-raspi2 - 5.4.0.1102.132 linux-image-raspi-hwe-18.04 - 5.4.0.1102.132 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1102.132 linux-headers-raspi - 5.4.0.1102.132 linux-headers-raspi-hwe-18.04 - 5.4.0.1102.132 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1102.132 linux-image-raspi2-hwe-18.04 - 5.4.0.1102.132 No subscription required Medium CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46343 Ubuntu 20.04 LTS Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6626-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-5.15-cloud-tools-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-gkeop-5.15-tools-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-cloud-tools-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-modules-extra-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-image-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-gkeop-5.15-headers-5.15.0-1036 - 5.15.0-1036.42~20.04.1 linux-buildinfo-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-headers-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-image-unsigned-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-tools-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 linux-modules-5.15.0-1036-gkeop - 5.15.0-1036.42~20.04.1 No subscription required linux-buildinfo-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-ibm-5.15-tools-5.15.0-1046 - 5.15.0-1046.49~20.04.1 linux-image-unsigned-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-ibm-5.15-headers-5.15.0-1046 - 5.15.0-1046.49~20.04.1 linux-headers-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-modules-extra-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1046.49~20.04.1 linux-image-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-modules-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 linux-tools-5.15.0-1046-ibm - 5.15.0-1046.49~20.04.1 No subscription required linux-image-unsigned-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-tools-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-image-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-modules-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-headers-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-oracle-5.15-headers-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-modules-extra-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-buildinfo-5.15.0-1051-oracle - 5.15.0-1051.57~20.04.1 linux-oracle-5.15-tools-5.15.0-1051 - 5.15.0-1051.57~20.04.1 No subscription required linux-modules-extra-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-gcp-5.15-headers-5.15.0-1051 - 5.15.0-1051.59~20.04.1 linux-modules-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-image-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-tools-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-modules-iwlwifi-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-headers-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-image-unsigned-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-buildinfo-5.15.0-1051-gcp - 5.15.0-1051.59~20.04.1 linux-gcp-5.15-tools-5.15.0-1051 - 5.15.0-1051.59~20.04.1 No subscription required linux-cloud-tools-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-aws-5.15-headers-5.15.0-1053 - 5.15.0-1053.58~20.04.1 linux-buildinfo-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-modules-extra-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-image-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-headers-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1053 - 5.15.0-1053.58~20.04.1 linux-tools-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-modules-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 linux-aws-5.15-tools-5.15.0-1053 - 5.15.0-1053.58~20.04.1 linux-image-unsigned-5.15.0-1053-aws - 5.15.0-1053.58~20.04.1 No subscription required linux-modules-iwlwifi-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-94.104~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-cloud-tools-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-hwe-5.15-headers-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-modules-extra-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-modules-iwlwifi-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-generic-lpae - 5.15.0-94.104~20.04.1 linux-image-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-lowlatency - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-headers-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-cloud-tools-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-tools-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-hwe-5.15-tools-5.15.0-94 - 5.15.0-94.104~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-generic - 5.15.0-94.104~20.04.1 linux-modules-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-94.104~20.04.1 linux-image-unsigned-5.15.0-94-generic-64k - 5.15.0-94.104~20.04.1 linux-buildinfo-5.15.0-94-lowlatency-64k - 5.15.0-94.104~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-image-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-headers-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-tools-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-headers-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-image-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-cloud-tools-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-modules-extra-gkeop-edge - 5.15.0.1036.42~20.04.32 linux-tools-gkeop-5.15 - 5.15.0.1036.42~20.04.32 linux-modules-extra-gkeop-5.15 - 5.15.0.1036.42~20.04.32 No subscription required linux-tools-ibm-edge - 5.15.0.1046.49~20.04.18 linux-tools-ibm - 5.15.0.1046.49~20.04.18 linux-headers-ibm-edge - 5.15.0.1046.49~20.04.18 linux-image-ibm - 5.15.0.1046.49~20.04.18 linux-ibm - 5.15.0.1046.49~20.04.18 linux-headers-ibm - 5.15.0.1046.49~20.04.18 linux-ibm-edge - 5.15.0.1046.49~20.04.18 linux-image-ibm-edge - 5.15.0.1046.49~20.04.18 No subscription required linux-headers-oracle - 5.15.0.1051.57~20.04.1 linux-tools-oracle-edge - 5.15.0.1051.57~20.04.1 linux-oracle-edge - 5.15.0.1051.57~20.04.1 linux-image-oracle-edge - 5.15.0.1051.57~20.04.1 linux-headers-oracle-edge - 5.15.0.1051.57~20.04.1 linux-image-oracle - 5.15.0.1051.57~20.04.1 linux-tools-oracle - 5.15.0.1051.57~20.04.1 linux-oracle - 5.15.0.1051.57~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1051.59~20.04.1 linux-modules-extra-gcp - 5.15.0.1051.59~20.04.1 linux-headers-gcp-edge - 5.15.0.1051.59~20.04.1 linux-tools-gcp - 5.15.0.1051.59~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1051.59~20.04.1 linux-gcp - 5.15.0.1051.59~20.04.1 linux-headers-gcp - 5.15.0.1051.59~20.04.1 linux-tools-gcp-edge - 5.15.0.1051.59~20.04.1 linux-image-gcp - 5.15.0.1051.59~20.04.1 linux-gcp-edge - 5.15.0.1051.59~20.04.1 No subscription required linux-headers-aws - 5.15.0.1053.58~20.04.41 linux-image-aws - 5.15.0.1053.58~20.04.41 linux-modules-extra-aws-edge - 5.15.0.1053.58~20.04.41 linux-image-aws-edge - 5.15.0.1053.58~20.04.41 linux-aws-edge - 5.15.0.1053.58~20.04.41 linux-aws - 5.15.0.1053.58~20.04.41 linux-headers-aws-edge - 5.15.0.1053.58~20.04.41 linux-modules-extra-aws - 5.15.0.1053.58~20.04.41 linux-tools-aws - 5.15.0.1053.58~20.04.41 linux-tools-aws-edge - 5.15.0.1053.58~20.04.41 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-image-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-lowlatency-64k-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-tools-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-lowlatency-hwe-20.04 - 5.15.0.94.104~20.04.47 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.47 No subscription required linux-headers-oem-20.04 - 5.15.0.94.104~20.04.50 linux-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04c - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04b - 5.15.0.94.104~20.04.50 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-extra-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04d - 5.15.0.94.104~20.04.50 linux-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-tools-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-oem-20.04c - 5.15.0.94.104~20.04.50 linux-image-oem-20.04b - 5.15.0.94.104~20.04.50 linux-image-oem-20.04d - 5.15.0.94.104~20.04.50 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-oem-20.04 - 5.15.0.94.104~20.04.50 linux-image-oem-20.04 - 5.15.0.94.104~20.04.50 linux-oem-20.04c - 5.15.0.94.104~20.04.50 linux-oem-20.04b - 5.15.0.94.104~20.04.50 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-oem-20.04d - 5.15.0.94.104~20.04.50 linux-tools-oem-20.04 - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-oem-20.04 - 5.15.0.94.104~20.04.50 linux-tools-generic-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-image-generic-lpae-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-tools-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-oem-20.04d - 5.15.0.94.104~20.04.50 linux-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-tools-virtual-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-image-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-generic-64k-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04b - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04c - 5.15.0.94.104~20.04.50 linux-headers-virtual-hwe-20.04 - 5.15.0.94.104~20.04.50 linux-headers-oem-20.04d - 5.15.0.94.104~20.04.50 No subscription required High CVE-2023-32250 CVE-2023-32252 CVE-2023-32257 CVE-2023-34324 CVE-2023-35827 CVE-2023-46813 CVE-2023-6039 CVE-2023-6176 CVE-2023-6622 CVE-2024-0641 Ubuntu 20.04 LTS Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6626-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-tools-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-modules-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-buildinfo-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-azure-5.15-tools-5.15.0-1056 - 5.15.0-1056.64~20.04.1 linux-image-unsigned-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1056 - 5.15.0-1056.64~20.04.1 linux-image-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-azure-5.15-headers-5.15.0-1056 - 5.15.0-1056.64~20.04.1 linux-modules-extra-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-modules-iwlwifi-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 linux-cloud-tools-5.15.0-1056-azure - 5.15.0-1056.64~20.04.1 No subscription required linux-image-5.15.0-1056-azure-fde - 5.15.0-1056.64~20.04.1.1 linux-image-unsigned-5.15.0-1056-azure-fde - 5.15.0-1056.64~20.04.1.1 No subscription required linux-image-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-modules-extra-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-tools-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-tools-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-modules-extra-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-headers-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-cloud-tools-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-image-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-azure-fde - 5.15.0.1056.64~20.04.1.34 linux-cloud-tools-azure-fde-edge - 5.15.0.1056.64~20.04.1.34 linux-headers-azure-fde - 5.15.0.1056.64~20.04.1.34 No subscription required linux-modules-extra-azure-cvm - 5.15.0.1056.64~20.04.45 linux-tools-azure-cvm - 5.15.0.1056.64~20.04.45 linux-tools-azure-edge - 5.15.0.1056.64~20.04.45 linux-azure - 5.15.0.1056.64~20.04.45 linux-image-azure - 5.15.0.1056.64~20.04.45 linux-cloud-tools-azure - 5.15.0.1056.64~20.04.45 linux-image-azure-edge - 5.15.0.1056.64~20.04.45 linux-headers-azure-cvm - 5.15.0.1056.64~20.04.45 linux-cloud-tools-azure-edge - 5.15.0.1056.64~20.04.45 linux-cloud-tools-azure-cvm - 5.15.0.1056.64~20.04.45 linux-tools-azure - 5.15.0.1056.64~20.04.45 linux-modules-extra-azure - 5.15.0.1056.64~20.04.45 linux-azure-edge - 5.15.0.1056.64~20.04.45 linux-image-azure-cvm - 5.15.0.1056.64~20.04.45 linux-azure-cvm - 5.15.0.1056.64~20.04.45 linux-headers-azure - 5.15.0.1056.64~20.04.45 linux-modules-extra-azure-edge - 5.15.0.1056.64~20.04.45 linux-headers-azure-edge - 5.15.0.1056.64~20.04.45 No subscription required High CVE-2023-32250 CVE-2023-32252 CVE-2023-32257 CVE-2023-34324 CVE-2023-35827 CVE-2023-46813 CVE-2023-6039 CVE-2023-6176 CVE-2023-6622 CVE-2024-0641 Ubuntu 20.04 LTS It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241, CVE-2022-43242) It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-36408) It was discovered that libde265 contained a logical error. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-36409) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-36410, CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43239, CVE-2022-43240, CVE-2022-43243, CVE-2022-43248, CVE-2022-43252, CVE-2022-43253) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1253) Update Instructions: Run `sudo pro fix USN-6627-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.2 libde265-examples - 1.0.4-1ubuntu0.2 libde265-dev - 1.0.4-1ubuntu0.2 No subscription required Medium CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411 CVE-2022-1253 CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43243 CVE-2022-43248 CVE-2022-43252 CVE-2022-43253 Ubuntu 20.04 LTS Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update Instructions: Run `sudo pro fix USN-6628-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-modules-iwlwifi-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-tools-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-image-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-buildinfo-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1048.54~20.04.1 linux-modules-extra-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1048 - 5.15.0-1048.54~20.04.1 linux-cloud-tools-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-image-unsigned-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1048.54~20.04.1 linux-headers-5.15.0-1048-intel-iotg - 5.15.0-1048.54~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1048.54~20.04.38 linux-tools-intel - 5.15.0.1048.54~20.04.38 linux-intel-iotg - 5.15.0.1048.54~20.04.38 linux-tools-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-intel - 5.15.0.1048.54~20.04.38 linux-headers-intel - 5.15.0.1048.54~20.04.38 linux-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-image-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-image-intel-iotg - 5.15.0.1048.54~20.04.38 linux-headers-intel-iotg - 5.15.0.1048.54~20.04.38 linux-image-intel - 5.15.0.1048.54~20.04.38 linux-headers-intel-iotg-edge - 5.15.0.1048.54~20.04.38 linux-tools-intel-iotg - 5.15.0.1048.54~20.04.38 No subscription required High CVE-2023-32250 CVE-2023-32252 CVE-2023-32257 CVE-2023-34324 CVE-2023-35827 CVE-2023-6040 CVE-2023-6622 CVE-2023-6932 CVE-2024-0641 CVE-2023-46813 CVE-2023-46813 CVE-2023-6039 CVE-2023-6176 CVE-2023-6606 CVE-2023-6817 CVE-2023-6931 CVE-2024-0193 Ubuntu 20.04 LTS USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2021-45958) Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. (CVE-2022-31116) It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory. (CVE-2022-31117) Update Instructions: Run `sudo pro fix USN-6629-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-ujson - 1.35-4ubuntu0.1 No subscription required Medium CVE-2021-45958 Ubuntu 20.04 LTS USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2021-45958) Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. (CVE-2022-31116) It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory. (CVE-2022-31117) Update Instructions: Run `sudo pro fix USN-6629-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-ujson - 1.35-4ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-31116 CVE-2022-31117 Ubuntu 20.04 LTS It was discovered that Glance_store incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain access_key values. Update Instructions: Run `sudo pro fix USN-6630-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-glance-store-doc - 2.0.0-0ubuntu4.3 python3-glance-store - 2.0.0-0ubuntu4.3 No subscription required Medium CVE-2024-1141 Ubuntu 20.04 LTS Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. (CVE-2022-36763, CVE-2022-36764, CVE-2022-36765) It was discovered that a buffer overflows exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability or possibly cause remote code execution. (CVE-2023-45230, CVE-2023-45234, CVE-2023-45235) It was discovered that an out-of-bounds read exists in EDK2's Network Package An attacker on the local network could potentially use this to impact confidentiality. (CVE-2023-45231) It was discovered that infinite-loops exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability. (CVE-2023-45232, CVE-2023-45233) Mate Kukri discovered that an insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. An attacker could use this to bypass Secure Boot. (CVE-2023-48733) Update Instructions: Run `sudo pro fix USN-6638-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.5 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.5 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.5 ovmf - 0~20191122.bd85bf54-2ubuntu3.5 No subscription required Medium CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-48733 https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 Ubuntu 20.04 LTS It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6640-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: passwd - 1:4.8.1-1ubuntu5.20.04.5 login - 1:4.8.1-1ubuntu5.20.04.5 uidmap - 1:4.8.1-1ubuntu5.20.04.5 No subscription required Low CVE-2023-4641 Ubuntu 20.04 LTS Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-4408) Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Bind incorrectly handled reverse zone queries when nxdomain-redirect is enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5517) It was discovered that Bind incorrectly handled certain specific recursive query patterns. A remote attacker could possibly use this issue to cause Bind to consume memory, leading to a denial of service. (CVE-2023-6516) Bind has been updated to 9.6.48. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://downloads.isc.org/isc/bind9/9.16.48/doc/arm/html/notes.html Update Instructions: Run `sudo pro fix USN-6642-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsutils - 1:9.16.48-0ubuntu0.20.04.1 bind9-libs - 1:9.16.48-0ubuntu0.20.04.1 bind9utils - 1:9.16.48-0ubuntu0.20.04.1 bind9-doc - 1:9.16.48-0ubuntu0.20.04.1 bind9-utils - 1:9.16.48-0ubuntu0.20.04.1 bind9 - 1:9.16.48-0ubuntu0.20.04.1 bind9-dnsutils - 1:9.16.48-0ubuntu0.20.04.1 bind9-host - 1:9.16.48-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 CVE-2023-5517 CVE-2023-6516 Ubuntu 20.04 LTS Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery (SSRF) attacks. Update Instructions: Run `sudo pro fix USN-6643-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-ip - 1.1.5-5ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-42282 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. (CVE-2023-52356) It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. (CVE-2023-6228) It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to consume resources, resulting in a denial of service. (CVE-2023-6277) Update Instructions: Run `sudo pro fix USN-6644-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.12 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.12 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.12 No subscription required Medium CVE-2023-52356 CVE-2023-6228 CVE-2023-6277 Ubuntu 20.04 LTS It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6648-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1031-iot - 5.4.0-1031.32 linux-buildinfo-5.4.0-1031-iot - 5.4.0-1031.32 linux-iot-tools-5.4.0-1031 - 5.4.0-1031.32 linux-modules-5.4.0-1031-iot - 5.4.0-1031.32 linux-headers-5.4.0-1031-iot - 5.4.0-1031.32 linux-image-5.4.0-1031-iot - 5.4.0-1031.32 linux-iot-headers-5.4.0-1031 - 5.4.0-1031.32 linux-iot-tools-common - 5.4.0-1031.32 linux-tools-5.4.0-1031-iot - 5.4.0-1031.32 No subscription required linux-buildinfo-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-tools-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-headers-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-image-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-xilinx-zynqmp-headers-5.4.0-1038 - 5.4.0-1038.42 linux-modules-5.4.0-1038-xilinx-zynqmp - 5.4.0-1038.42 linux-xilinx-zynqmp-tools-5.4.0-1038 - 5.4.0-1038.42 No subscription required linux-image-unsigned-5.4.0-1066-ibm - 5.4.0-1066.71 linux-ibm-headers-5.4.0-1066 - 5.4.0-1066.71 linux-modules-extra-5.4.0-1066-ibm - 5.4.0-1066.71 linux-ibm-tools-5.4.0-1066 - 5.4.0-1066.71 linux-ibm-source-5.4.0 - 5.4.0-1066.71 linux-buildinfo-5.4.0-1066-ibm - 5.4.0-1066.71 linux-ibm-tools-common - 5.4.0-1066.71 linux-tools-5.4.0-1066-ibm - 5.4.0-1066.71 linux-ibm-cloud-tools-common - 5.4.0-1066.71 linux-image-5.4.0-1066-ibm - 5.4.0-1066.71 linux-modules-5.4.0-1066-ibm - 5.4.0-1066.71 linux-headers-5.4.0-1066-ibm - 5.4.0-1066.71 No subscription required linux-headers-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-buildinfo-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-image-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-modules-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-image-unsigned-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-tools-5.4.0-1079-bluefield - 5.4.0-1079.85 linux-bluefield-headers-5.4.0-1079 - 5.4.0-1079.85 linux-bluefield-tools-5.4.0-1079 - 5.4.0-1079.85 No subscription required linux-modules-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-headers-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-gkeop-tools-5.4.0-1086 - 5.4.0-1086.90 linux-gkeop-headers-5.4.0-1086 - 5.4.0-1086.90 linux-gkeop-source-5.4.0 - 5.4.0-1086.90 linux-cloud-tools-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-modules-extra-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-buildinfo-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-gkeop-cloud-tools-5.4.0-1086 - 5.4.0-1086.90 linux-image-unsigned-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-image-5.4.0-1086-gkeop - 5.4.0-1086.90 linux-tools-5.4.0-1086-gkeop - 5.4.0-1086.90 No subscription required linux-image-5.4.0-1103-raspi - 5.4.0-1103.115 linux-buildinfo-5.4.0-1103-raspi - 5.4.0-1103.115 linux-raspi-headers-5.4.0-1103 - 5.4.0-1103.115 linux-headers-5.4.0-1103-raspi - 5.4.0-1103.115 linux-tools-5.4.0-1103-raspi - 5.4.0-1103.115 linux-raspi-tools-5.4.0-1103 - 5.4.0-1103.115 linux-modules-5.4.0-1103-raspi - 5.4.0-1103.115 No subscription required linux-headers-5.4.0-1107-kvm - 5.4.0-1107.114 linux-image-5.4.0-1107-kvm - 5.4.0-1107.114 linux-modules-5.4.0-1107-kvm - 5.4.0-1107.114 linux-kvm-tools-5.4.0-1107 - 5.4.0-1107.114 linux-tools-5.4.0-1107-kvm - 5.4.0-1107.114 linux-kvm-headers-5.4.0-1107 - 5.4.0-1107.114 linux-buildinfo-5.4.0-1107-kvm - 5.4.0-1107.114 linux-image-unsigned-5.4.0-1107-kvm - 5.4.0-1107.114 No subscription required linux-headers-5.4.0-1118-oracle - 5.4.0-1118.127 linux-image-unsigned-5.4.0-1118-oracle - 5.4.0-1118.127 linux-oracle-headers-5.4.0-1118 - 5.4.0-1118.127 linux-image-5.4.0-1118-oracle - 5.4.0-1118.127 linux-buildinfo-5.4.0-1118-oracle - 5.4.0-1118.127 linux-modules-5.4.0-1118-oracle - 5.4.0-1118.127 linux-tools-5.4.0-1118-oracle - 5.4.0-1118.127 linux-modules-extra-5.4.0-1118-oracle - 5.4.0-1118.127 linux-oracle-tools-5.4.0-1118 - 5.4.0-1118.127 No subscription required linux-tools-5.4.0-1119-aws - 5.4.0-1119.129 linux-buildinfo-5.4.0-1119-aws - 5.4.0-1119.129 linux-modules-extra-5.4.0-1119-aws - 5.4.0-1119.129 linux-aws-tools-5.4.0-1119 - 5.4.0-1119.129 linux-image-unsigned-5.4.0-1119-aws - 5.4.0-1119.129 linux-aws-headers-5.4.0-1119 - 5.4.0-1119.129 linux-cloud-tools-5.4.0-1119-aws - 5.4.0-1119.129 linux-aws-cloud-tools-5.4.0-1119 - 5.4.0-1119.129 linux-image-5.4.0-1119-aws - 5.4.0-1119.129 linux-headers-5.4.0-1119-aws - 5.4.0-1119.129 linux-modules-5.4.0-1119-aws - 5.4.0-1119.129 No subscription required linux-buildinfo-5.4.0-1123-gcp - 5.4.0-1123.132 linux-tools-5.4.0-1123-gcp - 5.4.0-1123.132 linux-gcp-headers-5.4.0-1123 - 5.4.0-1123.132 linux-modules-5.4.0-1123-gcp - 5.4.0-1123.132 linux-image-unsigned-5.4.0-1123-gcp - 5.4.0-1123.132 linux-gcp-tools-5.4.0-1123 - 5.4.0-1123.132 linux-modules-extra-5.4.0-1123-gcp - 5.4.0-1123.132 linux-image-5.4.0-1123-gcp - 5.4.0-1123.132 linux-headers-5.4.0-1123-gcp - 5.4.0-1123.132 No subscription required linux-tools-common - 5.4.0-172.190 linux-tools-host - 5.4.0-172.190 linux-doc - 5.4.0-172.190 linux-buildinfo-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-modules-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-modules-5.4.0-172-lowlatency - 5.4.0-172.190 linux-tools-5.4.0-172-lowlatency - 5.4.0-172.190 linux-cloud-tools-5.4.0-172 - 5.4.0-172.190 linux-libc-dev - 5.4.0-172.190 linux-headers-5.4.0-172-generic - 5.4.0-172.190 linux-modules-5.4.0-172-generic - 5.4.0-172.190 linux-headers-5.4.0-172-lowlatency - 5.4.0-172.190 linux-image-unsigned-5.4.0-172-lowlatency - 5.4.0-172.190 linux-tools-5.4.0-172-generic - 5.4.0-172.190 linux-buildinfo-5.4.0-172-generic - 5.4.0-172.190 linux-headers-5.4.0-172 - 5.4.0-172.190 linux-image-5.4.0-172-lowlatency - 5.4.0-172.190 linux-image-unsigned-5.4.0-172-generic - 5.4.0-172.190 linux-buildinfo-5.4.0-172-lowlatency - 5.4.0-172.190 linux-image-5.4.0-172-generic - 5.4.0-172.190 linux-image-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-cloud-tools-common - 5.4.0-172.190 linux-cloud-tools-5.4.0-172-lowlatency - 5.4.0-172.190 linux-source-5.4.0 - 5.4.0-172.190 linux-headers-5.4.0-172-generic-lpae - 5.4.0-172.190 linux-modules-extra-5.4.0-172-generic - 5.4.0-172.190 linux-cloud-tools-5.4.0-172-generic - 5.4.0-172.190 linux-tools-5.4.0-172 - 5.4.0-172.190 linux-tools-5.4.0-172-generic-lpae - 5.4.0-172.190 No subscription required linux-iot - 5.4.0.1031.29 linux-image-iot - 5.4.0.1031.29 linux-headers-iot - 5.4.0.1031.29 linux-tools-iot - 5.4.0.1031.29 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1038.38 linux-xilinx-zynqmp - 5.4.0.1038.38 linux-tools-xilinx-zynqmp - 5.4.0.1038.38 linux-headers-xilinx-zynqmp - 5.4.0.1038.38 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1066.95 linux-image-ibm-lts-20.04 - 5.4.0.1066.95 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1066.95 linux-ibm-lts-20.04 - 5.4.0.1066.95 linux-tools-ibm-lts-20.04 - 5.4.0.1066.95 No subscription required linux-bluefield - 5.4.0.1079.74 linux-image-bluefield - 5.4.0.1079.74 linux-headers-bluefield - 5.4.0.1079.74 linux-tools-bluefield - 5.4.0.1079.74 No subscription required linux-headers-gkeop - 5.4.0.1086.84 linux-cloud-tools-gkeop-5.4 - 5.4.0.1086.84 linux-image-gkeop - 5.4.0.1086.84 linux-gkeop-5.4 - 5.4.0.1086.84 linux-image-gkeop-5.4 - 5.4.0.1086.84 linux-headers-gkeop-5.4 - 5.4.0.1086.84 linux-gkeop - 5.4.0.1086.84 linux-cloud-tools-gkeop - 5.4.0.1086.84 linux-modules-extra-gkeop-5.4 - 5.4.0.1086.84 linux-modules-extra-gkeop - 5.4.0.1086.84 linux-tools-gkeop - 5.4.0.1086.84 linux-tools-gkeop-5.4 - 5.4.0.1086.84 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-headers-raspi2 - 5.4.0.1103.133 linux-image-raspi - 5.4.0.1103.133 linux-image-raspi-hwe-18.04 - 5.4.0.1103.133 linux-image-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-tools-raspi - 5.4.0.1103.133 linux-raspi2 - 5.4.0.1103.133 linux-headers-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-headers-raspi - 5.4.0.1103.133 linux-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-image-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-raspi-hwe-18.04 - 5.4.0.1103.133 linux-tools-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-raspi2-hwe-18.04 - 5.4.0.1103.133 linux-image-raspi2 - 5.4.0.1103.133 linux-tools-raspi-hwe-18.04 - 5.4.0.1103.133 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-tools-raspi2 - 5.4.0.1103.133 linux-headers-raspi-hwe-18.04 - 5.4.0.1103.133 linux-raspi-hwe-18.04-edge - 5.4.0.1103.133 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1103.133 linux-raspi - 5.4.0.1103.133 No subscription required linux-kvm - 5.4.0.1107.103 linux-headers-kvm - 5.4.0.1107.103 linux-image-kvm - 5.4.0.1107.103 linux-tools-kvm - 5.4.0.1107.103 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1118.111 linux-headers-oracle-lts-20.04 - 5.4.0.1118.111 linux-oracle-lts-20.04 - 5.4.0.1118.111 linux-image-oracle-lts-20.04 - 5.4.0.1118.111 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1119.116 linux-image-aws-lts-20.04 - 5.4.0.1119.116 linux-tools-aws-lts-20.04 - 5.4.0.1119.116 linux-modules-extra-aws-lts-20.04 - 5.4.0.1119.116 linux-aws-lts-20.04 - 5.4.0.1119.116 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1123.125 linux-gcp-lts-20.04 - 5.4.0.1123.125 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1123.125 linux-image-gcp-lts-20.04 - 5.4.0.1123.125 linux-tools-gcp-lts-20.04 - 5.4.0.1123.125 No subscription required linux-cloud-tools-virtual - 5.4.0.172.170 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-image-generic-hwe-18.04 - 5.4.0.172.170 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-headers-generic-lpae - 5.4.0.172.170 linux-image-virtual - 5.4.0.172.170 linux-cloud-tools-lowlatency - 5.4.0.172.170 linux-image-generic - 5.4.0.172.170 linux-image-oem - 5.4.0.172.170 linux-headers-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-image-extra-virtual-hwe-18.04 - 5.4.0.172.170 linux-image-oem-osp1 - 5.4.0.172.170 linux-image-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-crashdump - 5.4.0.172.170 linux-tools-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-headers-generic-hwe-18.04 - 5.4.0.172.170 linux-headers-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-image-lowlatency - 5.4.0.172.170 linux-source - 5.4.0.172.170 linux-lowlatency - 5.4.0.172.170 linux-tools-generic-lpae - 5.4.0.172.170 linux-cloud-tools-generic - 5.4.0.172.170 linux-oem - 5.4.0.172.170 linux-virtual - 5.4.0.172.170 linux-tools-generic - 5.4.0.172.170 linux-virtual-hwe-18.04 - 5.4.0.172.170 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-tools-virtual - 5.4.0.172.170 linux-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-generic-lpae - 5.4.0.172.170 linux-headers-oem - 5.4.0.172.170 linux-generic - 5.4.0.172.170 linux-tools-oem-osp1 - 5.4.0.172.170 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-tools-generic-hwe-18.04-edge - 5.4.0.172.170 linux-headers-generic-hwe-18.04-edge - 5.4.0.172.170 linux-headers-virtual-hwe-18.04 - 5.4.0.172.170 linux-image-virtual-hwe-18.04 - 5.4.0.172.170 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-oem-tools-host - 5.4.0.172.170 linux-headers-lowlatency - 5.4.0.172.170 linux-generic-hwe-18.04-edge - 5.4.0.172.170 linux-generic-hwe-18.04 - 5.4.0.172.170 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.172.170 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-image-extra-virtual - 5.4.0.172.170 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-oem-osp1-tools-host - 5.4.0.172.170 linux-tools-oem - 5.4.0.172.170 linux-headers-oem-osp1 - 5.4.0.172.170 linux-tools-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.172.170 linux-headers-generic - 5.4.0.172.170 linux-oem-osp1 - 5.4.0.172.170 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.172.170 linux-tools-lowlatency - 5.4.0.172.170 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-image-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.172.170 linux-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-headers-virtual - 5.4.0.172.170 linux-tools-virtual-hwe-18.04 - 5.4.0.172.170 linux-lowlatency-hwe-18.04 - 5.4.0.172.170 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.172.170 linux-image-generic-lpae - 5.4.0.172.170 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.172.170 linux-image-virtual-hwe-18.04-edge - 5.4.0.172.170 linux-tools-generic-hwe-18.04 - 5.4.0.172.170 linux-image-generic-hwe-18.04-edge - 5.4.0.172.170 No subscription required High CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6648-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1124-azure - 5.4.0-1124.131 linux-headers-5.4.0-1124-azure - 5.4.0-1124.131 linux-azure-headers-5.4.0-1124 - 5.4.0-1124.131 linux-azure-tools-5.4.0-1124 - 5.4.0-1124.131 linux-azure-cloud-tools-5.4.0-1124 - 5.4.0-1124.131 linux-modules-extra-5.4.0-1124-azure - 5.4.0-1124.131 linux-buildinfo-5.4.0-1124-azure - 5.4.0-1124.131 linux-cloud-tools-5.4.0-1124-azure - 5.4.0-1124.131 linux-tools-5.4.0-1124-azure - 5.4.0-1124.131 linux-image-unsigned-5.4.0-1124-azure - 5.4.0-1124.131 linux-image-5.4.0-1124-azure - 5.4.0-1124.131 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1124.117 linux-tools-azure-lts-20.04 - 5.4.0.1124.117 linux-modules-extra-azure-lts-20.04 - 5.4.0.1124.117 linux-azure-lts-20.04 - 5.4.0.1124.117 linux-headers-azure-lts-20.04 - 5.4.0.1124.117 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1124.117 No subscription required High CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1554, CVE-2024-1555, CVE-2024-1557) Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Ronald Crane discovered that Firefox did not properly manage memory when accessing the built-in profiler. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1556) Update Instructions: Run `sudo pro fix USN-6649-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 123.0+build3-0ubuntu0.20.04.1 firefox - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 123.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 123.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-tg - 123.0+build3-0ubuntu0.20.04.1 firefox-dev - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 123.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 123.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553 CVE-2024-1554 CVE-2024-1555 CVE-2024-1556 CVE-2024-1557 Ubuntu 20.04 LTS USN-6649-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1554, CVE-2024-1555, CVE-2024-1557) Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Ronald Crane discovered that Firefox did not properly manage memory when accessing the built-in profiler. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1556) Update Instructions: Run `sudo pro fix USN-6649-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 123.0.1+build1-0ubuntu0.20.04.1 firefox - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 123.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 123.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 123.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 123.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 123.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2056258 Ubuntu 20.04 LTS It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6653-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-modules-extra-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-headers-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-gkeop-5.15-headers-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-gkeop-5.15-tools-5.15.0-1037 - 5.15.0-1037.43~20.04.1 linux-modules-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-tools-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-image-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-buildinfo-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 linux-image-unsigned-5.15.0-1037-gkeop - 5.15.0-1037.43~20.04.1 No subscription required linux-tools-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-ibm-5.15-headers-5.15.0-1047 - 5.15.0-1047.50~20.04.1 linux-buildinfo-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-ibm-5.15-tools-5.15.0-1047 - 5.15.0-1047.50~20.04.1 linux-image-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-image-unsigned-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1047.50~20.04.1 linux-modules-extra-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-headers-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 linux-modules-5.15.0-1047-ibm - 5.15.0-1047.50~20.04.1 No subscription required linux-buildinfo-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-headers-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-image-unsigned-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-cloud-tools-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-modules-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.55~20.04.1 linux-image-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-modules-iwlwifi-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1049.55~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1049.55~20.04.1 linux-tools-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 linux-modules-extra-5.15.0-1049-intel-iotg - 5.15.0-1049.55~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-image-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-headers-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-modules-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-buildinfo-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-image-unsigned-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-modules-extra-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-tools-5.15.0-1052-oracle - 5.15.0-1052.58~20.04.1 linux-oracle-5.15-tools-5.15.0-1052 - 5.15.0-1052.58~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1052 - 5.15.0-1052.60~20.04.1 linux-buildinfo-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-modules-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-tools-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-image-unsigned-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-modules-iwlwifi-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-image-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-headers-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-modules-extra-5.15.0-1052-gcp - 5.15.0-1052.60~20.04.1 linux-gcp-5.15-tools-5.15.0-1052 - 5.15.0-1052.60~20.04.1 No subscription required linux-headers-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-cloud-tools-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-azure-5.15-headers-5.15.0-1057 - 5.15.0-1057.65~20.04.1 linux-modules-iwlwifi-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-image-unsigned-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-tools-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-modules-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-buildinfo-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-image-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1057 - 5.15.0-1057.65~20.04.1 linux-azure-5.15-tools-5.15.0-1057 - 5.15.0-1057.65~20.04.1 linux-modules-extra-5.15.0-1057-azure - 5.15.0-1057.65~20.04.1 No subscription required linux-image-unsigned-5.15.0-1057-azure-fde - 5.15.0-1057.65~20.04.1.1 linux-image-5.15.0-1057-azure-fde - 5.15.0-1057.65~20.04.1.1 No subscription required linux-modules-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-cloud-tools-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-97.107~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-hwe-5.15-headers-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-image-unsigned-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-modules-iwlwifi-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-hwe-5.15-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-97.107~20.04.1 linux-cloud-tools-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-generic-64k - 5.15.0-97.107~20.04.1 linux-modules-extra-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-buildinfo-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-97.107~20.04.1 linux-modules-iwlwifi-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-lowlatency - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-97.107~20.04.1 linux-headers-5.15.0-97-generic-lpae - 5.15.0-97.107~20.04.1 linux-tools-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-modules-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-97 - 5.15.0-97.107~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-generic - 5.15.0-97.107~20.04.1 linux-image-5.15.0-97-lowlatency-64k - 5.15.0-97.107~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-headers-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-tools-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-image-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-headers-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-image-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-cloud-tools-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-modules-extra-gkeop-edge - 5.15.0.1037.43~20.04.33 linux-tools-gkeop-5.15 - 5.15.0.1037.43~20.04.33 linux-modules-extra-gkeop-5.15 - 5.15.0.1037.43~20.04.33 No subscription required linux-image-ibm - 5.15.0.1047.50~20.04.19 linux-headers-ibm-edge - 5.15.0.1047.50~20.04.19 linux-tools-ibm-edge - 5.15.0.1047.50~20.04.19 linux-ibm - 5.15.0.1047.50~20.04.19 linux-ibm-edge - 5.15.0.1047.50~20.04.19 linux-headers-ibm - 5.15.0.1047.50~20.04.19 linux-image-ibm-edge - 5.15.0.1047.50~20.04.19 linux-tools-ibm - 5.15.0.1047.50~20.04.19 No subscription required linux-intel - 5.15.0.1049.55~20.04.39 linux-image-intel - 5.15.0.1049.55~20.04.39 linux-cloud-tools-intel - 5.15.0.1049.55~20.04.39 linux-tools-intel - 5.15.0.1049.55~20.04.39 linux-tools-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-headers-intel - 5.15.0.1049.55~20.04.39 linux-image-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-headers-intel-iotg - 5.15.0.1049.55~20.04.39 linux-headers-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-tools-intel-iotg - 5.15.0.1049.55~20.04.39 linux-intel-iotg - 5.15.0.1049.55~20.04.39 linux-intel-iotg-edge - 5.15.0.1049.55~20.04.39 linux-image-intel-iotg - 5.15.0.1049.55~20.04.39 No subscription required linux-headers-oracle - 5.15.0.1052.58~20.04.1 linux-tools-oracle - 5.15.0.1052.58~20.04.1 linux-tools-oracle-edge - 5.15.0.1052.58~20.04.1 linux-oracle-edge - 5.15.0.1052.58~20.04.1 linux-image-oracle-edge - 5.15.0.1052.58~20.04.1 linux-headers-oracle-edge - 5.15.0.1052.58~20.04.1 linux-image-oracle - 5.15.0.1052.58~20.04.1 linux-oracle - 5.15.0.1052.58~20.04.1 No subscription required linux-headers-gcp - 5.15.0.1052.60~20.04.1 linux-image-gcp-edge - 5.15.0.1052.60~20.04.1 linux-headers-gcp-edge - 5.15.0.1052.60~20.04.1 linux-tools-gcp - 5.15.0.1052.60~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1052.60~20.04.1 linux-tools-gcp-edge - 5.15.0.1052.60~20.04.1 linux-gcp - 5.15.0.1052.60~20.04.1 linux-image-gcp - 5.15.0.1052.60~20.04.1 linux-modules-extra-gcp - 5.15.0.1052.60~20.04.1 linux-gcp-edge - 5.15.0.1052.60~20.04.1 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-tools-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-headers-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-cloud-tools-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-image-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-modules-extra-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-image-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-azure-fde-edge - 5.15.0.1057.65~20.04.1.35 linux-modules-extra-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-tools-azure-fde - 5.15.0.1057.65~20.04.1.35 linux-headers-azure-fde - 5.15.0.1057.65~20.04.1.35 No subscription required linux-cloud-tools-azure - 5.15.0.1057.65~20.04.46 linux-headers-azure-cvm - 5.15.0.1057.65~20.04.46 linux-tools-azure - 5.15.0.1057.65~20.04.46 linux-image-azure-cvm - 5.15.0.1057.65~20.04.46 linux-modules-extra-azure-cvm - 5.15.0.1057.65~20.04.46 linux-tools-azure-edge - 5.15.0.1057.65~20.04.46 linux-azure - 5.15.0.1057.65~20.04.46 linux-tools-azure-cvm - 5.15.0.1057.65~20.04.46 linux-cloud-tools-azure-edge - 5.15.0.1057.65~20.04.46 linux-modules-extra-azure - 5.15.0.1057.65~20.04.46 linux-cloud-tools-azure-cvm - 5.15.0.1057.65~20.04.46 linux-azure-edge - 5.15.0.1057.65~20.04.46 linux-azure-cvm - 5.15.0.1057.65~20.04.46 linux-modules-extra-azure-edge - 5.15.0.1057.65~20.04.46 linux-headers-azure-edge - 5.15.0.1057.65~20.04.46 linux-image-azure-edge - 5.15.0.1057.65~20.04.46 linux-image-azure - 5.15.0.1057.65~20.04.46 linux-headers-azure - 5.15.0.1057.65~20.04.46 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-image-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-tools-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-lowlatency-hwe-20.04 - 5.15.0.97.107~20.04.48 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.97.107~20.04.48 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.48 No subscription required linux-image-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04d - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04c - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04b - 5.15.0.97.107~20.04.51 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-oem-20.04b - 5.15.0.97.107~20.04.51 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04 - 5.15.0.97.107~20.04.51 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-extra-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-oem-20.04 - 5.15.0.97.107~20.04.51 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-oem-20.04d - 5.15.0.97.107~20.04.51 linux-image-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-oem-20.04 - 5.15.0.97.107~20.04.51 linux-image-oem-20.04 - 5.15.0.97.107~20.04.51 linux-oem-20.04d - 5.15.0.97.107~20.04.51 linux-oem-20.04c - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-oem-20.04 - 5.15.0.97.107~20.04.51 linux-tools-generic-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-oem-20.04b - 5.15.0.97.107~20.04.51 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-headers-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-image-oem-20.04c - 5.15.0.97.107~20.04.51 linux-image-generic-lpae-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-tools-virtual-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-modules-iwlwifi-oem-20.04d - 5.15.0.97.107~20.04.51 linux-generic-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-tools-virtual-hwe-20.04-edge - 5.15.0.97.107~20.04.51 linux-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-image-generic-64k-hwe-20.04 - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04b - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04c - 5.15.0.97.107~20.04.51 linux-headers-oem-20.04d - 5.15.0.97.107~20.04.51 No subscription required High CVE-2023-51780 CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6915) Robert Morris discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain server commands fields, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0565) Jann Horn discovered that the TLS subsystem in the Linux kernel did not properly handle spliced messages, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0646) Update Instructions: Run `sudo pro fix USN-6653-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1055 - 5.15.0-1055.60~20.04.1 linux-aws-5.15-tools-5.15.0-1055 - 5.15.0-1055.60~20.04.1 linux-image-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-image-unsigned-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-modules-extra-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-modules-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-aws-5.15-headers-5.15.0-1055 - 5.15.0-1055.60~20.04.1 linux-buildinfo-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-headers-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 linux-tools-5.15.0-1055-aws - 5.15.0-1055.60~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1055.60~20.04.42 linux-aws-edge - 5.15.0.1055.60~20.04.42 linux-modules-extra-aws-edge - 5.15.0.1055.60~20.04.42 linux-tools-aws-edge - 5.15.0.1055.60~20.04.42 linux-image-aws-edge - 5.15.0.1055.60~20.04.42 linux-aws - 5.15.0.1055.60~20.04.42 linux-headers-aws - 5.15.0.1055.60~20.04.42 linux-headers-aws-edge - 5.15.0.1055.60~20.04.42 linux-tools-aws - 5.15.0.1055.60~20.04.42 linux-image-aws - 5.15.0.1055.60~20.04.42 No subscription required High CVE-2023-51780 CVE-2023-51781 CVE-2023-6915 CVE-2024-0565 CVE-2024-0646 Ubuntu 20.04 LTS It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-43770) Update Instructions: Run `sudo pro fix USN-6654-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: roundcube-pgsql - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-mysql - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-plugins - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-core - 1.4.3+dfsg.1-1ubuntu0.1~esm3 roundcube-sqlite3 - 1.4.3+dfsg.1-1ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-43770 Ubuntu 20.04 LTS It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-47695) It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-48063) It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service. (CVE-2022-48065) Update Instructions: Run `sudo pro fix USN-6655-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils-dev - 2.34-6ubuntu1.9 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.9 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.9 binutils-ia64-linux-gnu - 2.34-6ubuntu1.9 binutils-multiarch - 2.34-6ubuntu1.9 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.9 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.9 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.9 binutils-m68k-linux-gnu - 2.34-6ubuntu1.9 binutils-for-build - 2.34-6ubuntu1.9 binutils-s390x-linux-gnu - 2.34-6ubuntu1.9 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.9 binutils-multiarch-dev - 2.34-6ubuntu1.9 binutils-i686-gnu - 2.34-6ubuntu1.9 libctf-nobfd0 - 2.34-6ubuntu1.9 binutils-for-host - 2.34-6ubuntu1.9 binutils-doc - 2.34-6ubuntu1.9 libctf0 - 2.34-6ubuntu1.9 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.9 binutils-source - 2.34-6ubuntu1.9 binutils-i686-linux-gnu - 2.34-6ubuntu1.9 binutils-common - 2.34-6ubuntu1.9 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.9 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.9 binutils-sh4-linux-gnu - 2.34-6ubuntu1.9 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.9 binutils-hppa-linux-gnu - 2.34-6ubuntu1.9 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.9 libbinutils - 2.34-6ubuntu1.9 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.9 binutils-alpha-linux-gnu - 2.34-6ubuntu1.9 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.9 binutils - 2.34-6ubuntu1.9 No subscription required Medium CVE-2022-47695 CVE-2022-48063 CVE-2022-48065 Ubuntu 20.04 LTS It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions. Update Instructions: Run `sudo pro fix USN-6656-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpq5 - 12.18-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.18-0ubuntu0.20.04.1 libecpg-dev - 12.18-0ubuntu0.20.04.1 libecpg6 - 12.18-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.18-0ubuntu0.20.04.1 libpgtypes3 - 12.18-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.18-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.18-0ubuntu0.20.04.1 libpq-dev - 12.18-0ubuntu0.20.04.1 postgresql-doc-12 - 12.18-0ubuntu0.20.04.1 postgresql-12 - 12.18-0ubuntu0.20.04.1 postgresql-client-12 - 12.18-0ubuntu0.20.04.1 libecpg-compat3 - 12.18-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0985 Ubuntu 20.04 LTS Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP packet size as required by DNS Flag Day 2020. This issue only affected Ubuntu 23.10. (CVE-2023-28450) Update Instructions: Run `sudo pro fix USN-6657-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dnsmasq - 2.90-0ubuntu0.20.04.1 dnsmasq-base-lua - 2.90-0ubuntu0.20.04.1 dnsmasq-utils - 2.90-0ubuntu0.20.04.1 dnsmasq-base - 2.90-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-28450 CVE-2023-50387 CVE-2023-50868 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6658-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.7 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.7 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.7 No subscription required Medium CVE-2024-25062 Ubuntu 20.04 LTS It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-43244, CVE-2022-43249, CVE-2022-43250, CVE-2022-47665, CVE-2023-25221) It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-43245) It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-24751, CVE-2023-24752, CVE-2023-24754, CVE-2023-24755, CVE-2023-24756, CVE-2023-24757, CVE-2023-24758) Update Instructions: Run `sudo pro fix USN-6659-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.3 libde265-examples - 1.0.4-1ubuntu0.3 libde265-dev - 1.0.4-1ubuntu0.3 No subscription required Medium CVE-2022-43244 CVE-2022-43245 CVE-2022-43249 CVE-2022-43250 CVE-2022-47665 CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755 CVE-2023-24756 CVE-2023-24757 CVE-2023-24758 CVE-2023-25221 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 11 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 11 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926) It was discovered that OpenJDK 11 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 11 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6660-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-doc - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jre-zero - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-source - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jre-headless - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jdk - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jdk-headless - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-jre - 11.0.22+7-0ubuntu2~20.04.1 openjdk-11-demo - 11.0.22+7-0ubuntu2~20.04.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 17 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Yakov Shafranovich discovered that OpenJDK 17 incorrectly handled ZIP archives that have file and directory entries with the same name. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20932) It was discovered that OpenJDK 17 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 17 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6661-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.10+7-1~20.04.1 openjdk-17-jdk - 17.0.10+7-1~20.04.1 openjdk-17-jre-zero - 17.0.10+7-1~20.04.1 openjdk-17-jdk-headless - 17.0.10+7-1~20.04.1 openjdk-17-source - 17.0.10+7-1~20.04.1 openjdk-17-jre-headless - 17.0.10+7-1~20.04.1 openjdk-17-doc - 17.0.10+7-1~20.04.1 openjdk-17-jre - 17.0.10+7-1~20.04.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20932 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 21 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) It was discovered that OpenJDK 21 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 21 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6662-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-doc - 21.0.2+13-1~20.04.1 openjdk-21-jre-zero - 21.0.2+13-1~20.04.1 openjdk-21-jdk-headless - 21.0.2+13-1~20.04.1 openjdk-21-jdk - 21.0.2+13-1~20.04.1 openjdk-21-jre-headless - 21.0.2+13-1~20.04.1 openjdk-21-source - 21.0.2+13-1~20.04.1 openjdk-21-jre - 21.0.2+13-1~20.04.1 openjdk-21-demo - 21.0.2+13-1~20.04.1 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS#1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks. Update Instructions: Run `sudo pro fix USN-6663-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl1.1 - 1.1.1f-1ubuntu2.22 libssl-dev - 1.1.1f-1ubuntu2.22 openssl - 1.1.1f-1ubuntu2.22 libssl-doc - 1.1.1f-1ubuntu2.22 No subscription required None https://launchpad.net/bugs/2054090 Ubuntu 20.04 LTS It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a crash or execute arbitrary commands. Update Instructions: Run `sudo pro fix USN-6664-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less - 551-1ubuntu0.2 No subscription required Medium CVE-2022-48624 Ubuntu 20.04 LTS Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Unbound incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Unbound incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50868) Update Instructions: Run `sudo pro fix USN-6665-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.5 python3-unbound - 1.9.4-2ubuntu1.5 libunbound8 - 1.9.4-2ubuntu1.5 python-unbound - 1.9.4-2ubuntu1.5 unbound-anchor - 1.9.4-2ubuntu1.5 unbound-host - 1.9.4-2ubuntu1.5 libunbound-dev - 1.9.4-2ubuntu1.5 No subscription required Medium CVE-2023-50387 CVE-2023-50868 Ubuntu 20.04 LTS It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks. Update Instructions: Run `sudo pro fix USN-6666-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libuv1-dev - 1.34.2-1ubuntu1.5 libuv1 - 1.34.2-1ubuntu1.5 No subscription required Medium CVE-2024-24806 Ubuntu 20.04 LTS It was discovered that Cpanel-JSON-XS incorrectly decoded certain data. A remote attacker could use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6667-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcpanel-json-xs-perl - 4.19-1ubuntu0.1 No subscription required Medium CVE-2022-48623 Ubuntu 20.04 LTS It was discovered that when python-openstackclient attempted to delete a non-existing access rule, it would delete another existing access rule instead, contrary to expectations. Update Instructions: Run `sudo pro fix USN-6668-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-openstackclient - 5.2.0-0ubuntu1.20.04.2 python-openstackclient-doc - 5.2.0-0ubuntu1.20.04.2 No subscription required Medium CVE-2023-6110 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-0741, CVE-2024-0742, CVE-2024-0747, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1936) Cornel Ionce discovered that Thunderbird did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-0746) Alfred Peters discovered that Thunderbird did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-1546) Johan Carlsson discovered that Thunderbird incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. (CVE-2024-1551) Gary Kwong discovered that Thunderbird incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-1552) Update Instructions: Run `sudo pro fix USN-6669-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.8.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.8.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.8.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.8.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.8.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755 CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553 CVE-2024-1936 Ubuntu 20.04 LTS It was discovered that php-guzzlehttp-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use these issues to perform an HTTP header injection attack. Update Instructions: Run `sudo pro fix USN-6670-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-guzzlehttp-psr7 - 1.4.2-0.1+deb10u2build0.20.04.1 No subscription required Medium CVE-2022-24775 CVE-2023-29197 Ubuntu 20.04 LTS Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-23919) It was discovered that Node.js incorrectly handled certain inputs leaded to a untrusted search path vulnerability. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation. (CVE-2023-23920) Matt Caswell discovered that Node.js incorrectly handled certain inputs with specially crafted ASN.1 object identifiers or data containing them. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-2650) Update Instructions: Run `sudo pro fix USN-6672-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.5 libnode64 - 10.19.0~dfsg-3ubuntu1.5 nodejs-doc - 10.19.0~dfsg-3ubuntu1.5 nodejs - 10.19.0~dfsg-3ubuntu1.5 No subscription required Medium CVE-2023-23919 CVE-2023-23920 CVE-2023-2650 Ubuntu 20.04 LTS Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS#1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information. (CVE-2023-50782) It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS#12 keys. A remote attacker could possibly use this issue to cause python-cryptography to crash, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2024-26130) Update Instructions: Run `sudo pro fix USN-6673-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-cryptography - 2.8-3ubuntu0.3 python-cryptography - 2.8-3ubuntu0.3 python-cryptography-doc - 2.8-3ubuntu0.3 No subscription required Medium CVE-2023-50782 CVE-2024-26130 Ubuntu 20.04 LTS Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6674-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-django - 2:2.2.12-1ubuntu0.22 python-django-doc - 2:2.2.12-1ubuntu0.22 No subscription required Medium CVE-2024-27351 Ubuntu 20.04 LTS It was discovered that ImageProcessing incorrectly handled series of operations that are coming from unsanitised inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6675-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-image-processing - 1.10.3-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-24720 Ubuntu 20.04 LTS Vojtěch Vobr discovered that c-ares incorrectly handled user input from local configuration files. An attacker could possibly use this issue to cause a denial of service via application crash. Update Instructions: Run `sudo pro fix USN-6676-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc-ares2 - 1.15.0-1ubuntu0.5 libc-ares-dev - 1.15.0-1ubuntu0.5 No subscription required Medium CVE-2024-25629 Ubuntu 20.04 LTS It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-27102) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-27103) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-43887, CVE-2023-47471, CVE-2023-49465, CVE-2023-49467, CVE-2023-49468) Update Instructions: Run `sudo pro fix USN-6677-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.4 libde265-examples - 1.0.4-1ubuntu0.4 libde265-dev - 1.0.4-1ubuntu0.4 No subscription required Medium CVE-2023-27102 CVE-2023-27103 CVE-2023-43887 CVE-2023-47471 CVE-2023-49465 CVE-2023-49467 CVE-2023-49468 Ubuntu 20.04 LTS It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-12278, CVE-2020-12279) It was discovered that libgit2 did not perform certificate checking by default. An attacker could possibly use this issue to perform a machine-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-22742) It was discovered that libgit2 could be made to run into an infinite loop. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2024-24575) It was discovered that libgit2 did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-24577) Update Instructions: Run `sudo pro fix USN-6678-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgit2-28 - 0.28.4+dfsg.1-2ubuntu0.1 libgit2-dev - 0.28.4+dfsg.1-2ubuntu0.1 No subscription required Medium CVE-2020-12278 CVE-2020-12279 CVE-2023-22742 CVE-2024-24575 CVE-2024-24577 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1032-iot - 5.4.0-1032.33 linux-headers-5.4.0-1032-iot - 5.4.0-1032.33 linux-modules-5.4.0-1032-iot - 5.4.0-1032.33 linux-image-5.4.0-1032-iot - 5.4.0-1032.33 linux-image-unsigned-5.4.0-1032-iot - 5.4.0-1032.33 linux-iot-tools-5.4.0-1032 - 5.4.0-1032.33 linux-tools-5.4.0-1032-iot - 5.4.0-1032.33 linux-iot-headers-5.4.0-1032 - 5.4.0-1032.33 linux-iot-tools-common - 5.4.0-1032.33 No subscription required linux-cloud-tools-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-headers-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-tools-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-image-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-gkeop-headers-5.4.0-1087 - 5.4.0-1087.91 linux-image-unsigned-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-gkeop-source-5.4.0 - 5.4.0-1087.91 linux-modules-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-gkeop-cloud-tools-5.4.0-1087 - 5.4.0-1087.91 linux-gkeop-tools-5.4.0-1087 - 5.4.0-1087.91 linux-modules-extra-5.4.0-1087-gkeop - 5.4.0-1087.91 linux-buildinfo-5.4.0-1087-gkeop - 5.4.0-1087.91 No subscription required linux-image-5.4.0-1104-raspi - 5.4.0-1104.116 linux-raspi-headers-5.4.0-1104 - 5.4.0-1104.116 linux-tools-5.4.0-1104-raspi - 5.4.0-1104.116 linux-modules-5.4.0-1104-raspi - 5.4.0-1104.116 linux-raspi-tools-5.4.0-1104 - 5.4.0-1104.116 linux-headers-5.4.0-1104-raspi - 5.4.0-1104.116 linux-buildinfo-5.4.0-1104-raspi - 5.4.0-1104.116 No subscription required linux-image-5.4.0-1108-kvm - 5.4.0-1108.115 linux-kvm-tools-5.4.0-1108 - 5.4.0-1108.115 linux-buildinfo-5.4.0-1108-kvm - 5.4.0-1108.115 linux-headers-5.4.0-1108-kvm - 5.4.0-1108.115 linux-image-unsigned-5.4.0-1108-kvm - 5.4.0-1108.115 linux-kvm-headers-5.4.0-1108 - 5.4.0-1108.115 linux-tools-5.4.0-1108-kvm - 5.4.0-1108.115 linux-modules-5.4.0-1108-kvm - 5.4.0-1108.115 No subscription required linux-buildinfo-5.4.0-1124-gcp - 5.4.0-1124.133 linux-tools-5.4.0-1124-gcp - 5.4.0-1124.133 linux-modules-5.4.0-1124-gcp - 5.4.0-1124.133 linux-modules-extra-5.4.0-1124-gcp - 5.4.0-1124.133 linux-gcp-tools-5.4.0-1124 - 5.4.0-1124.133 linux-headers-5.4.0-1124-gcp - 5.4.0-1124.133 linux-image-5.4.0-1124-gcp - 5.4.0-1124.133 linux-gcp-headers-5.4.0-1124 - 5.4.0-1124.133 linux-image-unsigned-5.4.0-1124-gcp - 5.4.0-1124.133 No subscription required linux-tools-common - 5.4.0-173.191 linux-tools-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-tools-host - 5.4.0-173.191 linux-doc - 5.4.0-173.191 linux-image-unsigned-5.4.0-173-lowlatency - 5.4.0-173.191 linux-cloud-tools-5.4.0-173-lowlatency - 5.4.0-173.191 linux-headers-5.4.0-173-generic - 5.4.0-173.191 linux-buildinfo-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-image-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-buildinfo-5.4.0-173-generic - 5.4.0-173.191 linux-headers-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-source-5.4.0 - 5.4.0-173.191 linux-image-5.4.0-173-lowlatency - 5.4.0-173.191 linux-modules-extra-5.4.0-173-generic - 5.4.0-173.191 linux-cloud-tools-5.4.0-173-generic - 5.4.0-173.191 linux-headers-5.4.0-173 - 5.4.0-173.191 linux-modules-5.4.0-173-lowlatency - 5.4.0-173.191 linux-tools-5.4.0-173-generic - 5.4.0-173.191 linux-modules-5.4.0-173-generic - 5.4.0-173.191 linux-cloud-tools-common - 5.4.0-173.191 linux-image-5.4.0-173-generic - 5.4.0-173.191 linux-tools-5.4.0-173-lowlatency - 5.4.0-173.191 linux-modules-5.4.0-173-generic-lpae - 5.4.0-173.191 linux-tools-5.4.0-173 - 5.4.0-173.191 linux-cloud-tools-5.4.0-173 - 5.4.0-173.191 linux-image-unsigned-5.4.0-173-generic - 5.4.0-173.191 linux-libc-dev - 5.4.0-173.191 linux-headers-5.4.0-173-lowlatency - 5.4.0-173.191 linux-buildinfo-5.4.0-173-lowlatency - 5.4.0-173.191 No subscription required linux-iot - 5.4.0.1032.30 linux-image-iot - 5.4.0.1032.30 linux-headers-iot - 5.4.0.1032.30 linux-tools-iot - 5.4.0.1032.30 No subscription required linux-headers-gkeop - 5.4.0.1087.85 linux-cloud-tools-gkeop-5.4 - 5.4.0.1087.85 linux-image-gkeop - 5.4.0.1087.85 linux-modules-extra-gkeop-5.4 - 5.4.0.1087.85 linux-gkeop-5.4 - 5.4.0.1087.85 linux-image-gkeop-5.4 - 5.4.0.1087.85 linux-gkeop - 5.4.0.1087.85 linux-cloud-tools-gkeop - 5.4.0.1087.85 linux-headers-gkeop-5.4 - 5.4.0.1087.85 linux-modules-extra-gkeop - 5.4.0.1087.85 linux-tools-gkeop - 5.4.0.1087.85 linux-tools-gkeop-5.4 - 5.4.0.1087.85 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-raspi2 - 5.4.0.1104.134 linux-headers-raspi2 - 5.4.0.1104.134 linux-image-raspi - 5.4.0.1104.134 linux-image-raspi-hwe-18.04 - 5.4.0.1104.134 linux-tools-raspi - 5.4.0.1104.134 linux-headers-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-headers-raspi - 5.4.0.1104.134 linux-image-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-raspi-hwe-18.04 - 5.4.0.1104.134 linux-tools-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-raspi2-hwe-18.04 - 5.4.0.1104.134 linux-image-raspi-hwe-18.04-edge - 5.4.0.1104.134 linux-image-raspi2 - 5.4.0.1104.134 linux-tools-raspi-hwe-18.04 - 5.4.0.1104.134 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-headers-raspi-hwe-18.04 - 5.4.0.1104.134 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1104.134 linux-tools-raspi2 - 5.4.0.1104.134 linux-raspi - 5.4.0.1104.134 No subscription required linux-kvm - 5.4.0.1108.104 linux-headers-kvm - 5.4.0.1108.104 linux-image-kvm - 5.4.0.1108.104 linux-tools-kvm - 5.4.0.1108.104 No subscription required linux-gcp-lts-20.04 - 5.4.0.1124.126 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1124.126 linux-headers-gcp-lts-20.04 - 5.4.0.1124.126 linux-image-gcp-lts-20.04 - 5.4.0.1124.126 linux-tools-gcp-lts-20.04 - 5.4.0.1124.126 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-image-generic-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-headers-generic-lpae - 5.4.0.173.171 linux-image-virtual - 5.4.0.173.171 linux-oem-osp1-tools-host - 5.4.0.173.171 linux-image-generic - 5.4.0.173.171 linux-tools-lowlatency - 5.4.0.173.171 linux-image-oem - 5.4.0.173.171 linux-headers-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-virtual - 5.4.0.173.171 linux-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-image-extra-virtual-hwe-18.04 - 5.4.0.173.171 linux-image-oem-osp1 - 5.4.0.173.171 linux-image-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-crashdump - 5.4.0.173.171 linux-tools-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-headers-generic-hwe-18.04 - 5.4.0.173.171 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-headers-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-source - 5.4.0.173.171 linux-lowlatency - 5.4.0.173.171 linux-tools-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-tools-generic-lpae - 5.4.0.173.171 linux-cloud-tools-generic - 5.4.0.173.171 linux-oem - 5.4.0.173.171 linux-virtual - 5.4.0.173.171 linux-headers-virtual-hwe-18.04 - 5.4.0.173.171 linux-virtual-hwe-18.04 - 5.4.0.173.171 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-tools-virtual - 5.4.0.173.171 linux-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-generic-lpae - 5.4.0.173.171 linux-headers-oem - 5.4.0.173.171 linux-generic - 5.4.0.173.171 linux-tools-oem-osp1 - 5.4.0.173.171 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-tools-generic-hwe-18.04-edge - 5.4.0.173.171 linux-image-virtual-hwe-18.04 - 5.4.0.173.171 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-cloud-tools-lowlatency - 5.4.0.173.171 linux-headers-lowlatency - 5.4.0.173.171 linux-image-generic-hwe-18.04-edge - 5.4.0.173.171 linux-generic-hwe-18.04-edge - 5.4.0.173.171 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.173.171 linux-tools-generic - 5.4.0.173.171 linux-image-extra-virtual - 5.4.0.173.171 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-oem-tools-host - 5.4.0.173.171 linux-tools-oem - 5.4.0.173.171 linux-headers-oem-osp1 - 5.4.0.173.171 linux-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.173.171 linux-headers-generic-hwe-18.04-edge - 5.4.0.173.171 linux-headers-generic - 5.4.0.173.171 linux-oem-osp1 - 5.4.0.173.171 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.173.171 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-image-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.173.171 linux-virtual-hwe-18.04-edge - 5.4.0.173.171 linux-headers-virtual - 5.4.0.173.171 linux-tools-virtual-hwe-18.04 - 5.4.0.173.171 linux-lowlatency-hwe-18.04 - 5.4.0.173.171 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.173.171 linux-generic-hwe-18.04 - 5.4.0.173.171 linux-image-generic-lpae - 5.4.0.173.171 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.173.171 linux-image-lowlatency - 5.4.0.173.171 linux-tools-generic-hwe-18.04 - 5.4.0.173.171 linux-image-virtual-hwe-18.04-edge - 5.4.0.173.171 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-xilinx-zynqmp-headers-5.4.0-1039 - 5.4.0-1039.43 linux-buildinfo-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-modules-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-headers-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-xilinx-zynqmp-tools-5.4.0-1039 - 5.4.0-1039.43 linux-image-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 linux-tools-5.4.0-1039-xilinx-zynqmp - 5.4.0-1039.43 No subscription required linux-tools-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-headers-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-bluefield-tools-5.4.0-1080 - 5.4.0-1080.87 linux-image-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-bluefield-headers-5.4.0-1080 - 5.4.0-1080.87 linux-modules-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-buildinfo-5.4.0-1080-bluefield - 5.4.0-1080.87 linux-image-unsigned-5.4.0-1080-bluefield - 5.4.0-1080.87 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1039.39 linux-tools-xilinx-zynqmp - 5.4.0.1039.39 linux-headers-xilinx-zynqmp - 5.4.0.1039.39 linux-xilinx-zynqmp - 5.4.0.1039.39 No subscription required linux-headers-bluefield - 5.4.0.1080.76 linux-image-bluefield - 5.4.0.1080.76 linux-tools-bluefield - 5.4.0.1080.76 linux-bluefield - 5.4.0.1080.76 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1067-ibm - 5.4.0-1067.72 linux-modules-5.4.0-1067-ibm - 5.4.0-1067.72 linux-ibm-headers-5.4.0-1067 - 5.4.0-1067.72 linux-image-5.4.0-1067-ibm - 5.4.0-1067.72 linux-tools-5.4.0-1067-ibm - 5.4.0-1067.72 linux-buildinfo-5.4.0-1067-ibm - 5.4.0-1067.72 linux-modules-extra-5.4.0-1067-ibm - 5.4.0-1067.72 linux-headers-5.4.0-1067-ibm - 5.4.0-1067.72 linux-ibm-tools-common - 5.4.0-1067.72 linux-ibm-tools-5.4.0-1067 - 5.4.0-1067.72 linux-ibm-source-5.4.0 - 5.4.0-1067.72 linux-ibm-cloud-tools-common - 5.4.0-1067.72 No subscription required linux-buildinfo-5.4.0-1119-oracle - 5.4.0-1119.128 linux-oracle-headers-5.4.0-1119 - 5.4.0-1119.128 linux-oracle-tools-5.4.0-1119 - 5.4.0-1119.128 linux-modules-5.4.0-1119-oracle - 5.4.0-1119.128 linux-image-unsigned-5.4.0-1119-oracle - 5.4.0-1119.128 linux-headers-5.4.0-1119-oracle - 5.4.0-1119.128 linux-modules-extra-5.4.0-1119-oracle - 5.4.0-1119.128 linux-image-5.4.0-1119-oracle - 5.4.0-1119.128 linux-tools-5.4.0-1119-oracle - 5.4.0-1119.128 No subscription required linux-modules-extra-ibm-lts-20.04 - 5.4.0.1067.96 linux-ibm-lts-20.04 - 5.4.0.1067.96 linux-tools-ibm-lts-20.04 - 5.4.0.1067.96 linux-image-ibm-lts-20.04 - 5.4.0.1067.96 linux-headers-ibm-lts-20.04 - 5.4.0.1067.96 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1119.112 linux-image-oracle-lts-20.04 - 5.4.0.1119.112 linux-oracle-lts-20.04 - 5.4.0.1119.112 linux-tools-oracle-lts-20.04 - 5.4.0.1119.112 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Update Instructions: Run `sudo pro fix USN-6681-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1120-aws - 5.4.0-1120.130 linux-cloud-tools-5.4.0-1120-aws - 5.4.0-1120.130 linux-image-unsigned-5.4.0-1120-aws - 5.4.0-1120.130 linux-aws-headers-5.4.0-1120 - 5.4.0-1120.130 linux-modules-5.4.0-1120-aws - 5.4.0-1120.130 linux-modules-extra-5.4.0-1120-aws - 5.4.0-1120.130 linux-image-5.4.0-1120-aws - 5.4.0-1120.130 linux-aws-tools-5.4.0-1120 - 5.4.0-1120.130 linux-aws-cloud-tools-5.4.0-1120 - 5.4.0-1120.130 linux-headers-5.4.0-1120-aws - 5.4.0-1120.130 linux-tools-5.4.0-1120-aws - 5.4.0-1120.130 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1120.117 linux-tools-aws-lts-20.04 - 5.4.0.1120.117 linux-aws-lts-20.04 - 5.4.0.1120.117 linux-headers-aws-lts-20.04 - 5.4.0.1120.117 linux-modules-extra-aws-lts-20.04 - 5.4.0.1120.117 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 Ubuntu 20.04 LTS ZeddYu Lu discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11076) It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-11077) Jean Boussier discovered that Puma might not always release resources properly after handling HTTP requests. A remote attacker could possibly use this issue to read sensitive information. (CVE-2022-23634) It was discovered that Puma incorrectly handled certain malformed headers. A remote attacker could use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-24790) Ben Kallus discovered that Puma incorrectly handled parsing certain headers. A remote attacker could use this issue to perform an HTTP Request Smuggling attack. (CVE-2023-40175) Bartek Nowotarski discovered that Puma incorrectly handled parsing certain encoded content. A remote attacker could possibly use this to cause a denial of service. (CVE-2024-21647) Update Instructions: Run `sudo pro fix USN-6682-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: puma - 3.12.4-1ubuntu2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-11076 CVE-2020-11077 CVE-2022-23634 CVE-2022-24790 CVE-2023-40175 CVE-2024-21647 Ubuntu 20.04 LTS It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial of service via application crash. Update Instructions: Run `sudo pro fix USN-6683-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhtmlcleaner-java - 2.23-1ubuntu0.1~esm1 libhtmlcleaner-java-doc - 2.23-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2023-34624 Ubuntu 20.04 LTS It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6685-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmqtt-client-java - 1.14-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2019-0222 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Update Instructions: Run `sudo pro fix USN-6686-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-cloud-tools-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-hwe-5.15-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-modules-iwlwifi-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-100.110~20.04.1 linux-cloud-tools-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-hwe-5.15-headers-5.15.0-100 - 5.15.0-100.110~20.04.1 linux-modules-5.15.0-100-lowlatency - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-headers-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-image-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-100.110~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-100.110~20.04.1 linux-modules-iwlwifi-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-modules-extra-5.15.0-100-generic - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-100.110~20.04.1 linux-image-unsigned-5.15.0-100-lowlatency-64k - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-generic-64k - 5.15.0-100.110~20.04.1 linux-tools-5.15.0-100-generic-lpae - 5.15.0-100.110~20.04.1 linux-buildinfo-5.15.0-100-generic - 5.15.0-100.110~20.04.1 No subscription required linux-gkeop-5.15-tools-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-cloud-tools-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-headers-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-modules-extra-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-gkeop-5.15-headers-5.15.0-1038 - 5.15.0-1038.44~20.04.1 linux-tools-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-modules-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-buildinfo-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-image-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 linux-image-unsigned-5.15.0-1038-gkeop - 5.15.0-1038.44~20.04.1 No subscription required linux-ibm-5.15-headers-5.15.0-1048 - 5.15.0-1048.51~20.04.1 linux-headers-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-modules-extra-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-ibm-5.15-tools-5.15.0-1048 - 5.15.0-1048.51~20.04.1 linux-image-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-modules-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1048.51~20.04.1 linux-image-unsigned-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-buildinfo-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 linux-tools-5.15.0-1048-ibm - 5.15.0-1048.51~20.04.1 No subscription required linux-image-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-image-unsigned-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-gcp-5.15-headers-5.15.0-1053 - 5.15.0-1053.61~20.04.1 linux-buildinfo-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-modules-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-tools-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-modules-iwlwifi-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-headers-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-modules-extra-5.15.0-1053-gcp - 5.15.0-1053.61~20.04.1 linux-gcp-5.15-tools-5.15.0-1053 - 5.15.0-1053.61~20.04.1 No subscription required linux-modules-extra-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-cloud-tools-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-azure-5.15-headers-5.15.0-1058 - 5.15.0-1058.66~20.04.2 linux-image-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-modules-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-azure-5.15-cloud-tools-5.15.0-1058 - 5.15.0-1058.66~20.04.2 linux-tools-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-azure-5.15-tools-5.15.0-1058 - 5.15.0-1058.66~20.04.2 linux-image-unsigned-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-headers-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 linux-buildinfo-5.15.0-1058-azure - 5.15.0-1058.66~20.04.2 No subscription required linux-image-unsigned-5.15.0-1058-azure-fde - 5.15.0-1058.66~20.04.2.1 linux-image-5.15.0-1058-azure-fde - 5.15.0-1058.66~20.04.2.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-image-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-lowlatency-64k-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-tools-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-lowlatency-hwe-20.04 - 5.15.0.100.110~20.04.49 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.49 No subscription required linux-headers-oem-20.04 - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04d - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04b - 5.15.0.100.110~20.04.52 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-oem-20.04b - 5.15.0.100.110~20.04.52 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-extra-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-tools-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-oem-20.04 - 5.15.0.100.110~20.04.52 linux-image-oem-20.04d - 5.15.0.100.110~20.04.52 linux-image-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-oem-20.04 - 5.15.0.100.110~20.04.52 linux-oem-20.04d - 5.15.0.100.110~20.04.52 linux-oem-20.04b - 5.15.0.100.110~20.04.52 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04 - 5.15.0.100.110~20.04.52 linux-oem-20.04c - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-oem-20.04 - 5.15.0.100.110~20.04.52 linux-tools-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-oem-20.04c - 5.15.0.100.110~20.04.52 linux-tools-oem-20.04c - 5.15.0.100.110~20.04.52 linux-image-generic-lpae-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-virtual-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-oem-20.04d - 5.15.0.100.110~20.04.52 linux-tools-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-tools-virtual-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-image-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-image-generic-64k-hwe-20.04 - 5.15.0.100.110~20.04.52 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04b - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04c - 5.15.0.100.110~20.04.52 linux-headers-oem-20.04d - 5.15.0.100.110~20.04.52 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-image-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-headers-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-tools-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-headers-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-image-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-cloud-tools-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-modules-extra-gkeop-edge - 5.15.0.1038.44~20.04.34 linux-modules-extra-gkeop-5.15 - 5.15.0.1038.44~20.04.34 linux-tools-gkeop-5.15 - 5.15.0.1038.44~20.04.34 No subscription required linux-image-ibm - 5.15.0.1048.51~20.04.20 linux-headers-ibm-edge - 5.15.0.1048.51~20.04.20 linux-tools-ibm-edge - 5.15.0.1048.51~20.04.20 linux-ibm - 5.15.0.1048.51~20.04.20 linux-ibm-edge - 5.15.0.1048.51~20.04.20 linux-headers-ibm - 5.15.0.1048.51~20.04.20 linux-tools-ibm - 5.15.0.1048.51~20.04.20 linux-image-ibm-edge - 5.15.0.1048.51~20.04.20 No subscription required linux-headers-gcp-edge - 5.15.0.1053.61~20.04.1 linux-modules-extra-gcp - 5.15.0.1053.61~20.04.1 linux-tools-gcp - 5.15.0.1053.61~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1053.61~20.04.1 linux-tools-gcp-edge - 5.15.0.1053.61~20.04.1 linux-headers-gcp - 5.15.0.1053.61~20.04.1 linux-gcp - 5.15.0.1053.61~20.04.1 linux-image-gcp - 5.15.0.1053.61~20.04.1 linux-image-gcp-edge - 5.15.0.1053.61~20.04.1 linux-gcp-edge - 5.15.0.1053.61~20.04.1 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-tools-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-headers-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-image-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-tools-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-modules-extra-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-image-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-cloud-tools-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-azure-fde-edge - 5.15.0.1058.66~20.04.1.36 linux-modules-extra-azure-fde - 5.15.0.1058.66~20.04.1.36 linux-headers-azure-fde - 5.15.0.1058.66~20.04.1.36 No subscription required linux-tools-azure-edge - 5.15.0.1058.66~20.04.48 linux-cloud-tools-azure - 5.15.0.1058.66~20.04.48 linux-tools-azure - 5.15.0.1058.66~20.04.48 linux-image-azure-edge - 5.15.0.1058.66~20.04.48 linux-cloud-tools-azure-edge - 5.15.0.1058.66~20.04.48 linux-image-azure-cvm - 5.15.0.1058.66~20.04.48 linux-modules-extra-azure-cvm - 5.15.0.1058.66~20.04.48 linux-azure - 5.15.0.1058.66~20.04.48 linux-tools-azure-cvm - 5.15.0.1058.66~20.04.48 linux-modules-extra-azure - 5.15.0.1058.66~20.04.48 linux-headers-azure-cvm - 5.15.0.1058.66~20.04.48 linux-image-azure - 5.15.0.1058.66~20.04.48 linux-cloud-tools-azure-cvm - 5.15.0.1058.66~20.04.48 linux-headers-azure-edge - 5.15.0.1058.66~20.04.48 linux-azure-edge - 5.15.0.1058.66~20.04.48 linux-azure-cvm - 5.15.0.1058.66~20.04.48 linux-modules-extra-azure-edge - 5.15.0.1058.66~20.04.48 linux-headers-azure - 5.15.0.1058.66~20.04.48 No subscription required Medium CVE-2023-22995 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Update Instructions: Run `sudo pro fix USN-6686-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-headers-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-buildinfo-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-oracle-5.15-tools-5.15.0-1053 - 5.15.0-1053.59~20.04.1 linux-image-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-oracle-5.15-headers-5.15.0-1053 - 5.15.0-1053.59~20.04.1 linux-image-unsigned-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-modules-extra-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 linux-modules-5.15.0-1053-oracle - 5.15.0-1053.59~20.04.1 No subscription required linux-tools-oracle - 5.15.0.1053.59~20.04.1 linux-image-oracle-edge - 5.15.0.1053.59~20.04.1 linux-tools-oracle-edge - 5.15.0.1053.59~20.04.1 linux-headers-oracle - 5.15.0.1053.59~20.04.1 linux-headers-oracle-edge - 5.15.0.1053.59~20.04.1 linux-oracle-edge - 5.15.0.1053.59~20.04.1 linux-image-oracle - 5.15.0.1053.59~20.04.1 linux-oracle - 5.15.0.1053.59~20.04.1 No subscription required Medium CVE-2023-22995 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Update Instructions: Run `sudo pro fix USN-6686-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-modules-iwlwifi-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-tools-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1050.56~20.04.1 linux-modules-extra-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-image-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-cloud-tools-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-modules-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-headers-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1050.56~20.04.1 linux-buildinfo-5.15.0-1050-intel-iotg - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.56~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1050.56~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1050.56~20.04.40 linux-intel-iotg - 5.15.0.1050.56~20.04.40 linux-headers-intel - 5.15.0.1050.56~20.04.40 linux-tools-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-intel - 5.15.0.1050.56~20.04.40 linux-image-intel-iotg - 5.15.0.1050.56~20.04.40 linux-image-intel - 5.15.0.1050.56~20.04.40 linux-image-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-tools-intel - 5.15.0.1050.56~20.04.40 linux-headers-intel-iotg - 5.15.0.1050.56~20.04.40 linux-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-headers-intel-iotg-edge - 5.15.0.1050.56~20.04.40 linux-tools-intel-iotg - 5.15.0.1050.56~20.04.40 No subscription required Medium CVE-2023-22995 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 Ubuntu 20.04 LTS It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted passwords. Update Instructions: Run `sudo pro fix USN-6687-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: accountsservice - 0.6.55-0ubuntu12~20.04.7 gir1.2-accountsservice-1.0 - 0.6.55-0ubuntu12~20.04.7 libaccountsservice-doc - 0.6.55-0ubuntu12~20.04.7 libaccountsservice-dev - 0.6.55-0ubuntu12~20.04.7 libaccountsservice0 - 0.6.55-0ubuntu12~20.04.7 No subscription required Low CVE-2012-6655 Ubuntu 20.04 LTS Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware offloading via the netlink path is enabled. A remote attacker could possibly use this issue to cause Open vSwitch to crash, leading to a denial of service. (CVE-2023-3966) It was discovered that Open vSwitch incorrectly handled certain ICMPv6 Neighbor Advertisement packets. A remote attacker could possibly use this issue to redirect traffic to arbitrary IP addresses. (CVE-2023-5366) Update Instructions: Run `sudo pro fix USN-6690-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvswitch-doc - 2.13.8-0ubuntu1.4 openvswitch-switch - 2.13.8-0ubuntu1.4 openvswitch-pki - 2.13.8-0ubuntu1.4 openvswitch-common - 2.13.8-0ubuntu1.4 openvswitch-testcontroller - 2.13.8-0ubuntu1.4 openvswitch-vtep - 2.13.8-0ubuntu1.4 openvswitch-source - 2.13.8-0ubuntu1.4 python3-openvswitch - 2.13.8-0ubuntu1.4 openvswitch-switch-dpdk - 2.13.8-0ubuntu1.4 openvswitch-test - 2.13.8-0ubuntu1.4 No subscription required Medium CVE-2023-3966 CVE-2023-5366 Ubuntu 20.04 LTS It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic. Update Instructions: Run `sudo pro fix USN-6691-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ovn-docker - 20.03.2-0ubuntu0.20.04.5 ovn-common - 20.03.2-0ubuntu0.20.04.5 ovn-ic - 20.03.2-0ubuntu0.20.04.5 ovn-host - 20.03.2-0ubuntu0.20.04.5 ovn-central - 20.03.2-0ubuntu0.20.04.5 ovn-ic-db - 20.03.2-0ubuntu0.20.04.5 ovn-controller-vtep - 20.03.2-0ubuntu0.20.04.5 ovn-doc - 20.03.2-0ubuntu0.20.04.5 No subscription required Medium CVE-2024-2182 Ubuntu 20.04 LTS It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6692-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgoogle-gson-java - 2.8.5-3+deb10u1build0.20.04.1 No subscription required Medium CVE-2022-25647 Ubuntu 20.04 LTS It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604) It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-32668) It was discovered that TeX Live incorrectly handled certain TrueType fonts. If a user or automated system were tricked into opening a specially crafted TrueType font, a remote attacker could use this issue to cause TeX Live to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-25262) Update Instructions: Run `sudo pro fix USN-6695-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libptexenc-dev - 2019.20190605.51237-3ubuntu0.2 libkpathsea-dev - 2019.20190605.51237-3ubuntu0.2 libptexenc1 - 2019.20190605.51237-3ubuntu0.2 libtexlua53-dev - 2019.20190605.51237-3ubuntu0.2 libtexluajit2 - 2019.20190605.51237-3ubuntu0.2 libtexluajit-dev - 2019.20190605.51237-3ubuntu0.2 texlive-binaries - 2019.20190605.51237-3ubuntu0.2 libkpathsea6 - 2019.20190605.51237-3ubuntu0.2 libtexlua53 - 2019.20190605.51237-3ubuntu0.2 libsynctex-dev - 2019.20190605.51237-3ubuntu0.2 libsynctex2 - 2019.20190605.51237-3ubuntu0.2 No subscription required Medium CVE-2019-18604 CVE-2023-32668 CVE-2024-25262 Ubuntu 20.04 LTS Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 8 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 8 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926) It was discovered that OpenJDK 8 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 8 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-6696-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u402-ga-2ubuntu1~20.04 openjdk-8-jdk - 8u402-ga-2ubuntu1~20.04 openjdk-8-jre-headless - 8u402-ga-2ubuntu1~20.04 openjdk-8-jre - 8u402-ga-2ubuntu1~20.04 openjdk-8-jdk-headless - 8u402-ga-2ubuntu1~20.04 openjdk-8-source - 8u402-ga-2ubuntu1~20.04 openjdk-8-jre-zero - 8u402-ga-2ubuntu1~20.04 openjdk-8-demo - 8u402-ga-2ubuntu1~20.04 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 Ubuntu 20.04 LTS Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service Update Instructions: Run `sudo pro fix USN-6698-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim-common - 2:8.1.2269-1ubuntu5.22 vim-athena - 2:8.1.2269-1ubuntu5.22 vim-tiny - 2:8.1.2269-1ubuntu5.22 vim-gtk - 2:8.1.2269-1ubuntu5.22 vim-gui-common - 2:8.1.2269-1ubuntu5.22 vim - 2:8.1.2269-1ubuntu5.22 vim-doc - 2:8.1.2269-1ubuntu5.22 xxd - 2:8.1.2269-1ubuntu5.22 vim-runtime - 2:8.1.2269-1ubuntu5.22 vim-gtk3 - 2:8.1.2269-1ubuntu5.22 vim-nox - 2:8.1.2269-1ubuntu5.22 No subscription required Low CVE-2024-22667 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6702-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1033-iot - 5.4.0-1033.34 linux-iot-tools-5.4.0-1033 - 5.4.0-1033.34 linux-buildinfo-5.4.0-1033-iot - 5.4.0-1033.34 linux-image-5.4.0-1033-iot - 5.4.0-1033.34 linux-headers-5.4.0-1033-iot - 5.4.0-1033.34 linux-tools-5.4.0-1033-iot - 5.4.0-1033.34 linux-iot-headers-5.4.0-1033 - 5.4.0-1033.34 linux-image-unsigned-5.4.0-1033-iot - 5.4.0-1033.34 linux-iot-tools-common - 5.4.0-1033.34 No subscription required linux-image-5.4.0-1068-ibm - 5.4.0-1068.73 linux-ibm-tools-5.4.0-1068 - 5.4.0-1068.73 linux-buildinfo-5.4.0-1068-ibm - 5.4.0-1068.73 linux-modules-extra-5.4.0-1068-ibm - 5.4.0-1068.73 linux-ibm-source-5.4.0 - 5.4.0-1068.73 linux-ibm-tools-common - 5.4.0-1068.73 linux-image-unsigned-5.4.0-1068-ibm - 5.4.0-1068.73 linux-ibm-headers-5.4.0-1068 - 5.4.0-1068.73 linux-headers-5.4.0-1068-ibm - 5.4.0-1068.73 linux-ibm-cloud-tools-common - 5.4.0-1068.73 linux-modules-5.4.0-1068-ibm - 5.4.0-1068.73 linux-tools-5.4.0-1068-ibm - 5.4.0-1068.73 No subscription required linux-buildinfo-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-image-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-tools-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-bluefield-tools-5.4.0-1081 - 5.4.0-1081.88 linux-headers-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-modules-5.4.0-1081-bluefield - 5.4.0-1081.88 linux-bluefield-headers-5.4.0-1081 - 5.4.0-1081.88 linux-image-unsigned-5.4.0-1081-bluefield - 5.4.0-1081.88 No subscription required linux-cloud-tools-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-gkeop-headers-5.4.0-1088 - 5.4.0-1088.92 linux-headers-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-gkeop-source-5.4.0 - 5.4.0-1088.92 linux-tools-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-modules-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-image-unsigned-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-buildinfo-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-modules-extra-5.4.0-1088-gkeop - 5.4.0-1088.92 linux-gkeop-tools-5.4.0-1088 - 5.4.0-1088.92 linux-gkeop-cloud-tools-5.4.0-1088 - 5.4.0-1088.92 linux-image-5.4.0-1088-gkeop - 5.4.0-1088.92 No subscription required linux-kvm-headers-5.4.0-1109 - 5.4.0-1109.116 linux-kvm-tools-5.4.0-1109 - 5.4.0-1109.116 linux-image-unsigned-5.4.0-1109-kvm - 5.4.0-1109.116 linux-buildinfo-5.4.0-1109-kvm - 5.4.0-1109.116 linux-image-5.4.0-1109-kvm - 5.4.0-1109.116 linux-modules-5.4.0-1109-kvm - 5.4.0-1109.116 linux-headers-5.4.0-1109-kvm - 5.4.0-1109.116 linux-tools-5.4.0-1109-kvm - 5.4.0-1109.116 No subscription required linux-image-5.4.0-1120-oracle - 5.4.0-1120.129 linux-headers-5.4.0-1120-oracle - 5.4.0-1120.129 linux-buildinfo-5.4.0-1120-oracle - 5.4.0-1120.129 linux-tools-5.4.0-1120-oracle - 5.4.0-1120.129 linux-image-unsigned-5.4.0-1120-oracle - 5.4.0-1120.129 linux-oracle-tools-5.4.0-1120 - 5.4.0-1120.129 linux-modules-5.4.0-1120-oracle - 5.4.0-1120.129 linux-oracle-headers-5.4.0-1120 - 5.4.0-1120.129 linux-modules-extra-5.4.0-1120-oracle - 5.4.0-1120.129 No subscription required linux-headers-5.4.0-1125-gcp - 5.4.0-1125.134 linux-tools-5.4.0-1125-gcp - 5.4.0-1125.134 linux-buildinfo-5.4.0-1125-gcp - 5.4.0-1125.134 linux-gcp-tools-5.4.0-1125 - 5.4.0-1125.134 linux-modules-5.4.0-1125-gcp - 5.4.0-1125.134 linux-image-5.4.0-1125-gcp - 5.4.0-1125.134 linux-modules-extra-5.4.0-1125-gcp - 5.4.0-1125.134 linux-gcp-headers-5.4.0-1125 - 5.4.0-1125.134 linux-image-unsigned-5.4.0-1125-gcp - 5.4.0-1125.134 No subscription required linux-tools-common - 5.4.0-174.193 linux-buildinfo-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-tools-host - 5.4.0-174.193 linux-doc - 5.4.0-174.193 linux-cloud-tools-5.4.0-174 - 5.4.0-174.193 linux-image-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-libc-dev - 5.4.0-174.193 linux-source-5.4.0 - 5.4.0-174.193 linux-image-5.4.0-174-generic - 5.4.0-174.193 linux-cloud-tools-5.4.0-174-lowlatency - 5.4.0-174.193 linux-cloud-tools-5.4.0-174-generic - 5.4.0-174.193 linux-headers-5.4.0-174 - 5.4.0-174.193 linux-modules-5.4.0-174-generic - 5.4.0-174.193 linux-headers-5.4.0-174-generic - 5.4.0-174.193 linux-headers-5.4.0-174-lowlatency - 5.4.0-174.193 linux-cloud-tools-common - 5.4.0-174.193 linux-modules-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-modules-extra-5.4.0-174-generic - 5.4.0-174.193 linux-buildinfo-5.4.0-174-lowlatency - 5.4.0-174.193 linux-tools-5.4.0-174 - 5.4.0-174.193 linux-image-unsigned-5.4.0-174-lowlatency - 5.4.0-174.193 linux-tools-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-tools-5.4.0-174-generic - 5.4.0-174.193 linux-buildinfo-5.4.0-174-generic - 5.4.0-174.193 linux-headers-5.4.0-174-generic-lpae - 5.4.0-174.193 linux-tools-5.4.0-174-lowlatency - 5.4.0-174.193 linux-image-unsigned-5.4.0-174-generic - 5.4.0-174.193 linux-modules-5.4.0-174-lowlatency - 5.4.0-174.193 linux-image-5.4.0-174-lowlatency - 5.4.0-174.193 No subscription required linux-iot - 5.4.0.1033.31 linux-image-iot - 5.4.0.1033.31 linux-headers-iot - 5.4.0.1033.31 linux-tools-iot - 5.4.0.1033.31 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1068.97 linux-headers-ibm-lts-20.04 - 5.4.0.1068.97 linux-ibm-lts-20.04 - 5.4.0.1068.97 linux-image-ibm-lts-20.04 - 5.4.0.1068.97 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1068.97 No subscription required linux-image-bluefield - 5.4.0.1081.77 linux-bluefield - 5.4.0.1081.77 linux-headers-bluefield - 5.4.0.1081.77 linux-tools-bluefield - 5.4.0.1081.77 No subscription required linux-headers-gkeop - 5.4.0.1088.86 linux-cloud-tools-gkeop-5.4 - 5.4.0.1088.86 linux-image-gkeop - 5.4.0.1088.86 linux-modules-extra-gkeop-5.4 - 5.4.0.1088.86 linux-gkeop-5.4 - 5.4.0.1088.86 linux-headers-gkeop-5.4 - 5.4.0.1088.86 linux-image-gkeop-5.4 - 5.4.0.1088.86 linux-gkeop - 5.4.0.1088.86 linux-cloud-tools-gkeop - 5.4.0.1088.86 linux-modules-extra-gkeop - 5.4.0.1088.86 linux-tools-gkeop - 5.4.0.1088.86 linux-tools-gkeop-5.4 - 5.4.0.1088.86 No subscription required linux-kvm - 5.4.0.1109.105 linux-headers-kvm - 5.4.0.1109.105 linux-image-kvm - 5.4.0.1109.105 linux-tools-kvm - 5.4.0.1109.105 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1120.113 linux-headers-oracle-lts-20.04 - 5.4.0.1120.113 linux-oracle-lts-20.04 - 5.4.0.1120.113 linux-image-oracle-lts-20.04 - 5.4.0.1120.113 No subscription required linux-gcp-lts-20.04 - 5.4.0.1125.127 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1125.127 linux-headers-gcp-lts-20.04 - 5.4.0.1125.127 linux-image-gcp-lts-20.04 - 5.4.0.1125.127 linux-tools-gcp-lts-20.04 - 5.4.0.1125.127 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-image-generic-hwe-18.04 - 5.4.0.174.172 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-headers-generic-lpae - 5.4.0.174.172 linux-image-virtual - 5.4.0.174.172 linux-cloud-tools-lowlatency - 5.4.0.174.172 linux-image-generic - 5.4.0.174.172 linux-tools-lowlatency - 5.4.0.174.172 linux-image-oem - 5.4.0.174.172 linux-tools-virtual-hwe-18.04 - 5.4.0.174.172 linux-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-headers-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-cloud-tools-virtual - 5.4.0.174.172 linux-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-image-extra-virtual-hwe-18.04 - 5.4.0.174.172 linux-image-oem-osp1 - 5.4.0.174.172 linux-image-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-crashdump - 5.4.0.174.172 linux-tools-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-headers-generic-hwe-18.04 - 5.4.0.174.172 linux-headers-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-source - 5.4.0.174.172 linux-lowlatency - 5.4.0.174.172 linux-tools-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-tools-generic-lpae - 5.4.0.174.172 linux-cloud-tools-generic - 5.4.0.174.172 linux-virtual - 5.4.0.174.172 linux-headers-virtual-hwe-18.04 - 5.4.0.174.172 linux-image-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-virtual-hwe-18.04 - 5.4.0.174.172 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-tools-virtual - 5.4.0.174.172 linux-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.174.172 linux-headers-oem - 5.4.0.174.172 linux-generic - 5.4.0.174.172 linux-tools-oem-osp1 - 5.4.0.174.172 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-tools-generic-hwe-18.04-edge - 5.4.0.174.172 linux-image-virtual-hwe-18.04 - 5.4.0.174.172 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-oem-tools-host - 5.4.0.174.172 linux-headers-lowlatency - 5.4.0.174.172 linux-generic-hwe-18.04-edge - 5.4.0.174.172 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.174.172 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-oem - 5.4.0.174.172 linux-tools-generic - 5.4.0.174.172 linux-image-extra-virtual - 5.4.0.174.172 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-oem-osp1-tools-host - 5.4.0.174.172 linux-tools-oem - 5.4.0.174.172 linux-headers-oem-osp1 - 5.4.0.174.172 linux-generic-lpae - 5.4.0.174.172 linux-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.174.172 linux-headers-generic-hwe-18.04-edge - 5.4.0.174.172 linux-headers-generic - 5.4.0.174.172 linux-oem-osp1 - 5.4.0.174.172 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.174.172 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.174.172 linux-virtual-hwe-18.04-edge - 5.4.0.174.172 linux-headers-virtual - 5.4.0.174.172 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.174.172 linux-generic-hwe-18.04 - 5.4.0.174.172 linux-image-generic-lpae - 5.4.0.174.172 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.174.172 linux-image-lowlatency - 5.4.0.174.172 linux-tools-generic-hwe-18.04 - 5.4.0.174.172 linux-image-generic-hwe-18.04-edge - 5.4.0.174.172 linux-image-virtual-hwe-18.04-edge - 5.4.0.174.172 No subscription required High CVE-2023-23000 CVE-2023-23004 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6702-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-image-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-xilinx-zynqmp-tools-5.4.0-1040 - 5.4.0-1040.44 linux-xilinx-zynqmp-headers-5.4.0-1040 - 5.4.0-1040.44 linux-buildinfo-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-tools-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 linux-modules-5.4.0-1040-xilinx-zynqmp - 5.4.0-1040.44 No subscription required linux-headers-5.4.0-1105-raspi - 5.4.0-1105.117 linux-image-5.4.0-1105-raspi - 5.4.0-1105.117 linux-raspi-headers-5.4.0-1105 - 5.4.0-1105.117 linux-buildinfo-5.4.0-1105-raspi - 5.4.0-1105.117 linux-modules-5.4.0-1105-raspi - 5.4.0-1105.117 linux-raspi-tools-5.4.0-1105 - 5.4.0-1105.117 linux-tools-5.4.0-1105-raspi - 5.4.0-1105.117 No subscription required linux-aws-headers-5.4.0-1121 - 5.4.0-1121.131 linux-tools-5.4.0-1121-aws - 5.4.0-1121.131 linux-image-5.4.0-1121-aws - 5.4.0-1121.131 linux-headers-5.4.0-1121-aws - 5.4.0-1121.131 linux-buildinfo-5.4.0-1121-aws - 5.4.0-1121.131 linux-aws-tools-5.4.0-1121 - 5.4.0-1121.131 linux-modules-extra-5.4.0-1121-aws - 5.4.0-1121.131 linux-modules-5.4.0-1121-aws - 5.4.0-1121.131 linux-image-unsigned-5.4.0-1121-aws - 5.4.0-1121.131 linux-cloud-tools-5.4.0-1121-aws - 5.4.0-1121.131 linux-aws-cloud-tools-5.4.0-1121 - 5.4.0-1121.131 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1040.40 linux-xilinx-zynqmp - 5.4.0.1040.40 linux-tools-xilinx-zynqmp - 5.4.0.1040.40 linux-headers-xilinx-zynqmp - 5.4.0.1040.40 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-raspi - 5.4.0.1105.135 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-raspi-hwe-18.04 - 5.4.0.1105.135 linux-tools-raspi - 5.4.0.1105.135 linux-headers-raspi - 5.4.0.1105.135 linux-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-raspi2 - 5.4.0.1105.135 linux-headers-raspi2 - 5.4.0.1105.135 linux-headers-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-image-raspi2 - 5.4.0.1105.135 linux-image-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-image-raspi - 5.4.0.1105.135 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-tools-raspi2 - 5.4.0.1105.135 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1105.135 linux-tools-raspi2-hwe-18.04 - 5.4.0.1105.135 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1105.135 linux-headers-raspi-hwe-18.04 - 5.4.0.1105.135 linux-tools-raspi-hwe-18.04 - 5.4.0.1105.135 linux-image-raspi-hwe-18.04 - 5.4.0.1105.135 linux-image-raspi2-hwe-18.04 - 5.4.0.1105.135 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1121.118 linux-image-aws-lts-20.04 - 5.4.0.1121.118 linux-aws-lts-20.04 - 5.4.0.1121.118 linux-headers-aws-lts-20.04 - 5.4.0.1121.118 linux-tools-aws-lts-20.04 - 5.4.0.1121.118 No subscription required High CVE-2023-23000 CVE-2023-23004 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-2609, CVE-2024-2611, CVE-2024-2614, CVE-2024-2615) Hubert Kario discovered that Firefox had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2023-5388) It was discovered that Firefox did not properly handle WASM register values in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2606) Gary Kwong discovered that Firefox incorrectly updated return registers for JIT code on Armv7-A systems. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-2607) Ronald Crane discovered that Firefox did not properly manage memory during character encoding. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2608) Georg Felber and Marco Squarcina discovered that Firefox incorrectly handled html and body tags. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able obtain sensitive information. (CVE-2024-2610) Ronald Crane discovered a use-after-free in Firefox when handling code in SafeRefPtr. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-2612) Max Inden discovered that Firefox incorrectly handled QUIC ACK frame decoding. A attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2613) Update Instructions: Run `sudo pro fix USN-6703-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 124.0+build1-0ubuntu0.20.04.1 firefox - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 124.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 124.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-tg - 124.0+build1-0ubuntu0.20.04.1 firefox-dev - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 124.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 124.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-5388 CVE-2024-2606 CVE-2024-2607 CVE-2024-2608 CVE-2024-2609 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2613 CVE-2024-2614 CVE-2024-2615 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6704-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-hwe-5.15-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-modules-extra-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-101.111~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-cloud-tools-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-hwe-5.15-headers-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-cloud-tools-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-headers-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-101 - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-buildinfo-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-image-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-modules-5.15.0-101-lowlatency-64k - 5.15.0-101.111~20.04.1 linux-tools-5.15.0-101-generic-lpae - 5.15.0-101.111~20.04.1 linux-image-unsigned-5.15.0-101-generic-64k - 5.15.0-101.111~20.04.1 linux-modules-iwlwifi-5.15.0-101-generic - 5.15.0-101.111~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-101.111~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-101.111~20.04.1 linux-modules-iwlwifi-5.15.0-101-lowlatency - 5.15.0-101.111~20.04.1 No subscription required linux-gkeop-5.15-tools-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-headers-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-image-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-modules-extra-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-image-unsigned-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-modules-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-gkeop-5.15-headers-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1039 - 5.15.0-1039.45~20.04.1 linux-buildinfo-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-cloud-tools-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 linux-tools-5.15.0-1039-gkeop - 5.15.0-1039.45~20.04.1 No subscription required linux-modules-extra-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-ibm-5.15-tools-5.15.0-1049 - 5.15.0-1049.52~20.04.1 linux-buildinfo-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-modules-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-ibm-5.15-headers-5.15.0-1049 - 5.15.0-1049.52~20.04.1 linux-image-unsigned-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1049.52~20.04.1 linux-tools-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-image-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 linux-headers-5.15.0-1049-ibm - 5.15.0-1049.52~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-tools-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-headers-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-image-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-gcp-5.15-tools-5.15.0-1054 - 5.15.0-1054.62~20.04.1 linux-buildinfo-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-modules-iwlwifi-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-image-unsigned-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-modules-extra-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 linux-modules-5.15.0-1054-gcp - 5.15.0-1054.62~20.04.1 No subscription required linux-cloud-tools-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-azure-5.15-headers-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-headers-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-image-unsigned-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-image-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-buildinfo-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-tools-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-azure-5.15-tools-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-modules-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 linux-modules-extra-5.15.0-1059-azure - 5.15.0-1059.67~20.04.1 No subscription required linux-image-5.15.0-1059-azure-fde - 5.15.0-1059.67~20.04.1.1 linux-image-unsigned-5.15.0-1059-azure-fde - 5.15.0-1059.67~20.04.1.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-image-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-lowlatency-64k-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-tools-lowlatency-hwe-20.04 - 5.15.0.101.111~20.04.50 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.50 No subscription required linux-headers-oem-20.04 - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04c - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04b - 5.15.0.101.111~20.04.53 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-oem-20.04b - 5.15.0.101.111~20.04.53 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-tools-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04d - 5.15.0.101.111~20.04.53 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-extra-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-headers-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-tools-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-oem-20.04c - 5.15.0.101.111~20.04.53 linux-image-oem-20.04d - 5.15.0.101.111~20.04.53 linux-oem-20.04 - 5.15.0.101.111~20.04.53 linux-image-oem-20.04 - 5.15.0.101.111~20.04.53 linux-oem-20.04d - 5.15.0.101.111~20.04.53 linux-oem-20.04c - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-oem-20.04 - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-oem-20.04 - 5.15.0.101.111~20.04.53 linux-tools-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-oem-20.04b - 5.15.0.101.111~20.04.53 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-generic-lpae-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-tools-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-generic-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-oem-20.04d - 5.15.0.101.111~20.04.53 linux-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-tools-virtual-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-image-generic-64k-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04b - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04c - 5.15.0.101.111~20.04.53 linux-headers-virtual-hwe-20.04 - 5.15.0.101.111~20.04.53 linux-headers-oem-20.04d - 5.15.0.101.111~20.04.53 No subscription required linux-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-headers-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-tools-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-image-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-headers-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-cloud-tools-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-image-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-cloud-tools-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-modules-extra-gkeop-edge - 5.15.0.1039.45~20.04.35 linux-tools-gkeop-5.15 - 5.15.0.1039.45~20.04.35 linux-modules-extra-gkeop-5.15 - 5.15.0.1039.45~20.04.35 No subscription required linux-image-ibm - 5.15.0.1049.52~20.04.21 linux-tools-ibm - 5.15.0.1049.52~20.04.21 linux-headers-ibm-edge - 5.15.0.1049.52~20.04.21 linux-tools-ibm-edge - 5.15.0.1049.52~20.04.21 linux-ibm - 5.15.0.1049.52~20.04.21 linux-ibm-edge - 5.15.0.1049.52~20.04.21 linux-headers-ibm - 5.15.0.1049.52~20.04.21 linux-image-ibm-edge - 5.15.0.1049.52~20.04.21 No subscription required linux-headers-gcp-edge - 5.15.0.1054.62~20.04.1 linux-image-gcp-edge - 5.15.0.1054.62~20.04.1 linux-modules-extra-gcp - 5.15.0.1054.62~20.04.1 linux-tools-gcp - 5.15.0.1054.62~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1054.62~20.04.1 linux-tools-gcp-edge - 5.15.0.1054.62~20.04.1 linux-headers-gcp - 5.15.0.1054.62~20.04.1 linux-gcp - 5.15.0.1054.62~20.04.1 linux-image-gcp - 5.15.0.1054.62~20.04.1 linux-gcp-edge - 5.15.0.1054.62~20.04.1 No subscription required linux-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-cloud-tools-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-headers-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-image-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-tools-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-modules-extra-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-image-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-tools-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-azure-fde-edge - 5.15.0.1059.67~20.04.1.38 linux-modules-extra-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-cloud-tools-azure-fde - 5.15.0.1059.67~20.04.1.38 linux-headers-azure-fde - 5.15.0.1059.67~20.04.1.38 No subscription required linux-cloud-tools-azure - 5.15.0.1059.67~20.04.49 linux-tools-azure - 5.15.0.1059.67~20.04.49 linux-image-azure-edge - 5.15.0.1059.67~20.04.49 linux-image-azure-cvm - 5.15.0.1059.67~20.04.49 linux-modules-extra-azure-cvm - 5.15.0.1059.67~20.04.49 linux-azure-cvm - 5.15.0.1059.67~20.04.49 linux-tools-azure-edge - 5.15.0.1059.67~20.04.49 linux-tools-azure-cvm - 5.15.0.1059.67~20.04.49 linux-cloud-tools-azure-edge - 5.15.0.1059.67~20.04.49 linux-modules-extra-azure - 5.15.0.1059.67~20.04.49 linux-headers-azure-cvm - 5.15.0.1059.67~20.04.49 linux-azure - 5.15.0.1059.67~20.04.49 linux-image-azure - 5.15.0.1059.67~20.04.49 linux-cloud-tools-azure-cvm - 5.15.0.1059.67~20.04.49 linux-headers-azure-edge - 5.15.0.1059.67~20.04.49 linux-azure-edge - 5.15.0.1059.67~20.04.49 linux-modules-extra-azure-edge - 5.15.0.1059.67~20.04.49 linux-headers-azure - 5.15.0.1059.67~20.04.49 No subscription required High CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6704-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-modules-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-image-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-image-unsigned-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-oracle-5.15-headers-5.15.0-1054 - 5.15.0-1054.60~20.04.1 linux-headers-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-oracle-5.15-tools-5.15.0-1054 - 5.15.0-1054.60~20.04.1 linux-modules-extra-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 linux-tools-5.15.0-1054-oracle - 5.15.0-1054.60~20.04.1 No subscription required linux-tools-oracle - 5.15.0.1054.60~20.04.1 linux-image-oracle-edge - 5.15.0.1054.60~20.04.1 linux-tools-oracle-edge - 5.15.0.1054.60~20.04.1 linux-headers-oracle - 5.15.0.1054.60~20.04.1 linux-oracle - 5.15.0.1054.60~20.04.1 linux-oracle-edge - 5.15.0.1054.60~20.04.1 linux-image-oracle - 5.15.0.1054.60~20.04.1 linux-headers-oracle-edge - 5.15.0.1054.60~20.04.1 No subscription required High CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6704-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-buildinfo-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-modules-extra-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-tools-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1051.57~20.04.1 linux-image-unsigned-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1051.57~20.04.1 linux-modules-iwlwifi-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.57~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1051.57~20.04.1 linux-headers-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-image-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 linux-modules-5.15.0-1051-intel-iotg - 5.15.0-1051.57~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1051.57~20.04.41 linux-tools-intel - 5.15.0.1051.57~20.04.41 linux-intel-iotg - 5.15.0.1051.57~20.04.41 linux-headers-intel - 5.15.0.1051.57~20.04.41 linux-intel - 5.15.0.1051.57~20.04.41 linux-image-intel-iotg - 5.15.0.1051.57~20.04.41 linux-image-intel - 5.15.0.1051.57~20.04.41 linux-tools-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-headers-intel-iotg - 5.15.0.1051.57~20.04.41 linux-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-headers-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-image-intel-iotg-edge - 5.15.0.1051.57~20.04.41 linux-tools-intel-iotg - 5.15.0.1051.57~20.04.41 No subscription required High CVE-2023-23000 CVE-2023-32247 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6705-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-aws-5.15-tools-5.15.0-1056 - 5.15.0-1056.61~20.04.1 linux-image-unsigned-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-image-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1056 - 5.15.0-1056.61~20.04.1 linux-tools-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-aws-5.15-headers-5.15.0-1056 - 5.15.0-1056.61~20.04.1 linux-buildinfo-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-modules-extra-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-modules-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 linux-cloud-tools-5.15.0-1056-aws - 5.15.0-1056.61~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1056.61~20.04.43 linux-aws-edge - 5.15.0.1056.61~20.04.43 linux-modules-extra-aws-edge - 5.15.0.1056.61~20.04.43 linux-tools-aws-edge - 5.15.0.1056.61~20.04.43 linux-image-aws-edge - 5.15.0.1056.61~20.04.43 linux-aws - 5.15.0.1056.61~20.04.43 linux-tools-aws - 5.15.0.1056.61~20.04.43 linux-headers-aws - 5.15.0.1056.61~20.04.43 linux-headers-aws-edge - 5.15.0.1056.61~20.04.43 linux-image-aws - 5.15.0.1056.61~20.04.43 No subscription required High CVE-2023-22995 CVE-2023-23000 CVE-2023-32247 CVE-2023-4134 CVE-2023-46343 CVE-2023-46862 CVE-2023-51779 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-0607 CVE-2024-1085 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS It was discovered that Graphviz incorrectly handled certain config6a files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6708-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgv-perl - 2.42.2-3ubuntu0.1~esm2 python3-gv - 2.42.2-3ubuntu0.1~esm2 libcgraph6 - 2.42.2-3ubuntu0.1~esm2 libgv-tcl - 2.42.2-3ubuntu0.1~esm2 liblab-gamut1 - 2.42.2-3ubuntu0.1~esm2 libgv-guile - 2.42.2-3ubuntu0.1~esm2 libxdot4 - 2.42.2-3ubuntu0.1~esm2 libgv-lua - 2.42.2-3ubuntu0.1~esm2 libcdt5 - 2.42.2-3ubuntu0.1~esm2 graphviz - 2.42.2-3ubuntu0.1~esm2 libgv-php7 - 2.42.2-3ubuntu0.1~esm2 libpathplan4 - 2.42.2-3ubuntu0.1~esm2 graphviz-doc - 2.42.2-3ubuntu0.1~esm2 libgvpr2 - 2.42.2-3ubuntu0.1~esm2 libgraphviz-dev - 2.42.2-3ubuntu0.1~esm2 libgvc6-plugins-gtk - 2.42.2-3ubuntu0.1~esm2 libgvc6 - 2.42.2-3ubuntu0.1~esm2 libgv-ruby - 2.42.2-3ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-46045 Ubuntu 20.04 LTS Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. (CVE-2024-29943) Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code. (CVE-2024-29944) Update Instructions: Run `sudo pro fix USN-6710-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 124.0.1+build1-0ubuntu0.20.04.1 firefox - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 124.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 124.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 124.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 124.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 124.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-29943 CVE-2024-29944 Ubuntu 20.04 LTS USN-6710-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. (CVE-2024-29943) Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code. (CVE-2024-29944) Update Instructions: Run `sudo pro fix USN-6710-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 124.0.2+build1-0ubuntu0.20.04.1 firefox - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 124.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 124.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 124.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 124.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 124.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2060171 Ubuntu 20.04 LTS Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline. Update Instructions: Run `sudo pro fix USN-6711-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: crmsh - 4.2.0-2ubuntu1.1 crmsh-doc - 4.2.0-2ubuntu1.1 No subscription required Low CVE-2020-35459 Ubuntu 20.04 LTS It was discovered that Net::CIDR::Lite incorrectly handled extra zero characters at the beginning of IP address strings. A remote attacker could possibly use this issue to bypass access controls. Update Instructions: Run `sudo pro fix USN-6712-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnet-cidr-lite-perl - 0.21-2ubuntu0.1 No subscription required Medium CVE-2021-47154 Ubuntu 20.04 LTS It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands. Update Instructions: Run `sudo pro fix USN-6714-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: debian-goodies - 0.84ubuntu0.1 No subscription required Low CVE-2023-27635 Ubuntu 20.04 LTS It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-6715-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: odbcinst - 2.3.6-0.1ubuntu0.1 odbcinst1debian2 - 2.3.6-0.1ubuntu0.1 libodbc1 - 2.3.6-0.1ubuntu0.1 unixodbc-dev - 2.3.6-0.1ubuntu0.1 unixodbc - 2.3.6-0.1ubuntu0.1 No subscription required Medium CVE-2024-1013 Ubuntu 20.04 LTS Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2021-44879) It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004) Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4244) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855) Update Instructions: Run `sudo pro fix USN-6716-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-extra-5.4.0-1126-azure - 5.4.0-1126.133 linux-azure-headers-5.4.0-1126 - 5.4.0-1126.133 linux-cloud-tools-5.4.0-1126-azure - 5.4.0-1126.133 linux-tools-5.4.0-1126-azure - 5.4.0-1126.133 linux-headers-5.4.0-1126-azure - 5.4.0-1126.133 linux-azure-cloud-tools-5.4.0-1126 - 5.4.0-1126.133 linux-azure-tools-5.4.0-1126 - 5.4.0-1126.133 linux-image-5.4.0-1126-azure - 5.4.0-1126.133 linux-buildinfo-5.4.0-1126-azure - 5.4.0-1126.133 linux-image-unsigned-5.4.0-1126-azure - 5.4.0-1126.133 linux-modules-5.4.0-1126-azure - 5.4.0-1126.133 No subscription required linux-headers-azure-lts-20.04 - 5.4.0.1126.119 linux-image-azure-lts-20.04 - 5.4.0.1126.119 linux-tools-azure-lts-20.04 - 5.4.0.1126.119 linux-modules-extra-azure-lts-20.04 - 5.4.0.1126.119 linux-azure-lts-20.04 - 5.4.0.1126.119 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1126.119 No subscription required High CVE-2021-44879 CVE-2023-22995 CVE-2023-23000 CVE-2023-23004 CVE-2023-4244 CVE-2023-51779 CVE-2023-51780 CVE-2023-51782 CVE-2023-6121 CVE-2024-0340 CVE-2024-1086 CVE-2024-24855 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-0743, CVE-2024-2611, CVE-2024-2614) Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2023-5388) Gary Kwong discovered that Thunderbird incorrectly updated return registers for JIT code on Armv7-A systems. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-2607) Ronald Crane discovered that Thunderbird did not properly manage memory during character encoding. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2608) Georg Felber and Marco Squarcina discovered that Thunderbird incorrectly handled html and body tags. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able obtain sensitive information. (CVE-2024-2610) Ronald Crane discovered a use-after-free in Thunderbird when handling code in SafeRefPtr. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-2612) Ryan VanderMeulen and Dan Minor discovered that Thunderbird did not properly manage memory conditions in ICU. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-2616) Update Instructions: Run `sudo pro fix USN-6717-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.9.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.9.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.9.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.9.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.9.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0743 CVE-2023-5388 CVE-2024-2607 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614 CVE-2024-2616 Ubuntu 20.04 LTS Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. (CVE-2024-2004) It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service. (CVE-2024-2398) Update Instructions: Run `sudo pro fix USN-6718-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcurl4-gnutls-dev - 7.68.0-1ubuntu2.22 libcurl4-openssl-dev - 7.68.0-1ubuntu2.22 libcurl3-gnutls - 7.68.0-1ubuntu2.22 libcurl4-doc - 7.68.0-1ubuntu2.22 libcurl3-nss - 7.68.0-1ubuntu2.22 libcurl4-nss-dev - 7.68.0-1ubuntu2.22 libcurl4 - 7.68.0-1ubuntu2.22 curl - 7.68.0-1ubuntu2.22 No subscription required Medium CVE-2024-2004 CVE-2024-2398 Ubuntu 20.04 LTS Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6719-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.34-0.1ubuntu9.5 No subscription required libfdisk-dev - 2.34-0.1ubuntu9.5 libblkid1 - 2.34-0.1ubuntu9.5 rfkill - 2.34-0.1ubuntu9.5 libfdisk1 - 2.34-0.1ubuntu9.5 libblkid-dev - 2.34-0.1ubuntu9.5 util-linux-locales - 2.34-0.1ubuntu9.5 libuuid1 - 2.34-0.1ubuntu9.5 libmount1 - 2.34-0.1ubuntu9.5 libsmartcols-dev - 2.34-0.1ubuntu9.5 uuid-dev - 2.34-0.1ubuntu9.5 libmount-dev - 2.34-0.1ubuntu9.5 libsmartcols1 - 2.34-0.1ubuntu9.5 fdisk - 2.34-0.1ubuntu9.5 uuid-runtime - 2.34-0.1ubuntu9.5 util-linux - 2.34-0.1ubuntu9.5 mount - 2.34-0.1ubuntu9.5 No subscription required Medium CVE-2024-28085 Ubuntu 20.04 LTS USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory details: Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6719-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bsdutils - 1:2.34-0.1ubuntu9.6 No subscription required libfdisk-dev - 2.34-0.1ubuntu9.6 libblkid1 - 2.34-0.1ubuntu9.6 rfkill - 2.34-0.1ubuntu9.6 libfdisk1 - 2.34-0.1ubuntu9.6 libblkid-dev - 2.34-0.1ubuntu9.6 util-linux-locales - 2.34-0.1ubuntu9.6 libuuid1 - 2.34-0.1ubuntu9.6 libmount1 - 2.34-0.1ubuntu9.6 libsmartcols-dev - 2.34-0.1ubuntu9.6 uuid-dev - 2.34-0.1ubuntu9.6 libmount-dev - 2.34-0.1ubuntu9.6 libsmartcols1 - 2.34-0.1ubuntu9.6 fdisk - 2.34-0.1ubuntu9.6 uuid-runtime - 2.34-0.1ubuntu9.6 util-linux - 2.34-0.1ubuntu9.6 mount - 2.34-0.1ubuntu9.6 No subscription required Medium CVE-2024-28085 Ubuntu 20.04 LTS It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082) It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2024-31083) Update Instructions: Run `sudo pro fix USN-6721-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.16 xwayland - 2:1.20.13-1ubuntu1~20.04.16 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.16 xdmx - 2:1.20.13-1ubuntu1~20.04.16 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.16 xvfb - 2:1.20.13-1ubuntu1~20.04.16 xnest - 2:1.20.13-1ubuntu1~20.04.16 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.16 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.16 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.16 xserver-common - 2:1.20.13-1ubuntu1~20.04.16 No subscription required Medium CVE-2024-31080 CVE-2024-31081 CVE-2024-31082 CVE-2024-31083 Ubuntu 20.04 LTS USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete resulting in a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082) It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information. (CVE-2024-31083) Update Instructions: Run `sudo pro fix USN-6721-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.17 xwayland - 2:1.20.13-1ubuntu1~20.04.17 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.17 xdmx - 2:1.20.13-1ubuntu1~20.04.17 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.17 xvfb - 2:1.20.13-1ubuntu1~20.04.17 xnest - 2:1.20.13-1ubuntu1~20.04.17 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.17 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.17 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.17 xserver-common - 2:1.20.13-1ubuntu1~20.04.17 No subscription required None https://launchpad.net/bugs/2060354 Ubuntu 20.04 LTS Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1194) Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32254) It was discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling session connections, leading to a use- after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32258) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an integer underflow and out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38427) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate SMB request protocol IDs, leading to a out-of- bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38430) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate packet header sizes in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38431) It was discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information. (CVE-2023-3867) Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Yang Chaoming discovered that the KSMBD implementation in the Linux kernel did not properly validate request buffer sizes, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-22705) Chenyuan Yang discovered that the btrfs file system in the Linux kernel did not properly handle read operations on newly created subvolumes in certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-23850) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Block layer; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - EFI Variable file system; - F2FS file system; - GFS2 file system; - SMB network file system; - BPF subsystem; - IPv6 Networking; - Network Traffic Control; - AppArmor security module; (CVE-2023-52463, CVE-2023-52445, CVE-2023-52462, CVE-2023-52609, CVE-2023-52448, CVE-2023-52457, CVE-2023-52464, CVE-2023-52456, CVE-2023-52454, CVE-2023-52438, CVE-2023-52480, CVE-2023-52443, CVE-2023-52442, CVE-2024-26631, CVE-2023-52439, CVE-2023-52612, CVE-2024-26598, CVE-2024-26586, CVE-2024-26589, CVE-2023-52444, CVE-2023-52436, CVE-2024-26633, CVE-2024-26597, CVE-2023-52458, CVE-2024-26591, CVE-2023-52449, CVE-2023-52467, CVE-2023-52441, CVE-2023-52610, CVE-2023-52451, CVE-2023-52469, CVE-2023-52470) Update Instructions: Run `sudo pro fix USN-6725-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-hwe-5.15-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-102.112~20.04.1 linux-modules-iwlwifi-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-cloud-tools-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-hwe-5.15-headers-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-modules-iwlwifi-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-102 - 5.15.0-102.112~20.04.1 linux-modules-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-headers-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-generic-64k - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-modules-extra-5.15.0-102-generic - 5.15.0-102.112~20.04.1 linux-image-unsigned-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-tools-5.15.0-102-generic-lpae - 5.15.0-102.112~20.04.1 linux-cloud-tools-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-image-5.15.0-102-lowlatency - 5.15.0-102.112~20.04.1 linux-buildinfo-5.15.0-102-lowlatency-64k - 5.15.0-102.112~20.04.1 No subscription required linux-cloud-tools-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-image-unsigned-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-modules-extra-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-tools-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-gkeop-5.15-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-image-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-headers-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-modules-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 linux-gkeop-5.15-headers-5.15.0-1040 - 5.15.0-1040.46~20.04.1 linux-buildinfo-5.15.0-1040-gkeop - 5.15.0-1040.46~20.04.1 No subscription required linux-ibm-5.15-tools-5.15.0-1050 - 5.15.0-1050.53~20.04.1 linux-ibm-5.15-headers-5.15.0-1050 - 5.15.0-1050.53~20.04.1 linux-image-unsigned-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-modules-extra-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1050.53~20.04.1 linux-tools-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-image-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-buildinfo-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-headers-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 linux-modules-5.15.0-1050-ibm - 5.15.0-1050.53~20.04.1 No subscription required linux-intel-iotg-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1052.58~20.04.1 linux-tools-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1052 - 5.15.0-1052.58~20.04.1 linux-buildinfo-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-modules-iwlwifi-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-image-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-modules-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-cloud-tools-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1052.58~20.04.1 linux-modules-extra-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-image-unsigned-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-headers-5.15.0-1052-intel-iotg - 5.15.0-1052.58~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1052 - 5.15.0-1052.58~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-image-unsigned-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-modules-extra-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-modules-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-tools-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-buildinfo-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-image-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-headers-5.15.0-1055-oracle - 5.15.0-1055.61~20.04.1 linux-oracle-5.15-tools-5.15.0-1055 - 5.15.0-1055.61~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1055 - 5.15.0-1055.63~20.04.1 linux-modules-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-headers-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-buildinfo-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-image-unsigned-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-modules-iwlwifi-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-modules-extra-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-tools-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 linux-gcp-5.15-tools-5.15.0-1055 - 5.15.0-1055.63~20.04.1 linux-image-5.15.0-1055-gcp - 5.15.0-1055.63~20.04.1 No subscription required linux-modules-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-azure-5.15-headers-5.15.0-1060 - 5.15.0-1060.69~20.04.1 linux-tools-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1060 - 5.15.0-1060.69~20.04.1 linux-modules-extra-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-azure-5.15-tools-5.15.0-1060 - 5.15.0-1060.69~20.04.1 linux-image-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-buildinfo-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-image-unsigned-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-headers-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 linux-cloud-tools-5.15.0-1060-azure - 5.15.0-1060.69~20.04.1 No subscription required linux-image-5.15.0-1060-azure-fde - 5.15.0-1060.69~20.04.1.1 linux-image-unsigned-5.15.0-1060-azure-fde - 5.15.0-1060.69~20.04.1.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04 - 5.15.0.102.112~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04c - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04b - 5.15.0.102.112~20.04.1 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-oem-20.04b - 5.15.0.102.112~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-oem-20.04c - 5.15.0.102.112~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04d - 5.15.0.102.112~20.04.1 linux-image-oem-20.04d - 5.15.0.102.112~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-oem-20.04 - 5.15.0.102.112~20.04.1 linux-image-oem-20.04 - 5.15.0.102.112~20.04.1 linux-oem-20.04c - 5.15.0.102.112~20.04.1 linux-oem-20.04b - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-oem-20.04d - 5.15.0.102.112~20.04.1 linux-tools-oem-20.04 - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.102.112~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.102.112~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.102.112~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04c - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04d - 5.15.0.102.112~20.04.1 linux-headers-oem-20.04b - 5.15.0.102.112~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.102.112~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-headers-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-image-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-headers-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-tools-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-image-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-cloud-tools-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-modules-extra-gkeop-edge - 5.15.0.1040.46~20.04.36 linux-tools-gkeop-5.15 - 5.15.0.1040.46~20.04.36 linux-modules-extra-gkeop-5.15 - 5.15.0.1040.46~20.04.36 No subscription required linux-image-ibm - 5.15.0.1050.53~20.04.1 linux-tools-ibm - 5.15.0.1050.53~20.04.1 linux-headers-ibm-edge - 5.15.0.1050.53~20.04.1 linux-headers-ibm - 5.15.0.1050.53~20.04.1 linux-ibm - 5.15.0.1050.53~20.04.1 linux-ibm-edge - 5.15.0.1050.53~20.04.1 linux-tools-ibm-edge - 5.15.0.1050.53~20.04.1 linux-image-ibm-edge - 5.15.0.1050.53~20.04.1 No subscription required linux-intel - 5.15.0.1052.58~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-image-intel - 5.15.0.1052.58~20.04.1 linux-cloud-tools-intel - 5.15.0.1052.58~20.04.1 linux-tools-intel - 5.15.0.1052.58~20.04.1 linux-image-intel-iotg - 5.15.0.1052.58~20.04.1 linux-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-tools-intel-iotg - 5.15.0.1052.58~20.04.1 linux-headers-intel - 5.15.0.1052.58~20.04.1 linux-headers-intel-iotg - 5.15.0.1052.58~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1052.58~20.04.1 linux-intel-iotg - 5.15.0.1052.58~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1055.61~20.04.1 linux-tools-oracle - 5.15.0.1055.61~20.04.1 linux-tools-oracle-edge - 5.15.0.1055.61~20.04.1 linux-oracle-edge - 5.15.0.1055.61~20.04.1 linux-image-oracle-edge - 5.15.0.1055.61~20.04.1 linux-image-oracle - 5.15.0.1055.61~20.04.1 linux-headers-oracle-edge - 5.15.0.1055.61~20.04.1 linux-oracle - 5.15.0.1055.61~20.04.1 No subscription required linux-gcp - 5.15.0.1055.63~20.04.1 linux-headers-gcp-edge - 5.15.0.1055.63~20.04.1 linux-modules-extra-gcp - 5.15.0.1055.63~20.04.1 linux-gcp-edge - 5.15.0.1055.63~20.04.1 linux-tools-gcp - 5.15.0.1055.63~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1055.63~20.04.1 linux-tools-gcp-edge - 5.15.0.1055.63~20.04.1 linux-headers-gcp - 5.15.0.1055.63~20.04.1 linux-image-gcp - 5.15.0.1055.63~20.04.1 linux-image-gcp-edge - 5.15.0.1055.63~20.04.1 No subscription required linux-cloud-tools-azure - 5.15.0.1060.69~20.04.1 linux-headers-azure-cvm - 5.15.0.1060.69~20.04.1 linux-tools-azure - 5.15.0.1060.69~20.04.1 linux-image-azure-edge - 5.15.0.1060.69~20.04.1 linux-image-azure-cvm - 5.15.0.1060.69~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1060.69~20.04.1 linux-tools-azure-edge - 5.15.0.1060.69~20.04.1 linux-tools-azure-cvm - 5.15.0.1060.69~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1060.69~20.04.1 linux-modules-extra-azure - 5.15.0.1060.69~20.04.1 linux-azure - 5.15.0.1060.69~20.04.1 linux-image-azure - 5.15.0.1060.69~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1060.69~20.04.1 linux-azure-edge - 5.15.0.1060.69~20.04.1 linux-azure-cvm - 5.15.0.1060.69~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1060.69~20.04.1 linux-headers-azure-edge - 5.15.0.1060.69~20.04.1 linux-headers-azure - 5.15.0.1060.69~20.04.1 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-tools-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-headers-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-image-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-modules-extra-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-image-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-cloud-tools-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-azure-fde-edge - 5.15.0.1060.69~20.04.1.39 linux-modules-extra-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-tools-azure-fde - 5.15.0.1060.69~20.04.1.39 linux-headers-azure-fde - 5.15.0.1060.69~20.04.1.39 No subscription required High CVE-2023-1194 CVE-2023-32254 CVE-2023-32258 CVE-2023-38427 CVE-2023-38430 CVE-2023-38431 CVE-2023-3867 CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52441 CVE-2023-52442 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52456 CVE-2023-52457 CVE-2023-52458 CVE-2023-52462 CVE-2023-52463 CVE-2023-52464 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470 CVE-2023-52480 CVE-2023-52609 CVE-2023-52610 CVE-2023-52612 CVE-2024-22705 CVE-2024-23850 CVE-2024-23851 CVE-2024-24860 CVE-2024-26586 CVE-2024-26589 CVE-2024-26591 CVE-2024-26597 CVE-2024-26598 CVE-2024-26631 CVE-2024-26633 Ubuntu 20.04 LTS Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1194) Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32254) It was discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling session connections, leading to a use- after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32258) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an integer underflow and out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38427) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate SMB request protocol IDs, leading to a out-of- bounds read vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-38430) Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate packet header sizes in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38431) It was discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information. (CVE-2023-3867) Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Yang Chaoming discovered that the KSMBD implementation in the Linux kernel did not properly validate request buffer sizes, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-22705) Chenyuan Yang discovered that the btrfs file system in the Linux kernel did not properly handle read operations on newly created subvolumes in certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-23850) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Block layer; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - EFI Variable file system; - F2FS file system; - GFS2 file system; - SMB network file system; - BPF subsystem; - IPv6 Networking; - Network Traffic Control; - AppArmor security module; (CVE-2023-52463, CVE-2023-52445, CVE-2023-52462, CVE-2023-52609, CVE-2023-52448, CVE-2023-52457, CVE-2023-52464, CVE-2023-52456, CVE-2023-52454, CVE-2023-52438, CVE-2023-52480, CVE-2023-52443, CVE-2023-52442, CVE-2024-26631, CVE-2023-52439, CVE-2023-52612, CVE-2024-26598, CVE-2024-26586, CVE-2024-26589, CVE-2023-52444, CVE-2023-52436, CVE-2024-26633, CVE-2024-26597, CVE-2023-52458, CVE-2024-26591, CVE-2023-52449, CVE-2023-52467, CVE-2023-52441, CVE-2023-52610, CVE-2023-52451, CVE-2023-52469, CVE-2023-52470) Update Instructions: Run `sudo pro fix USN-6725-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-tools-5.15.0-1057 - 5.15.0-1057.63~20.04.1 linux-tools-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1057 - 5.15.0-1057.63~20.04.1 linux-image-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-modules-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-headers-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-modules-extra-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-buildinfo-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-image-unsigned-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 linux-aws-5.15-headers-5.15.0-1057 - 5.15.0-1057.63~20.04.1 linux-cloud-tools-5.15.0-1057-aws - 5.15.0-1057.63~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1057.63~20.04.1 linux-aws-edge - 5.15.0.1057.63~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1057.63~20.04.1 linux-image-aws-edge - 5.15.0.1057.63~20.04.1 linux-aws - 5.15.0.1057.63~20.04.1 linux-tools-aws - 5.15.0.1057.63~20.04.1 linux-headers-aws - 5.15.0.1057.63~20.04.1 linux-headers-aws-edge - 5.15.0.1057.63~20.04.1 linux-tools-aws-edge - 5.15.0.1057.63~20.04.1 linux-image-aws - 5.15.0.1057.63~20.04.1 No subscription required High CVE-2023-1194 CVE-2023-32254 CVE-2023-32258 CVE-2023-38427 CVE-2023-38430 CVE-2023-38431 CVE-2023-3867 CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52441 CVE-2023-52442 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52456 CVE-2023-52457 CVE-2023-52458 CVE-2023-52462 CVE-2023-52463 CVE-2023-52464 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470 CVE-2023-52480 CVE-2023-52609 CVE-2023-52610 CVE-2023-52612 CVE-2024-22705 CVE-2024-23850 CVE-2024-23851 CVE-2024-24860 CVE-2024-26586 CVE-2024-26589 CVE-2024-26591 CVE-2024-26597 CVE-2024-26598 CVE-2024-26631 CVE-2024-26633 Ubuntu 20.04 LTS Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - F2FS file system; - GFS2 file system; - IPv6 Networking; - AppArmor security module; (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443, CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597, CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469, CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454, CVE-2023-52436, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6726-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1069-ibm - 5.4.0-1069.74 linux-ibm-headers-5.4.0-1069 - 5.4.0-1069.74 linux-ibm-source-5.4.0 - 5.4.0-1069.74 linux-headers-5.4.0-1069-ibm - 5.4.0-1069.74 linux-ibm-tools-5.4.0-1069 - 5.4.0-1069.74 linux-ibm-tools-common - 5.4.0-1069.74 linux-buildinfo-5.4.0-1069-ibm - 5.4.0-1069.74 linux-modules-extra-5.4.0-1069-ibm - 5.4.0-1069.74 linux-image-5.4.0-1069-ibm - 5.4.0-1069.74 linux-ibm-cloud-tools-common - 5.4.0-1069.74 linux-tools-5.4.0-1069-ibm - 5.4.0-1069.74 linux-image-unsigned-5.4.0-1069-ibm - 5.4.0-1069.74 No subscription required linux-bluefield-headers-5.4.0-1082 - 5.4.0-1082.89 linux-buildinfo-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-headers-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-bluefield-tools-5.4.0-1082 - 5.4.0-1082.89 linux-tools-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-image-unsigned-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-modules-5.4.0-1082-bluefield - 5.4.0-1082.89 linux-image-5.4.0-1082-bluefield - 5.4.0-1082.89 No subscription required linux-gkeop-headers-5.4.0-1089 - 5.4.0-1089.93 linux-buildinfo-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-gkeop-source-5.4.0 - 5.4.0-1089.93 linux-modules-extra-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-cloud-tools-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-modules-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-image-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-gkeop-cloud-tools-5.4.0-1089 - 5.4.0-1089.93 linux-image-unsigned-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-headers-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-tools-5.4.0-1089-gkeop - 5.4.0-1089.93 linux-gkeop-tools-5.4.0-1089 - 5.4.0-1089.93 No subscription required linux-tools-5.4.0-1106-raspi - 5.4.0-1106.118 linux-raspi-tools-5.4.0-1106 - 5.4.0-1106.118 linux-image-5.4.0-1106-raspi - 5.4.0-1106.118 linux-headers-5.4.0-1106-raspi - 5.4.0-1106.118 linux-buildinfo-5.4.0-1106-raspi - 5.4.0-1106.118 linux-modules-5.4.0-1106-raspi - 5.4.0-1106.118 linux-raspi-headers-5.4.0-1106 - 5.4.0-1106.118 No subscription required linux-kvm-tools-5.4.0-1110 - 5.4.0-1110.117 linux-modules-5.4.0-1110-kvm - 5.4.0-1110.117 linux-image-5.4.0-1110-kvm - 5.4.0-1110.117 linux-buildinfo-5.4.0-1110-kvm - 5.4.0-1110.117 linux-headers-5.4.0-1110-kvm - 5.4.0-1110.117 linux-kvm-headers-5.4.0-1110 - 5.4.0-1110.117 linux-tools-5.4.0-1110-kvm - 5.4.0-1110.117 linux-image-unsigned-5.4.0-1110-kvm - 5.4.0-1110.117 No subscription required linux-oracle-headers-5.4.0-1121 - 5.4.0-1121.130 linux-image-unsigned-5.4.0-1121-oracle - 5.4.0-1121.130 linux-image-5.4.0-1121-oracle - 5.4.0-1121.130 linux-tools-5.4.0-1121-oracle - 5.4.0-1121.130 linux-buildinfo-5.4.0-1121-oracle - 5.4.0-1121.130 linux-oracle-tools-5.4.0-1121 - 5.4.0-1121.130 linux-headers-5.4.0-1121-oracle - 5.4.0-1121.130 linux-modules-extra-5.4.0-1121-oracle - 5.4.0-1121.130 linux-modules-5.4.0-1121-oracle - 5.4.0-1121.130 No subscription required linux-modules-extra-5.4.0-1122-aws - 5.4.0-1122.132 linux-buildinfo-5.4.0-1122-aws - 5.4.0-1122.132 linux-aws-tools-5.4.0-1122 - 5.4.0-1122.132 linux-tools-5.4.0-1122-aws - 5.4.0-1122.132 linux-cloud-tools-5.4.0-1122-aws - 5.4.0-1122.132 linux-image-unsigned-5.4.0-1122-aws - 5.4.0-1122.132 linux-aws-cloud-tools-5.4.0-1122 - 5.4.0-1122.132 linux-aws-headers-5.4.0-1122 - 5.4.0-1122.132 linux-modules-5.4.0-1122-aws - 5.4.0-1122.132 linux-image-5.4.0-1122-aws - 5.4.0-1122.132 linux-headers-5.4.0-1122-aws - 5.4.0-1122.132 No subscription required linux-gcp-headers-5.4.0-1126 - 5.4.0-1126.135 linux-modules-5.4.0-1126-gcp - 5.4.0-1126.135 linux-headers-5.4.0-1126-gcp - 5.4.0-1126.135 linux-buildinfo-5.4.0-1126-gcp - 5.4.0-1126.135 linux-image-unsigned-5.4.0-1126-gcp - 5.4.0-1126.135 linux-tools-5.4.0-1126-gcp - 5.4.0-1126.135 linux-image-5.4.0-1126-gcp - 5.4.0-1126.135 linux-modules-extra-5.4.0-1126-gcp - 5.4.0-1126.135 linux-gcp-tools-5.4.0-1126 - 5.4.0-1126.135 No subscription required linux-azure-cloud-tools-5.4.0-1127 - 5.4.0-1127.134 linux-headers-5.4.0-1127-azure - 5.4.0-1127.134 linux-azure-headers-5.4.0-1127 - 5.4.0-1127.134 linux-image-unsigned-5.4.0-1127-azure - 5.4.0-1127.134 linux-image-5.4.0-1127-azure - 5.4.0-1127.134 linux-tools-5.4.0-1127-azure - 5.4.0-1127.134 linux-azure-tools-5.4.0-1127 - 5.4.0-1127.134 linux-modules-extra-5.4.0-1127-azure - 5.4.0-1127.134 linux-modules-5.4.0-1127-azure - 5.4.0-1127.134 linux-buildinfo-5.4.0-1127-azure - 5.4.0-1127.134 linux-cloud-tools-5.4.0-1127-azure - 5.4.0-1127.134 No subscription required linux-tools-common - 5.4.0-176.196 linux-image-5.4.0-176-lowlatency - 5.4.0-176.196 linux-tools-host - 5.4.0-176.196 linux-image-unsigned-5.4.0-176-lowlatency - 5.4.0-176.196 linux-headers-5.4.0-176-generic - 5.4.0-176.196 linux-doc - 5.4.0-176.196 linux-image-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-cloud-tools-5.4.0-176 - 5.4.0-176.196 linux-cloud-tools-5.4.0-176-lowlatency - 5.4.0-176.196 linux-headers-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-libc-dev - 5.4.0-176.196 linux-source-5.4.0 - 5.4.0-176.196 linux-modules-5.4.0-176-generic - 5.4.0-176.196 linux-image-5.4.0-176-generic - 5.4.0-176.196 linux-headers-5.4.0-176 - 5.4.0-176.196 linux-buildinfo-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-cloud-tools-5.4.0-176-generic - 5.4.0-176.196 linux-buildinfo-5.4.0-176-lowlatency - 5.4.0-176.196 linux-modules-5.4.0-176-lowlatency - 5.4.0-176.196 linux-tools-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-headers-5.4.0-176-lowlatency - 5.4.0-176.196 linux-cloud-tools-common - 5.4.0-176.196 linux-tools-5.4.0-176-lowlatency - 5.4.0-176.196 linux-tools-5.4.0-176-generic - 5.4.0-176.196 linux-tools-5.4.0-176 - 5.4.0-176.196 linux-modules-5.4.0-176-generic-lpae - 5.4.0-176.196 linux-buildinfo-5.4.0-176-generic - 5.4.0-176.196 linux-modules-extra-5.4.0-176-generic - 5.4.0-176.196 linux-image-unsigned-5.4.0-176-generic - 5.4.0-176.196 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1069.98 linux-headers-ibm-lts-20.04 - 5.4.0.1069.98 linux-image-ibm-lts-20.04 - 5.4.0.1069.98 linux-ibm-lts-20.04 - 5.4.0.1069.98 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1069.98 No subscription required linux-bluefield - 5.4.0.1082.78 linux-image-bluefield - 5.4.0.1082.78 linux-headers-bluefield - 5.4.0.1082.78 linux-tools-bluefield - 5.4.0.1082.78 No subscription required linux-headers-gkeop - 5.4.0.1089.87 linux-cloud-tools-gkeop-5.4 - 5.4.0.1089.87 linux-image-gkeop - 5.4.0.1089.87 linux-gkeop-5.4 - 5.4.0.1089.87 linux-image-gkeop-5.4 - 5.4.0.1089.87 linux-gkeop - 5.4.0.1089.87 linux-cloud-tools-gkeop - 5.4.0.1089.87 linux-modules-extra-gkeop-5.4 - 5.4.0.1089.87 linux-headers-gkeop-5.4 - 5.4.0.1089.87 linux-modules-extra-gkeop - 5.4.0.1089.87 linux-tools-gkeop - 5.4.0.1089.87 linux-tools-gkeop-5.4 - 5.4.0.1089.87 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-image-raspi2 - 5.4.0.1106.136 linux-raspi2 - 5.4.0.1106.136 linux-headers-raspi2 - 5.4.0.1106.136 linux-image-raspi - 5.4.0.1106.136 linux-image-raspi-hwe-18.04 - 5.4.0.1106.136 linux-image-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-headers-raspi-hwe-18.04 - 5.4.0.1106.136 linux-headers-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-headers-raspi - 5.4.0.1106.136 linux-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-raspi-hwe-18.04 - 5.4.0.1106.136 linux-tools-raspi - 5.4.0.1106.136 linux-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-image-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-tools-raspi-hwe-18.04 - 5.4.0.1106.136 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-tools-raspi2-hwe-18.04 - 5.4.0.1106.136 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-raspi-hwe-18.04-edge - 5.4.0.1106.136 linux-raspi - 5.4.0.1106.136 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1106.136 linux-tools-raspi2 - 5.4.0.1106.136 No subscription required linux-kvm - 5.4.0.1110.106 linux-headers-kvm - 5.4.0.1110.106 linux-image-kvm - 5.4.0.1110.106 linux-tools-kvm - 5.4.0.1110.106 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1121.114 linux-oracle-lts-20.04 - 5.4.0.1121.114 linux-image-oracle-lts-20.04 - 5.4.0.1121.114 linux-headers-oracle-lts-20.04 - 5.4.0.1121.114 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1122.119 linux-image-aws-lts-20.04 - 5.4.0.1122.119 linux-headers-aws-lts-20.04 - 5.4.0.1122.119 linux-tools-aws-lts-20.04 - 5.4.0.1122.119 linux-aws-lts-20.04 - 5.4.0.1122.119 No subscription required linux-tools-gcp-lts-20.04 - 5.4.0.1126.128 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1126.128 linux-headers-gcp-lts-20.04 - 5.4.0.1126.128 linux-image-gcp-lts-20.04 - 5.4.0.1126.128 linux-gcp-lts-20.04 - 5.4.0.1126.128 No subscription required linux-image-azure-lts-20.04 - 5.4.0.1127.121 linux-modules-extra-azure-lts-20.04 - 5.4.0.1127.121 linux-tools-azure-lts-20.04 - 5.4.0.1127.121 linux-azure-lts-20.04 - 5.4.0.1127.121 linux-headers-azure-lts-20.04 - 5.4.0.1127.121 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1127.121 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-cloud-tools-virtual - 5.4.0.176.174 linux-image-generic-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-headers-generic-lpae - 5.4.0.176.174 linux-headers-generic - 5.4.0.176.174 linux-generic-hwe-18.04-edge - 5.4.0.176.174 linux-cloud-tools-lowlatency - 5.4.0.176.174 linux-image-generic - 5.4.0.176.174 linux-tools-lowlatency - 5.4.0.176.174 linux-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-image-oem - 5.4.0.176.174 linux-headers-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-image-extra-virtual-hwe-18.04 - 5.4.0.176.174 linux-image-oem-osp1 - 5.4.0.176.174 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-image-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-crashdump - 5.4.0.176.174 linux-tools-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-headers-generic-hwe-18.04 - 5.4.0.176.174 linux-headers-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-source - 5.4.0.176.174 linux-lowlatency - 5.4.0.176.174 linux-tools-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-tools-generic-lpae - 5.4.0.176.174 linux-cloud-tools-generic - 5.4.0.176.174 linux-virtual - 5.4.0.176.174 linux-headers-virtual-hwe-18.04 - 5.4.0.176.174 linux-virtual-hwe-18.04 - 5.4.0.176.174 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-tools-virtual - 5.4.0.176.174 linux-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-generic-lpae - 5.4.0.176.174 linux-headers-oem - 5.4.0.176.174 linux-generic - 5.4.0.176.174 linux-tools-oem-osp1 - 5.4.0.176.174 linux-image-virtual - 5.4.0.176.174 linux-tools-generic-hwe-18.04-edge - 5.4.0.176.174 linux-image-virtual-hwe-18.04 - 5.4.0.176.174 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-oem-tools-host - 5.4.0.176.174 linux-headers-lowlatency - 5.4.0.176.174 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-oem - 5.4.0.176.174 linux-tools-generic - 5.4.0.176.174 linux-image-extra-virtual - 5.4.0.176.174 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.176.174 linux-oem-osp1-tools-host - 5.4.0.176.174 linux-headers-oem-osp1 - 5.4.0.176.174 linux-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.176.174 linux-headers-generic-hwe-18.04-edge - 5.4.0.176.174 linux-tools-oem - 5.4.0.176.174 linux-oem-osp1 - 5.4.0.176.174 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.176.174 linux-image-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.176.174 linux-headers-virtual - 5.4.0.176.174 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.176.174 linux-tools-virtual-hwe-18.04 - 5.4.0.176.174 linux-lowlatency-hwe-18.04 - 5.4.0.176.174 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.176.174 linux-generic-hwe-18.04 - 5.4.0.176.174 linux-image-generic-lpae - 5.4.0.176.174 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.176.174 linux-image-lowlatency - 5.4.0.176.174 linux-tools-generic-hwe-18.04 - 5.4.0.176.174 linux-image-generic-hwe-18.04-edge - 5.4.0.176.174 linux-image-virtual-hwe-18.04-edge - 5.4.0.176.174 No subscription required High CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52457 CVE-2023-52464 CVE-2023-52469 CVE-2023-52470 CVE-2023-52609 CVE-2023-52612 CVE-2024-0607 CVE-2024-23851 CVE-2024-26597 CVE-2024-26633 Ubuntu 20.04 LTS Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - F2FS file system; - GFS2 file system; - IPv6 Networking; - AppArmor security module; (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443, CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597, CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469, CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454, CVE-2023-52436, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6726-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1034-iot - 5.4.0-1034.35 linux-buildinfo-5.4.0-1034-iot - 5.4.0-1034.35 linux-iot-tools-common - 5.4.0-1034.35 linux-image-5.4.0-1034-iot - 5.4.0-1034.35 linux-headers-5.4.0-1034-iot - 5.4.0-1034.35 linux-image-unsigned-5.4.0-1034-iot - 5.4.0-1034.35 linux-iot-tools-5.4.0-1034 - 5.4.0-1034.35 linux-tools-5.4.0-1034-iot - 5.4.0-1034.35 linux-iot-headers-5.4.0-1034 - 5.4.0-1034.35 No subscription required linux-tools-iot - 5.4.0.1034.32 linux-iot - 5.4.0.1034.32 linux-headers-iot - 5.4.0.1034.32 linux-image-iot - 5.4.0.1034.32 No subscription required High CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52457 CVE-2023-52464 CVE-2023-52469 CVE-2023-52470 CVE-2023-52609 CVE-2023-52612 CVE-2024-0607 CVE-2024-23851 CVE-2024-26597 CVE-2024-26633 Ubuntu 20.04 LTS Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-52340) It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Cryptographic API; - Android drivers; - EDAC drivers; - GPU drivers; - Media drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - TTY drivers; - Userspace I/O drivers; - F2FS file system; - GFS2 file system; - IPv6 Networking; - AppArmor security module; (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443, CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597, CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469, CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454, CVE-2023-52436, CVE-2023-52438) Update Instructions: Run `sudo pro fix USN-6726-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-xilinx-zynqmp-headers-5.4.0-1041 - 5.4.0-1041.45 linux-headers-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-buildinfo-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-modules-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 linux-xilinx-zynqmp-tools-5.4.0-1041 - 5.4.0-1041.45 linux-image-5.4.0-1041-xilinx-zynqmp - 5.4.0-1041.45 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1041.41 linux-image-xilinx-zynqmp - 5.4.0.1041.41 linux-tools-xilinx-zynqmp - 5.4.0.1041.41 linux-xilinx-zynqmp - 5.4.0.1041.41 No subscription required High CVE-2023-46838 CVE-2023-52340 CVE-2023-52429 CVE-2023-52436 CVE-2023-52438 CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445 CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454 CVE-2023-52457 CVE-2023-52464 CVE-2023-52469 CVE-2023-52470 CVE-2023-52609 CVE-2023-52612 CVE-2024-0607 CVE-2024-23851 CVE-2024-26597 CVE-2024-26633 Ubuntu 20.04 LTS It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-4421) It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. (CVE-2023-5388) It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. (CVE-2023-6135) The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements. Update Instructions: Run `sudo pro fix USN-6727-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.98-0ubuntu0.20.04.1 libnss3 - 2:3.98-0ubuntu0.20.04.1 libnss3-tools - 2:3.98-0ubuntu0.20.04.1 No subscription required Medium CVE-2023-4421 CVE-2023-5388 CVE-2023-6135 Ubuntu 20.04 LTS USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-4421) It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. (CVE-2023-5388) It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. (CVE-2023-6135) The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements. Update Instructions: Run `sudo pro fix USN-6727-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnss3-dev - 2:3.98-0ubuntu0.20.04.2 libnss3 - 2:3.98-0ubuntu0.20.04.2 libnss3-tools - 2:3.98-0ubuntu0.20.04.2 No subscription required None https://launchpad.net/bugs/2060906 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.10 squidclient - 4.10-1ubuntu1.10 squid - 4.10-1ubuntu1.10 squid-cgi - 4.10-1ubuntu1.10 squid-purge - 4.10-1ubuntu1.10 No subscription required Medium CVE-2023-49288 CVE-2023-5824 CVE-2024-23638 CVE-2024-25111 CVE-2024-25617 Ubuntu 20.04 LTS USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS. The problematic fix has been reverted pending further investigation. We apologize for the inconvenience. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.11 squidclient - 4.10-1ubuntu1.11 squid - 4.10-1ubuntu1.11 squid-cgi - 4.10-1ubuntu1.11 squid-purge - 4.10-1ubuntu1.11 No subscription required None https://launchpad.net/bugs/2060880 Ubuntu 20.04 LTS USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288) Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-5824) Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-23638) Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. (CVE-2024-25111) Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2024-25617) Update Instructions: Run `sudo pro fix USN-6728-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid-common - 4.10-1ubuntu1.12 squidclient - 4.10-1ubuntu1.12 squid - 4.10-1ubuntu1.12 squid-cgi - 4.10-1ubuntu1.12 squid-purge - 4.10-1ubuntu1.12 No subscription required Medium CVE-2023-5824 CVE-2023-49288 https://launchpad.net/bugs/2060880 Ubuntu 20.04 LTS Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709) Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795) Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2024-27316) Update Instructions: Run `sudo pro fix USN-6729-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2-data - 2.4.41-4ubuntu3.17 libapache2-mod-md - 2.4.41-4ubuntu3.17 apache2-utils - 2.4.41-4ubuntu3.17 apache2-dev - 2.4.41-4ubuntu3.17 apache2-suexec-pristine - 2.4.41-4ubuntu3.17 apache2-suexec-custom - 2.4.41-4ubuntu3.17 apache2 - 2.4.41-4ubuntu3.17 apache2-doc - 2.4.41-4ubuntu3.17 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.17 apache2-ssl-dev - 2.4.41-4ubuntu3.17 apache2-bin - 2.4.41-4ubuntu3.17 No subscription required Medium CVE-2023-38709 CVE-2024-24795 CVE-2024-27316 Ubuntu 20.04 LTS It was discovered that Apache Maven Shared Utils did not handle double-quoted strings properly, allowing shell injection attacks. This could allow an attacker to run arbitrary code. Update Instructions: Run `sudo pro fix USN-6730-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmaven-shared-utils-java-doc - 3.3.0-1ubuntu0.20.04.1 libmaven-shared-utils-java - 3.3.0-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-29599 Ubuntu 20.04 LTS It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17042) It was discovered that yard before 0.9.20 is affected by a path traversal vulnerability, allowing HTTP requests to access arbitrary files under certain conditions. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1020001) Aviv Keller discovered that the "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. (CVE-2024-27285) Update Instructions: Run `sudo pro fix USN-6731-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: yard-doc - 0.9.24-1+deb11u1build0.20.04.1 yard - 0.9.24-1+deb11u1build0.20.04.1 No subscription required Medium CVE-2017-17042 CVE-2019-1020001 CVE-2024-27285 Ubuntu 20.04 LTS It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-28834) It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2024-28835) Update Instructions: Run `sudo pro fix USN-6733-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-doc - 3.6.13-2ubuntu1.11 libgnutls28-dev - 3.6.13-2ubuntu1.11 libgnutls-openssl27 - 3.6.13-2ubuntu1.11 libgnutls30 - 3.6.13-2ubuntu1.11 libgnutls-dane0 - 3.6.13-2ubuntu1.11 gnutls-bin - 3.6.13-2ubuntu1.11 guile-gnutls - 3.6.13-2ubuntu1.11 libgnutlsxx28 - 3.6.13-2ubuntu1.11 No subscription required Medium CVE-2024-28834 CVE-2024-28835 Ubuntu 20.04 LTS Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-1441) It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-2494) It was discovered that libvirt incorrectly handled detaching certain host interfaces. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2024-2496) Update Instructions: Run `sudo pro fix USN-6734-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirt0 - 6.0.0-0ubuntu8.19 libvirt-dev - 6.0.0-0ubuntu8.19 libnss-libvirt - 6.0.0-0ubuntu8.19 libvirt-daemon - 6.0.0-0ubuntu8.19 libvirt-daemon-system-systemd - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-xen - 6.0.0-0ubuntu8.19 libvirt-sanlock - 6.0.0-0ubuntu8.19 libvirt-wireshark - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-storage-rbd - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-qemu - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-storage-gluster - 6.0.0-0ubuntu8.19 libvirt-doc - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-vbox - 6.0.0-0ubuntu8.19 libvirt-daemon-system-sysv - 6.0.0-0ubuntu8.19 libvirt-daemon-system - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-lxc - 6.0.0-0ubuntu8.19 libvirt-clients - 6.0.0-0ubuntu8.19 libvirt-daemon-driver-storage-zfs - 6.0.0-0ubuntu8.19 No subscription required Medium CVE-2024-1441 CVE-2024-2494 CVE-2024-2496 Ubuntu 20.04 LTS It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-30588) It was discovered that Node.js incorrectly handled the use of CRLF sequences to delimit HTTP requests. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain unauthorised access. This issue only affected Ubuntu 23.10. (CVE-2023-30589) It was discovered that Node.js incorrectly described the generateKeys() function in the documentation. This inconsistency could possibly lead to security issues in applications that use these APIs. (CVE-2023-30590) Update Instructions: Run `sudo pro fix USN-6735-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.6 libnode64 - 10.19.0~dfsg-3ubuntu1.6 nodejs-doc - 10.19.0~dfsg-3ubuntu1.6 nodejs - 10.19.0~dfsg-3ubuntu1.6 No subscription required Medium CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 Ubuntu 20.04 LTS It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841) Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2018-25032) Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2022-37434) Update Instructions: Run `sudo pro fix USN-6736-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: klibc-utils - 2.0.7-1ubuntu5.2 libklibc - 2.0.7-1ubuntu5.2 libklibc-dev - 2.0.7-1ubuntu5.2 No subscription required Medium CVE-2016-9840 CVE-2016-9841 CVE-2018-25032 CVE-2022-37434 Ubuntu 20.04 LTS Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6737-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc6-i386 - 2.31-0ubuntu9.15 libc6-dev-s390 - 2.31-0ubuntu9.15 glibc-source - 2.31-0ubuntu9.15 libc-bin - 2.31-0ubuntu9.15 libc6-x32 - 2.31-0ubuntu9.15 libc6-prof - 2.31-0ubuntu9.15 libc6-s390 - 2.31-0ubuntu9.15 libc6-armel - 2.31-0ubuntu9.15 libc6-pic - 2.31-0ubuntu9.15 libc6-dev-armel - 2.31-0ubuntu9.15 glibc-doc - 2.31-0ubuntu9.15 libc6-dev - 2.31-0ubuntu9.15 libc6-amd64 - 2.31-0ubuntu9.15 libc6-dev-amd64 - 2.31-0ubuntu9.15 libc6 - 2.31-0ubuntu9.15 locales-all - 2.31-0ubuntu9.15 libc6-dev-x32 - 2.31-0ubuntu9.15 locales - 2.31-0ubuntu9.15 libc6-lse - 2.31-0ubuntu9.15 libc6-dev-i386 - 2.31-0ubuntu9.15 libc-dev-bin - 2.31-0ubuntu9.15 nscd - 2.31-0ubuntu9.15 No subscription required Medium CVE-2024-2961 Ubuntu 20.04 LTS Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. (CVE-2023-24023) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; (CVE-2023-52603, CVE-2023-52600, CVE-2024-26581, CVE-2024-26589) Update Instructions: Run `sudo pro fix USN-6741-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.4.0-1035-iot - 5.4.0-1035.36 linux-headers-5.4.0-1035-iot - 5.4.0-1035.36 linux-iot-headers-5.4.0-1035 - 5.4.0-1035.36 linux-iot-tools-5.4.0-1035 - 5.4.0-1035.36 linux-modules-5.4.0-1035-iot - 5.4.0-1035.36 linux-buildinfo-5.4.0-1035-iot - 5.4.0-1035.36 linux-image-unsigned-5.4.0-1035-iot - 5.4.0-1035.36 linux-image-5.4.0-1035-iot - 5.4.0-1035.36 linux-iot-tools-common - 5.4.0-1035.36 No subscription required linux-tools-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-image-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-modules-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-headers-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-buildinfo-5.4.0-1042-xilinx-zynqmp - 5.4.0-1042.46 linux-xilinx-zynqmp-tools-5.4.0-1042 - 5.4.0-1042.46 linux-xilinx-zynqmp-headers-5.4.0-1042 - 5.4.0-1042.46 No subscription required linux-headers-5.4.0-1070-ibm - 5.4.0-1070.75 linux-modules-extra-5.4.0-1070-ibm - 5.4.0-1070.75 linux-image-5.4.0-1070-ibm - 5.4.0-1070.75 linux-ibm-source-5.4.0 - 5.4.0-1070.75 linux-ibm-tools-common - 5.4.0-1070.75 linux-buildinfo-5.4.0-1070-ibm - 5.4.0-1070.75 linux-tools-5.4.0-1070-ibm - 5.4.0-1070.75 linux-ibm-tools-5.4.0-1070 - 5.4.0-1070.75 linux-ibm-cloud-tools-common - 5.4.0-1070.75 linux-modules-5.4.0-1070-ibm - 5.4.0-1070.75 linux-image-unsigned-5.4.0-1070-ibm - 5.4.0-1070.75 linux-ibm-headers-5.4.0-1070 - 5.4.0-1070.75 No subscription required linux-image-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-modules-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-bluefield-tools-5.4.0-1083 - 5.4.0-1083.90 linux-headers-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-buildinfo-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-image-unsigned-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-tools-5.4.0-1083-bluefield - 5.4.0-1083.90 linux-bluefield-headers-5.4.0-1083 - 5.4.0-1083.90 No subscription required linux-image-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-modules-extra-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-headers-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-gkeop-source-5.4.0 - 5.4.0-1090.94 linux-tools-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-gkeop-headers-5.4.0-1090 - 5.4.0-1090.94 linux-cloud-tools-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-gkeop-tools-5.4.0-1090 - 5.4.0-1090.94 linux-image-unsigned-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-buildinfo-5.4.0-1090-gkeop - 5.4.0-1090.94 linux-gkeop-cloud-tools-5.4.0-1090 - 5.4.0-1090.94 linux-modules-5.4.0-1090-gkeop - 5.4.0-1090.94 No subscription required linux-image-5.4.0-1107-raspi - 5.4.0-1107.119 linux-raspi-headers-5.4.0-1107 - 5.4.0-1107.119 linux-headers-5.4.0-1107-raspi - 5.4.0-1107.119 linux-buildinfo-5.4.0-1107-raspi - 5.4.0-1107.119 linux-tools-5.4.0-1107-raspi - 5.4.0-1107.119 linux-modules-5.4.0-1107-raspi - 5.4.0-1107.119 linux-raspi-tools-5.4.0-1107 - 5.4.0-1107.119 No subscription required linux-headers-5.4.0-1111-kvm - 5.4.0-1111.118 linux-image-unsigned-5.4.0-1111-kvm - 5.4.0-1111.118 linux-kvm-tools-5.4.0-1111 - 5.4.0-1111.118 linux-tools-5.4.0-1111-kvm - 5.4.0-1111.118 linux-modules-5.4.0-1111-kvm - 5.4.0-1111.118 linux-buildinfo-5.4.0-1111-kvm - 5.4.0-1111.118 linux-kvm-headers-5.4.0-1111 - 5.4.0-1111.118 linux-image-5.4.0-1111-kvm - 5.4.0-1111.118 No subscription required linux-image-unsigned-5.4.0-1122-oracle - 5.4.0-1122.131 linux-oracle-headers-5.4.0-1122 - 5.4.0-1122.131 linux-buildinfo-5.4.0-1122-oracle - 5.4.0-1122.131 linux-image-5.4.0-1122-oracle - 5.4.0-1122.131 linux-modules-5.4.0-1122-oracle - 5.4.0-1122.131 linux-modules-extra-5.4.0-1122-oracle - 5.4.0-1122.131 linux-oracle-tools-5.4.0-1122 - 5.4.0-1122.131 linux-tools-5.4.0-1122-oracle - 5.4.0-1122.131 linux-headers-5.4.0-1122-oracle - 5.4.0-1122.131 No subscription required linux-cloud-tools-5.4.0-1123-aws - 5.4.0-1123.133 linux-aws-tools-5.4.0-1123 - 5.4.0-1123.133 linux-modules-extra-5.4.0-1123-aws - 5.4.0-1123.133 linux-image-5.4.0-1123-aws - 5.4.0-1123.133 linux-aws-cloud-tools-5.4.0-1123 - 5.4.0-1123.133 linux-buildinfo-5.4.0-1123-aws - 5.4.0-1123.133 linux-headers-5.4.0-1123-aws - 5.4.0-1123.133 linux-image-unsigned-5.4.0-1123-aws - 5.4.0-1123.133 linux-modules-5.4.0-1123-aws - 5.4.0-1123.133 linux-aws-headers-5.4.0-1123 - 5.4.0-1123.133 linux-tools-5.4.0-1123-aws - 5.4.0-1123.133 No subscription required linux-modules-5.4.0-1127-gcp - 5.4.0-1127.136 linux-headers-5.4.0-1127-gcp - 5.4.0-1127.136 linux-gcp-tools-5.4.0-1127 - 5.4.0-1127.136 linux-image-unsigned-5.4.0-1127-gcp - 5.4.0-1127.136 linux-modules-extra-5.4.0-1127-gcp - 5.4.0-1127.136 linux-buildinfo-5.4.0-1127-gcp - 5.4.0-1127.136 linux-image-5.4.0-1127-gcp - 5.4.0-1127.136 linux-gcp-headers-5.4.0-1127 - 5.4.0-1127.136 linux-tools-5.4.0-1127-gcp - 5.4.0-1127.136 No subscription required linux-buildinfo-5.4.0-1128-azure - 5.4.0-1128.135 linux-azure-cloud-tools-5.4.0-1128 - 5.4.0-1128.135 linux-cloud-tools-5.4.0-1128-azure - 5.4.0-1128.135 linux-modules-extra-5.4.0-1128-azure - 5.4.0-1128.135 linux-tools-5.4.0-1128-azure - 5.4.0-1128.135 linux-azure-headers-5.4.0-1128 - 5.4.0-1128.135 linux-image-unsigned-5.4.0-1128-azure - 5.4.0-1128.135 linux-azure-tools-5.4.0-1128 - 5.4.0-1128.135 linux-image-5.4.0-1128-azure - 5.4.0-1128.135 linux-modules-5.4.0-1128-azure - 5.4.0-1128.135 linux-headers-5.4.0-1128-azure - 5.4.0-1128.135 No subscription required linux-buildinfo-5.4.0-177-generic - 5.4.0-177.197 linux-tools-common - 5.4.0-177.197 linux-modules-5.4.0-177-generic - 5.4.0-177.197 linux-tools-host - 5.4.0-177.197 linux-headers-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-headers-5.4.0-177-lowlatency - 5.4.0-177.197 linux-image-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-tools-5.4.0-177-lowlatency - 5.4.0-177.197 linux-tools-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-image-unsigned-5.4.0-177-generic - 5.4.0-177.197 linux-libc-dev - 5.4.0-177.197 linux-source-5.4.0 - 5.4.0-177.197 linux-buildinfo-5.4.0-177-lowlatency - 5.4.0-177.197 linux-image-unsigned-5.4.0-177-lowlatency - 5.4.0-177.197 linux-cloud-tools-common - 5.4.0-177.197 linux-headers-5.4.0-177 - 5.4.0-177.197 linux-headers-5.4.0-177-generic - 5.4.0-177.197 linux-tools-5.4.0-177-generic - 5.4.0-177.197 linux-cloud-tools-5.4.0-177-generic - 5.4.0-177.197 linux-doc - 5.4.0-177.197 linux-modules-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-image-5.4.0-177-generic - 5.4.0-177.197 linux-buildinfo-5.4.0-177-generic-lpae - 5.4.0-177.197 linux-cloud-tools-5.4.0-177-lowlatency - 5.4.0-177.197 linux-image-5.4.0-177-lowlatency - 5.4.0-177.197 linux-tools-5.4.0-177 - 5.4.0-177.197 linux-cloud-tools-5.4.0-177 - 5.4.0-177.197 linux-modules-5.4.0-177-lowlatency - 5.4.0-177.197 linux-modules-extra-5.4.0-177-generic - 5.4.0-177.197 No subscription required linux-image-iot - 5.4.0.1035.33 linux-headers-iot - 5.4.0.1035.33 linux-iot - 5.4.0.1035.33 linux-tools-iot - 5.4.0.1035.33 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1042.42 linux-xilinx-zynqmp - 5.4.0.1042.42 linux-tools-xilinx-zynqmp - 5.4.0.1042.42 linux-headers-xilinx-zynqmp - 5.4.0.1042.42 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1070.99 linux-headers-ibm-lts-20.04 - 5.4.0.1070.99 linux-image-ibm-lts-20.04 - 5.4.0.1070.99 linux-ibm-lts-20.04 - 5.4.0.1070.99 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1070.99 No subscription required linux-image-bluefield - 5.4.0.1083.79 linux-headers-bluefield - 5.4.0.1083.79 linux-tools-bluefield - 5.4.0.1083.79 linux-bluefield - 5.4.0.1083.79 No subscription required linux-headers-gkeop - 5.4.0.1090.88 linux-cloud-tools-gkeop-5.4 - 5.4.0.1090.88 linux-image-gkeop - 5.4.0.1090.88 linux-modules-extra-gkeop-5.4 - 5.4.0.1090.88 linux-gkeop-5.4 - 5.4.0.1090.88 linux-image-gkeop-5.4 - 5.4.0.1090.88 linux-gkeop - 5.4.0.1090.88 linux-cloud-tools-gkeop - 5.4.0.1090.88 linux-headers-gkeop-5.4 - 5.4.0.1090.88 linux-modules-extra-gkeop - 5.4.0.1090.88 linux-tools-gkeop - 5.4.0.1090.88 linux-tools-gkeop-5.4 - 5.4.0.1090.88 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-raspi2 - 5.4.0.1107.137 linux-headers-raspi2 - 5.4.0.1107.137 linux-image-raspi-hwe-18.04 - 5.4.0.1107.137 linux-image-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-image-raspi - 5.4.0.1107.137 linux-headers-raspi-hwe-18.04 - 5.4.0.1107.137 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-headers-raspi - 5.4.0.1107.137 linux-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-headers-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-raspi-hwe-18.04 - 5.4.0.1107.137 linux-tools-raspi - 5.4.0.1107.137 linux-tools-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-raspi2-hwe-18.04 - 5.4.0.1107.137 linux-image-raspi2 - 5.4.0.1107.137 linux-tools-raspi-hwe-18.04 - 5.4.0.1107.137 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-image-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-raspi-hwe-18.04-edge - 5.4.0.1107.137 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1107.137 linux-tools-raspi2 - 5.4.0.1107.137 linux-raspi - 5.4.0.1107.137 No subscription required linux-kvm - 5.4.0.1111.107 linux-headers-kvm - 5.4.0.1111.107 linux-image-kvm - 5.4.0.1111.107 linux-tools-kvm - 5.4.0.1111.107 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1122.115 linux-headers-oracle-lts-20.04 - 5.4.0.1122.115 linux-oracle-lts-20.04 - 5.4.0.1122.115 linux-image-oracle-lts-20.04 - 5.4.0.1122.115 No subscription required linux-tools-aws-lts-20.04 - 5.4.0.1123.120 linux-image-aws-lts-20.04 - 5.4.0.1123.120 linux-headers-aws-lts-20.04 - 5.4.0.1123.120 linux-modules-extra-aws-lts-20.04 - 5.4.0.1123.120 linux-aws-lts-20.04 - 5.4.0.1123.120 No subscription required linux-gcp-lts-20.04 - 5.4.0.1127.129 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1127.129 linux-headers-gcp-lts-20.04 - 5.4.0.1127.129 linux-image-gcp-lts-20.04 - 5.4.0.1127.129 linux-tools-gcp-lts-20.04 - 5.4.0.1127.129 No subscription required linux-azure-lts-20.04 - 5.4.0.1128.122 linux-image-azure-lts-20.04 - 5.4.0.1128.122 linux-modules-extra-azure-lts-20.04 - 5.4.0.1128.122 linux-tools-azure-lts-20.04 - 5.4.0.1128.122 linux-headers-azure-lts-20.04 - 5.4.0.1128.122 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1128.122 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-cloud-tools-virtual - 5.4.0.177.175 linux-headers-generic-hwe-18.04-edge - 5.4.0.177.175 linux-image-generic-hwe-18.04 - 5.4.0.177.175 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-headers-generic-lpae - 5.4.0.177.175 linux-generic-hwe-18.04-edge - 5.4.0.177.175 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-image-virtual - 5.4.0.177.175 linux-oem-osp1-tools-host - 5.4.0.177.175 linux-image-generic - 5.4.0.177.175 linux-tools-lowlatency - 5.4.0.177.175 linux-image-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-headers-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-image-extra-virtual-hwe-18.04 - 5.4.0.177.175 linux-image-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-image-oem-osp1 - 5.4.0.177.175 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-crashdump - 5.4.0.177.175 linux-tools-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-headers-generic-hwe-18.04 - 5.4.0.177.175 linux-headers-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.177.175 linux-source - 5.4.0.177.175 linux-lowlatency - 5.4.0.177.175 linux-tools-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-tools-generic-lpae - 5.4.0.177.175 linux-cloud-tools-generic - 5.4.0.177.175 linux-virtual - 5.4.0.177.175 linux-headers-virtual-hwe-18.04 - 5.4.0.177.175 linux-virtual-hwe-18.04 - 5.4.0.177.175 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-tools-virtual - 5.4.0.177.175 linux-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.177.175 linux-generic-lpae - 5.4.0.177.175 linux-headers-oem - 5.4.0.177.175 linux-generic - 5.4.0.177.175 linux-tools-oem-osp1 - 5.4.0.177.175 linux-image-virtual-hwe-18.04 - 5.4.0.177.175 linux-headers-lowlatency - 5.4.0.177.175 linux-image-generic-hwe-18.04-edge - 5.4.0.177.175 linux-tools-generic-hwe-18.04-edge - 5.4.0.177.175 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-generic-hwe-18.04 - 5.4.0.177.175 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-oem - 5.4.0.177.175 linux-tools-generic - 5.4.0.177.175 linux-image-extra-virtual - 5.4.0.177.175 linux-oem-tools-host - 5.4.0.177.175 linux-cloud-tools-lowlatency - 5.4.0.177.175 linux-tools-oem - 5.4.0.177.175 linux-headers-oem-osp1 - 5.4.0.177.175 linux-generic-lpae-hwe-18.04 - 5.4.0.177.175 linux-headers-generic - 5.4.0.177.175 linux-image-oem - 5.4.0.177.175 linux-oem-osp1 - 5.4.0.177.175 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.177.175 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-virtual-hwe-18.04-edge - 5.4.0.177.175 linux-headers-virtual - 5.4.0.177.175 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.177.175 linux-tools-virtual-hwe-18.04 - 5.4.0.177.175 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.177.175 linux-image-generic-lpae - 5.4.0.177.175 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.177.175 linux-image-lowlatency - 5.4.0.177.175 linux-tools-generic-hwe-18.04 - 5.4.0.177.175 linux-image-virtual-hwe-18.04-edge - 5.4.0.177.175 No subscription required High CVE-2023-24023 CVE-2023-52600 CVE-2023-52603 CVE-2024-26581 CVE-2024-26589 Ubuntu 20.04 LTS Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. (CVE-2023-24023) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - Netfilter; (CVE-2024-26581, CVE-2023-52600, CVE-2023-52603) Update Instructions: Run `sudo pro fix USN-6742-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-buildinfo-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-cloud-tools-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1043 - 5.15.0-1043.50~20.04.1 linux-image-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-gkeop-5.15-tools-5.15.0-1043 - 5.15.0-1043.50~20.04.1 linux-gkeop-5.15-headers-5.15.0-1043 - 5.15.0-1043.50~20.04.1 linux-modules-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-modules-extra-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-headers-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 linux-image-unsigned-5.15.0-1043-gkeop - 5.15.0-1043.50~20.04.1 No subscription required linux-buildinfo-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-modules-iwlwifi-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-cloud-tools-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-hwe-5.15-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-105.115~20.04.1 linux-modules-iwlwifi-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-hwe-5.15-headers-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-105 - 5.15.0-105.115~20.04.1 linux-modules-extra-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-lowlatency - 5.15.0-105.115~20.04.1 linux-cloud-tools-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-105.115~20.04.1 linux-image-unsigned-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-105.115~20.04.1 linux-tools-5.15.0-105-lowlatency-64k - 5.15.0-105.115~20.04.1 linux-modules-5.15.0-105-generic - 5.15.0-105.115~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-105.115~20.04.1 linux-image-5.15.0-105-generic-lpae - 5.15.0-105.115~20.04.1 linux-buildinfo-5.15.0-105-generic-64k - 5.15.0-105.115~20.04.1 linux-headers-5.15.0-105-generic - 5.15.0-105.115~20.04.1 No subscription required linux-modules-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-ibm-5.15-tools-5.15.0-1053 - 5.15.0-1053.56~20.04.1 linux-image-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-ibm-5.15-headers-5.15.0-1053 - 5.15.0-1053.56~20.04.1 linux-modules-extra-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-image-unsigned-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1053.56~20.04.1 linux-tools-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-buildinfo-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 linux-headers-5.15.0-1053-ibm - 5.15.0-1053.56~20.04.1 No subscription required linux-headers-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-image-unsigned-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-modules-extra-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1055.61~20.04.1 linux-cloud-tools-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-image-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-tools-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-buildinfo-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1055.61~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1055 - 5.15.0-1055.61~20.04.1 linux-modules-iwlwifi-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 linux-modules-5.15.0-1055-intel-iotg - 5.15.0-1055.61~20.04.1 No subscription required linux-image-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-cloud-tools-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-aws-5.15-headers-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-image-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-oracle-5.15-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-tools-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-image-unsigned-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-modules-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-modules-extra-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-buildinfo-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-tools-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-headers-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-modules-extra-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-aws-5.15-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-image-unsigned-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-oracle-5.15-headers-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-buildinfo-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 linux-modules-5.15.0-1058-aws - 5.15.0-1058.64~20.04.1 linux-headers-5.15.0-1058-oracle - 5.15.0-1058.64~20.04.1 No subscription required linux-modules-iwlwifi-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-gcp-5.15-headers-5.15.0-1058 - 5.15.0-1058.66~20.04.1 linux-modules-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-tools-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-buildinfo-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-headers-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-modules-extra-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-image-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-image-unsigned-5.15.0-1058-gcp - 5.15.0-1058.66~20.04.1 linux-gcp-5.15-tools-5.15.0-1058 - 5.15.0-1058.66~20.04.1 No subscription required linux-azure-5.15-headers-5.15.0-1061 - 5.15.0-1061.70~20.04.1 linux-image-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-cloud-tools-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-modules-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1061 - 5.15.0-1061.70~20.04.1 linux-azure-5.15-tools-5.15.0-1061 - 5.15.0-1061.70~20.04.1 linux-headers-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-modules-extra-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-image-unsigned-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-tools-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 linux-buildinfo-5.15.0-1061-azure - 5.15.0-1061.70~20.04.1 No subscription required linux-image-5.15.0-1061-azure-fde - 5.15.0-1061.70~20.04.1.1 linux-image-unsigned-5.15.0-1061-azure-fde - 5.15.0-1061.70~20.04.1.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-headers-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-image-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-tools-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1043.50~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1043.50~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1043.50~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04d - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04c - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04b - 5.15.0.105.115~20.04.1 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.105.115~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-oem-20.04b - 5.15.0.105.115~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04 - 5.15.0.105.115~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-oem-20.04c - 5.15.0.105.115~20.04.1 linux-image-oem-20.04d - 5.15.0.105.115~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-oem-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-oem-20.04 - 5.15.0.105.115~20.04.1 linux-oem-20.04c - 5.15.0.105.115~20.04.1 linux-oem-20.04b - 5.15.0.105.115~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-oem-20.04d - 5.15.0.105.115~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-oem-20.04 - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04c - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04d - 5.15.0.105.115~20.04.1 linux-headers-oem-20.04b - 5.15.0.105.115~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.105.115~20.04.1 No subscription required linux-image-ibm - 5.15.0.1053.56~20.04.1 linux-tools-ibm - 5.15.0.1053.56~20.04.1 linux-headers-ibm-edge - 5.15.0.1053.56~20.04.1 linux-tools-ibm-edge - 5.15.0.1053.56~20.04.1 linux-ibm - 5.15.0.1053.56~20.04.1 linux-ibm-edge - 5.15.0.1053.56~20.04.1 linux-headers-ibm - 5.15.0.1053.56~20.04.1 linux-image-ibm-edge - 5.15.0.1053.56~20.04.1 No subscription required linux-image-intel-iotg-edge - 5.15.0.1055.61~20.04.1 linux-cloud-tools-intel - 5.15.0.1055.61~20.04.1 linux-tools-intel - 5.15.0.1055.61~20.04.1 linux-image-intel-iotg - 5.15.0.1055.61~20.04.1 linux-intel-iotg-edge - 5.15.0.1055.61~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1055.61~20.04.1 linux-intel - 5.15.0.1055.61~20.04.1 linux-tools-intel-iotg - 5.15.0.1055.61~20.04.1 linux-image-intel - 5.15.0.1055.61~20.04.1 linux-headers-intel - 5.15.0.1055.61~20.04.1 linux-headers-intel-iotg - 5.15.0.1055.61~20.04.1 linux-intel-iotg - 5.15.0.1055.61~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1055.61~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1058.64~20.04.1 linux-headers-aws - 5.15.0.1058.64~20.04.1 linux-image-aws - 5.15.0.1058.64~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1058.64~20.04.1 linux-image-aws-edge - 5.15.0.1058.64~20.04.1 linux-aws-edge - 5.15.0.1058.64~20.04.1 linux-tools-oracle-edge - 5.15.0.1058.64~20.04.1 linux-aws - 5.15.0.1058.64~20.04.1 linux-image-oracle-edge - 5.15.0.1058.64~20.04.1 linux-oracle-edge - 5.15.0.1058.64~20.04.1 linux-headers-aws-edge - 5.15.0.1058.64~20.04.1 linux-headers-oracle-edge - 5.15.0.1058.64~20.04.1 linux-modules-extra-aws - 5.15.0.1058.64~20.04.1 linux-tools-aws - 5.15.0.1058.64~20.04.1 linux-image-oracle - 5.15.0.1058.64~20.04.1 linux-tools-oracle - 5.15.0.1058.64~20.04.1 linux-tools-aws-edge - 5.15.0.1058.64~20.04.1 linux-oracle - 5.15.0.1058.64~20.04.1 No subscription required linux-headers-gcp-edge - 5.15.0.1058.66~20.04.1 linux-image-gcp-edge - 5.15.0.1058.66~20.04.1 linux-gcp-edge - 5.15.0.1058.66~20.04.1 linux-modules-extra-gcp - 5.15.0.1058.66~20.04.1 linux-tools-gcp - 5.15.0.1058.66~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1058.66~20.04.1 linux-gcp - 5.15.0.1058.66~20.04.1 linux-headers-gcp - 5.15.0.1058.66~20.04.1 linux-image-gcp - 5.15.0.1058.66~20.04.1 linux-tools-gcp-edge - 5.15.0.1058.66~20.04.1 No subscription required linux-cloud-tools-azure - 5.15.0.1061.70~20.04.1 linux-headers-azure-cvm - 5.15.0.1061.70~20.04.1 linux-tools-azure - 5.15.0.1061.70~20.04.1 linux-image-azure-edge - 5.15.0.1061.70~20.04.1 linux-image-azure-cvm - 5.15.0.1061.70~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1061.70~20.04.1 linux-tools-azure-edge - 5.15.0.1061.70~20.04.1 linux-tools-azure-cvm - 5.15.0.1061.70~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1061.70~20.04.1 linux-modules-extra-azure - 5.15.0.1061.70~20.04.1 linux-image-azure - 5.15.0.1061.70~20.04.1 linux-azure-edge - 5.15.0.1061.70~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1061.70~20.04.1 linux-azure-cvm - 5.15.0.1061.70~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1061.70~20.04.1 linux-headers-azure-edge - 5.15.0.1061.70~20.04.1 linux-azure - 5.15.0.1061.70~20.04.1 linux-headers-azure - 5.15.0.1061.70~20.04.1 No subscription required linux-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-cloud-tools-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-modules-extra-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-tools-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-modules-extra-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-image-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-headers-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-image-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-azure-fde-edge - 5.15.0.1061.70~20.04.1.40 linux-cloud-tools-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-tools-azure-fde - 5.15.0.1061.70~20.04.1.40 linux-headers-azure-fde - 5.15.0.1061.70~20.04.1.40 No subscription required High CVE-2023-24023 CVE-2023-52600 CVE-2023-52603 CVE-2024-26581 Ubuntu 20.04 LTS Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6744-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pil.imagetk - 7.0.0-4ubuntu0.9 python-pil-doc - 7.0.0-4ubuntu0.9 python3-pil - 7.0.0-4ubuntu0.9 No subscription required Medium CVE-2024-28219 Ubuntu 20.04 LTS USN-6744-1 fixed a vulnerability in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details: Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6744-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pil - 6.2.1-3ubuntu0.1~esm2 python-pil.imagetk - 6.2.1-3ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-28219 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-3852, CVE-2024-3864, CVE-2024-3865) Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3853) Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854, CVE-2024-3855) Nan Wang discovered that Firefox did not properly manage memory during WASM garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3856) Lukas Bernhard discovered that Firefox did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Lukas Bernhard discovered that Firefox did not properly manage memory when tracing in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3858) Ronald Crane discovered that Firefox did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Garry Kwong discovered that Firefox did not properly manage memory when tracing empty shape lists in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3860) Ronald Crane discovered that Firefox did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Ronald Crane discovered that Firefox did not properly manage memory when handling code in MarkStack. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-3862) Update Instructions: Run `sudo pro fix USN-6747-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ne - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nb - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fa - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fi - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-fy - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-or - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-kab - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-oc - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-cs - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ga - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gd - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-gu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-pa - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-pl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-cy - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-pt - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-szl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hi - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-uk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-he - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hy - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-as - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ar - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ia - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-az - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-id - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mai - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-af - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-is - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-it - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-an - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-bs - 125.0.2+build1-0ubuntu0.20.04.2 firefox - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ro - 125.0.2+build1-0ubuntu0.20.04.2 firefox-geckodriver - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ja - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ru - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-br - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-zh-hant - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-zh-hans - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-bn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-be - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-bg - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sl - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-si - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sw - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sv - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-sq - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ko - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-kn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-km - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-kk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ka - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-xh - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ca - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ku - 125.0.2+build1-0ubuntu0.20.04.2 firefox-mozsymbols - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-lv - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-lt - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-th - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-hsb - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-tg - 125.0.2+build1-0ubuntu0.20.04.2 firefox-dev - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-te - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-cak - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ta - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-lg - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-csb - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-tr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-nso - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-de - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-da - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ms - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mr - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-my - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-uz - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ml - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mn - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-mk - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ur - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-eu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-et - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-es - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-vi - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-el - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-eo - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-en - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-zu - 125.0.2+build1-0ubuntu0.20.04.2 firefox-locale-ast - 125.0.2+build1-0ubuntu0.20.04.2 No subscription required Medium CVE-2024-3302 CVE-2024-3852 CVE-2024-3853 CVE-2024-3854 CVE-2024-3855 CVE-2024-3856 CVE-2024-3857 CVE-2024-3858 CVE-2024-3859 CVE-2024-3860 CVE-2024-3861 CVE-2024-3862 CVE-2024-3864 CVE-2024-3865 Ubuntu 20.04 LTS USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-3852, CVE-2024-3864, CVE-2024-3865) Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3853) Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854, CVE-2024-3855) Nan Wang discovered that Firefox did not properly manage memory during WASM garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3856) Lukas Bernhard discovered that Firefox did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Lukas Bernhard discovered that Firefox did not properly manage memory when tracing in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3858) Ronald Crane discovered that Firefox did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Garry Kwong discovered that Firefox did not properly manage memory when tracing empty shape lists in JIT. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3860) Ronald Crane discovered that Firefox did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Ronald Crane discovered that Firefox did not properly manage memory when handling code in MarkStack. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-3862) Update Instructions: Run `sudo pro fix USN-6747-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ne - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nb - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fa - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fi - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fy - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-or - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kab - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-oc - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cs - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ga - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gd - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pa - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cy - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pt - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-szl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hi - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-he - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hy - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-as - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ar - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ia - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-az - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-id - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mai - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-af - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-is - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-it - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-an - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bs - 125.0.3+build1-0ubuntu0.20.04.1 firefox - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ro - 125.0.3+build1-0ubuntu0.20.04.1 firefox-geckodriver - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ja - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ru - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-br - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-be - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bg - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sl - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-si - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sw - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sv - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sq - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ko - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-km - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ka - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-xh - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ca - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ku - 125.0.3+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lv - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lt - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-th - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tg - 125.0.3+build1-0ubuntu0.20.04.1 firefox-dev - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-te - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cak - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ta - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lg - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-csb - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nso - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-de - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-da - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ms - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mr - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-my - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uz - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ml - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mn - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mk - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ur - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-et - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-es - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-vi - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-el - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eo - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-en - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zu - 125.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ast - 125.0.3+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2064553 Ubuntu 20.04 LTS It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-23627) It was discovered that Sanitize incorrectly handled style elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-36823) Update Instructions: Run `sudo pro fix USN-6748-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-sanitize - 4.6.6-2.1~0.20.04.2 No subscription required Medium CVE-2023-23627 CVE-2023-36823 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-22211) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-32039, CVE-2024-32040) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service. (CVE-2024-32041, CVE-2024-32458, CVE-2024-32460) Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause FreeRDP clients and servers to crash, resulting in a denial of service. (CVE-2024-32459) Update Instructions: Run `sudo pro fix USN-6749-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-shadow-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-wayland - 2.6.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libuwac0-0 - 2.6.1+dfsg1-0ubuntu0.20.04.1 freerdp2-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libwinpr2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libuwac0-dev - 2.6.1+dfsg1-0ubuntu0.20.04.1 libwinpr-tools2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-shadow-subsystem2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-client2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.1 winpr-utils - 2.6.1+dfsg1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-22211 CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-2609, CVE-2024-3852, CVE-2024-3864) Bartek Nowotarski discovered that Thunderbird did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-3302) Lukas Bernhard discovered that Thunderbird did not properly manage memory during JIT optimisations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3854) Lukas Bernhard discovered that Thunderbird did not properly manage memory when handling JIT created code during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-3857) Ronald Crane discovered that Thunderbird did not properly manage memory in the OpenType sanitizer on 32-bit devices, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-3859) Ronald Crane discovered that Thunderbird did not properly manage memory when handling an AlignedBuffer. An attacker could potentially exploit this issue to cause denial of service, or execute arbitrary code. (CVE-2024-3861) Update Instructions: Run `sudo pro fix USN-6750-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.10.1+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.10.1+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.10.1+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.10.1+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.10.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-3852 CVE-2024-3854 CVE-2024-3857 CVE-2024-2609 CVE-2024-3859 CVE-2024-3861 CVE-2024-3302 CVE-2024-3864 Ubuntu 20.04 LTS It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting (XSS) attacks. (CVE-2022-35229, CVE-2022-35230) Update Instructions: Run `sudo pro fix USN-6751-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: zabbix-java-gateway - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-frontend-php - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-proxy-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-server-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-server-mysql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-proxy-pgsql - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-proxy-sqlite3 - 1:4.0.17+dfsg-1ubuntu0.1~esm2 zabbix-agent - 1:4.0.17+dfsg-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-35229 CVE-2022-35230 Ubuntu 20.04 LTS It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6752-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfreerdp-server2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-shadow-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-wayland - 2.6.1+dfsg1-0ubuntu0.20.04.2 libwinpr2-dev - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libuwac0-0 - 2.6.1+dfsg1-0ubuntu0.20.04.2 freerdp2-x11 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libwinpr2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libuwac0-dev - 2.6.1+dfsg1-0ubuntu0.20.04.2 libwinpr-tools2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-shadow-subsystem2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 libfreerdp-client2-2 - 2.6.1+dfsg1-0ubuntu0.20.04.2 winpr-utils - 2.6.1+dfsg1-0ubuntu0.20.04.2 No subscription required Low CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661 Ubuntu 20.04 LTS Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information. Update Instructions: Run `sudo pro fix USN-6753-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjs-cryptojs - 3.1.2+dfsg-2ubuntu0.20.04.1 No subscription required Medium CVE-2023-46233 Ubuntu 20.04 LTS It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511, CVE-2019-9513) It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487) It was discovered that nghttp2 could be made to process an unlimited number of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. (CVE-2024-28182) Update Instructions: Run `sudo pro fix USN-6754-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnghttp2-14 - 1.40.0-1ubuntu0.3 libnghttp2-doc - 1.40.0-1ubuntu0.3 libnghttp2-dev - 1.40.0-1ubuntu0.3 nghttp2-proxy - 1.40.0-1ubuntu0.3 nghttp2 - 1.40.0-1ubuntu0.3 nghttp2-client - 1.40.0-1ubuntu0.3 nghttp2-server - 1.40.0-1ubuntu0.3 No subscription required High CVE-2019-9511 CVE-2019-9513 CVE-2023-44487 CVE-2024-28182 Ubuntu 20.04 LTS Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host, even if using the option --no-absolute-filenames. Update Instructions: Run `sudo pro fix USN-6755-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cpio - 2.13+dfsg-2ubuntu0.4 cpio-win32 - 2.13+dfsg-2ubuntu0.4 No subscription required Medium CVE-2023-7207 Ubuntu 20.04 LTS It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands on the host. Update Instructions: Run `sudo pro fix USN-6756-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less - 551-1ubuntu0.3 No subscription required Medium CVE-2024-32487 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-4900) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass. (CVE-2024-2756) It was discovered that PHP incorrectly handled some passwords. An attacker could possibly use this issue to cause an account takeover attack. (CVE-2024-3096) Update Instructions: Run `sudo pro fix USN-6757-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.21 php7.4-readline - 7.4.3-4ubuntu2.21 php7.4-dba - 7.4.3-4ubuntu2.21 php7.4-common - 7.4.3-4ubuntu2.21 php7.4-json - 7.4.3-4ubuntu2.21 php7.4-xmlrpc - 7.4.3-4ubuntu2.21 php7.4-intl - 7.4.3-4ubuntu2.21 php7.4-phpdbg - 7.4.3-4ubuntu2.21 php7.4-ldap - 7.4.3-4ubuntu2.21 php7.4-soap - 7.4.3-4ubuntu2.21 php7.4-xsl - 7.4.3-4ubuntu2.21 php7.4-pgsql - 7.4.3-4ubuntu2.21 php7.4-pspell - 7.4.3-4ubuntu2.21 php7.4-zip - 7.4.3-4ubuntu2.21 php7.4-interbase - 7.4.3-4ubuntu2.21 php7.4-enchant - 7.4.3-4ubuntu2.21 php7.4-odbc - 7.4.3-4ubuntu2.21 php7.4 - 7.4.3-4ubuntu2.21 php7.4-mbstring - 7.4.3-4ubuntu2.21 php7.4-imap - 7.4.3-4ubuntu2.21 php7.4-bz2 - 7.4.3-4ubuntu2.21 php7.4-cgi - 7.4.3-4ubuntu2.21 php7.4-bcmath - 7.4.3-4ubuntu2.21 php7.4-dev - 7.4.3-4ubuntu2.21 php7.4-curl - 7.4.3-4ubuntu2.21 php7.4-tidy - 7.4.3-4ubuntu2.21 php7.4-gmp - 7.4.3-4ubuntu2.21 php7.4-sqlite3 - 7.4.3-4ubuntu2.21 php7.4-fpm - 7.4.3-4ubuntu2.21 php7.4-sybase - 7.4.3-4ubuntu2.21 php7.4-cli - 7.4.3-4ubuntu2.21 libphp7.4-embed - 7.4.3-4ubuntu2.21 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.21 php7.4-mysql - 7.4.3-4ubuntu2.21 php7.4-snmp - 7.4.3-4ubuntu2.21 php7.4-xml - 7.4.3-4ubuntu2.21 php7.4-opcache - 7.4.3-4ubuntu2.21 No subscription required Medium CVE-2022-4900 CVE-2024-2756 CVE-2024-3096 Ubuntu 20.04 LTS USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-4900) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to cookie by pass. (CVE-2024-2756) It was discovered that PHP incorrectly handled some passwords. An attacker could possibly use this issue to cause an account takeover attack. (CVE-2024-3096) Update Instructions: Run `sudo pro fix USN-6757-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.22 php7.4-readline - 7.4.3-4ubuntu2.22 php7.4-dba - 7.4.3-4ubuntu2.22 php7.4-common - 7.4.3-4ubuntu2.22 php7.4-json - 7.4.3-4ubuntu2.22 php7.4-xmlrpc - 7.4.3-4ubuntu2.22 php7.4-intl - 7.4.3-4ubuntu2.22 php7.4-phpdbg - 7.4.3-4ubuntu2.22 php7.4-ldap - 7.4.3-4ubuntu2.22 php7.4-soap - 7.4.3-4ubuntu2.22 php7.4-xsl - 7.4.3-4ubuntu2.22 php7.4-pgsql - 7.4.3-4ubuntu2.22 php7.4-pspell - 7.4.3-4ubuntu2.22 php7.4-zip - 7.4.3-4ubuntu2.22 php7.4-interbase - 7.4.3-4ubuntu2.22 php7.4-enchant - 7.4.3-4ubuntu2.22 php7.4-odbc - 7.4.3-4ubuntu2.22 php7.4 - 7.4.3-4ubuntu2.22 php7.4-mbstring - 7.4.3-4ubuntu2.22 php7.4-imap - 7.4.3-4ubuntu2.22 php7.4-bz2 - 7.4.3-4ubuntu2.22 php7.4-cgi - 7.4.3-4ubuntu2.22 php7.4-bcmath - 7.4.3-4ubuntu2.22 php7.4-dev - 7.4.3-4ubuntu2.22 php7.4-curl - 7.4.3-4ubuntu2.22 php7.4-tidy - 7.4.3-4ubuntu2.22 php7.4-gmp - 7.4.3-4ubuntu2.22 php7.4-sqlite3 - 7.4.3-4ubuntu2.22 php7.4-fpm - 7.4.3-4ubuntu2.22 php7.4-sybase - 7.4.3-4ubuntu2.22 php7.4-cli - 7.4.3-4ubuntu2.22 libphp7.4-embed - 7.4.3-4ubuntu2.22 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.22 php7.4-mysql - 7.4.3-4ubuntu2.22 php7.4-snmp - 7.4.3-4ubuntu2.22 php7.4-xml - 7.4.3-4ubuntu2.22 php7.4-opcache - 7.4.3-4ubuntu2.22 No subscription required Medium CVE-2022-4900 CVE-2024-2756 CVE-2024-3096 Ubuntu 20.04 LTS It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named \_\_proto\_\_. An attacker could possibly use this issue to pollute the prototype of the returned object, setting arbitrary or unexpected keys, and cause a denial of service, allow unintended access to network services or have other unspecified impact, depending on the application's use of the module. Update Instructions: Run `sudo pro fix USN-6758-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-json5 - 0.5.1-3ubuntu0.1 No subscription required Medium CVE-2022-46175 Ubuntu 20.04 LTS George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service (application crash). Update Instructions: Run `sudo pro fix USN-6760-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gerbv - 2.7.0-1ubuntu0.2 No subscription required Low CVE-2023-4508 Ubuntu 20.04 LTS It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password. Update Instructions: Run `sudo pro fix USN-6761-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: anope - 2.0.6-1ubuntu0.1 No subscription required Medium CVE-2024-30187 Ubuntu 20.04 LTS It was discovered that libde265 could be made to allocate memory that exceeds the maximum supported size. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6764-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libde265-0 - 1.0.4-1ubuntu0.4+esm1 libde265-examples - 1.0.4-1ubuntu0.4+esm1 libde265-dev - 1.0.4-1ubuntu0.4+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-51792 Ubuntu 20.04 LTS It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Core kernel; - Block layer subsystem; - Android drivers; - Power management core; - Bus devices; - Hardware random number generator core; - Cryptographic API; - Device frequency; - DMA engine subsystem; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - PCI driver for MicroSemi Switchtec; - PHY drivers; - SCSI drivers; - DesignWare USB3 driver; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - Pstore file system; - SMB network file system; - Memory management; - CAN network layer; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - Unix domain sockets; - Realtek audio codecs; (CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622, CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684, CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637, CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625, CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602, CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498, CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583, CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608, CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595, CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486, CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722, CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642, CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614, CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679, CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627, CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491, CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717, CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668, CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707, CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494, CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492, CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697) Update Instructions: Run `sudo pro fix USN-6766-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-modules-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-cloud-tools-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1044 - 5.15.0-1044.51~20.04.1 linux-tools-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-gkeop-5.15-tools-5.15.0-1044 - 5.15.0-1044.51~20.04.1 linux-buildinfo-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-modules-extra-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-gkeop-5.15-headers-5.15.0-1044 - 5.15.0-1044.51~20.04.1 linux-image-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 linux-image-unsigned-5.15.0-1044-gkeop - 5.15.0-1044.51~20.04.1 No subscription required linux-ibm-5.15-tools-5.15.0-1054 - 5.15.0-1054.57~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1054.57~20.04.1 linux-image-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-headers-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-buildinfo-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-modules-extra-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-image-unsigned-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-modules-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-tools-5.15.0-1054-ibm - 5.15.0-1054.57~20.04.1 linux-ibm-5.15-headers-5.15.0-1054 - 5.15.0-1054.57~20.04.1 No subscription required linux-oracle-5.15-headers-5.15.0-1059 - 5.15.0-1059.65~20.04.1 linux-buildinfo-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 linux-headers-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 linux-image-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 linux-image-unsigned-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 linux-modules-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 linux-modules-extra-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 linux-oracle-5.15-tools-5.15.0-1059 - 5.15.0-1059.65~20.04.1 linux-tools-5.15.0-1059-oracle - 5.15.0-1059.65~20.04.1 No subscription required linux-gcp-5.15-headers-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-modules-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-tools-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-buildinfo-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-image-unsigned-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-image-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-modules-extra-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-headers-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 linux-gcp-5.15-tools-5.15.0-1059 - 5.15.0-1059.67~20.04.1 linux-modules-iwlwifi-5.15.0-1059-gcp - 5.15.0-1059.67~20.04.1 No subscription required linux-headers-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-image-unsigned-5.15.0-106-lowlatency-64k - 5.15.0-106.116~20.04.1 linux-image-5.15.0-106-lowlatency-64k - 5.15.0-106.116~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-106 - 5.15.0-106.116~20.04.1 linux-buildinfo-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-106.116~20.04.1 linux-tools-5.15.0-106-lowlatency-64k - 5.15.0-106.116~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-106.116~20.04.1 linux-buildinfo-5.15.0-106-lowlatency-64k - 5.15.0-106.116~20.04.1 linux-image-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-headers-5.15.0-106-lowlatency-64k - 5.15.0-106.116~20.04.1 linux-image-unsigned-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-modules-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-106 - 5.15.0-106.116~20.04.1 linux-modules-5.15.0-106-lowlatency-64k - 5.15.0-106.116~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-106 - 5.15.0-106.116~20.04.1 linux-tools-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-106.116~20.04.1 linux-modules-iwlwifi-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 linux-cloud-tools-5.15.0-106-lowlatency - 5.15.0-106.116~20.04.1 No subscription required linux-azure-5.15-headers-5.15.0-1063 - 5.15.0-1063.72~20.04.1 linux-buildinfo-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-modules-extra-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-cloud-tools-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-modules-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-image-unsigned-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1063 - 5.15.0-1063.72~20.04.1 linux-azure-5.15-tools-5.15.0-1063 - 5.15.0-1063.72~20.04.1 linux-image-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-headers-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 linux-tools-5.15.0-1063-azure - 5.15.0-1063.72~20.04.1 No subscription required linux-image-5.15.0-1063-azure-fde - 5.15.0-1063.72~20.04.1.1 linux-image-unsigned-5.15.0-1063-azure-fde - 5.15.0-1063.72~20.04.1.1 No subscription required linux-image-gkeop-edge - 5.15.0.1044.51~20.04.1 linux-gkeop-5.15 - 5.15.0.1044.51~20.04.1 linux-headers-gkeop-edge - 5.15.0.1044.51~20.04.1 linux-tools-gkeop-edge - 5.15.0.1044.51~20.04.1 linux-gkeop-edge - 5.15.0.1044.51~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1044.51~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1044.51~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1044.51~20.04.1 linux-cloud-tools-gkeop-5.15 - 5.15.0.1044.51~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1044.51~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1044.51~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1044.51~20.04.1 No subscription required linux-ibm-edge - 5.15.0.1054.57~20.04.1 linux-image-ibm-edge - 5.15.0.1054.57~20.04.1 linux-image-ibm - 5.15.0.1054.57~20.04.1 linux-tools-ibm - 5.15.0.1054.57~20.04.1 linux-headers-ibm-edge - 5.15.0.1054.57~20.04.1 linux-tools-ibm-edge - 5.15.0.1054.57~20.04.1 linux-ibm - 5.15.0.1054.57~20.04.1 linux-headers-ibm - 5.15.0.1054.57~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1059.65~20.04.1 linux-tools-oracle-edge - 5.15.0.1059.65~20.04.1 linux-oracle-edge - 5.15.0.1059.65~20.04.1 linux-image-oracle-edge - 5.15.0.1059.65~20.04.1 linux-headers-oracle-edge - 5.15.0.1059.65~20.04.1 linux-image-oracle - 5.15.0.1059.65~20.04.1 linux-tools-oracle - 5.15.0.1059.65~20.04.1 linux-oracle - 5.15.0.1059.65~20.04.1 No subscription required linux-image-gcp-edge - 5.15.0.1059.67~20.04.1 linux-headers-gcp-edge - 5.15.0.1059.67~20.04.1 linux-modules-extra-gcp - 5.15.0.1059.67~20.04.1 linux-gcp-edge - 5.15.0.1059.67~20.04.1 linux-tools-gcp - 5.15.0.1059.67~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1059.67~20.04.1 linux-headers-gcp - 5.15.0.1059.67~20.04.1 linux-gcp - 5.15.0.1059.67~20.04.1 linux-image-gcp - 5.15.0.1059.67~20.04.1 linux-tools-gcp-edge - 5.15.0.1059.67~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1063.72~20.04.1 linux-cloud-tools-azure - 5.15.0.1063.72~20.04.1 linux-tools-azure - 5.15.0.1063.72~20.04.1 linux-image-azure-edge - 5.15.0.1063.72~20.04.1 linux-image-azure-cvm - 5.15.0.1063.72~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1063.72~20.04.1 linux-tools-azure-cvm - 5.15.0.1063.72~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1063.72~20.04.1 linux-modules-extra-azure - 5.15.0.1063.72~20.04.1 linux-azure - 5.15.0.1063.72~20.04.1 linux-image-azure - 5.15.0.1063.72~20.04.1 linux-headers-azure-cvm - 5.15.0.1063.72~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1063.72~20.04.1 linux-headers-azure-edge - 5.15.0.1063.72~20.04.1 linux-azure-edge - 5.15.0.1063.72~20.04.1 linux-azure-cvm - 5.15.0.1063.72~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1063.72~20.04.1 linux-headers-azure - 5.15.0.1063.72~20.04.1 No subscription required linux-modules-extra-azure-fde-edge - 5.15.0.1063.72~20.04.1.41 linux-tools-azure-fde-edge - 5.15.0.1063.72~20.04.1.41 linux-headers-azure-fde-edge - 5.15.0.1063.72~20.04.1.41 linux-cloud-tools-azure-fde-edge - 5.15.0.1063.72~20.04.1.41 linux-image-azure-fde - 5.15.0.1063.72~20.04.1.41 linux-tools-azure-fde - 5.15.0.1063.72~20.04.1.41 linux-image-azure-fde-edge - 5.15.0.1063.72~20.04.1.41 linux-azure-fde - 5.15.0.1063.72~20.04.1.41 linux-cloud-tools-azure-fde - 5.15.0.1063.72~20.04.1.41 linux-azure-fde-edge - 5.15.0.1063.72~20.04.1.41 linux-modules-extra-azure-fde - 5.15.0.1063.72~20.04.1.41 linux-headers-azure-fde - 5.15.0.1063.72~20.04.1.41 No subscription required High CVE-2023-52435 CVE-2023-52486 CVE-2023-52489 CVE-2023-52491 CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52498 CVE-2023-52583 CVE-2023-52587 CVE-2023-52588 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52601 CVE-2023-52602 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52608 CVE-2023-52614 CVE-2023-52615 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52622 CVE-2023-52623 CVE-2023-52627 CVE-2023-52631 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637 CVE-2023-52638 CVE-2023-52642 CVE-2023-52643 CVE-2024-1151 CVE-2024-2201 CVE-2024-23849 CVE-2024-26592 CVE-2024-26593 CVE-2024-26594 CVE-2024-26600 CVE-2024-26602 CVE-2024-26606 CVE-2024-26608 CVE-2024-26610 CVE-2024-26614 CVE-2024-26615 CVE-2024-26625 CVE-2024-26627 CVE-2024-26635 CVE-2024-26636 CVE-2024-26640 CVE-2024-26641 CVE-2024-26644 CVE-2024-26645 CVE-2024-26660 CVE-2024-26663 CVE-2024-26664 CVE-2024-26665 CVE-2024-26668 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26676 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697 CVE-2024-26698 CVE-2024-26702 CVE-2024-26704 CVE-2024-26707 CVE-2024-26712 CVE-2024-26715 CVE-2024-26717 CVE-2024-26720 CVE-2024-26722 CVE-2024-26808 CVE-2024-26825 CVE-2024-26826 CVE-2024-26829 CVE-2024-26910 CVE-2024-26916 CVE-2024-26920 Ubuntu 20.04 LTS It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Core kernel; - Block layer subsystem; - Android drivers; - Power management core; - Bus devices; - Hardware random number generator core; - Cryptographic API; - Device frequency; - DMA engine subsystem; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - PCI driver for MicroSemi Switchtec; - PHY drivers; - SCSI drivers; - DesignWare USB3 driver; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - Pstore file system; - SMB network file system; - Memory management; - CAN network layer; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - Unix domain sockets; - Realtek audio codecs; (CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622, CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684, CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637, CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625, CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602, CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498, CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583, CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608, CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595, CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486, CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722, CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642, CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614, CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679, CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627, CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491, CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717, CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668, CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707, CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494, CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492, CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697) Update Instructions: Run `sudo pro fix USN-6766-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-cloud-tools-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-headers-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-buildinfo-5.15.0-106-generic-lpae - 5.15.0-106.116~20.04.1 linux-buildinfo-5.15.0-106-generic-64k - 5.15.0-106.116~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-106 - 5.15.0-106.116~20.04.1 linux-tools-5.15.0-106-generic-64k - 5.15.0-106.116~20.04.1 linux-tools-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-modules-iwlwifi-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-106.116~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-106.116~20.04.1 linux-tools-5.15.0-106-generic-lpae - 5.15.0-106.116~20.04.1 linux-hwe-5.15-headers-5.15.0-106 - 5.15.0-106.116~20.04.1 linux-headers-5.15.0-106-generic-64k - 5.15.0-106.116~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-106.116~20.04.1 linux-image-unsigned-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-modules-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-hwe-5.15-tools-5.15.0-106 - 5.15.0-106.116~20.04.1 linux-modules-extra-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-106.116~20.04.1 linux-image-5.15.0-106-generic - 5.15.0-106.116~20.04.1 linux-headers-5.15.0-106-generic-lpae - 5.15.0-106.116~20.04.1 linux-image-5.15.0-106-generic-lpae - 5.15.0-106.116~20.04.1 linux-modules-5.15.0-106-generic-lpae - 5.15.0-106.116~20.04.1 linux-image-5.15.0-106-generic-64k - 5.15.0-106.116~20.04.1 linux-image-unsigned-5.15.0-106-generic-64k - 5.15.0-106.116~20.04.1 linux-modules-5.15.0-106-generic-64k - 5.15.0-106.116~20.04.1 linux-buildinfo-5.15.0-106-generic - 5.15.0-106.116~20.04.1 No subscription required linux-headers-generic-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-tools-oem-20.04c - 5.15.0.106.116~20.04.1 linux-image-oem-20.04c - 5.15.0.106.116~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-oem-20.04d - 5.15.0.106.116~20.04.1 linux-headers-oem-20.04 - 5.15.0.106.116~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-headers-oem-20.04d - 5.15.0.106.116~20.04.1 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-oem-20.04 - 5.15.0.106.116~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.106.116~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-oem-20.04b - 5.15.0.106.116~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-oem-20.04d - 5.15.0.106.116~20.04.1 linux-oem-20.04c - 5.15.0.106.116~20.04.1 linux-oem-20.04b - 5.15.0.106.116~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-tools-oem-20.04b - 5.15.0.106.116~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-oem-20.04 - 5.15.0.106.116~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-headers-oem-20.04c - 5.15.0.106.116~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-generic-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-headers-oem-20.04b - 5.15.0.106.116~20.04.1 linux-tools-oem-20.04 - 5.15.0.106.116~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.106.116~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.106.116~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-tools-oem-20.04d - 5.15.0.106.116~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.106.116~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.106.116~20.04.1 No subscription required High CVE-2023-52435 CVE-2023-52486 CVE-2023-52489 CVE-2023-52491 CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52498 CVE-2023-52583 CVE-2023-52587 CVE-2023-52588 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52601 CVE-2023-52602 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52608 CVE-2023-52614 CVE-2023-52615 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52622 CVE-2023-52623 CVE-2023-52627 CVE-2023-52631 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637 CVE-2023-52638 CVE-2023-52642 CVE-2023-52643 CVE-2024-1151 CVE-2024-2201 CVE-2024-23849 CVE-2024-26592 CVE-2024-26593 CVE-2024-26594 CVE-2024-26600 CVE-2024-26602 CVE-2024-26606 CVE-2024-26608 CVE-2024-26610 CVE-2024-26614 CVE-2024-26615 CVE-2024-26625 CVE-2024-26627 CVE-2024-26635 CVE-2024-26636 CVE-2024-26640 CVE-2024-26641 CVE-2024-26644 CVE-2024-26645 CVE-2024-26660 CVE-2024-26663 CVE-2024-26664 CVE-2024-26665 CVE-2024-26668 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26676 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697 CVE-2024-26698 CVE-2024-26702 CVE-2024-26704 CVE-2024-26707 CVE-2024-26712 CVE-2024-26715 CVE-2024-26717 CVE-2024-26720 CVE-2024-26722 CVE-2024-26808 CVE-2024-26825 CVE-2024-26826 CVE-2024-26829 CVE-2024-26910 CVE-2024-26916 CVE-2024-26920 Ubuntu 20.04 LTS It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Core kernel; - Block layer subsystem; - Android drivers; - Power management core; - Bus devices; - Hardware random number generator core; - Cryptographic API; - Device frequency; - DMA engine subsystem; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - PCI driver for MicroSemi Switchtec; - PHY drivers; - SCSI drivers; - DesignWare USB3 driver; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - Pstore file system; - SMB network file system; - Memory management; - CAN network layer; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - Unix domain sockets; - Realtek audio codecs; (CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622, CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684, CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637, CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625, CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602, CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498, CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583, CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608, CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595, CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486, CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722, CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642, CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614, CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679, CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627, CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491, CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717, CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668, CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707, CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494, CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492, CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697) Update Instructions: Run `sudo pro fix USN-6766-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-image-unsigned-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-modules-extra-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-aws-5.15-tools-5.15.0-1061 - 5.15.0-1061.67~20.04.1 linux-headers-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1061 - 5.15.0-1061.67~20.04.1 linux-modules-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-cloud-tools-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-aws-5.15-headers-5.15.0-1061 - 5.15.0-1061.67~20.04.1 linux-buildinfo-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 linux-tools-5.15.0-1061-aws - 5.15.0-1061.67~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1061.67~20.04.1 linux-aws-edge - 5.15.0.1061.67~20.04.1 linux-tools-aws-edge - 5.15.0.1061.67~20.04.1 linux-image-aws-edge - 5.15.0.1061.67~20.04.1 linux-aws - 5.15.0.1061.67~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1061.67~20.04.1 linux-headers-aws - 5.15.0.1061.67~20.04.1 linux-headers-aws-edge - 5.15.0.1061.67~20.04.1 linux-image-aws - 5.15.0.1061.67~20.04.1 linux-tools-aws - 5.15.0.1061.67~20.04.1 No subscription required High CVE-2023-52435 CVE-2023-52486 CVE-2023-52489 CVE-2023-52491 CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52498 CVE-2023-52583 CVE-2023-52587 CVE-2023-52588 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52601 CVE-2023-52602 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52608 CVE-2023-52614 CVE-2023-52615 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52622 CVE-2023-52623 CVE-2023-52627 CVE-2023-52631 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637 CVE-2023-52638 CVE-2023-52642 CVE-2023-52643 CVE-2024-1151 CVE-2024-2201 CVE-2024-23849 CVE-2024-26592 CVE-2024-26593 CVE-2024-26594 CVE-2024-26600 CVE-2024-26602 CVE-2024-26606 CVE-2024-26608 CVE-2024-26610 CVE-2024-26614 CVE-2024-26615 CVE-2024-26625 CVE-2024-26627 CVE-2024-26635 CVE-2024-26636 CVE-2024-26640 CVE-2024-26641 CVE-2024-26644 CVE-2024-26645 CVE-2024-26660 CVE-2024-26663 CVE-2024-26664 CVE-2024-26665 CVE-2024-26668 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26676 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697 CVE-2024-26698 CVE-2024-26702 CVE-2024-26704 CVE-2024-26707 CVE-2024-26712 CVE-2024-26715 CVE-2024-26717 CVE-2024-26720 CVE-2024-26722 CVE-2024-26808 CVE-2024-26825 CVE-2024-26826 CVE-2024-26829 CVE-2024-26910 CVE-2024-26916 CVE-2024-26920 Ubuntu 20.04 LTS Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Android drivers; - Hardware random number generator core; - GPU drivers; - Hardware monitoring drivers; - I2C subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - Network drivers; - PCI driver for MicroSemi Switchtec; - PHY drivers; - Ceph distributed file system; - Ext4 file system; - JFS file system; - NILFS2 file system; - Pstore file system; - Core kernel; - Memory management; - CAN network layer; - Networking core; - IPv4 networking; - Logical Link layer; - Netfilter; - NFC subsystem; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - Realtek audio codecs; (CVE-2024-26696, CVE-2023-52583, CVE-2024-26720, CVE-2023-52615, CVE-2023-52599, CVE-2023-52587, CVE-2024-26635, CVE-2024-26704, CVE-2024-26625, CVE-2024-26825, CVE-2023-52622, CVE-2023-52435, CVE-2023-52617, CVE-2023-52598, CVE-2024-26645, CVE-2023-52619, CVE-2024-26593, CVE-2024-26685, CVE-2023-52602, CVE-2023-52486, CVE-2024-26697, CVE-2024-26675, CVE-2024-26600, CVE-2023-52604, CVE-2024-26664, CVE-2024-26606, CVE-2023-52594, CVE-2024-26671, CVE-2024-26598, CVE-2024-26673, CVE-2024-26920, CVE-2024-26722, CVE-2023-52601, CVE-2024-26602, CVE-2023-52637, CVE-2023-52623, CVE-2024-26702, CVE-2023-52597, CVE-2024-26684, CVE-2023-52606, CVE-2024-26679, CVE-2024-26663, CVE-2024-26910, CVE-2024-26615, CVE-2023-52595, CVE-2023-52607, CVE-2024-26636) Update Instructions: Run `sudo pro fix USN-6767-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.4.0-1036-iot - 5.4.0-1036.37 linux-iot-tools-5.4.0-1036 - 5.4.0-1036.37 linux-image-5.4.0-1036-iot - 5.4.0-1036.37 linux-buildinfo-5.4.0-1036-iot - 5.4.0-1036.37 linux-image-unsigned-5.4.0-1036-iot - 5.4.0-1036.37 linux-modules-5.4.0-1036-iot - 5.4.0-1036.37 linux-tools-5.4.0-1036-iot - 5.4.0-1036.37 linux-iot-tools-common - 5.4.0-1036.37 linux-iot-headers-5.4.0-1036 - 5.4.0-1036.37 No subscription required linux-tools-5.4.0-1043-xilinx-zynqmp - 5.4.0-1043.47 linux-headers-5.4.0-1043-xilinx-zynqmp - 5.4.0-1043.47 linux-image-5.4.0-1043-xilinx-zynqmp - 5.4.0-1043.47 linux-modules-5.4.0-1043-xilinx-zynqmp - 5.4.0-1043.47 linux-xilinx-zynqmp-tools-5.4.0-1043 - 5.4.0-1043.47 linux-xilinx-zynqmp-headers-5.4.0-1043 - 5.4.0-1043.47 linux-buildinfo-5.4.0-1043-xilinx-zynqmp - 5.4.0-1043.47 No subscription required linux-image-5.4.0-1071-ibm - 5.4.0-1071.76 linux-ibm-tools-5.4.0-1071 - 5.4.0-1071.76 linux-image-unsigned-5.4.0-1071-ibm - 5.4.0-1071.76 linux-headers-5.4.0-1071-ibm - 5.4.0-1071.76 linux-ibm-source-5.4.0 - 5.4.0-1071.76 linux-ibm-tools-common - 5.4.0-1071.76 linux-modules-5.4.0-1071-ibm - 5.4.0-1071.76 linux-ibm-headers-5.4.0-1071 - 5.4.0-1071.76 linux-tools-5.4.0-1071-ibm - 5.4.0-1071.76 linux-ibm-cloud-tools-common - 5.4.0-1071.76 linux-modules-extra-5.4.0-1071-ibm - 5.4.0-1071.76 linux-buildinfo-5.4.0-1071-ibm - 5.4.0-1071.76 No subscription required linux-cloud-tools-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-image-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-image-unsigned-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-gkeop-source-5.4.0 - 5.4.0-1091.95 linux-headers-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-gkeop-headers-5.4.0-1091 - 5.4.0-1091.95 linux-modules-extra-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-gkeop-cloud-tools-5.4.0-1091 - 5.4.0-1091.95 linux-gkeop-tools-5.4.0-1091 - 5.4.0-1091.95 linux-tools-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-modules-5.4.0-1091-gkeop - 5.4.0-1091.95 linux-buildinfo-5.4.0-1091-gkeop - 5.4.0-1091.95 No subscription required linux-headers-5.4.0-1108-raspi - 5.4.0-1108.120 linux-raspi-tools-5.4.0-1108 - 5.4.0-1108.120 linux-tools-5.4.0-1108-raspi - 5.4.0-1108.120 linux-image-5.4.0-1108-raspi - 5.4.0-1108.120 linux-modules-5.4.0-1108-raspi - 5.4.0-1108.120 linux-raspi-headers-5.4.0-1108 - 5.4.0-1108.120 linux-buildinfo-5.4.0-1108-raspi - 5.4.0-1108.120 No subscription required linux-modules-5.4.0-1112-kvm - 5.4.0-1112.119 linux-image-unsigned-5.4.0-1112-kvm - 5.4.0-1112.119 linux-buildinfo-5.4.0-1112-kvm - 5.4.0-1112.119 linux-kvm-tools-5.4.0-1112 - 5.4.0-1112.119 linux-image-5.4.0-1112-kvm - 5.4.0-1112.119 linux-tools-5.4.0-1112-kvm - 5.4.0-1112.119 linux-kvm-headers-5.4.0-1112 - 5.4.0-1112.119 linux-headers-5.4.0-1112-kvm - 5.4.0-1112.119 No subscription required linux-oracle-headers-5.4.0-1123 - 5.4.0-1123.132 linux-headers-5.4.0-1123-oracle - 5.4.0-1123.132 linux-image-unsigned-5.4.0-1123-oracle - 5.4.0-1123.132 linux-image-5.4.0-1123-oracle - 5.4.0-1123.132 linux-buildinfo-5.4.0-1123-oracle - 5.4.0-1123.132 linux-oracle-tools-5.4.0-1123 - 5.4.0-1123.132 linux-modules-extra-5.4.0-1123-oracle - 5.4.0-1123.132 linux-tools-5.4.0-1123-oracle - 5.4.0-1123.132 linux-modules-5.4.0-1123-oracle - 5.4.0-1123.132 No subscription required linux-modules-5.4.0-1124-aws - 5.4.0-1124.134 linux-aws-tools-5.4.0-1124 - 5.4.0-1124.134 linux-image-5.4.0-1124-aws - 5.4.0-1124.134 linux-image-unsigned-5.4.0-1124-aws - 5.4.0-1124.134 linux-tools-5.4.0-1124-aws - 5.4.0-1124.134 linux-modules-extra-5.4.0-1124-aws - 5.4.0-1124.134 linux-aws-cloud-tools-5.4.0-1124 - 5.4.0-1124.134 linux-headers-5.4.0-1124-aws - 5.4.0-1124.134 linux-buildinfo-5.4.0-1124-aws - 5.4.0-1124.134 linux-cloud-tools-5.4.0-1124-aws - 5.4.0-1124.134 linux-aws-headers-5.4.0-1124 - 5.4.0-1124.134 No subscription required linux-tools-5.4.0-1128-gcp - 5.4.0-1128.137 linux-headers-5.4.0-1128-gcp - 5.4.0-1128.137 linux-buildinfo-5.4.0-1128-gcp - 5.4.0-1128.137 linux-image-unsigned-5.4.0-1128-gcp - 5.4.0-1128.137 linux-gcp-tools-5.4.0-1128 - 5.4.0-1128.137 linux-modules-5.4.0-1128-gcp - 5.4.0-1128.137 linux-image-5.4.0-1128-gcp - 5.4.0-1128.137 linux-gcp-headers-5.4.0-1128 - 5.4.0-1128.137 linux-modules-extra-5.4.0-1128-gcp - 5.4.0-1128.137 No subscription required linux-cloud-tools-5.4.0-1129-azure - 5.4.0-1129.136 linux-azure-cloud-tools-5.4.0-1129 - 5.4.0-1129.136 linux-modules-5.4.0-1129-azure - 5.4.0-1129.136 linux-azure-headers-5.4.0-1129 - 5.4.0-1129.136 linux-modules-extra-5.4.0-1129-azure - 5.4.0-1129.136 linux-image-unsigned-5.4.0-1129-azure - 5.4.0-1129.136 linux-azure-tools-5.4.0-1129 - 5.4.0-1129.136 linux-tools-5.4.0-1129-azure - 5.4.0-1129.136 linux-headers-5.4.0-1129-azure - 5.4.0-1129.136 linux-image-5.4.0-1129-azure - 5.4.0-1129.136 linux-buildinfo-5.4.0-1129-azure - 5.4.0-1129.136 No subscription required linux-tools-common - 5.4.0-181.201 linux-headers-5.4.0-181-generic-lpae - 5.4.0-181.201 linux-tools-host - 5.4.0-181.201 linux-buildinfo-5.4.0-181-generic - 5.4.0-181.201 linux-modules-extra-5.4.0-181-generic - 5.4.0-181.201 linux-doc - 5.4.0-181.201 linux-modules-5.4.0-181-generic - 5.4.0-181.201 linux-image-unsigned-5.4.0-181-generic - 5.4.0-181.201 linux-tools-5.4.0-181-lowlatency - 5.4.0-181.201 linux-source-5.4.0 - 5.4.0-181.201 linux-image-5.4.0-181-generic - 5.4.0-181.201 linux-cloud-tools-common - 5.4.0-181.201 linux-image-5.4.0-181-generic-lpae - 5.4.0-181.201 linux-cloud-tools-5.4.0-181-generic - 5.4.0-181.201 linux-modules-5.4.0-181-lowlatency - 5.4.0-181.201 linux-tools-5.4.0-181-generic - 5.4.0-181.201 linux-buildinfo-5.4.0-181-lowlatency - 5.4.0-181.201 linux-headers-5.4.0-181-generic - 5.4.0-181.201 linux-modules-5.4.0-181-generic-lpae - 5.4.0-181.201 linux-headers-5.4.0-181-lowlatency - 5.4.0-181.201 linux-cloud-tools-5.4.0-181-lowlatency - 5.4.0-181.201 linux-tools-5.4.0-181 - 5.4.0-181.201 linux-buildinfo-5.4.0-181-generic-lpae - 5.4.0-181.201 linux-image-unsigned-5.4.0-181-lowlatency - 5.4.0-181.201 linux-cloud-tools-5.4.0-181 - 5.4.0-181.201 linux-headers-5.4.0-181 - 5.4.0-181.201 linux-image-5.4.0-181-lowlatency - 5.4.0-181.201 linux-tools-5.4.0-181-generic-lpae - 5.4.0-181.201 linux-libc-dev - 5.4.0-181.201 No subscription required linux-iot - 5.4.0.1036.34 linux-image-iot - 5.4.0.1036.34 linux-tools-iot - 5.4.0.1036.34 linux-headers-iot - 5.4.0.1036.34 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1043.43 linux-xilinx-zynqmp - 5.4.0.1043.43 linux-headers-xilinx-zynqmp - 5.4.0.1043.43 linux-tools-xilinx-zynqmp - 5.4.0.1043.43 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1071.100 linux-headers-ibm-lts-20.04 - 5.4.0.1071.100 linux-image-ibm-lts-20.04 - 5.4.0.1071.100 linux-ibm-lts-20.04 - 5.4.0.1071.100 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1071.100 No subscription required linux-headers-gkeop - 5.4.0.1091.89 linux-cloud-tools-gkeop-5.4 - 5.4.0.1091.89 linux-image-gkeop - 5.4.0.1091.89 linux-modules-extra-gkeop-5.4 - 5.4.0.1091.89 linux-gkeop-5.4 - 5.4.0.1091.89 linux-image-gkeop-5.4 - 5.4.0.1091.89 linux-gkeop - 5.4.0.1091.89 linux-headers-gkeop-5.4 - 5.4.0.1091.89 linux-modules-extra-gkeop - 5.4.0.1091.89 linux-tools-gkeop - 5.4.0.1091.89 linux-tools-gkeop-5.4 - 5.4.0.1091.89 linux-cloud-tools-gkeop - 5.4.0.1091.89 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1108.138 linux-headers-raspi2 - 5.4.0.1108.138 linux-image-raspi-hwe-18.04 - 5.4.0.1108.138 linux-image-raspi2-hwe-18.04 - 5.4.0.1108.138 linux-tools-raspi - 5.4.0.1108.138 linux-headers-raspi-hwe-18.04 - 5.4.0.1108.138 linux-headers-raspi2-hwe-18.04 - 5.4.0.1108.138 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1108.138 linux-headers-raspi - 5.4.0.1108.138 linux-raspi2-hwe-18.04-edge - 5.4.0.1108.138 linux-image-raspi-hwe-18.04-edge - 5.4.0.1108.138 linux-raspi-hwe-18.04 - 5.4.0.1108.138 linux-tools-raspi2-hwe-18.04 - 5.4.0.1108.138 linux-raspi2-hwe-18.04 - 5.4.0.1108.138 linux-image-raspi2 - 5.4.0.1108.138 linux-tools-raspi-hwe-18.04 - 5.4.0.1108.138 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1108.138 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1108.138 linux-raspi-hwe-18.04-edge - 5.4.0.1108.138 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1108.138 linux-image-raspi - 5.4.0.1108.138 linux-raspi2 - 5.4.0.1108.138 linux-tools-raspi2 - 5.4.0.1108.138 linux-raspi - 5.4.0.1108.138 No subscription required linux-kvm - 5.4.0.1112.108 linux-headers-kvm - 5.4.0.1112.108 linux-image-kvm - 5.4.0.1112.108 linux-tools-kvm - 5.4.0.1112.108 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1123.116 linux-oracle-lts-20.04 - 5.4.0.1123.116 linux-tools-oracle-lts-20.04 - 5.4.0.1123.116 linux-image-oracle-lts-20.04 - 5.4.0.1123.116 No subscription required linux-image-aws-lts-20.04 - 5.4.0.1124.121 linux-headers-aws-lts-20.04 - 5.4.0.1124.121 linux-tools-aws-lts-20.04 - 5.4.0.1124.121 linux-modules-extra-aws-lts-20.04 - 5.4.0.1124.121 linux-aws-lts-20.04 - 5.4.0.1124.121 No subscription required linux-gcp-lts-20.04 - 5.4.0.1128.130 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1128.130 linux-headers-gcp-lts-20.04 - 5.4.0.1128.130 linux-image-gcp-lts-20.04 - 5.4.0.1128.130 linux-tools-gcp-lts-20.04 - 5.4.0.1128.130 No subscription required linux-cloud-tools-azure-lts-20.04 - 5.4.0.1129.123 linux-azure-lts-20.04 - 5.4.0.1129.123 linux-image-azure-lts-20.04 - 5.4.0.1129.123 linux-modules-extra-azure-lts-20.04 - 5.4.0.1129.123 linux-tools-azure-lts-20.04 - 5.4.0.1129.123 linux-headers-azure-lts-20.04 - 5.4.0.1129.123 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.181.179 linux-cloud-tools-virtual - 5.4.0.181.179 linux-image-generic-hwe-18.04 - 5.4.0.181.179 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.181.179 linux-headers-generic-lpae - 5.4.0.181.179 linux-crashdump - 5.4.0.181.179 linux-image-virtual - 5.4.0.181.179 linux-generic-hwe-18.04 - 5.4.0.181.179 linux-oem-osp1-tools-host - 5.4.0.181.179 linux-image-generic - 5.4.0.181.179 linux-tools-lowlatency - 5.4.0.181.179 linux-image-oem - 5.4.0.181.179 linux-tools-virtual-hwe-18.04 - 5.4.0.181.179 linux-headers-lowlatency-hwe-18.04 - 5.4.0.181.179 linux-generic-lpae - 5.4.0.181.179 linux-lowlatency-hwe-18.04-edge - 5.4.0.181.179 linux-image-extra-virtual-hwe-18.04 - 5.4.0.181.179 linux-headers-generic - 5.4.0.181.179 linux-image-oem-osp1 - 5.4.0.181.179 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.181.179 linux-headers-oem - 5.4.0.181.179 linux-image-generic-lpae-hwe-18.04 - 5.4.0.181.179 linux-tools-lowlatency-hwe-18.04 - 5.4.0.181.179 linux-headers-generic-hwe-18.04 - 5.4.0.181.179 linux-headers-virtual-hwe-18.04-edge - 5.4.0.181.179 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.181.179 linux-lowlatency - 5.4.0.181.179 linux-tools-virtual-hwe-18.04-edge - 5.4.0.181.179 linux-tools-generic-lpae - 5.4.0.181.179 linux-cloud-tools-generic - 5.4.0.181.179 linux-virtual - 5.4.0.181.179 linux-virtual-hwe-18.04 - 5.4.0.181.179 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.181.179 linux-tools-virtual - 5.4.0.181.179 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.181.179 linux-generic - 5.4.0.181.179 linux-tools-oem-osp1 - 5.4.0.181.179 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.181.179 linux-generic-lpae-hwe-18.04-edge - 5.4.0.181.179 linux-headers-virtual-hwe-18.04 - 5.4.0.181.179 linux-image-virtual-hwe-18.04 - 5.4.0.181.179 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.181.179 linux-cloud-tools-lowlatency - 5.4.0.181.179 linux-headers-lowlatency - 5.4.0.181.179 linux-image-generic-hwe-18.04-edge - 5.4.0.181.179 linux-generic-hwe-18.04-edge - 5.4.0.181.179 linux-tools-generic-hwe-18.04-edge - 5.4.0.181.179 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.181.179 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.181.179 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.181.179 linux-oem - 5.4.0.181.179 linux-tools-generic - 5.4.0.181.179 linux-source - 5.4.0.181.179 linux-image-extra-virtual - 5.4.0.181.179 linux-oem-tools-host - 5.4.0.181.179 linux-tools-oem - 5.4.0.181.179 linux-headers-oem-osp1 - 5.4.0.181.179 linux-generic-lpae-hwe-18.04 - 5.4.0.181.179 linux-headers-generic-hwe-18.04-edge - 5.4.0.181.179 linux-oem-osp1 - 5.4.0.181.179 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.181.179 linux-image-lowlatency-hwe-18.04 - 5.4.0.181.179 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.181.179 linux-virtual-hwe-18.04-edge - 5.4.0.181.179 linux-headers-virtual - 5.4.0.181.179 linux-lowlatency-hwe-18.04 - 5.4.0.181.179 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.181.179 linux-image-generic-lpae - 5.4.0.181.179 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.181.179 linux-image-lowlatency - 5.4.0.181.179 linux-tools-generic-hwe-18.04 - 5.4.0.181.179 linux-image-virtual-hwe-18.04-edge - 5.4.0.181.179 No subscription required Medium CVE-2023-52435 CVE-2023-52486 CVE-2023-52583 CVE-2023-52587 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52601 CVE-2023-52602 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52615 CVE-2023-52617 CVE-2023-52619 CVE-2023-52622 CVE-2023-52623 CVE-2023-52637 CVE-2024-23849 CVE-2024-26593 CVE-2024-26598 CVE-2024-26600 CVE-2024-26602 CVE-2024-26606 CVE-2024-26615 CVE-2024-26625 CVE-2024-26635 CVE-2024-26636 CVE-2024-26645 CVE-2024-26663 CVE-2024-26664 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26696 CVE-2024-26697 CVE-2024-26702 CVE-2024-26704 CVE-2024-26720 CVE-2024-26722 CVE-2024-26825 CVE-2024-26910 CVE-2024-26920 Ubuntu 20.04 LTS Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Android drivers; - Hardware random number generator core; - GPU drivers; - Hardware monitoring drivers; - I2C subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - Network drivers; - PCI driver for MicroSemi Switchtec; - PHY drivers; - Ceph distributed file system; - Ext4 file system; - JFS file system; - NILFS2 file system; - Pstore file system; - Core kernel; - Memory management; - CAN network layer; - Networking core; - IPv4 networking; - Logical Link layer; - Netfilter; - NFC subsystem; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - Realtek audio codecs; (CVE-2024-26696, CVE-2023-52583, CVE-2024-26720, CVE-2023-52615, CVE-2023-52599, CVE-2023-52587, CVE-2024-26635, CVE-2024-26704, CVE-2024-26625, CVE-2024-26825, CVE-2023-52622, CVE-2023-52435, CVE-2023-52617, CVE-2023-52598, CVE-2024-26645, CVE-2023-52619, CVE-2024-26593, CVE-2024-26685, CVE-2023-52602, CVE-2023-52486, CVE-2024-26697, CVE-2024-26675, CVE-2024-26600, CVE-2023-52604, CVE-2024-26664, CVE-2024-26606, CVE-2023-52594, CVE-2024-26671, CVE-2024-26598, CVE-2024-26673, CVE-2024-26920, CVE-2024-26722, CVE-2023-52601, CVE-2024-26602, CVE-2023-52637, CVE-2023-52623, CVE-2024-26702, CVE-2023-52597, CVE-2024-26684, CVE-2023-52606, CVE-2024-26679, CVE-2024-26663, CVE-2024-26910, CVE-2024-26615, CVE-2023-52595, CVE-2023-52607, CVE-2024-26636) Update Instructions: Run `sudo pro fix USN-6767-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1084-bluefield - 5.4.0-1084.91 linux-bluefield-tools-5.4.0-1084 - 5.4.0-1084.91 linux-modules-5.4.0-1084-bluefield - 5.4.0-1084.91 linux-headers-5.4.0-1084-bluefield - 5.4.0-1084.91 linux-image-unsigned-5.4.0-1084-bluefield - 5.4.0-1084.91 linux-bluefield-headers-5.4.0-1084 - 5.4.0-1084.91 linux-image-5.4.0-1084-bluefield - 5.4.0-1084.91 linux-tools-5.4.0-1084-bluefield - 5.4.0-1084.91 No subscription required linux-bluefield - 5.4.0.1084.80 linux-tools-bluefield - 5.4.0.1084.80 linux-image-bluefield - 5.4.0.1084.80 linux-headers-bluefield - 5.4.0.1084.80 No subscription required Medium CVE-2023-52435 CVE-2023-52486 CVE-2023-52583 CVE-2023-52587 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52601 CVE-2023-52602 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52615 CVE-2023-52617 CVE-2023-52619 CVE-2023-52622 CVE-2023-52623 CVE-2023-52637 CVE-2024-23849 CVE-2024-26593 CVE-2024-26598 CVE-2024-26600 CVE-2024-26602 CVE-2024-26606 CVE-2024-26615 CVE-2024-26625 CVE-2024-26635 CVE-2024-26636 CVE-2024-26645 CVE-2024-26663 CVE-2024-26664 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26696 CVE-2024-26697 CVE-2024-26702 CVE-2024-26704 CVE-2024-26720 CVE-2024-26722 CVE-2024-26825 CVE-2024-26910 CVE-2024-26920 Ubuntu 20.04 LTS Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety of impacts including possible privilege escalation. Update Instructions: Run `sudo pro fix USN-6768-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.7 libglib2.0-data - 2.64.6-1~ubuntu20.04.7 libglib2.0-tests - 2.64.6-1~ubuntu20.04.7 libglib2.0-doc - 2.64.6-1~ubuntu20.04.7 libglib2.0-bin - 2.64.6-1~ubuntu20.04.7 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.7 libglib2.0-dev - 2.64.6-1~ubuntu20.04.7 No subscription required Medium CVE-2024-34397 Ubuntu 20.04 LTS Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An attacker could possibly use this issue to consume large amounts of memory, resulting in a denial of service condition. (CVE-2024-22368) An Pham discovered that Spreadsheet::ParseXLSX allowed the processing of external entities in a default configuration. An attacker could possibly use this vulnerability to execute an XML External Entity (XXE) injection attack. (CVE-2024-23525) Update Instructions: Run `sudo pro fix USN-6769-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libspreadsheet-parsexlsx-perl - 0.27-2+deb10u1build0.20.04.1 No subscription required Medium CVE-2024-22368 CVE-2024-23525 Ubuntu 20.04 LTS USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The update lead to the discovery of a regression in Fossil with regards to the handling of POST requests that do not have a Content-Length field set. This update fixes the problem. We apologize for the inconvenience. Update Instructions: Run `sudo pro fix USN-6770-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fossil - 1:2.10-1ubuntu0.1 No subscription required None https://launchpad.net/bugs/2064509 Ubuntu 20.04 LTS Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MAC80211 subsystem; - Tomoyo security module; (CVE-2024-26622, CVE-2023-52530) Update Instructions: Run `sudo pro fix USN-6775-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-modules-extra-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-modules-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-buildinfo-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-cloud-tools-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-headers-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-gkeop-5.15-tools-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-gkeop-5.15-headers-5.15.0-1045 - 5.15.0-1045.52~20.04.1 linux-image-unsigned-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 linux-image-5.15.0-1045-gkeop - 5.15.0-1045.52~20.04.1 No subscription required linux-ibm-5.15-tools-5.15.0-1055 - 5.15.0-1055.58~20.04.1 linux-image-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-modules-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-image-unsigned-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1055.58~20.04.1 linux-modules-extra-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-tools-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-headers-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-buildinfo-5.15.0-1055-ibm - 5.15.0-1055.58~20.04.1 linux-ibm-5.15-headers-5.15.0-1055 - 5.15.0-1055.58~20.04.1 No subscription required linux-modules-extra-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-gcp-5.15-headers-5.15.0-1060 - 5.15.0-1060.68~20.04.1 linux-buildinfo-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-gcp-5.15-tools-5.15.0-1060 - 5.15.0-1060.68~20.04.1 linux-tools-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-image-unsigned-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-modules-iwlwifi-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-image-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-headers-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 linux-modules-5.15.0-1060-gcp - 5.15.0-1060.68~20.04.1 No subscription required linux-headers-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-buildinfo-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-azure-5.15-headers-5.15.0-1064 - 5.15.0-1064.73~20.04.1 linux-modules-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-image-unsigned-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1064 - 5.15.0-1064.73~20.04.1 linux-modules-extra-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-azure-5.15-tools-5.15.0-1064 - 5.15.0-1064.73~20.04.1 linux-image-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-cloud-tools-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 linux-tools-5.15.0-1064-azure - 5.15.0-1064.73~20.04.1 No subscription required linux-image-unsigned-5.15.0-1064-azure-fde - 5.15.0-1064.73~20.04.1.1 linux-image-5.15.0-1064-azure-fde - 5.15.0-1064.73~20.04.1.1 No subscription required linux-modules-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-107.117~20.04.1 linux-image-5.15.0-107-generic-64k - 5.15.0-107.117~20.04.1 linux-hwe-5.15-tools-5.15.0-107 - 5.15.0-107.117~20.04.1 linux-headers-5.15.0-107-generic-lpae - 5.15.0-107.117~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-107 - 5.15.0-107.117~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-107.117~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-107.117~20.04.1 linux-modules-extra-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-image-unsigned-5.15.0-107-generic-64k - 5.15.0-107.117~20.04.1 linux-headers-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-image-unsigned-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-107 - 5.15.0-107.117~20.04.1 linux-buildinfo-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-buildinfo-5.15.0-107-generic-lpae - 5.15.0-107.117~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-107 - 5.15.0-107.117~20.04.1 linux-tools-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-headers-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-modules-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-tools-5.15.0-107-generic-lpae - 5.15.0-107.117~20.04.1 linux-tools-5.15.0-107-lowlatency-64k - 5.15.0-107.117~20.04.1 linux-image-5.15.0-107-generic-lpae - 5.15.0-107.117~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-107 - 5.15.0-107.117~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-107.117~20.04.1 linux-cloud-tools-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-modules-iwlwifi-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-hwe-5.15-headers-5.15.0-107 - 5.15.0-107.117~20.04.1 linux-image-5.15.0-107-lowlatency-64k - 5.15.0-107.117~20.04.1 linux-image-unsigned-5.15.0-107-lowlatency-64k - 5.15.0-107.117~20.04.1 linux-tools-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-tools-5.15.0-107-generic-64k - 5.15.0-107.117~20.04.1 linux-modules-iwlwifi-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-image-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-cloud-tools-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-buildinfo-5.15.0-107-generic-64k - 5.15.0-107.117~20.04.1 linux-buildinfo-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-107.117~20.04.1 linux-modules-5.15.0-107-generic-lpae - 5.15.0-107.117~20.04.1 linux-modules-5.15.0-107-lowlatency-64k - 5.15.0-107.117~20.04.1 linux-buildinfo-5.15.0-107-lowlatency-64k - 5.15.0-107.117~20.04.1 linux-modules-5.15.0-107-generic-64k - 5.15.0-107.117~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-107.117~20.04.1 linux-image-5.15.0-107-generic - 5.15.0-107.117~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-107.117~20.04.1 linux-image-unsigned-5.15.0-107-lowlatency - 5.15.0-107.117~20.04.1 linux-headers-5.15.0-107-lowlatency-64k - 5.15.0-107.117~20.04.1 linux-headers-5.15.0-107-generic-64k - 5.15.0-107.117~20.04.1 No subscription required linux-tools-gkeop-edge - 5.15.0.1045.52~20.04.1 linux-gkeop-5.15 - 5.15.0.1045.52~20.04.1 linux-image-gkeop-edge - 5.15.0.1045.52~20.04.1 linux-headers-gkeop-edge - 5.15.0.1045.52~20.04.1 linux-gkeop-edge - 5.15.0.1045.52~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1045.52~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1045.52~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1045.52~20.04.1 linux-cloud-tools-gkeop-5.15 - 5.15.0.1045.52~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1045.52~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1045.52~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1045.52~20.04.1 No subscription required linux-ibm-edge - 5.15.0.1055.58~20.04.1 linux-image-ibm - 5.15.0.1055.58~20.04.1 linux-tools-ibm-edge - 5.15.0.1055.58~20.04.1 linux-tools-ibm - 5.15.0.1055.58~20.04.1 linux-headers-ibm-edge - 5.15.0.1055.58~20.04.1 linux-ibm - 5.15.0.1055.58~20.04.1 linux-headers-ibm - 5.15.0.1055.58~20.04.1 linux-image-ibm-edge - 5.15.0.1055.58~20.04.1 No subscription required linux-modules-extra-gcp-edge - 5.15.0.1060.68~20.04.1 linux-image-gcp-edge - 5.15.0.1060.68~20.04.1 linux-headers-gcp-edge - 5.15.0.1060.68~20.04.1 linux-tools-gcp - 5.15.0.1060.68~20.04.1 linux-headers-gcp - 5.15.0.1060.68~20.04.1 linux-gcp - 5.15.0.1060.68~20.04.1 linux-image-gcp - 5.15.0.1060.68~20.04.1 linux-modules-extra-gcp - 5.15.0.1060.68~20.04.1 linux-tools-gcp-edge - 5.15.0.1060.68~20.04.1 linux-gcp-edge - 5.15.0.1060.68~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1064.73~20.04.1 linux-cloud-tools-azure - 5.15.0.1064.73~20.04.1 linux-tools-azure - 5.15.0.1064.73~20.04.1 linux-image-azure-edge - 5.15.0.1064.73~20.04.1 linux-image-azure-cvm - 5.15.0.1064.73~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1064.73~20.04.1 linux-tools-azure-cvm - 5.15.0.1064.73~20.04.1 linux-image-azure - 5.15.0.1064.73~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1064.73~20.04.1 linux-modules-extra-azure - 5.15.0.1064.73~20.04.1 linux-azure - 5.15.0.1064.73~20.04.1 linux-headers-azure-cvm - 5.15.0.1064.73~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1064.73~20.04.1 linux-headers-azure-edge - 5.15.0.1064.73~20.04.1 linux-azure-edge - 5.15.0.1064.73~20.04.1 linux-azure-cvm - 5.15.0.1064.73~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1064.73~20.04.1 linux-headers-azure - 5.15.0.1064.73~20.04.1 No subscription required linux-image-azure-fde - 5.15.0.1064.73~20.04.1.42 linux-cloud-tools-azure-fde-edge - 5.15.0.1064.73~20.04.1.42 linux-tools-azure-fde-edge - 5.15.0.1064.73~20.04.1.42 linux-headers-azure-fde-edge - 5.15.0.1064.73~20.04.1.42 linux-modules-extra-azure-fde-edge - 5.15.0.1064.73~20.04.1.42 linux-tools-azure-fde - 5.15.0.1064.73~20.04.1.42 linux-image-azure-fde-edge - 5.15.0.1064.73~20.04.1.42 linux-azure-fde - 5.15.0.1064.73~20.04.1.42 linux-cloud-tools-azure-fde - 5.15.0.1064.73~20.04.1.42 linux-azure-fde-edge - 5.15.0.1064.73~20.04.1.42 linux-modules-extra-azure-fde - 5.15.0.1064.73~20.04.1.42 linux-headers-azure-fde - 5.15.0.1064.73~20.04.1.42 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-headers-oem-20.04 - 5.15.0.107.117~20.04.1 linux-tools-oem-20.04d - 5.15.0.107.117~20.04.1 linux-tools-oem-20.04b - 5.15.0.107.117~20.04.1 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-tools-oem-20.04 - 5.15.0.107.117~20.04.1 linux-tools-oem-20.04c - 5.15.0.107.117~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-oem-20.04b - 5.15.0.107.117~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.107.117~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-generic-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-oem-20.04c - 5.15.0.107.117~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-oem-20.04d - 5.15.0.107.117~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-oem-20.04 - 5.15.0.107.117~20.04.1 linux-image-oem-20.04 - 5.15.0.107.117~20.04.1 linux-oem-20.04c - 5.15.0.107.117~20.04.1 linux-oem-20.04b - 5.15.0.107.117~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-oem-20.04d - 5.15.0.107.117~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.107.117~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.107.117~20.04.1 linux-headers-oem-20.04b - 5.15.0.107.117~20.04.1 linux-headers-oem-20.04c - 5.15.0.107.117~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.107.117~20.04.1 linux-headers-oem-20.04d - 5.15.0.107.117~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.107.117~20.04.1 No subscription required Medium CVE-2023-47233 CVE-2023-52530 CVE-2024-26622 Ubuntu 20.04 LTS Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MAC80211 subsystem; - Tomoyo security module; (CVE-2024-26622, CVE-2023-52530) Update Instructions: Run `sudo pro fix USN-6775-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-tools-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-modules-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-cloud-tools-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-headers-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-modules-extra-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-tools-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-image-unsigned-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-buildinfo-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-image-5.15.0-1062-aws - 5.15.0-1062.68~20.04.1 linux-aws-5.15-headers-5.15.0-1062 - 5.15.0-1062.68~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1062.68~20.04.1 linux-aws-edge - 5.15.0.1062.68~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1062.68~20.04.1 linux-tools-aws-edge - 5.15.0.1062.68~20.04.1 linux-image-aws-edge - 5.15.0.1062.68~20.04.1 linux-aws - 5.15.0.1062.68~20.04.1 linux-tools-aws - 5.15.0.1062.68~20.04.1 linux-headers-aws - 5.15.0.1062.68~20.04.1 linux-headers-aws-edge - 5.15.0.1062.68~20.04.1 linux-image-aws - 5.15.0.1062.68~20.04.1 No subscription required Medium CVE-2023-47233 CVE-2023-52530 CVE-2024-26622 Ubuntu 20.04 LTS Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Networking core; - IPv4 networking; - MAC80211 subsystem; - Tomoyo security module; (CVE-2024-26614, CVE-2023-52530, CVE-2024-26622) Update Instructions: Run `sudo pro fix USN-6776-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1037-iot - 5.4.0-1037.38 linux-image-5.4.0-1037-iot - 5.4.0-1037.38 linux-iot-tools-5.4.0-1037 - 5.4.0-1037.38 linux-modules-5.4.0-1037-iot - 5.4.0-1037.38 linux-iot-tools-common - 5.4.0-1037.38 linux-image-unsigned-5.4.0-1037-iot - 5.4.0-1037.38 linux-tools-5.4.0-1037-iot - 5.4.0-1037.38 linux-headers-5.4.0-1037-iot - 5.4.0-1037.38 linux-iot-headers-5.4.0-1037 - 5.4.0-1037.38 No subscription required linux-image-5.4.0-1044-xilinx-zynqmp - 5.4.0-1044.48 linux-buildinfo-5.4.0-1044-xilinx-zynqmp - 5.4.0-1044.48 linux-tools-5.4.0-1044-xilinx-zynqmp - 5.4.0-1044.48 linux-modules-5.4.0-1044-xilinx-zynqmp - 5.4.0-1044.48 linux-headers-5.4.0-1044-xilinx-zynqmp - 5.4.0-1044.48 linux-xilinx-zynqmp-tools-5.4.0-1044 - 5.4.0-1044.48 linux-xilinx-zynqmp-headers-5.4.0-1044 - 5.4.0-1044.48 No subscription required linux-modules-5.4.0-1072-ibm - 5.4.0-1072.77 linux-ibm-source-5.4.0 - 5.4.0-1072.77 linux-image-unsigned-5.4.0-1072-ibm - 5.4.0-1072.77 linux-ibm-tools-common - 5.4.0-1072.77 linux-headers-5.4.0-1072-ibm - 5.4.0-1072.77 linux-ibm-headers-5.4.0-1072 - 5.4.0-1072.77 linux-tools-5.4.0-1072-ibm - 5.4.0-1072.77 linux-ibm-cloud-tools-common - 5.4.0-1072.77 linux-ibm-tools-5.4.0-1072 - 5.4.0-1072.77 linux-image-5.4.0-1072-ibm - 5.4.0-1072.77 linux-modules-extra-5.4.0-1072-ibm - 5.4.0-1072.77 linux-buildinfo-5.4.0-1072-ibm - 5.4.0-1072.77 No subscription required linux-image-unsigned-5.4.0-1085-bluefield - 5.4.0-1085.92 linux-bluefield-headers-5.4.0-1085 - 5.4.0-1085.92 linux-buildinfo-5.4.0-1085-bluefield - 5.4.0-1085.92 linux-headers-5.4.0-1085-bluefield - 5.4.0-1085.92 linux-tools-5.4.0-1085-bluefield - 5.4.0-1085.92 linux-bluefield-tools-5.4.0-1085 - 5.4.0-1085.92 linux-modules-5.4.0-1085-bluefield - 5.4.0-1085.92 linux-image-5.4.0-1085-bluefield - 5.4.0-1085.92 No subscription required linux-image-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-buildinfo-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-gkeop-source-5.4.0 - 5.4.0-1092.96 linux-modules-extra-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-gkeop-headers-5.4.0-1092 - 5.4.0-1092.96 linux-image-unsigned-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-headers-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-gkeop-cloud-tools-5.4.0-1092 - 5.4.0-1092.96 linux-gkeop-tools-5.4.0-1092 - 5.4.0-1092.96 linux-cloud-tools-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-modules-5.4.0-1092-gkeop - 5.4.0-1092.96 linux-tools-5.4.0-1092-gkeop - 5.4.0-1092.96 No subscription required linux-buildinfo-5.4.0-1109-raspi - 5.4.0-1109.121 linux-modules-5.4.0-1109-raspi - 5.4.0-1109.121 linux-tools-5.4.0-1109-raspi - 5.4.0-1109.121 linux-raspi-headers-5.4.0-1109 - 5.4.0-1109.121 linux-headers-5.4.0-1109-raspi - 5.4.0-1109.121 linux-image-5.4.0-1109-raspi - 5.4.0-1109.121 linux-raspi-tools-5.4.0-1109 - 5.4.0-1109.121 No subscription required linux-image-5.4.0-1113-kvm - 5.4.0-1113.120 linux-tools-5.4.0-1113-kvm - 5.4.0-1113.120 linux-modules-5.4.0-1113-kvm - 5.4.0-1113.120 linux-kvm-tools-5.4.0-1113 - 5.4.0-1113.120 linux-kvm-headers-5.4.0-1113 - 5.4.0-1113.120 linux-buildinfo-5.4.0-1113-kvm - 5.4.0-1113.120 linux-image-unsigned-5.4.0-1113-kvm - 5.4.0-1113.120 linux-headers-5.4.0-1113-kvm - 5.4.0-1113.120 No subscription required linux-oracle-headers-5.4.0-1124 - 5.4.0-1124.133 linux-image-unsigned-5.4.0-1124-oracle - 5.4.0-1124.133 linux-buildinfo-5.4.0-1124-oracle - 5.4.0-1124.133 linux-headers-5.4.0-1124-oracle - 5.4.0-1124.133 linux-image-5.4.0-1124-oracle - 5.4.0-1124.133 linux-modules-extra-5.4.0-1124-oracle - 5.4.0-1124.133 linux-oracle-tools-5.4.0-1124 - 5.4.0-1124.133 linux-modules-5.4.0-1124-oracle - 5.4.0-1124.133 linux-tools-5.4.0-1124-oracle - 5.4.0-1124.133 No subscription required linux-modules-extra-5.4.0-1125-aws - 5.4.0-1125.135 linux-aws-tools-5.4.0-1125 - 5.4.0-1125.135 linux-modules-5.4.0-1125-aws - 5.4.0-1125.135 linux-headers-5.4.0-1125-aws - 5.4.0-1125.135 linux-cloud-tools-5.4.0-1125-aws - 5.4.0-1125.135 linux-buildinfo-5.4.0-1125-aws - 5.4.0-1125.135 linux-aws-cloud-tools-5.4.0-1125 - 5.4.0-1125.135 linux-aws-headers-5.4.0-1125 - 5.4.0-1125.135 linux-image-5.4.0-1125-aws - 5.4.0-1125.135 linux-image-unsigned-5.4.0-1125-aws - 5.4.0-1125.135 linux-tools-5.4.0-1125-aws - 5.4.0-1125.135 No subscription required linux-image-unsigned-5.4.0-1129-gcp - 5.4.0-1129.138 linux-buildinfo-5.4.0-1129-gcp - 5.4.0-1129.138 linux-tools-5.4.0-1129-gcp - 5.4.0-1129.138 linux-image-5.4.0-1129-gcp - 5.4.0-1129.138 linux-headers-5.4.0-1129-gcp - 5.4.0-1129.138 linux-gcp-tools-5.4.0-1129 - 5.4.0-1129.138 linux-modules-extra-5.4.0-1129-gcp - 5.4.0-1129.138 linux-modules-5.4.0-1129-gcp - 5.4.0-1129.138 linux-gcp-headers-5.4.0-1129 - 5.4.0-1129.138 No subscription required linux-image-5.4.0-1130-azure - 5.4.0-1130.137 linux-tools-5.4.0-1130-azure - 5.4.0-1130.137 linux-cloud-tools-5.4.0-1130-azure - 5.4.0-1130.137 linux-azure-cloud-tools-5.4.0-1130 - 5.4.0-1130.137 linux-headers-5.4.0-1130-azure - 5.4.0-1130.137 linux-modules-5.4.0-1130-azure - 5.4.0-1130.137 linux-modules-extra-5.4.0-1130-azure - 5.4.0-1130.137 linux-azure-headers-5.4.0-1130 - 5.4.0-1130.137 linux-buildinfo-5.4.0-1130-azure - 5.4.0-1130.137 linux-image-unsigned-5.4.0-1130-azure - 5.4.0-1130.137 linux-azure-tools-5.4.0-1130 - 5.4.0-1130.137 No subscription required linux-modules-5.4.0-182-generic - 5.4.0-182.202 linux-tools-common - 5.4.0-182.202 linux-headers-5.4.0-182-generic-lpae - 5.4.0-182.202 linux-tools-host - 5.4.0-182.202 linux-buildinfo-5.4.0-182-lowlatency - 5.4.0-182.202 linux-cloud-tools-5.4.0-182 - 5.4.0-182.202 linux-doc - 5.4.0-182.202 linux-image-5.4.0-182-generic - 5.4.0-182.202 linux-tools-5.4.0-182-lowlatency - 5.4.0-182.202 linux-libc-dev - 5.4.0-182.202 linux-source-5.4.0 - 5.4.0-182.202 linux-image-5.4.0-182-lowlatency - 5.4.0-182.202 linux-cloud-tools-5.4.0-182-lowlatency - 5.4.0-182.202 linux-headers-5.4.0-182-lowlatency - 5.4.0-182.202 linux-tools-5.4.0-182-generic - 5.4.0-182.202 linux-image-unsigned-5.4.0-182-generic - 5.4.0-182.202 linux-headers-5.4.0-182-generic - 5.4.0-182.202 linux-modules-extra-5.4.0-182-generic - 5.4.0-182.202 linux-image-unsigned-5.4.0-182-lowlatency - 5.4.0-182.202 linux-modules-5.4.0-182-lowlatency - 5.4.0-182.202 linux-buildinfo-5.4.0-182-generic - 5.4.0-182.202 linux-buildinfo-5.4.0-182-generic-lpae - 5.4.0-182.202 linux-image-5.4.0-182-generic-lpae - 5.4.0-182.202 linux-cloud-tools-5.4.0-182-generic - 5.4.0-182.202 linux-cloud-tools-common - 5.4.0-182.202 linux-tools-5.4.0-182 - 5.4.0-182.202 linux-tools-5.4.0-182-generic-lpae - 5.4.0-182.202 linux-headers-5.4.0-182 - 5.4.0-182.202 linux-modules-5.4.0-182-generic-lpae - 5.4.0-182.202 No subscription required linux-iot - 5.4.0.1037.35 linux-image-iot - 5.4.0.1037.35 linux-headers-iot - 5.4.0.1037.35 linux-tools-iot - 5.4.0.1037.35 No subscription required linux-xilinx-zynqmp - 5.4.0.1044.44 linux-image-xilinx-zynqmp - 5.4.0.1044.44 linux-headers-xilinx-zynqmp - 5.4.0.1044.44 linux-tools-xilinx-zynqmp - 5.4.0.1044.44 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1072.101 linux-ibm-lts-20.04 - 5.4.0.1072.101 linux-image-ibm-lts-20.04 - 5.4.0.1072.101 linux-tools-ibm-lts-20.04 - 5.4.0.1072.101 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1072.101 No subscription required linux-bluefield - 5.4.0.1085.81 linux-image-bluefield - 5.4.0.1085.81 linux-headers-bluefield - 5.4.0.1085.81 linux-tools-bluefield - 5.4.0.1085.81 No subscription required linux-headers-gkeop - 5.4.0.1092.90 linux-cloud-tools-gkeop-5.4 - 5.4.0.1092.90 linux-image-gkeop - 5.4.0.1092.90 linux-modules-extra-gkeop-5.4 - 5.4.0.1092.90 linux-gkeop-5.4 - 5.4.0.1092.90 linux-image-gkeop-5.4 - 5.4.0.1092.90 linux-gkeop - 5.4.0.1092.90 linux-headers-gkeop-5.4 - 5.4.0.1092.90 linux-modules-extra-gkeop - 5.4.0.1092.90 linux-tools-gkeop - 5.4.0.1092.90 linux-tools-gkeop-5.4 - 5.4.0.1092.90 linux-cloud-tools-gkeop - 5.4.0.1092.90 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1109.139 linux-raspi2 - 5.4.0.1109.139 linux-headers-raspi2 - 5.4.0.1109.139 linux-image-raspi-hwe-18.04 - 5.4.0.1109.139 linux-image-raspi2-hwe-18.04 - 5.4.0.1109.139 linux-tools-raspi - 5.4.0.1109.139 linux-headers-raspi-hwe-18.04 - 5.4.0.1109.139 linux-headers-raspi2-hwe-18.04 - 5.4.0.1109.139 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1109.139 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1109.139 linux-headers-raspi - 5.4.0.1109.139 linux-raspi2-hwe-18.04-edge - 5.4.0.1109.139 linux-raspi-hwe-18.04 - 5.4.0.1109.139 linux-raspi2-hwe-18.04 - 5.4.0.1109.139 linux-image-raspi2 - 5.4.0.1109.139 linux-tools-raspi-hwe-18.04 - 5.4.0.1109.139 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1109.139 linux-tools-raspi2-hwe-18.04 - 5.4.0.1109.139 linux-image-raspi-hwe-18.04-edge - 5.4.0.1109.139 linux-raspi-hwe-18.04-edge - 5.4.0.1109.139 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1109.139 linux-image-raspi - 5.4.0.1109.139 linux-tools-raspi2 - 5.4.0.1109.139 linux-raspi - 5.4.0.1109.139 No subscription required linux-kvm - 5.4.0.1113.109 linux-headers-kvm - 5.4.0.1113.109 linux-tools-kvm - 5.4.0.1113.109 linux-image-kvm - 5.4.0.1113.109 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1124.117 linux-oracle-lts-20.04 - 5.4.0.1124.117 linux-headers-oracle-lts-20.04 - 5.4.0.1124.117 linux-image-oracle-lts-20.04 - 5.4.0.1124.117 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1125.122 linux-image-aws-lts-20.04 - 5.4.0.1125.122 linux-headers-aws-lts-20.04 - 5.4.0.1125.122 linux-tools-aws-lts-20.04 - 5.4.0.1125.122 linux-aws-lts-20.04 - 5.4.0.1125.122 No subscription required linux-gcp-lts-20.04 - 5.4.0.1129.131 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1129.131 linux-headers-gcp-lts-20.04 - 5.4.0.1129.131 linux-image-gcp-lts-20.04 - 5.4.0.1129.131 linux-tools-gcp-lts-20.04 - 5.4.0.1129.131 No subscription required linux-azure-lts-20.04 - 5.4.0.1130.124 linux-headers-azure-lts-20.04 - 5.4.0.1130.124 linux-image-azure-lts-20.04 - 5.4.0.1130.124 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1130.124 linux-modules-extra-azure-lts-20.04 - 5.4.0.1130.124 linux-tools-azure-lts-20.04 - 5.4.0.1130.124 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.182.180 linux-cloud-tools-virtual - 5.4.0.182.180 linux-headers-virtual-hwe-18.04 - 5.4.0.182.180 linux-image-generic-hwe-18.04 - 5.4.0.182.180 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.182.180 linux-headers-generic-lpae - 5.4.0.182.180 linux-headers-generic - 5.4.0.182.180 linux-image-virtual - 5.4.0.182.180 linux-generic-hwe-18.04 - 5.4.0.182.180 linux-oem-osp1-tools-host - 5.4.0.182.180 linux-tools-lowlatency - 5.4.0.182.180 linux-image-oem - 5.4.0.182.180 linux-headers-lowlatency-hwe-18.04 - 5.4.0.182.180 linux-lowlatency-hwe-18.04-edge - 5.4.0.182.180 linux-image-extra-virtual-hwe-18.04 - 5.4.0.182.180 linux-image-oem-osp1 - 5.4.0.182.180 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.182.180 linux-image-generic-lpae-hwe-18.04 - 5.4.0.182.180 linux-image-lowlatency - 5.4.0.182.180 linux-crashdump - 5.4.0.182.180 linux-tools-lowlatency-hwe-18.04 - 5.4.0.182.180 linux-headers-generic-hwe-18.04 - 5.4.0.182.180 linux-headers-virtual-hwe-18.04-edge - 5.4.0.182.180 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.182.180 linux-source - 5.4.0.182.180 linux-lowlatency - 5.4.0.182.180 linux-tools-virtual-hwe-18.04-edge - 5.4.0.182.180 linux-tools-generic-lpae - 5.4.0.182.180 linux-cloud-tools-generic - 5.4.0.182.180 linux-virtual - 5.4.0.182.180 linux-tools-generic - 5.4.0.182.180 linux-virtual-hwe-18.04 - 5.4.0.182.180 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.182.180 linux-tools-virtual - 5.4.0.182.180 linux-generic-lpae-hwe-18.04-edge - 5.4.0.182.180 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.182.180 linux-generic-lpae - 5.4.0.182.180 linux-headers-oem - 5.4.0.182.180 linux-generic - 5.4.0.182.180 linux-tools-oem-osp1 - 5.4.0.182.180 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.182.180 linux-image-virtual-hwe-18.04 - 5.4.0.182.180 linux-cloud-tools-lowlatency - 5.4.0.182.180 linux-headers-lowlatency - 5.4.0.182.180 linux-image-generic-hwe-18.04-edge - 5.4.0.182.180 linux-generic-hwe-18.04-edge - 5.4.0.182.180 linux-tools-generic-hwe-18.04-edge - 5.4.0.182.180 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.182.180 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.182.180 linux-oem - 5.4.0.182.180 linux-image-extra-virtual - 5.4.0.182.180 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.182.180 linux-oem-tools-host - 5.4.0.182.180 linux-headers-oem-osp1 - 5.4.0.182.180 linux-generic-lpae-hwe-18.04 - 5.4.0.182.180 linux-headers-generic-hwe-18.04-edge - 5.4.0.182.180 linux-image-generic - 5.4.0.182.180 linux-tools-oem - 5.4.0.182.180 linux-oem-osp1 - 5.4.0.182.180 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.182.180 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.182.180 linux-image-lowlatency-hwe-18.04 - 5.4.0.182.180 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.182.180 linux-virtual-hwe-18.04-edge - 5.4.0.182.180 linux-headers-virtual - 5.4.0.182.180 linux-tools-virtual-hwe-18.04 - 5.4.0.182.180 linux-lowlatency-hwe-18.04 - 5.4.0.182.180 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.182.180 linux-image-generic-lpae - 5.4.0.182.180 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.182.180 linux-tools-generic-hwe-18.04 - 5.4.0.182.180 linux-image-virtual-hwe-18.04-edge - 5.4.0.182.180 No subscription required Medium CVE-2023-47233 CVE-2023-52530 CVE-2024-26614 CVE-2024-26622 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778) Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-4764) Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367) Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-4770) Update Instructions: Run `sudo pro fix USN-6779-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 126.0+build2-0ubuntu0.20.04.1 firefox - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 126.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 126.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 126.0+build2-0ubuntu0.20.04.1 firefox-dev - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 126.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 126.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-4764 CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4771 CVE-2024-4772 CVE-2024-4773 CVE-2024-4774 CVE-2024-4775 CVE-2024-4776 CVE-2024-4777 CVE-2024-4778 Ubuntu 20.04 LTS USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778) Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-4764) Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367) Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-4770) Update Instructions: Run `sudo pro fix USN-6779-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 126.0.1+build1-0ubuntu0.20.04.1 firefox - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 126.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 126.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 126.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 126.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 126.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2067445 Ubuntu 20.04 LTS Guido Vranken discovered that idna did not properly manage certain inputs, which could lead to significant resource consumption. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6780-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-idna - 2.8-1ubuntu0.1 python3-idna - 2.8-1ubuntu0.1 No subscription required Medium CVE-2024-3651 Ubuntu 20.04 LTS Le Dinh Hai discovered that Spreadsheet::ParseExcel was passing unvalidated input from a file into a string-type "eval". An attacker could craft a malicious file to achieve arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6781-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libspreadsheet-parseexcel-perl - 0.6500-1ubuntu0.20.04.1 No subscription required Medium CVE-2023-7101 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4777) Thomas Rinsma discovered that Thunderbird did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367) Irvan Kurniawan discovered that Thunderbird did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-4770) Update Instructions: Run `sudo pro fix USN-6782-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.11.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.11.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.11.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.11.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.11.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4777 Ubuntu 20.04 LTS It was discovered that VLC incorrectly handled certain media files. A remote attacker could possibly use this issue to cause VLC to crash, resulting in a denial of service, or potential arbitrary code execution. Update Instructions: Run `sudo pro fix USN-6783-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vlc-plugin-notify - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-svg - 3.0.9.2-1ubuntu0.1~esm2 vlc-l10n - 3.0.9.2-1ubuntu0.1~esm2 libvlc-dev - 3.0.9.2-1ubuntu0.1~esm2 libvlccore9 - 3.0.9.2-1ubuntu0.1~esm2 libvlc-bin - 3.0.9.2-1ubuntu0.1~esm2 vlc - 3.0.9.2-1ubuntu0.1~esm2 vlc-data - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-fluidsynth - 3.0.9.2-1ubuntu0.1~esm2 libvlc5 - 3.0.9.2-1ubuntu0.1~esm2 vlc-bin - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-visualization - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-jack - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-samba - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-qt - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-base - 3.0.9.2-1ubuntu0.1~esm2 libvlccore-dev - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-access-extra - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-skins2 - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-video-output - 3.0.9.2-1ubuntu0.1~esm2 vlc-plugin-video-splitter - 3.0.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-47359 CVE-2023-47360 Ubuntu 20.04 LTS It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6786-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netatalk - 3.1.12~ds-4ubuntu0.20.04.3+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-22995 Ubuntu 20.04 LTS It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting (XSS) attack. Update Instructions: Run `sudo pro fix USN-6787-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2 - 2.10.1-2ubuntu0.3 python-jinja2-doc - 2.10.1-2ubuntu0.3 python3-jinja2 - 2.10.1-2ubuntu0.3 No subscription required Medium CVE-2024-34064 Ubuntu 20.04 LTS Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run arbitrary script. Update Instructions: Run `sudo pro fix USN-6789-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.10 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.10 No subscription required libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.10 python3-uno - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.10 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.10 libreoffice - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.10 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.10 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.10 python3-access2base - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.10 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.10 gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.10 libridl-java - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.10 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.10 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.10 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.10 libunoil-java - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.10 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.10 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.10 libjurt-java - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.10 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.10 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.10 ure - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.10 libjuh-java - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.10 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.10 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.10 No subscription required Medium CVE-2024-3044 Ubuntu 20.04 LTS It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote attacker could possibly use this issue to bypass checks for banned files or malware. Update Instructions: Run `sudo pro fix USN-6790-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amavisd-new-postfix - 1:2.11.0-6.1ubuntu1.1 amavisd-new - 1:2.11.0-6.1ubuntu1.1 No subscription required Medium CVE-2024-28054 Ubuntu 20.04 LTS It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update introduces certain resource limits to make the impact from Unbound significantly lower. Update Instructions: Run `sudo pro fix USN-6791-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: unbound - 1.9.4-2ubuntu1.6 python3-unbound - 1.9.4-2ubuntu1.6 libunbound8 - 1.9.4-2ubuntu1.6 python-unbound - 1.9.4-2ubuntu1.6 unbound-anchor - 1.9.4-2ubuntu1.6 unbound-host - 1.9.4-2ubuntu1.6 libunbound-dev - 1.9.4-2ubuntu1.6 No subscription required Low CVE-2024-33655 Ubuntu 20.04 LTS Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary URLs. Update Instructions: Run `sudo pro fix USN-6792-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-flask-security - 1.7.5-2ubuntu0.20.04.1 No subscription required Medium CVE-2021-23385 Ubuntu 20.04 LTS It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-32002) It was discovered that Git incorrectly handled certain cloned repositories. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-32004) It was discovered that Git incorrectly handled local clones with hardlinked files/directories. An attacker could possibly use this issue to place a specialized repository on their target's local system. (CVE-2024-32020) It was discovered that Git incorrectly handled certain symlinks. An attacker could possibly use this issue to impact availability and integrity creating hardlinked arbitrary files into users repository's objects/directory. (CVE-2024-32021) It was discovered that Git incorrectly handled certain cloned repositories. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-32465) Update Instructions: Run `sudo pro fix USN-6793-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.12 gitweb - 1:2.25.1-1ubuntu3.12 git-gui - 1:2.25.1-1ubuntu3.12 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.12 git-el - 1:2.25.1-1ubuntu3.12 gitk - 1:2.25.1-1ubuntu3.12 git-all - 1:2.25.1-1ubuntu3.12 git-mediawiki - 1:2.25.1-1ubuntu3.12 git-daemon-run - 1:2.25.1-1ubuntu3.12 git-man - 1:2.25.1-1ubuntu3.12 git-doc - 1:2.25.1-1ubuntu3.12 git-svn - 1:2.25.1-1ubuntu3.12 git-cvs - 1:2.25.1-1ubuntu3.12 git-email - 1:2.25.1-1ubuntu3.12 No subscription required Medium CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465 Ubuntu 20.04 LTS USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-32002) Update Instructions: Run `sudo pro fix USN-6793-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.13 gitweb - 1:2.25.1-1ubuntu3.13 git-gui - 1:2.25.1-1ubuntu3.13 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.13 git-el - 1:2.25.1-1ubuntu3.13 gitk - 1:2.25.1-1ubuntu3.13 git-all - 1:2.25.1-1ubuntu3.13 git-mediawiki - 1:2.25.1-1ubuntu3.13 git-daemon-run - 1:2.25.1-1ubuntu3.13 git-man - 1:2.25.1-1ubuntu3.13 git-doc - 1:2.25.1-1ubuntu3.13 git-svn - 1:2.25.1-1ubuntu3.13 git-cvs - 1:2.25.1-1ubuntu3.13 git-email - 1:2.25.1-1ubuntu3.13 No subscription required Medium CVE-2024-32002 Ubuntu 20.04 LTS Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use this issue to cause TPM2 Software Stack to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-22745) Jurgen Repp and Andreas Fuchs discovered that TPM2 Software Stack did not validate the quote data after deserialization. An attacker could generate an arbitrary quote and cause TPM2 Software Stack to have unknown behavior. (CVE-2024-29040) Update Instructions: Run `sudo pro fix USN-6796-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtss2-dev - 2.3.2-1ubuntu0.20.04.2 libtss2-esys0 - 2.3.2-1ubuntu0.20.04.2 No subscription required Medium CVE-2023-22745 CVE-2024-29040 Ubuntu 20.04 LTS It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-22655) It was discovered that some Intel® Atom® Processors did not properly clear register state when performing various operations. A local attacker could use this to obtain sensitive information via a transient execution attack. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-28746) It was discovered that some Intel® Processors did not properly clear the state of various hardware structures when switching execution contexts. A local attacker could use this to access privileged information. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-38575) It was discovered that some Intel® Processors did not properly enforce bus lock regulator protections. A remote attacker could use this to cause a denial of service. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-39368) It was discovered that some Intel® Xeon® D Processors did not properly calculate the SGX base key when using Intel® SGX. A privileged local attacker could use this to obtain sensitive information. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-43490) It was discovered that some Intel® Processors did not properly protect against concurrent accesses. A local attacker could use this to obtain sensitive information. (CVE-2023-45733) It was discovered that some Intel® Processors TDX module software did not properly validate input. A privileged local attacker could use this information to potentially further escalate their privileges on the system. (CVE-2023-45745, CVE-2023-47855) It was discovered that some Intel® Core™ Ultra processors did not properly handle particular instruction sequences. A local attacker could use this issue to cause a denial of service. (CVE-2023-46103) Update Instructions: Run `sudo pro fix USN-6797-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20240514.0ubuntu0.20.04.1 No subscription required Medium CVE-2023-22655 CVE-2023-28746 CVE-2023-38575 CVE-2023-39368 CVE-2023-43490 CVE-2023-45733 CVE-2023-45745 CVE-2023-46103 CVE-2023-47855 Ubuntu 20.04 LTS It was discovered that GStreamer Base Plugins incorrectly handled certain EXIF metadata. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run `sudo pro fix USN-6798-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-plugins-base-doc - 1.16.3-0ubuntu1.3 libgstreamer-plugins-base1.0-0 - 1.16.3-0ubuntu1.3 gstreamer1.0-x - 1.16.3-0ubuntu1.3 libgstreamer-gl1.0-0 - 1.16.3-0ubuntu1.3 gstreamer1.0-gl - 1.16.3-0ubuntu1.3 gstreamer1.0-plugins-base - 1.16.3-0ubuntu1.3 libgstreamer-plugins-base1.0-dev - 1.16.3-0ubuntu1.3 gir1.2-gst-plugins-base-1.0 - 1.16.3-0ubuntu1.3 gstreamer1.0-alsa - 1.16.3-0ubuntu1.3 gstreamer1.0-plugins-base-apps - 1.16.3-0ubuntu1.3 No subscription required Medium CVE-2024-4453 Ubuntu 20.04 LTS It was discovered that the debugger in Werkzeug was not restricted to trusted hosts. A remote attacker could possibly use this issue to execute code on the host under certain circumstances. Update Instructions: Run `sudo pro fix USN-6799-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-werkzeug - 0.16.1+dfsg1-2ubuntu0.2 python-werkzeug-doc - 0.16.1+dfsg1-2ubuntu0.2 No subscription required Medium CVE-2024-34069 Ubuntu 20.04 LTS It was discovered that browserify-sign incorrectly handled an upper bound check in signature verification. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a signature forgery attack. Update Instructions: Run `sudo pro fix USN-6800-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: node-browserify-sign - 4.0.4-2ubuntu0.20.04.1 No subscription required Medium CVE-2023-46234 Ubuntu 20.04 LTS It was discovered that PyMySQL incorrectly escaped untrusted JSON input. An attacker could possibly use this issue to perform SQL injection attacks. Update Instructions: Run `sudo pro fix USN-6801-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pymysql - 0.9.3-2ubuntu3.1 python-pymysql-doc - 0.9.3-2ubuntu3.1 No subscription required Medium CVE-2024-36039 Ubuntu 20.04 LTS Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-49501) Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-49502) Zhang Ling and Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-49528) Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-50007) Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-50008) Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10. (CVE-2023-50009) Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-50010) Zeng Yunxiang and Li Zeyuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-51793) Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-51794, CVE-2023-51798) Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10. (CVE-2023-51795, CVE-2023-51796) It was discovered that discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-31578) It was discovered that discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-31582) It was discovered that discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10. (CVE-2024-31585) Update Instructions: Run `sudo pro fix USN-6803-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm5 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm5 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm5 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm5 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm5 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm5 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm5 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm5 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm5 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm5 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm5 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm5 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm5 libavformat58 - 7:4.2.7-0ubuntu0.1+esm5 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm5 libavresample4 - 7:4.2.7-0ubuntu0.1+esm5 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm5 libavutil56 - 7:4.2.7-0ubuntu0.1+esm5 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm5 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm5 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm5 libswresample3 - 7:4.2.7-0ubuntu0.1+esm5 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm5 libswscale5 - 7:4.2.7-0ubuntu0.1+esm5 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-49501 CVE-2023-49502 CVE-2023-49528 CVE-2023-50007 CVE-2023-50008 CVE-2023-50009 CVE-2023-50010 CVE-2023-51793 CVE-2023-51794 CVE-2023-51795 CVE-2023-51796 CVE-2023-51798 CVE-2024-31578 CVE-2024-31582 CVE-2024-31585 Ubuntu 20.04 LTS It was discovered that GNU C Library nscd daemon contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-33599) It was discovered that GNU C Library nscd daemon did not properly check the cache content, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-33600) It was discovered that GNU C Library nscd daemon did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-33601) It was discovered that GNU C Library nscd daemon did not properly handle memory allocation, which could lead to memory corruption. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-33602) Update Instructions: Run `sudo pro fix USN-6804-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libc6-i386 - 2.31-0ubuntu9.16 libc6-dev-s390 - 2.31-0ubuntu9.16 glibc-source - 2.31-0ubuntu9.16 libc-bin - 2.31-0ubuntu9.16 libc6-x32 - 2.31-0ubuntu9.16 libc6-prof - 2.31-0ubuntu9.16 libc6-s390 - 2.31-0ubuntu9.16 libc6-armel - 2.31-0ubuntu9.16 libc6-pic - 2.31-0ubuntu9.16 libc6-dev-armel - 2.31-0ubuntu9.16 glibc-doc - 2.31-0ubuntu9.16 libc6-dev - 2.31-0ubuntu9.16 libc6-amd64 - 2.31-0ubuntu9.16 libc6-dev-amd64 - 2.31-0ubuntu9.16 libc6 - 2.31-0ubuntu9.16 locales-all - 2.31-0ubuntu9.16 libc6-dev-x32 - 2.31-0ubuntu9.16 locales - 2.31-0ubuntu9.16 libc6-lse - 2.31-0ubuntu9.16 libc6-dev-i386 - 2.31-0ubuntu9.16 libc-dev-bin - 2.31-0ubuntu9.16 nscd - 2.31-0ubuntu9.16 No subscription required Medium CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 Ubuntu 20.04 LTS Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain ANI files. An attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or to possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6806-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgdk-pixbuf2.0-0 - 2.40.0+dfsg-3ubuntu0.5 libgdk-pixbuf2.0-common - 2.40.0+dfsg-3ubuntu0.5 libgdk-pixbuf2.0-bin - 2.40.0+dfsg-3ubuntu0.5 libgdk-pixbuf2.0-dev - 2.40.0+dfsg-3ubuntu0.5 libgdk-pixbuf2.0-doc - 2.40.0+dfsg-3ubuntu0.5 gir1.2-gdkpixbuf-2.0 - 2.40.0+dfsg-3ubuntu0.5 No subscription required Medium CVE-2022-48622 Ubuntu 20.04 LTS It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. (CVE-2022-26126, CVE-2022-26127, CVE-2022-26128, CVE-2022-26129, CVE-2022-37032, CVE-2022-37035, CVE-2023-31490, CVE-2023-38406, CVE-2023-38407, CVE-2023-46752, CVE-2023-46753, CVE-2023-47234, CVE-2023-47235, CVE-2024-31948) Ben Cartwright-Cox discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. (CVE-2023-38802) Update Instructions: Run `sudo pro fix USN-6807-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr - 7.2.1-1ubuntu0.2+esm2 frr-rpki-rtrlib - 7.2.1-1ubuntu0.2+esm2 frr-snmp - 7.2.1-1ubuntu0.2+esm2 frr-doc - 7.2.1-1ubuntu0.2+esm2 frr-pythontools - 7.2.1-1ubuntu0.2+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37032 CVE-2022-37035 CVE-2023-31490 CVE-2023-38406 CVE-2023-38407 CVE-2023-38802 CVE-2023-46752 CVE-2023-46753 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 Ubuntu 20.04 LTS It was discovered that Atril was vulnerable to a path traversal attack. An attacker could possibly use this vulnerability to create arbitrary files on the host filesystem with user privileges. Update Instructions: Run `sudo pro fix USN-6808-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libatrilview-dev - 1.24.0-1ubuntu0.1 libatrildocument-dev - 1.24.0-1ubuntu0.1 atril-common - 1.24.0-1ubuntu0.1 atril - 1.24.0-1ubuntu0.1 gir1.2-atrilview-1.5.0 - 1.24.0-1ubuntu0.1 libatrildocument3 - 1.24.0-1ubuntu0.1 gir1.2-atrildocument-1.5.0 - 1.24.0-1ubuntu0.1 gir1.2-atril - 1.24.0-1ubuntu0.1 libatrilview3 - 1.24.0-1ubuntu0.1 No subscription required Medium CVE-2023-52076 Ubuntu 20.04 LTS It was discovered that BlueZ could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3563) It was discovered that BlueZ could be made to write out of bounds. If a user were tricked into connecting to a malicious device, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-27349) Update Instructions: Run `sudo pro fix USN-6809-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbluetooth3 - 5.53-0ubuntu3.8 bluez-tests - 5.53-0ubuntu3.8 bluez-obexd - 5.53-0ubuntu3.8 bluetooth - 5.53-0ubuntu3.8 bluez - 5.53-0ubuntu3.8 bluez-hcidump - 5.53-0ubuntu3.8 bluez-cups - 5.53-0ubuntu3.8 libbluetooth-dev - 5.53-0ubuntu3.8 No subscription required Medium CVE-2022-3563 CVE-2023-27349 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21011) Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 8 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21068) Yakov Shafranovich discovered that OpenJDK 8 did not properly manage memory in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21085) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C2 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21094) Update Instructions: Run `sudo pro fix USN-6810-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-doc - 8u412-ga-1~20.04.1 openjdk-8-jdk - 8u412-ga-1~20.04.1 openjdk-8-jre-headless - 8u412-ga-1~20.04.1 openjdk-8-jre - 8u412-ga-1~20.04.1 openjdk-8-jdk-headless - 8u412-ga-1~20.04.1 openjdk-8-source - 8u412-ga-1~20.04.1 openjdk-8-jre-zero - 8u412-ga-1~20.04.1 openjdk-8-demo - 8u412-ga-1~20.04.1 No subscription required Medium CVE-2024-21011 CVE-2024-21068 CVE-2024-21085 CVE-2024-21094 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21011) It was discovered that OpenJDK 11 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21012) Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 11 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21068) Yakov Shafranovich discovered that OpenJDK 11 did not properly manage memory in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21085) It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C2 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21094) Update Instructions: Run `sudo pro fix USN-6811-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-source - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-jre-zero - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-doc - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-jre-headless - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-jdk - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-jdk-headless - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-jre - 11.0.23+9-1ubuntu1~20.04.2 openjdk-11-demo - 11.0.23+9-1ubuntu1~20.04.2 No subscription required Medium CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21085 CVE-2024-21094 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21011) It was discovered that OpenJDK 17 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21012) Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 17 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21068) It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C2 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21094) Update Instructions: Run `sudo pro fix USN-6812-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.11+9-1~20.04.2 openjdk-17-jdk - 17.0.11+9-1~20.04.2 openjdk-17-jre-zero - 17.0.11+9-1~20.04.2 openjdk-17-jdk-headless - 17.0.11+9-1~20.04.2 openjdk-17-source - 17.0.11+9-1~20.04.2 openjdk-17-jre-headless - 17.0.11+9-1~20.04.2 openjdk-17-doc - 17.0.11+9-1~20.04.2 openjdk-17-jre - 17.0.11+9-1~20.04.2 No subscription required Medium CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21011) It was discovered that OpenJDK 21 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21012) Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 21 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21068) It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C2 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21094) Update Instructions: Run `sudo pro fix USN-6813-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-doc - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-testsupport - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-jre-zero - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-jdk-headless - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-jdk - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-jre-headless - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-source - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-jre - 21.0.3+9-1ubuntu1~20.04.1 openjdk-21-demo - 21.0.3+9-1ubuntu1~20.04.1 No subscription required Medium CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094 Ubuntu 20.04 LTS Xiantong Hou discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6814-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvpx-dev - 1.8.2-1ubuntu0.3 libvpx6 - 1.8.2-1ubuntu0.3 vpx-tools - 1.8.2-1ubuntu0.3 libvpx-doc - 1.8.2-1ubuntu0.3 No subscription required Medium CVE-2024-5197 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. (CVE-2024-21823) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race condition when stopping the device. A local attacker could possibly use this to cause a denial of service (device unavailability). (CVE-2024-27432) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - x86 architecture; - ACPI drivers; - Block layer subsystem; - Clock framework and drivers; - CPU frequency scaling framework; - Cryptographic API; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - MMC subsystem; - Network drivers; - NTB driver; - NVME drivers; - PCI subsystem; - MediaTek PM domains; - Power supply drivers; - SPI subsystem; - Media staging drivers; - TCM subsystem; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - EROFS file system; - Ext4 file system; - F2FS file system; - Network file system client; - NTFS3 file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Netfilter; - TLS protocol; - io_uring subsystem; - Bluetooth subsystem; - Memory management; - Ethernet bridge; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Multipath TCP; - Netlink; - NET/ROM layer; - Packet sockets; - RDS protocol; - Sun RPC protocol; - Unix domain sockets; - Wireless networking; - USB sound devices; (CVE-2024-26776, CVE-2024-26802, CVE-2024-26790, CVE-2024-27388, CVE-2024-27077, CVE-2024-26884, CVE-2024-26779, CVE-2024-26897, CVE-2024-27045, CVE-2024-26851, CVE-2024-27065, CVE-2024-26843, CVE-2024-26743, CVE-2024-27052, CVE-2024-26855, CVE-2024-27436, CVE-2024-27078, CVE-2024-26898, CVE-2024-27405, CVE-2024-26894, CVE-2024-26584, CVE-2024-26915, CVE-2024-26763, CVE-2024-27047, CVE-2024-26809, CVE-2024-26883, CVE-2024-26901, CVE-2024-27412, CVE-2024-26803, CVE-2024-26751, CVE-2024-35829, CVE-2024-27432, CVE-2023-52447, CVE-2024-26748, CVE-2024-27051, CVE-2023-52434, CVE-2024-26749, CVE-2024-27034, CVE-2024-27390, CVE-2024-26879, CVE-2024-26859, CVE-2024-26835, CVE-2024-26861, CVE-2024-27030, CVE-2024-27415, CVE-2023-52656, CVE-2024-26773, CVE-2024-27043, CVE-2024-26601, CVE-2024-27073, CVE-2024-26782, CVE-2024-27413, CVE-2024-26880, CVE-2024-26793, CVE-2024-26766, CVE-2024-26750, CVE-2024-26852, CVE-2024-26805, CVE-2024-35830, CVE-2024-26798, CVE-2023-52644, CVE-2024-26787, CVE-2024-26846, CVE-2024-26857, CVE-2024-26752, CVE-2024-26792, CVE-2023-52641, CVE-2024-26771, CVE-2024-26736, CVE-2024-27417, CVE-2024-26840, CVE-2024-26838, CVE-2024-26820, CVE-2024-26778, CVE-2024-26688, CVE-2024-27403, CVE-2024-26862, CVE-2024-27038, CVE-2024-26839, CVE-2024-26889, CVE-2024-26774, CVE-2024-26907, CVE-2023-52645, CVE-2024-27431, CVE-2024-27410, CVE-2024-27416, CVE-2024-26795, CVE-2023-52497, CVE-2024-27419, CVE-2024-26744, CVE-2024-26833, CVE-2024-26735, CVE-2024-26651, CVE-2024-27074, CVE-2023-52652, CVE-2024-27044, CVE-2024-26733, CVE-2024-26659, CVE-2024-35811, CVE-2024-27053, CVE-2024-27037, CVE-2023-52620, CVE-2024-26882, CVE-2024-35828, CVE-2024-26856, CVE-2024-26881, CVE-2024-27075, CVE-2024-26583, CVE-2023-52662, CVE-2024-26788, CVE-2024-26903, CVE-2024-26870, CVE-2024-26777, CVE-2024-26874, CVE-2024-26906, CVE-2024-26872, CVE-2024-26895, CVE-2024-26845, CVE-2024-27024, CVE-2024-27076, CVE-2024-26603, CVE-2024-27054, CVE-2024-26754, CVE-2024-35844, CVE-2024-26764, CVE-2024-26885, CVE-2024-26772, CVE-2024-26804, CVE-2024-26585, CVE-2024-26791, CVE-2024-27414, CVE-2024-26878, CVE-2024-26816, CVE-2024-27046, CVE-2024-26891, CVE-2024-26875, CVE-2024-26747, CVE-2024-26863, CVE-2023-52640, CVE-2023-52650, CVE-2024-27039, CVE-2024-26877, CVE-2024-26801, CVE-2024-35845, CVE-2024-26769, CVE-2024-27028, CVE-2024-26737) Update Instructions: Run `sudo pro fix USN-6820-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gcp-5.15-tools-5.15.0-1062 - 5.15.0-1062.70~20.04.1 linux-buildinfo-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-modules-iwlwifi-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-image-unsigned-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-modules-extra-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-modules-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-gcp-5.15-headers-5.15.0-1062 - 5.15.0-1062.70~20.04.1 linux-tools-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-headers-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 linux-image-5.15.0-1062-gcp - 5.15.0-1062.70~20.04.1 No subscription required linux-buildinfo-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-110.120~20.04.1 linux-tools-5.15.0-110-lowlatency-64k - 5.15.0-110.120~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-110 - 5.15.0-110.120~20.04.1 linux-tools-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-modules-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-image-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-110 - 5.15.0-110.120~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-110.120~20.04.1 linux-image-unsigned-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-headers-5.15.0-110-lowlatency-64k - 5.15.0-110.120~20.04.1 linux-modules-5.15.0-110-lowlatency-64k - 5.15.0-110.120~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-110 - 5.15.0-110.120~20.04.1 linux-cloud-tools-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-headers-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-modules-iwlwifi-5.15.0-110-lowlatency - 5.15.0-110.120~20.04.1 linux-buildinfo-5.15.0-110-lowlatency-64k - 5.15.0-110.120~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-110.120~20.04.1 linux-image-5.15.0-110-lowlatency-64k - 5.15.0-110.120~20.04.1 linux-image-unsigned-5.15.0-110-lowlatency-64k - 5.15.0-110.120~20.04.1 No subscription required linux-modules-extra-gcp-edge - 5.15.0.1062.70~20.04.1 linux-modules-extra-gcp - 5.15.0.1062.70~20.04.1 linux-tools-gcp - 5.15.0.1062.70~20.04.1 linux-tools-gcp-edge - 5.15.0.1062.70~20.04.1 linux-headers-gcp-edge - 5.15.0.1062.70~20.04.1 linux-gcp - 5.15.0.1062.70~20.04.1 linux-headers-gcp - 5.15.0.1062.70~20.04.1 linux-image-gcp-edge - 5.15.0.1062.70~20.04.1 linux-image-gcp - 5.15.0.1062.70~20.04.1 linux-gcp-edge - 5.15.0.1062.70~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.110.120~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.110.120~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.110.120~20.04.1 No subscription required High CVE-2023-52434 CVE-2023-52447 CVE-2023-52497 CVE-2023-52620 CVE-2023-52640 CVE-2023-52641 CVE-2023-52644 CVE-2023-52645 CVE-2023-52650 CVE-2023-52652 CVE-2023-52656 CVE-2023-52662 CVE-2023-6270 CVE-2023-7042 CVE-2024-0841 CVE-2024-21823 CVE-2024-22099 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26601 CVE-2024-26603 CVE-2024-26651 CVE-2024-26659 CVE-2024-26688 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26816 CVE-2024-26820 CVE-2024-26833 CVE-2024-26835 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875 CVE-2024-26877 CVE-2024-26878 CVE-2024-26879 CVE-2024-26880 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26915 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27034 CVE-2024-27037 CVE-2024-27038 CVE-2024-27039 CVE-2024-27043 CVE-2024-27044 CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27390 CVE-2024-27403 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27415 CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27436 CVE-2024-35811 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35844 CVE-2024-35845 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race condition when stopping the device. A local attacker could possibly use this to cause a denial of service (device unavailability). (CVE-2024-27432) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - x86 architecture; - ACPI drivers; - Block layer subsystem; - Clock framework and drivers; - CPU frequency scaling framework; - Cryptographic API; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - MMC subsystem; - Network drivers; - NTB driver; - NVME drivers; - PCI subsystem; - MediaTek PM domains; - Power supply drivers; - SPI subsystem; - Media staging drivers; - TCM subsystem; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - EROFS file system; - Ext4 file system; - F2FS file system; - Network file system client; - NTFS3 file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Netfilter; - TLS protocol; - io_uring subsystem; - Bluetooth subsystem; - Memory management; - Ethernet bridge; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Multipath TCP; - Netlink; - NET/ROM layer; - Packet sockets; - RDS protocol; - Sun RPC protocol; - Unix domain sockets; - Wireless networking; - USB sound devices; (CVE-2024-26877, CVE-2024-35829, CVE-2024-26737, CVE-2024-27075, CVE-2024-27414, CVE-2024-27053, CVE-2024-26889, CVE-2024-26792, CVE-2024-26882, CVE-2024-26906, CVE-2024-26851, CVE-2024-27037, CVE-2024-26782, CVE-2024-27388, CVE-2024-26748, CVE-2024-27419, CVE-2024-27034, CVE-2023-52662, CVE-2024-27047, CVE-2024-26874, CVE-2024-26779, CVE-2024-26872, CVE-2024-26820, CVE-2024-35811, CVE-2024-26771, CVE-2024-26733, CVE-2024-26903, CVE-2024-26736, CVE-2024-26870, CVE-2024-26883, CVE-2024-27403, CVE-2024-26878, CVE-2024-26857, CVE-2023-52645, CVE-2024-26601, CVE-2024-26891, CVE-2024-27028, CVE-2024-27054, CVE-2024-26804, CVE-2024-27405, CVE-2024-35830, CVE-2024-26898, CVE-2024-26754, CVE-2024-26793, CVE-2024-26747, CVE-2024-26901, CVE-2023-52652, CVE-2023-52650, CVE-2024-26651, CVE-2024-26816, CVE-2024-35845, CVE-2024-26862, CVE-2024-26884, CVE-2024-26752, CVE-2024-26852, CVE-2023-52656, CVE-2024-26790, CVE-2024-26603, CVE-2024-27078, CVE-2024-26802, CVE-2024-27045, CVE-2024-27024, CVE-2024-27073, CVE-2024-26585, CVE-2024-26894, CVE-2024-26583, CVE-2024-27416, CVE-2024-27431, CVE-2024-35844, CVE-2024-26838, CVE-2024-27410, CVE-2024-26915, CVE-2024-26772, CVE-2024-26897, CVE-2024-26798, CVE-2024-27415, CVE-2024-26855, CVE-2024-26833, CVE-2024-26764, CVE-2024-26659, CVE-2024-26846, CVE-2024-26895, CVE-2023-52644, CVE-2024-26751, CVE-2024-26880, CVE-2024-26863, CVE-2024-26809, CVE-2024-27052, CVE-2024-27051, CVE-2024-26907, CVE-2024-27413, CVE-2024-26801, CVE-2023-52620, CVE-2024-26749, CVE-2024-26787, CVE-2024-27046, CVE-2024-26803, CVE-2024-26744, CVE-2024-26879, CVE-2024-27432, CVE-2024-27412, CVE-2024-26791, CVE-2024-26773, CVE-2023-52640, CVE-2024-26778, CVE-2024-26859, CVE-2024-27044, CVE-2024-26788, CVE-2024-27077, CVE-2024-26750, CVE-2024-26861, CVE-2023-52434, CVE-2024-26774, CVE-2024-26795, CVE-2024-26856, CVE-2024-27043, CVE-2024-27039, CVE-2024-26777, CVE-2024-27030, CVE-2024-26584, CVE-2024-26735, CVE-2024-26805, CVE-2024-26766, CVE-2024-26763, CVE-2024-27065, CVE-2023-52641, CVE-2024-27417, CVE-2023-52497, CVE-2023-52447, CVE-2024-26769, CVE-2024-26843, CVE-2024-26881, CVE-2024-26688, CVE-2024-26743, CVE-2024-27038, CVE-2024-27390, CVE-2024-27436, CVE-2024-26839, CVE-2024-27074, CVE-2024-26840, CVE-2024-27076, CVE-2024-26835, CVE-2024-26885, CVE-2024-26776, CVE-2024-26845, CVE-2024-26875, CVE-2024-35828) Update Instructions: Run `sudo pro fix USN-6821-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-gkeop-5.15-headers-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-modules-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-image-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-cloud-tools-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-gkeop-5.15-tools-5.15.0-1046 - 5.15.0-1046.53~20.04.1 linux-tools-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-buildinfo-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-modules-extra-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-image-unsigned-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 linux-headers-5.15.0-1046-gkeop - 5.15.0-1046.53~20.04.1 No subscription required linux-image-gkeop-edge - 5.15.0.1046.53~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1046.53~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1046.53~20.04.1 linux-headers-gkeop-edge - 5.15.0.1046.53~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1046.53~20.04.1 linux-tools-gkeop-edge - 5.15.0.1046.53~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1046.53~20.04.1 linux-cloud-tools-gkeop-5.15 - 5.15.0.1046.53~20.04.1 linux-gkeop-5.15 - 5.15.0.1046.53~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1046.53~20.04.1 linux-gkeop-edge - 5.15.0.1046.53~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1046.53~20.04.1 No subscription required High CVE-2023-52434 CVE-2023-52447 CVE-2023-52497 CVE-2023-52620 CVE-2023-52640 CVE-2023-52641 CVE-2023-52644 CVE-2023-52645 CVE-2023-52650 CVE-2023-52652 CVE-2023-52656 CVE-2023-52662 CVE-2023-6270 CVE-2023-7042 CVE-2024-0841 CVE-2024-22099 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26601 CVE-2024-26603 CVE-2024-26651 CVE-2024-26659 CVE-2024-26688 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26816 CVE-2024-26820 CVE-2024-26833 CVE-2024-26835 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875 CVE-2024-26877 CVE-2024-26878 CVE-2024-26879 CVE-2024-26880 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26915 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27034 CVE-2024-27037 CVE-2024-27038 CVE-2024-27039 CVE-2024-27043 CVE-2024-27044 CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27390 CVE-2024-27403 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27415 CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27436 CVE-2024-35811 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35844 CVE-2024-35845 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race condition when stopping the device. A local attacker could possibly use this to cause a denial of service (device unavailability). (CVE-2024-27432) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - x86 architecture; - ACPI drivers; - Block layer subsystem; - Clock framework and drivers; - CPU frequency scaling framework; - Cryptographic API; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - MMC subsystem; - Network drivers; - NTB driver; - NVME drivers; - PCI subsystem; - MediaTek PM domains; - Power supply drivers; - SPI subsystem; - Media staging drivers; - TCM subsystem; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - EROFS file system; - Ext4 file system; - F2FS file system; - Network file system client; - NTFS3 file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Netfilter; - TLS protocol; - io_uring subsystem; - Bluetooth subsystem; - Memory management; - Ethernet bridge; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Multipath TCP; - Netlink; - NET/ROM layer; - Packet sockets; - RDS protocol; - Sun RPC protocol; - Unix domain sockets; - Wireless networking; - USB sound devices; (CVE-2024-26877, CVE-2024-35829, CVE-2024-26737, CVE-2024-27075, CVE-2024-27414, CVE-2024-27053, CVE-2024-26889, CVE-2024-26792, CVE-2024-26882, CVE-2024-26906, CVE-2024-26851, CVE-2024-27037, CVE-2024-26782, CVE-2024-27388, CVE-2024-26748, CVE-2024-27419, CVE-2024-27034, CVE-2023-52662, CVE-2024-27047, CVE-2024-26874, CVE-2024-26779, CVE-2024-26872, CVE-2024-26820, CVE-2024-35811, CVE-2024-26771, CVE-2024-26733, CVE-2024-26903, CVE-2024-26736, CVE-2024-26870, CVE-2024-26883, CVE-2024-27403, CVE-2024-26878, CVE-2024-26857, CVE-2023-52645, CVE-2024-26601, CVE-2024-26891, CVE-2024-27028, CVE-2024-27054, CVE-2024-26804, CVE-2024-27405, CVE-2024-35830, CVE-2024-26898, CVE-2024-26754, CVE-2024-26793, CVE-2024-26747, CVE-2024-26901, CVE-2023-52652, CVE-2023-52650, CVE-2024-26651, CVE-2024-26816, CVE-2024-35845, CVE-2024-26862, CVE-2024-26884, CVE-2024-26752, CVE-2024-26852, CVE-2023-52656, CVE-2024-26790, CVE-2024-26603, CVE-2024-27078, CVE-2024-26802, CVE-2024-27045, CVE-2024-27024, CVE-2024-27073, CVE-2024-26585, CVE-2024-26894, CVE-2024-26583, CVE-2024-27416, CVE-2024-27431, CVE-2024-35844, CVE-2024-26838, CVE-2024-27410, CVE-2024-26915, CVE-2024-26772, CVE-2024-26897, CVE-2024-26798, CVE-2024-27415, CVE-2024-26855, CVE-2024-26833, CVE-2024-26764, CVE-2024-26659, CVE-2024-26846, CVE-2024-26895, CVE-2023-52644, CVE-2024-26751, CVE-2024-26880, CVE-2024-26863, CVE-2024-26809, CVE-2024-27052, CVE-2024-27051, CVE-2024-26907, CVE-2024-27413, CVE-2024-26801, CVE-2023-52620, CVE-2024-26749, CVE-2024-26787, CVE-2024-27046, CVE-2024-26803, CVE-2024-26744, CVE-2024-26879, CVE-2024-27432, CVE-2024-27412, CVE-2024-26791, CVE-2024-26773, CVE-2023-52640, CVE-2024-26778, CVE-2024-26859, CVE-2024-27044, CVE-2024-26788, CVE-2024-27077, CVE-2024-26750, CVE-2024-26861, CVE-2023-52434, CVE-2024-26774, CVE-2024-26795, CVE-2024-26856, CVE-2024-27043, CVE-2024-27039, CVE-2024-26777, CVE-2024-27030, CVE-2024-26584, CVE-2024-26735, CVE-2024-26805, CVE-2024-26766, CVE-2024-26763, CVE-2024-27065, CVE-2023-52641, CVE-2024-27417, CVE-2023-52497, CVE-2023-52447, CVE-2024-26769, CVE-2024-26843, CVE-2024-26881, CVE-2024-26688, CVE-2024-26743, CVE-2024-27038, CVE-2024-27390, CVE-2024-27436, CVE-2024-26839, CVE-2024-27074, CVE-2024-26840, CVE-2024-27076, CVE-2024-26835, CVE-2024-26885, CVE-2024-26776, CVE-2024-26845, CVE-2024-26875, CVE-2024-35828) Update Instructions: Run `sudo pro fix USN-6821-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-aws-5.15-tools-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-image-unsigned-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-headers-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-tools-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-cloud-tools-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-image-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-modules-extra-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 linux-aws-5.15-headers-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-modules-5.15.0-1063-aws - 5.15.0-1063.69~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1063.69~20.04.1 linux-aws-edge - 5.15.0.1063.69~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1063.69~20.04.1 linux-image-aws-edge - 5.15.0.1063.69~20.04.1 linux-tools-aws-edge - 5.15.0.1063.69~20.04.1 linux-tools-aws - 5.15.0.1063.69~20.04.1 linux-headers-aws - 5.15.0.1063.69~20.04.1 linux-image-aws - 5.15.0.1063.69~20.04.1 linux-headers-aws-edge - 5.15.0.1063.69~20.04.1 linux-aws - 5.15.0.1063.69~20.04.1 No subscription required High CVE-2023-52434 CVE-2023-52447 CVE-2023-52497 CVE-2023-52620 CVE-2023-52640 CVE-2023-52641 CVE-2023-52644 CVE-2023-52645 CVE-2023-52650 CVE-2023-52652 CVE-2023-52656 CVE-2023-52662 CVE-2023-6270 CVE-2023-7042 CVE-2024-0841 CVE-2024-22099 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26601 CVE-2024-26603 CVE-2024-26651 CVE-2024-26659 CVE-2024-26688 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26816 CVE-2024-26820 CVE-2024-26833 CVE-2024-26835 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875 CVE-2024-26877 CVE-2024-26878 CVE-2024-26879 CVE-2024-26880 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26915 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27034 CVE-2024-27037 CVE-2024-27038 CVE-2024-27039 CVE-2024-27043 CVE-2024-27044 CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27390 CVE-2024-27403 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27415 CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27436 CVE-2024-35811 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35844 CVE-2024-35845 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.37 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-37.html https://www.oracle.com/security-alerts/cpuapr2024.html Update Instructions: Run `sudo pro fix USN-6823-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: mysql-client - 8.0.37-0ubuntu0.20.04.3 libmysqlclient-dev - 8.0.37-0ubuntu0.20.04.3 mysql-testsuite-8.0 - 8.0.37-0ubuntu0.20.04.3 mysql-router - 8.0.37-0ubuntu0.20.04.3 mysql-server - 8.0.37-0ubuntu0.20.04.3 libmysqlclient21 - 8.0.37-0ubuntu0.20.04.3 mysql-client-core-8.0 - 8.0.37-0ubuntu0.20.04.3 mysql-server-core-8.0 - 8.0.37-0ubuntu0.20.04.3 mysql-server-8.0 - 8.0.37-0ubuntu0.20.04.3 mysql-testsuite - 8.0.37-0ubuntu0.20.04.3 mysql-client-8.0 - 8.0.37-0ubuntu0.20.04.3 mysql-source-8.0 - 8.0.37-0ubuntu0.20.04.3 No subscription required Medium CVE-2024-20994 CVE-2024-20998 CVE-2024-21000 CVE-2024-21008 CVE-2024-21009 CVE-2024-21013 CVE-2024-21047 CVE-2024-21054 CVE-2024-21060 CVE-2024-21062 CVE-2024-21069 CVE-2024-21087 CVE-2024-21096 CVE-2024-21102 Ubuntu 20.04 LTS It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-40633, CVE-2022-28506, CVE-2023-39742) Update Instructions: Run `sudo pro fix USN-6824-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgif7 - 5.1.9-1ubuntu0.1 giflib-tools - 5.1.9-1ubuntu0.1 libgif-dev - 5.1.9-1ubuntu0.1 No subscription required Low CVE-2021-40633 CVE-2022-28506 CVE-2023-39742 Ubuntu 20.04 LTS It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7405) It was discovered that ADOdb was incorrectly handling GET parameters in test.php. A remote attacker could possibly use this issue to execute cross-site scripting (XSS) attacks. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4855) Emmet Leahy discovered that ADOdb was incorrectly handling string quotes in PostgreSQL connections. A remote attacker could possibly use this issue to bypass authentication. (CVE-2021-3850) Update Instructions: Run `sudo pro fix USN-6825-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libphp-adodb - 5.20.16-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-4855 CVE-2016-7405 CVE-2021-3850 Ubuntu 20.04 LTS Karl von Randow discovered that mod_jk was vulnerable to an authentication bypass. If the configuration did not provide explicit mounts for all possible proxied requests, an attacker could possibly use this vulnerability to bypass security constraints configured in httpd. Update Instructions: Run `sudo pro fix USN-6826-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache-mod-jk-doc - 1:1.2.46-1ubuntu0.1 libapache2-mod-jk - 1:1.2.46-1ubuntu0.1 No subscription required Medium CVE-2023-41081 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to a heap buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6827-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.13 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.13 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.13 libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.13 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.13 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.13 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.13 No subscription required Low CVE-2023-3164 Ubuntu 20.04 LTS Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233) It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Core kernel; - x86 architecture; - Block layer subsystem; - ACPI drivers; - Android drivers; - Power management core; - Bus devices; - Hardware random number generator core; - Clock framework and drivers; - CPU frequency scaling framework; - Cryptographic API; - Device frequency scaling framework; - DMA engine subsystem; - ARM SCMI message protocol; - EFI core; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - MMC subsystem; - Network drivers; - NTB driver; - NVME drivers; - PCI subsystem; - PCI driver for MicroSemi Switchtec; - PHY drivers; - MediaTek PM domains; - Power supply drivers; - SCSI drivers; - SPI subsystem; - Media staging drivers; - TCM subsystem; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFS file system; - Network file system client; - NILFS2 file system; - NTFS3 file system; - Pstore file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Memory management; - Netfilter; - TLS protocol; - io_uring subsystem; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - L2TP protocol; - Logical Link layer; - MAC80211 subsystem; - Multipath TCP; - Netlink; - NET/ROM layer; - NFC subsystem; - Packet sockets; - RDS protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - Tomoyo security module; - Realtek audio codecs; - USB sound devices; (CVE-2024-26910, CVE-2024-27074, CVE-2023-52494, CVE-2023-52594, CVE-2024-26915, CVE-2024-26766, CVE-2023-52489, CVE-2024-35845, CVE-2024-26846, CVE-2024-26898, CVE-2024-26897, CVE-2024-26826, CVE-2024-26798, CVE-2023-52662, CVE-2024-26856, CVE-2023-52608, CVE-2024-26782, CVE-2024-27047, CVE-2024-27390, CVE-2024-26610, CVE-2024-26804, CVE-2023-52638, CVE-2024-26771, CVE-2024-26752, CVE-2024-26585, CVE-2024-26645, CVE-2024-26715, CVE-2024-27028, CVE-2024-26809, CVE-2024-26880, CVE-2024-27432, CVE-2024-27065, CVE-2024-26717, CVE-2023-52616, CVE-2024-26748, CVE-2024-26795, CVE-2024-26671, CVE-2024-26743, CVE-2024-27412, CVE-2024-26802, CVE-2024-26733, CVE-2024-26736, CVE-2023-52618, CVE-2024-27046, CVE-2024-26688, CVE-2024-26679, CVE-2024-26769, CVE-2024-27051, CVE-2024-26603, CVE-2024-26744, CVE-2023-52434, CVE-2024-26697, CVE-2024-27075, CVE-2023-52583, CVE-2024-26583, CVE-2024-27403, CVE-2024-26907, CVE-2024-26636, CVE-2024-27410, CVE-2023-52530, CVE-2024-26840, CVE-2024-26851, CVE-2024-26862, CVE-2023-52640, CVE-2024-35829, CVE-2024-26906, CVE-2024-26777, CVE-2024-27419, CVE-2024-26664, CVE-2024-26627, CVE-2024-26859, CVE-2023-52486, CVE-2023-52652, CVE-2024-26835, CVE-2024-35844, CVE-2024-26702, CVE-2024-26635, CVE-2024-26704, CVE-2023-52633, CVE-2024-26816, CVE-2024-26894, CVE-2024-26778, CVE-2023-52599, CVE-2024-35828, CVE-2024-26776, CVE-2023-52493, CVE-2024-26845, CVE-2024-26594, CVE-2024-26885, CVE-2024-26829, CVE-2023-52645, CVE-2024-26695, CVE-2023-52615, CVE-2024-26651, CVE-2024-26843, CVE-2023-52606, CVE-2024-26675, CVE-2024-26874, CVE-2024-26883, CVE-2024-26772, CVE-2024-26673, CVE-2024-26737, CVE-2023-52631, CVE-2024-26640, CVE-2023-52598, CVE-2024-26735, CVE-2024-26895, CVE-2024-26592, CVE-2023-52492, CVE-2024-26861, CVE-2023-52644, CVE-2024-26920, CVE-2024-26877, CVE-2024-26863, CVE-2024-26720, CVE-2024-26722, CVE-2024-27045, CVE-2024-27038, CVE-2024-26763, CVE-2024-26833, CVE-2024-27417, CVE-2024-26916, CVE-2024-26857, CVE-2024-26875, CVE-2024-26606, CVE-2024-27024, CVE-2024-26615, CVE-2023-52614, CVE-2023-52641, CVE-2024-26600, CVE-2024-27043, CVE-2023-52635, CVE-2024-26787, CVE-2024-26622, CVE-2024-27413, CVE-2024-26791, CVE-2023-52622, CVE-2023-52491, CVE-2023-52604, CVE-2024-27037, CVE-2024-26881, CVE-2024-26754, CVE-2024-26659, CVE-2024-26663, CVE-2024-26747, CVE-2023-52602, CVE-2024-26712, CVE-2024-26839, CVE-2024-26749, CVE-2024-26764, CVE-2024-26820, CVE-2024-26882, CVE-2024-27039, CVE-2024-27078, CVE-2024-26889, CVE-2024-26870, CVE-2024-26788, CVE-2024-26602, CVE-2024-26903, CVE-2024-27044, CVE-2024-27073, CVE-2023-52601, CVE-2023-52595, CVE-2024-26707, CVE-2024-27415, CVE-2023-52637, CVE-2024-26660, CVE-2024-27414, CVE-2024-27054, CVE-2023-52497, CVE-2024-26801, CVE-2023-52435, CVE-2023-52620, CVE-2023-52627, CVE-2024-26698, CVE-2023-52597, CVE-2024-27077, CVE-2023-52650, CVE-2024-26750, CVE-2024-26852, CVE-2024-27053, CVE-2023-52656, CVE-2024-26625, CVE-2024-26779, CVE-2024-27431, CVE-2024-26751, CVE-2024-26684, CVE-2024-26803, CVE-2024-26593, CVE-2023-52642, CVE-2023-52447, CVE-2024-26790, CVE-2024-26825, CVE-2024-26668, CVE-2023-52607, CVE-2024-26872, CVE-2024-27030, CVE-2023-52643, CVE-2024-26901, CVE-2024-35830, CVE-2024-26855, CVE-2023-52588, CVE-2023-52587, CVE-2024-26891, CVE-2024-26644, CVE-2024-26884, CVE-2024-26793, CVE-2024-26805, CVE-2024-26584, CVE-2024-27405, CVE-2023-52623, CVE-2024-26608, CVE-2024-26878, CVE-2024-27388, CVE-2024-27416, CVE-2024-26685, CVE-2024-27034, CVE-2024-26879, CVE-2024-26614, CVE-2024-26792, CVE-2023-52617, CVE-2024-26773, CVE-2024-26665, CVE-2024-26641, CVE-2023-52619, CVE-2024-35811, CVE-2024-27052, CVE-2024-27076, CVE-2024-26838, CVE-2024-26808, CVE-2024-26696, CVE-2024-26676, CVE-2024-26689, CVE-2024-26774, CVE-2024-26601, CVE-2023-52498, CVE-2024-27436) Update Instructions: Run `sudo pro fix USN-6828-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-modules-iwlwifi-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1058.64~20.04.1 linux-cloud-tools-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-buildinfo-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1058.64~20.04.1 linux-modules-extra-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-image-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-headers-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1058.64~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1058 - 5.15.0-1058.64~20.04.1 linux-tools-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 linux-image-unsigned-5.15.0-1058-intel-iotg - 5.15.0-1058.64~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1058.64~20.04.1 linux-intel-iotg - 5.15.0.1058.64~20.04.1 linux-image-intel-iotg - 5.15.0.1058.64~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1058.64~20.04.1 linux-intel - 5.15.0.1058.64~20.04.1 linux-headers-intel - 5.15.0.1058.64~20.04.1 linux-intel-iotg-edge - 5.15.0.1058.64~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1058.64~20.04.1 linux-headers-intel-iotg - 5.15.0.1058.64~20.04.1 linux-image-intel - 5.15.0.1058.64~20.04.1 linux-tools-intel - 5.15.0.1058.64~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1058.64~20.04.1 linux-tools-intel-iotg - 5.15.0.1058.64~20.04.1 No subscription required High CVE-2023-47233 CVE-2023-52434 CVE-2023-52435 CVE-2023-52447 CVE-2023-52486 CVE-2023-52489 CVE-2023-52491 CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52497 CVE-2023-52498 CVE-2023-52530 CVE-2023-52583 CVE-2023-52587 CVE-2023-52588 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52601 CVE-2023-52602 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52608 CVE-2023-52614 CVE-2023-52615 CVE-2023-52616 CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52620 CVE-2023-52622 CVE-2023-52623 CVE-2023-52627 CVE-2023-52631 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637 CVE-2023-52638 CVE-2023-52640 CVE-2023-52641 CVE-2023-52642 CVE-2023-52643 CVE-2023-52644 CVE-2023-52645 CVE-2023-52650 CVE-2023-52652 CVE-2023-52656 CVE-2023-52662 CVE-2023-6270 CVE-2023-7042 CVE-2024-0841 CVE-2024-1151 CVE-2024-2201 CVE-2024-22099 CVE-2024-23849 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26592 CVE-2024-26593 CVE-2024-26594 CVE-2024-26600 CVE-2024-26601 CVE-2024-26602 CVE-2024-26603 CVE-2024-26606 CVE-2024-26608 CVE-2024-26610 CVE-2024-26614 CVE-2024-26615 CVE-2024-26622 CVE-2024-26625 CVE-2024-26627 CVE-2024-26635 CVE-2024-26636 CVE-2024-26640 CVE-2024-26641 CVE-2024-26644 CVE-2024-26645 CVE-2024-26651 CVE-2024-26659 CVE-2024-26660 CVE-2024-26663 CVE-2024-26664 CVE-2024-26665 CVE-2024-26668 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26676 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26688 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696 CVE-2024-26697 CVE-2024-26698 CVE-2024-26702 CVE-2024-26704 CVE-2024-26707 CVE-2024-26712 CVE-2024-26715 CVE-2024-26717 CVE-2024-26720 CVE-2024-26722 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26808 CVE-2024-26809 CVE-2024-26816 CVE-2024-26820 CVE-2024-26825 CVE-2024-26826 CVE-2024-26829 CVE-2024-26833 CVE-2024-26835 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875 CVE-2024-26877 CVE-2024-26878 CVE-2024-26879 CVE-2024-26880 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26910 CVE-2024-26915 CVE-2024-26916 CVE-2024-26920 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27034 CVE-2024-27037 CVE-2024-27038 CVE-2024-27039 CVE-2024-27043 CVE-2024-27044 CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27390 CVE-2024-27403 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27415 CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27436 CVE-2024-35811 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35844 CVE-2024-35845 Ubuntu 20.04 LTS It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6829-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmatio-doc - 1.5.17-3ubuntu0.1~esm2 libmatio9 - 1.5.17-3ubuntu0.1~esm2 libmatio-dev - 1.5.17-3ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-1515 Ubuntu 20.04 LTS It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could use this issue to cause NetworkManager to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6830-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libndp0 - 1.7-0ubuntu1.1 libndp-dev - 1.7-0ubuntu1.1 libndp-tools - 1.7-0ubuntu1.1 No subscription required Medium CVE-2024-5564 Ubuntu 20.04 LTS It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - PowerPC architecture; - x86 architecture; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - Network drivers; - Power supply drivers; - TCM subsystem; - Userspace I/O drivers; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Netfilter; - Netlink; - Wireless networking; (CVE-2024-26748, CVE-2024-27417, CVE-2024-26840, CVE-2023-52504, CVE-2024-26790, CVE-2024-26763, CVE-2024-26805, CVE-2024-26773, CVE-2021-47063, CVE-2024-26791, CVE-2024-27413, CVE-2024-26788, CVE-2024-27405, CVE-2024-26845, CVE-2024-26766, CVE-2021-47070, CVE-2024-26839, CVE-2024-26712, CVE-2024-27412, CVE-2024-26752, CVE-2024-26778, CVE-2024-26735, CVE-2024-26736, CVE-2024-27410, CVE-2024-26779, CVE-2024-26804, CVE-2024-26749, CVE-2024-26793, CVE-2024-26764, CVE-2024-26751, CVE-2024-35811, CVE-2024-26835, CVE-2024-26772, CVE-2024-26777, CVE-2024-26688, CVE-2024-27416, CVE-2024-26801, CVE-2024-26733, CVE-2024-27414, CVE-2024-26754, CVE-2024-26848) Update Instructions: Run `sudo pro fix USN-6831-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1045-xilinx-zynqmp - 5.4.0-1045.49 linux-buildinfo-5.4.0-1045-xilinx-zynqmp - 5.4.0-1045.49 linux-headers-5.4.0-1045-xilinx-zynqmp - 5.4.0-1045.49 linux-modules-5.4.0-1045-xilinx-zynqmp - 5.4.0-1045.49 linux-xilinx-zynqmp-tools-5.4.0-1045 - 5.4.0-1045.49 linux-tools-5.4.0-1045-xilinx-zynqmp - 5.4.0-1045.49 linux-xilinx-zynqmp-headers-5.4.0-1045 - 5.4.0-1045.49 No subscription required linux-ibm-tools-5.4.0-1073 - 5.4.0-1073.78 linux-image-unsigned-5.4.0-1073-ibm - 5.4.0-1073.78 linux-modules-extra-5.4.0-1073-ibm - 5.4.0-1073.78 linux-buildinfo-5.4.0-1073-ibm - 5.4.0-1073.78 linux-ibm-tools-common - 5.4.0-1073.78 linux-image-5.4.0-1073-ibm - 5.4.0-1073.78 linux-headers-5.4.0-1073-ibm - 5.4.0-1073.78 linux-ibm-headers-5.4.0-1073 - 5.4.0-1073.78 linux-ibm-source-5.4.0 - 5.4.0-1073.78 linux-ibm-cloud-tools-common - 5.4.0-1073.78 linux-tools-5.4.0-1073-ibm - 5.4.0-1073.78 linux-modules-5.4.0-1073-ibm - 5.4.0-1073.78 No subscription required linux-headers-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-modules-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-image-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-gkeop-source-5.4.0 - 5.4.0-1093.97 linux-gkeop-headers-5.4.0-1093 - 5.4.0-1093.97 linux-buildinfo-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-gkeop-cloud-tools-5.4.0-1093 - 5.4.0-1093.97 linux-gkeop-tools-5.4.0-1093 - 5.4.0-1093.97 linux-image-unsigned-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-tools-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-modules-extra-5.4.0-1093-gkeop - 5.4.0-1093.97 linux-cloud-tools-5.4.0-1093-gkeop - 5.4.0-1093.97 No subscription required linux-buildinfo-5.4.0-1110-raspi - 5.4.0-1110.122 linux-headers-5.4.0-1110-raspi - 5.4.0-1110.122 linux-image-5.4.0-1110-raspi - 5.4.0-1110.122 linux-tools-5.4.0-1110-raspi - 5.4.0-1110.122 linux-raspi-headers-5.4.0-1110 - 5.4.0-1110.122 linux-raspi-tools-5.4.0-1110 - 5.4.0-1110.122 linux-modules-5.4.0-1110-raspi - 5.4.0-1110.122 No subscription required linux-tools-5.4.0-1114-kvm - 5.4.0-1114.121 linux-modules-5.4.0-1114-kvm - 5.4.0-1114.121 linux-kvm-tools-5.4.0-1114 - 5.4.0-1114.121 linux-kvm-headers-5.4.0-1114 - 5.4.0-1114.121 linux-image-unsigned-5.4.0-1114-kvm - 5.4.0-1114.121 linux-headers-5.4.0-1114-kvm - 5.4.0-1114.121 linux-buildinfo-5.4.0-1114-kvm - 5.4.0-1114.121 linux-image-5.4.0-1114-kvm - 5.4.0-1114.121 No subscription required linux-image-unsigned-5.4.0-1125-oracle - 5.4.0-1125.134 linux-headers-5.4.0-1125-oracle - 5.4.0-1125.134 linux-oracle-headers-5.4.0-1125 - 5.4.0-1125.134 linux-modules-extra-5.4.0-1125-oracle - 5.4.0-1125.134 linux-buildinfo-5.4.0-1125-oracle - 5.4.0-1125.134 linux-oracle-tools-5.4.0-1125 - 5.4.0-1125.134 linux-modules-5.4.0-1125-oracle - 5.4.0-1125.134 linux-tools-5.4.0-1125-oracle - 5.4.0-1125.134 linux-image-5.4.0-1125-oracle - 5.4.0-1125.134 No subscription required linux-modules-extra-5.4.0-1126-aws - 5.4.0-1126.136 linux-aws-tools-5.4.0-1126 - 5.4.0-1126.136 linux-cloud-tools-5.4.0-1126-aws - 5.4.0-1126.136 linux-image-5.4.0-1126-aws - 5.4.0-1126.136 linux-modules-5.4.0-1126-aws - 5.4.0-1126.136 linux-aws-cloud-tools-5.4.0-1126 - 5.4.0-1126.136 linux-aws-headers-5.4.0-1126 - 5.4.0-1126.136 linux-image-unsigned-5.4.0-1126-aws - 5.4.0-1126.136 linux-buildinfo-5.4.0-1126-aws - 5.4.0-1126.136 linux-tools-5.4.0-1126-aws - 5.4.0-1126.136 linux-headers-5.4.0-1126-aws - 5.4.0-1126.136 No subscription required linux-modules-extra-5.4.0-1130-gcp - 5.4.0-1130.139 linux-image-5.4.0-1130-gcp - 5.4.0-1130.139 linux-tools-5.4.0-1130-gcp - 5.4.0-1130.139 linux-gcp-headers-5.4.0-1130 - 5.4.0-1130.139 linux-gcp-tools-5.4.0-1130 - 5.4.0-1130.139 linux-headers-5.4.0-1130-gcp - 5.4.0-1130.139 linux-image-unsigned-5.4.0-1130-gcp - 5.4.0-1130.139 linux-modules-5.4.0-1130-gcp - 5.4.0-1130.139 linux-buildinfo-5.4.0-1130-gcp - 5.4.0-1130.139 No subscription required linux-cloud-tools-5.4.0-1131-azure - 5.4.0-1131.138 linux-azure-cloud-tools-5.4.0-1131 - 5.4.0-1131.138 linux-headers-5.4.0-1131-azure - 5.4.0-1131.138 linux-tools-5.4.0-1131-azure - 5.4.0-1131.138 linux-modules-extra-5.4.0-1131-azure - 5.4.0-1131.138 linux-image-5.4.0-1131-azure - 5.4.0-1131.138 linux-azure-tools-5.4.0-1131 - 5.4.0-1131.138 linux-azure-headers-5.4.0-1131 - 5.4.0-1131.138 linux-modules-5.4.0-1131-azure - 5.4.0-1131.138 linux-buildinfo-5.4.0-1131-azure - 5.4.0-1131.138 linux-image-unsigned-5.4.0-1131-azure - 5.4.0-1131.138 No subscription required linux-tools-common - 5.4.0-186.206 linux-tools-5.4.0-186-generic - 5.4.0-186.206 linux-modules-5.4.0-186-lowlatency - 5.4.0-186.206 linux-cloud-tools-5.4.0-186-lowlatency - 5.4.0-186.206 linux-headers-5.4.0-186 - 5.4.0-186.206 linux-doc - 5.4.0-186.206 linux-image-unsigned-5.4.0-186-generic - 5.4.0-186.206 linux-image-5.4.0-186-lowlatency - 5.4.0-186.206 linux-modules-5.4.0-186-generic-lpae - 5.4.0-186.206 linux-libc-dev - 5.4.0-186.206 linux-source-5.4.0 - 5.4.0-186.206 linux-cloud-tools-5.4.0-186-generic - 5.4.0-186.206 linux-buildinfo-5.4.0-186-generic - 5.4.0-186.206 linux-tools-host - 5.4.0-186.206 linux-tools-5.4.0-186-lowlatency - 5.4.0-186.206 linux-headers-5.4.0-186-generic-lpae - 5.4.0-186.206 linux-image-5.4.0-186-generic-lpae - 5.4.0-186.206 linux-cloud-tools-common - 5.4.0-186.206 linux-modules-5.4.0-186-generic - 5.4.0-186.206 linux-headers-5.4.0-186-generic - 5.4.0-186.206 linux-image-5.4.0-186-generic - 5.4.0-186.206 linux-buildinfo-5.4.0-186-generic-lpae - 5.4.0-186.206 linux-image-unsigned-5.4.0-186-lowlatency - 5.4.0-186.206 linux-tools-5.4.0-186-generic-lpae - 5.4.0-186.206 linux-tools-5.4.0-186 - 5.4.0-186.206 linux-headers-5.4.0-186-lowlatency - 5.4.0-186.206 linux-buildinfo-5.4.0-186-lowlatency - 5.4.0-186.206 linux-modules-extra-5.4.0-186-generic - 5.4.0-186.206 linux-cloud-tools-5.4.0-186 - 5.4.0-186.206 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1045.45 linux-xilinx-zynqmp - 5.4.0.1045.45 linux-tools-xilinx-zynqmp - 5.4.0.1045.45 linux-headers-xilinx-zynqmp - 5.4.0.1045.45 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1073.102 linux-headers-ibm-lts-20.04 - 5.4.0.1073.102 linux-ibm-lts-20.04 - 5.4.0.1073.102 linux-image-ibm-lts-20.04 - 5.4.0.1073.102 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1073.102 No subscription required linux-headers-gkeop - 5.4.0.1093.91 linux-cloud-tools-gkeop-5.4 - 5.4.0.1093.91 linux-image-gkeop - 5.4.0.1093.91 linux-tools-gkeop - 5.4.0.1093.91 linux-modules-extra-gkeop-5.4 - 5.4.0.1093.91 linux-gkeop-5.4 - 5.4.0.1093.91 linux-image-gkeop-5.4 - 5.4.0.1093.91 linux-modules-extra-gkeop - 5.4.0.1093.91 linux-gkeop - 5.4.0.1093.91 linux-cloud-tools-gkeop - 5.4.0.1093.91 linux-tools-gkeop-5.4 - 5.4.0.1093.91 linux-headers-gkeop-5.4 - 5.4.0.1093.91 No subscription required linux-raspi2-hwe-18.04-edge - 5.4.0.1110.140 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1110.140 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1110.140 linux-raspi2 - 5.4.0.1110.140 linux-headers-raspi2 - 5.4.0.1110.140 linux-image-raspi-hwe-18.04 - 5.4.0.1110.140 linux-image-raspi2-hwe-18.04 - 5.4.0.1110.140 linux-tools-raspi - 5.4.0.1110.140 linux-headers-raspi-hwe-18.04 - 5.4.0.1110.140 linux-headers-raspi2-hwe-18.04 - 5.4.0.1110.140 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1110.140 linux-headers-raspi - 5.4.0.1110.140 linux-image-raspi-hwe-18.04-edge - 5.4.0.1110.140 linux-raspi-hwe-18.04 - 5.4.0.1110.140 linux-raspi2-hwe-18.04 - 5.4.0.1110.140 linux-image-raspi2 - 5.4.0.1110.140 linux-tools-raspi-hwe-18.04 - 5.4.0.1110.140 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1110.140 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1110.140 linux-tools-raspi2 - 5.4.0.1110.140 linux-raspi-hwe-18.04-edge - 5.4.0.1110.140 linux-raspi - 5.4.0.1110.140 linux-tools-raspi2-hwe-18.04 - 5.4.0.1110.140 linux-image-raspi - 5.4.0.1110.140 No subscription required linux-kvm - 5.4.0.1114.110 linux-headers-kvm - 5.4.0.1114.110 linux-image-kvm - 5.4.0.1114.110 linux-tools-kvm - 5.4.0.1114.110 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1125.118 linux-headers-oracle-lts-20.04 - 5.4.0.1125.118 linux-oracle-lts-20.04 - 5.4.0.1125.118 linux-image-oracle-lts-20.04 - 5.4.0.1125.118 No subscription required linux-headers-aws-lts-20.04 - 5.4.0.1126.123 linux-tools-aws-lts-20.04 - 5.4.0.1126.123 linux-modules-extra-aws-lts-20.04 - 5.4.0.1126.123 linux-image-aws-lts-20.04 - 5.4.0.1126.123 linux-aws-lts-20.04 - 5.4.0.1126.123 No subscription required linux-headers-gcp-lts-20.04 - 5.4.0.1130.132 linux-gcp-lts-20.04 - 5.4.0.1130.132 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1130.132 linux-image-gcp-lts-20.04 - 5.4.0.1130.132 linux-tools-gcp-lts-20.04 - 5.4.0.1130.132 No subscription required linux-azure-lts-20.04 - 5.4.0.1131.125 linux-image-azure-lts-20.04 - 5.4.0.1131.125 linux-modules-extra-azure-lts-20.04 - 5.4.0.1131.125 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1131.125 linux-tools-azure-lts-20.04 - 5.4.0.1131.125 linux-headers-azure-lts-20.04 - 5.4.0.1131.125 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.186.184 linux-cloud-tools-virtual - 5.4.0.186.184 linux-image-generic-hwe-18.04 - 5.4.0.186.184 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.186.184 linux-headers-generic-lpae - 5.4.0.186.184 linux-image-virtual - 5.4.0.186.184 linux-oem-osp1-tools-host - 5.4.0.186.184 linux-image-generic - 5.4.0.186.184 linux-tools-lowlatency - 5.4.0.186.184 linux-image-lowlatency-hwe-18.04 - 5.4.0.186.184 linux-headers-lowlatency-hwe-18.04 - 5.4.0.186.184 linux-lowlatency-hwe-18.04-edge - 5.4.0.186.184 linux-image-extra-virtual-hwe-18.04 - 5.4.0.186.184 linux-oem - 5.4.0.186.184 linux-image-oem-osp1 - 5.4.0.186.184 linux-image-generic-lpae-hwe-18.04 - 5.4.0.186.184 linux-crashdump - 5.4.0.186.184 linux-tools-lowlatency-hwe-18.04 - 5.4.0.186.184 linux-headers-generic-hwe-18.04 - 5.4.0.186.184 linux-headers-virtual-hwe-18.04-edge - 5.4.0.186.184 linux-source - 5.4.0.186.184 linux-lowlatency - 5.4.0.186.184 linux-tools-virtual-hwe-18.04-edge - 5.4.0.186.184 linux-tools-generic-lpae - 5.4.0.186.184 linux-cloud-tools-generic - 5.4.0.186.184 linux-headers-virtual-hwe-18.04 - 5.4.0.186.184 linux-tools-generic - 5.4.0.186.184 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.186.184 linux-tools-virtual - 5.4.0.186.184 linux-generic-lpae-hwe-18.04-edge - 5.4.0.186.184 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.186.184 linux-tools-oem-osp1 - 5.4.0.186.184 linux-generic-lpae - 5.4.0.186.184 linux-headers-oem - 5.4.0.186.184 linux-generic - 5.4.0.186.184 linux-virtual - 5.4.0.186.184 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.186.184 linux-tools-generic-hwe-18.04-edge - 5.4.0.186.184 linux-image-virtual-hwe-18.04 - 5.4.0.186.184 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.186.184 linux-oem-tools-host - 5.4.0.186.184 linux-headers-lowlatency - 5.4.0.186.184 linux-image-generic-hwe-18.04-edge - 5.4.0.186.184 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.186.184 linux-generic-hwe-18.04-edge - 5.4.0.186.184 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.186.184 linux-image-extra-virtual - 5.4.0.186.184 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.186.184 linux-cloud-tools-lowlatency - 5.4.0.186.184 linux-tools-oem - 5.4.0.186.184 linux-headers-oem-osp1 - 5.4.0.186.184 linux-virtual-hwe-18.04 - 5.4.0.186.184 linux-generic-lpae-hwe-18.04 - 5.4.0.186.184 linux-tools-generic-hwe-18.04 - 5.4.0.186.184 linux-headers-generic-hwe-18.04-edge - 5.4.0.186.184 linux-headers-generic - 5.4.0.186.184 linux-oem-osp1 - 5.4.0.186.184 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.186.184 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.186.184 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.186.184 linux-virtual-hwe-18.04-edge - 5.4.0.186.184 linux-headers-virtual - 5.4.0.186.184 linux-image-oem - 5.4.0.186.184 linux-tools-virtual-hwe-18.04 - 5.4.0.186.184 linux-lowlatency-hwe-18.04 - 5.4.0.186.184 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.186.184 linux-generic-hwe-18.04 - 5.4.0.186.184 linux-image-generic-lpae - 5.4.0.186.184 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.186.184 linux-image-virtual-hwe-18.04-edge - 5.4.0.186.184 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.186.184 linux-image-lowlatency - 5.4.0.186.184 No subscription required Medium CVE-2021-47063 CVE-2021-47070 CVE-2023-52504 CVE-2024-0841 CVE-2024-26688 CVE-2024-26712 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26748 CVE-2024-26749 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26772 CVE-2024-26773 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26793 CVE-2024-26801 CVE-2024-26804 CVE-2024-26805 CVE-2024-26835 CVE-2024-26839 CVE-2024-26840 CVE-2024-26845 CVE-2024-26848 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27416 CVE-2024-27417 CVE-2024-35811 Ubuntu 20.04 LTS Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2023-31607, CVE-2023-31608, CVE-2023-31609, CVE-2023-31610, CVE-2023-31611, CVE-2023-31616, CVE-2023-31617, CVE-2023-31618, CVE-2023-31619, CVE-2023-31623, CVE-2023-31625, CVE-2023-31628) Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affects Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-31612, CVE-2023-31613, CVE-2023-31614, CVE-2023-31615) Update Instructions: Run `sudo pro fix USN-6832-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: virtuoso-opensource-6.1-bin - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-sparqldemo - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vsp-startpage - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-isparql - 6.1.6+repack-0ubuntu10+esm1 virtuoso-opensource-6.1-common - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-demo - 6.1.6+repack-0ubuntu10+esm1 virtuoso-server - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-tutorial - 6.1.6+repack-0ubuntu10+esm1 virtuoso-minimal - 6.1.6+repack-0ubuntu10+esm1 virtuoso-opensource - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-ods - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-syncml - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-doc - 6.1.6+repack-0ubuntu10+esm1 virtuoso-opensource-6.1 - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-conductor - 6.1.6+repack-0ubuntu10+esm1 libvirtodbc0 - 6.1.6+repack-0ubuntu10+esm1 libvirtuoso5.5-cil - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-bpel - 6.1.6+repack-0ubuntu10+esm1 virtuoso-vad-rdfmappers - 6.1.6+repack-0ubuntu10+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-31607 CVE-2023-31608 CVE-2023-31609 CVE-2023-31610 CVE-2023-31611 CVE-2023-31612 CVE-2023-31613 CVE-2023-31614 CVE-2023-31615 CVE-2023-31616 CVE-2023-31617 CVE-2023-31618 CVE-2023-31619 CVE-2023-31623 CVE-2023-31625 CVE-2023-31628 Ubuntu 20.04 LTS Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6833-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvte-2.91-common - 0.60.3-0ubuntu1~20.5 libvte-2.91-dev - 0.60.3-0ubuntu1~20.5 gir1.2-vte-2.91 - 0.60.3-0ubuntu1~20.5 libvte-2.91-doc - 0.60.3-0ubuntu1~20.5 libvte-2.91-0 - 0.60.3-0ubuntu1~20.5 No subscription required Medium CVE-2024-37535 Ubuntu 20.04 LTS It was discovered that Ghostscript did not properly restrict eexec seeds to those specified by the Type 1 Font Format standard when SAFER mode is used. An attacker could use this issue to bypass SAFER restrictions and cause unspecified impact. (CVE-2023-52722) This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. Thomas Rinsma discovered that Ghostscript did not prevent changes to uniprint device argument strings after SAFER is activated, resulting in a format-string vulnerability. An attacker could possibly use this to execute arbitrary code. (CVE-2024-29510) Zdenek Hutyra discovered that Ghostscript did not properly perform path reduction when validating paths. An attacker could use this to access file locations outside of those allowed by SAFER policy and possibly execute arbitrary code. (CVE-2024-33869) Zdenek Hutyra discovered that Ghostscript did not properly check arguments when reducing paths. An attacker could use this to access file locations outside of those allowed by SAFER policy. (CVE-2024-33870) Zdenek Hutyra discovered that the "Driver" parameter for Ghostscript's "opvp"/"oprp" device allowed specifying the name of an arbitrary dynamic library to load. An attacker could use this to execute arbitrary code. (CVE-2024-33871) Update Instructions: Run `sudo pro fix USN-6835-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.12 ghostscript-x - 9.50~dfsg-5ubuntu4.12 libgs-dev - 9.50~dfsg-5ubuntu4.12 ghostscript-doc - 9.50~dfsg-5ubuntu4.12 libgs9 - 9.50~dfsg-5ubuntu4.12 libgs9-common - 9.50~dfsg-5ubuntu4.12 No subscription required Medium CVE-2023-52722 CVE-2024-29510 CVE-2024-33869 CVE-2024-33870 CVE-2024-33871 Ubuntu 20.04 LTS It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations. This could result in improper authorization or improper access to resources. Update Instructions: Run `sudo pro fix USN-6836-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsss-certmap-dev - 2.2.3-3ubuntu0.13 libipa-hbac-dev - 2.2.3-3ubuntu0.13 sssd-ad - 2.2.3-3ubuntu0.13 libsss-sudo - 2.2.3-3ubuntu0.13 libsss-nss-idmap0 - 2.2.3-3ubuntu0.13 libnss-sss - 2.2.3-3ubuntu0.13 sssd-ipa - 2.2.3-3ubuntu0.13 libsss-simpleifp0 - 2.2.3-3ubuntu0.13 libsss-idmap-dev - 2.2.3-3ubuntu0.13 python3-libsss-nss-idmap - 2.2.3-3ubuntu0.13 libsss-certmap0 - 2.2.3-3ubuntu0.13 python3-sss - 2.2.3-3ubuntu0.13 libpam-sss - 2.2.3-3ubuntu0.13 sssd-kcm - 2.2.3-3ubuntu0.13 libsss-idmap0 - 2.2.3-3ubuntu0.13 sssd-ldap - 2.2.3-3ubuntu0.13 libsss-nss-idmap-dev - 2.2.3-3ubuntu0.13 libsss-simpleifp-dev - 2.2.3-3ubuntu0.13 sssd - 2.2.3-3ubuntu0.13 libwbclient-sssd - 2.2.3-3ubuntu0.13 libwbclient-sssd-dev - 2.2.3-3ubuntu0.13 sssd-common - 2.2.3-3ubuntu0.13 python3-libipa-hbac - 2.2.3-3ubuntu0.13 libipa-hbac0 - 2.2.3-3ubuntu0.13 sssd-tools - 2.2.3-3ubuntu0.13 sssd-ad-common - 2.2.3-3ubuntu0.13 sssd-krb5-common - 2.2.3-3ubuntu0.13 sssd-dbus - 2.2.3-3ubuntu0.13 sssd-krb5 - 2.2.3-3ubuntu0.13 sssd-proxy - 2.2.3-3ubuntu0.13 No subscription required Medium CVE-2023-3758 Ubuntu 20.04 LTS It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-25126) It was discovered that Rack incorrectly handled certain Range headers. A remote attacker could possibly use this issue to cause Rack to create large responses, leading to a denial of service. (CVE-2024-26141) It was discovered that Rack incorrectly handled certain crafted headers. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. (CVE-2024-26146) Update Instructions: Run `sudo pro fix USN-6837-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm5 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-25126 CVE-2024-26141 CVE-2024-26146 Ubuntu 20.04 LTS It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdoc_options file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-27281) It was discovered that the Ruby regex compiler incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive memory contents. (CVE-2024-27282) Update Instructions: Run `sudo pro fix USN-6838-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.13 ruby2.7-doc - 2.7.0-5ubuntu1.13 ruby2.7-dev - 2.7.0-5ubuntu1.13 libruby2.7 - 2.7.0-5ubuntu1.13 No subscription required Medium CVE-2024-27281 CVE-2024-27282 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.(CVE-2024-5688, CVE-2024-5690, CVE-2024-5696, CVE-2024-5700, CVE-2024-5702) Luan Herrera discovered that Thunderbird did not properly validate the X-Frame-Options header inside sandboxed iframe. An attacker could potentially exploit this issue to bypass sandbox restrictions to open a new window. (CVE-2024-5691) Kirtikumar Anandrao Ramchandani discovered that Thunderbird did not properly track cross-origin tainting in Offscreen Canvas. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2024-5693) Update Instructions: Run `sudo pro fix USN-6840-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird-locale-es-ar - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.12.0+build3-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-dev - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.12.0+build3-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.12.0+build3-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.12.0+build3-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.12.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-5702 CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693 CVE-2024-5696 CVE-2024-5700 Ubuntu 20.04 LTS It was discovered that PHP could early return in the filter_var function resulting in invalid user information being treated as valid user information. An attacker could possibly use this issue to expose raw user input information. Update Instructions: Run `sudo pro fix USN-6841-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php7.4-gd - 7.4.3-4ubuntu2.23 php7.4 - 7.4.3-4ubuntu2.23 php7.4-dba - 7.4.3-4ubuntu2.23 php7.4-bcmath - 7.4.3-4ubuntu2.23 php7.4-xmlrpc - 7.4.3-4ubuntu2.23 php7.4-intl - 7.4.3-4ubuntu2.23 php7.4-phpdbg - 7.4.3-4ubuntu2.23 php7.4-sybase - 7.4.3-4ubuntu2.23 php7.4-ldap - 7.4.3-4ubuntu2.23 php7.4-readline - 7.4.3-4ubuntu2.23 php7.4-curl - 7.4.3-4ubuntu2.23 php7.4-xsl - 7.4.3-4ubuntu2.23 php7.4-pgsql - 7.4.3-4ubuntu2.23 php7.4-pspell - 7.4.3-4ubuntu2.23 libapache2-mod-php7.4 - 7.4.3-4ubuntu2.23 php7.4-zip - 7.4.3-4ubuntu2.23 php7.4-enchant - 7.4.3-4ubuntu2.23 php7.4-odbc - 7.4.3-4ubuntu2.23 php7.4-json - 7.4.3-4ubuntu2.23 php7.4-mbstring - 7.4.3-4ubuntu2.23 php7.4-imap - 7.4.3-4ubuntu2.23 php7.4-bz2 - 7.4.3-4ubuntu2.23 php7.4-cgi - 7.4.3-4ubuntu2.23 php7.4-common - 7.4.3-4ubuntu2.23 php7.4-dev - 7.4.3-4ubuntu2.23 php7.4-interbase - 7.4.3-4ubuntu2.23 php7.4-tidy - 7.4.3-4ubuntu2.23 php7.4-gmp - 7.4.3-4ubuntu2.23 php7.4-sqlite3 - 7.4.3-4ubuntu2.23 php7.4-fpm - 7.4.3-4ubuntu2.23 php7.4-soap - 7.4.3-4ubuntu2.23 php7.4-cli - 7.4.3-4ubuntu2.23 libphp7.4-embed - 7.4.3-4ubuntu2.23 php7.4-mysql - 7.4.3-4ubuntu2.23 php7.4-snmp - 7.4.3-4ubuntu2.23 php7.4-xml - 7.4.3-4ubuntu2.23 php7.4-opcache - 7.4.3-4ubuntu2.23 No subscription required Medium CVE-2024-5458 Ubuntu 20.04 LTS It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-4285) It was discovered that gdb incorrectly handled memory leading to a heap based buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-1972) It was discovered that gdb incorrectly handled memory leading to a stack overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-39128) It was discovered that gdb had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-39129) It was discovered that gdb incorrectly handled memory leading to a heap based buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-39130) Update Instructions: Run `sudo pro fix USN-6842-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gdb-multiarch - 9.2-0ubuntu1~20.04.2 gdbserver - 9.2-0ubuntu1~20.04.2 gdb - 9.2-0ubuntu1~20.04.2 gdb-doc - 9.2-0ubuntu1~20.04.2 gdb-source - 9.2-0ubuntu1~20.04.2 No subscription required Medium CVE-2022-4285 CVE-2023-1972 CVE-2023-39128 CVE-2023-39129 CVE-2023-39130 Ubuntu 20.04 LTS Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another user's session manager and execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6843-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: plasma-workspace-dev - 4:5.18.8-0ubuntu0.2 libweather-ion7 - 4:5.18.8-0ubuntu0.2 libplasma-geolocation-interface5 - 4:5.18.8-0ubuntu0.2 libkworkspace5-5 - 4:5.18.8-0ubuntu0.2 plasma-workspace-wayland - 4:5.18.8-0ubuntu0.2 sddm-theme-breeze - 4:5.18.8-0ubuntu0.2 libcolorcorrect5 - 4:5.18.8-0ubuntu0.2 libnotificationmanager1 - 4:5.18.8-0ubuntu0.2 libtaskmanager6 - 4:5.18.8-0ubuntu0.2 plasma-workspace - 4:5.18.8-0ubuntu0.2 No subscription required Medium CVE-2024-36041 Ubuntu 20.04 LTS Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Update Instructions: Run `sudo pro fix USN-6844-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.7 cups-bsd - 2.3.1-9ubuntu1.7 cups-common - 2.3.1-9ubuntu1.7 cups-core-drivers - 2.3.1-9ubuntu1.7 cups-server-common - 2.3.1-9ubuntu1.7 libcupsimage2 - 2.3.1-9ubuntu1.7 cups-client - 2.3.1-9ubuntu1.7 cups-ipp-utils - 2.3.1-9ubuntu1.7 libcups2 - 2.3.1-9ubuntu1.7 cups-ppdc - 2.3.1-9ubuntu1.7 cups - 2.3.1-9ubuntu1.7 libcupsimage2-dev - 2.3.1-9ubuntu1.7 cups-daemon - 2.3.1-9ubuntu1.7 No subscription required Medium CVE-2024-35235 Ubuntu 20.04 LTS USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Update Instructions: Run `sudo pro fix USN-6844-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcups2-dev - 2.3.1-9ubuntu1.8 cups-bsd - 2.3.1-9ubuntu1.8 cups-common - 2.3.1-9ubuntu1.8 cups-core-drivers - 2.3.1-9ubuntu1.8 cups-server-common - 2.3.1-9ubuntu1.8 libcupsimage2 - 2.3.1-9ubuntu1.8 cups-client - 2.3.1-9ubuntu1.8 cups-ipp-utils - 2.3.1-9ubuntu1.8 libcups2 - 2.3.1-9ubuntu1.8 cups-ppdc - 2.3.1-9ubuntu1.8 cups - 2.3.1-9ubuntu1.8 libcupsimage2-dev - 2.3.1-9ubuntu1.8 cups-daemon - 2.3.1-9ubuntu1.8 No subscription required None https://launchpad.net/bugs/2070315 Ubuntu 20.04 LTS It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6845-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libhibernate3-java - 3.6.10.Final-9+deb10u1build0.20.04.1 No subscription required Medium CVE-2020-25638 Ubuntu 20.04 LTS It was discovered that Ansible incorrectly handled certain inputs when using tower_callback parameter. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3697) It was discovered that Ansible incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a Template Injection. (CVE-2023-5764) Update Instructions: Run `sudo pro fix USN-6846-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ansible - 2.9.6+dfsg-1ubuntu0.1~esm2 ansible-doc - 2.9.6+dfsg-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-3697 CVE-2023-5764 Ubuntu 20.04 LTS It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-11471) Reza Mirzazade Farkhani discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-23109) Eugene Lim discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-0996) Min Jang discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-29659) Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464) Update Instructions: Run `sudo pro fix USN-6847-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: heif-gdk-pixbuf - 1.6.1-1ubuntu0.1~esm1 libheif-examples - 1.6.1-1ubuntu0.1~esm1 libheif-dev - 1.6.1-1ubuntu0.1~esm1 libheif1 - 1.6.1-1ubuntu0.1~esm1 heif-thumbnailer - 1.6.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-11471 CVE-2020-23109 CVE-2023-0996 CVE-2023-29659 CVE-2023-49460 CVE-2023-49462 CVE-2023-49463 CVE-2023-49464 Ubuntu 20.04 LTS Matthieu Faou and Denys Klymenko discovered that Roundcube incorrectly handled certain SVG images. A remote attacker could possibly use this issue to load arbitrary JavaScript code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-5631) Rene Rehme discovered that Roundcube incorrectly handled certain headers. A remote attacker could possibly use this issue to load arbitrary JavaScript code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-47272) Valentin T. and Lutz Wolf discovered that Roundcube incorrectly handled certain SVG images. A remote attacker could possibly use this issue to load arbitrary JavaScript code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2024-37383) Huy Nguyễn Phạm Nhật discovered that Roundcube incorrectly handled certain fields in user preferences. A remote attacker could possibly use this issue to load arbitrary JavaScript code. (CVE-2024-37384) Update Instructions: Run `sudo pro fix USN-6848-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: roundcube-pgsql - 1.4.3+dfsg.1-1ubuntu0.1~esm4 roundcube-mysql - 1.4.3+dfsg.1-1ubuntu0.1~esm4 roundcube-plugins - 1.4.3+dfsg.1-1ubuntu0.1~esm4 roundcube - 1.4.3+dfsg.1-1ubuntu0.1~esm4 roundcube-core - 1.4.3+dfsg.1-1ubuntu0.1~esm4 roundcube-sqlite3 - 1.4.3+dfsg.1-1ubuntu0.1~esm4 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-47272 CVE-2023-5631 CVE-2024-37383 CVE-2024-37384 https://launchpad.net/bugs/2043396 Ubuntu 20.04 LTS Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys. It was discovered that netplan configuration could be manipulated into injecting arbitrary commands while setting up network interfaces. An attacker could use this to execute arbitrary commands or escalate privileges. Update Instructions: Run `sudo pro fix USN-6851-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netplan.io - 0.104-0ubuntu2~20.04.5 libnetplan0 - 0.104-0ubuntu2~20.04.5 libnetplan-dev - 0.104-0ubuntu2~20.04.5 No subscription required Medium CVE-2022-4968 https://launchpad.net/bugs/2066258 https://launchpad.net/bugs/1987842 https://launchpad.net/bugs/2065738 Ubuntu 20.04 LTS USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl enable to fail on systems where systemd is not running. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys. It was discovered that netplan configuration could be manipulated into injecting arbitrary commands while setting up network interfaces. An attacker could use this to execute arbitrary commands or escalate privileges. Update Instructions: Run `sudo pro fix USN-6851-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netplan.io - 0.104-0ubuntu2~20.04.6 libnetplan0 - 0.104-0ubuntu2~20.04.6 libnetplan-dev - 0.104-0ubuntu2~20.04.6 No subscription required None https://launchpad.net/bugs/2071333 Ubuntu 20.04 LTS It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected. Update Instructions: Run `sudo pro fix USN-6852-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: wget - 1.20.3-1ubuntu2.1 No subscription required Medium CVE-2024-38428 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information. Update Instructions: Run `sudo pro fix USN-6853-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby2.7 - 2.7.0-5ubuntu1.14 ruby2.7-doc - 2.7.0-5ubuntu1.14 ruby2.7-dev - 2.7.0-5ubuntu1.14 libruby2.7 - 2.7.0-5ubuntu1.14 No subscription required Medium CVE-2024-27280 Ubuntu 20.04 LTS Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6855-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libiso9660-dev - 2.0.0-2ubuntu0.2 libcdio-utils - 2.0.0-2ubuntu0.2 libiso9660-11 - 2.0.0-2ubuntu0.2 libudf-dev - 2.0.0-2ubuntu0.2 libcdio18 - 2.0.0-2ubuntu0.2 libcdio-dev - 2.0.0-2ubuntu0.2 libudf0 - 2.0.0-2ubuntu0.2 No subscription required Medium CVE-2024-36600 Ubuntu 20.04 LTS It was discovered that FontForge incorrectly handled filenames. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a command injection. (CVE-2024-25081) It was discovered that FontForge incorrectly handled archives and compressed files. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform command injection. (CVE-2024-25082) Update Instructions: Run `sudo pro fix USN-6856-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fontforge-extras - 1:20190801~dfsg-4ubuntu0.1 fontforge-common - 1:20190801~dfsg-4ubuntu0.1 fontforge-doc - 1:20190801~dfsg-4ubuntu0.1 fontforge-nox - 1:20190801~dfsg-4ubuntu0.1 libfontforge-dev - 1:20190801~dfsg-4ubuntu0.1 fontforge - 1:20190801~dfsg-4ubuntu0.1 libgdraw6 - 1:20190801~dfsg-4ubuntu0.1 python3-fontforge - 1:20190801~dfsg-4ubuntu0.1 libfontforge3 - 1:20190801~dfsg-4ubuntu0.1 No subscription required Medium CVE-2024-25081 CVE-2024-25082 Ubuntu 20.04 LTS It was discovered that eSpeak NG did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994) Update Instructions: Run `sudo pro fix USN-6858-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libespeak-ng1 - 1.50+dfsg-6ubuntu0.1 libespeak-ng-libespeak-dev - 1.50+dfsg-6ubuntu0.1 espeak-ng-data - 1.50+dfsg-6ubuntu0.1 libespeak-ng-dev - 1.50+dfsg-6ubuntu0.1 libespeak-ng-libespeak1 - 1.50+dfsg-6ubuntu0.1 espeak-ng - 1.50+dfsg-6ubuntu0.1 espeak-ng-espeak - 1.50+dfsg-6ubuntu0.1 No subscription required Medium CVE-2023-49990 CVE-2023-49991 CVE-2023-49992 CVE-2023-49993 CVE-2023-49994 Ubuntu 20.04 LTS Reynir Björnsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. (CVE-2024-28882) Reynir Björnsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service. (CVE-2024-5594) Update Instructions: Run `sudo pro fix USN-6860-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openvpn - 2.4.12-0ubuntu0.20.04.2 No subscription required Medium CVE-2024-28882 CVE-2024-5594 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-5689, CVE-2024-5690, CVE-2024-5691, CVE-2024-5693, CVE-2024-5697, CVE-2024-5698, CVE-2024-5699, CVE-2024-5700, CVE-2024-5701) Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-5688) Lukas Bernhard discovered that Firefox did not properly manage memory in the JavaScript engine. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2024-5694) Irvan Kurniawan discovered that Firefox did not properly handle certain allocations in the probabilistic heap checker. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-5695) Irvan Kurniawan discovered that Firefox did not properly handle certain text fragments in input tags. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-5696) Update Instructions: Run `sudo pro fix USN-6862-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox-locale-nl - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 127.0.2+build1-0ubuntu0.20.04.1 firefox - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 127.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 127.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 127.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 127.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 127.0.2+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-5688 CVE-2024-5689 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693 CVE-2024-5694 CVE-2024-5695 CVE-2024-5696 CVE-2024-5697 CVE-2024-5698 CVE-2024-5699 CVE-2024-5700 CVE-2024-5701 Ubuntu 20.04 LTS It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - PowerPC architecture; - x86 architecture; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - Network drivers; - Power supply drivers; - TCM subsystem; - Userspace I/O drivers; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Netfilter; - Netlink; - Wireless networking; (CVE-2021-47063, CVE-2024-26751, CVE-2024-26848, CVE-2024-26748, CVE-2024-26733, CVE-2024-26735, CVE-2024-26805, CVE-2024-26804, CVE-2024-26793, CVE-2023-52504, CVE-2024-27417, CVE-2024-27405, CVE-2024-26778, CVE-2024-27414, CVE-2024-26801, CVE-2024-26835, CVE-2024-27413, CVE-2024-26766, CVE-2024-27410, CVE-2024-27412, CVE-2024-26773, CVE-2024-26777, CVE-2024-26839, CVE-2024-26764, CVE-2024-26712, CVE-2024-26788, CVE-2024-26688, CVE-2024-26754, CVE-2021-47070, CVE-2024-26752, CVE-2024-26845, CVE-2024-26791, CVE-2024-26763, CVE-2024-27416, CVE-2024-26779, CVE-2024-26749, CVE-2024-26736, CVE-2024-26840, CVE-2024-26772, CVE-2024-26790) Update Instructions: Run `sudo pro fix USN-6867-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-unsigned-5.4.0-1038-iot - 5.4.0-1038.39 linux-tools-5.4.0-1038-iot - 5.4.0-1038.39 linux-iot-headers-5.4.0-1038 - 5.4.0-1038.39 linux-iot-tools-5.4.0-1038 - 5.4.0-1038.39 linux-buildinfo-5.4.0-1038-iot - 5.4.0-1038.39 linux-iot-tools-common - 5.4.0-1038.39 linux-image-5.4.0-1038-iot - 5.4.0-1038.39 linux-headers-5.4.0-1038-iot - 5.4.0-1038.39 linux-modules-5.4.0-1038-iot - 5.4.0-1038.39 No subscription required linux-buildinfo-5.4.0-1086-bluefield - 5.4.0-1086.93 linux-bluefield-tools-5.4.0-1086 - 5.4.0-1086.93 linux-bluefield-headers-5.4.0-1086 - 5.4.0-1086.93 linux-headers-5.4.0-1086-bluefield - 5.4.0-1086.93 linux-image-5.4.0-1086-bluefield - 5.4.0-1086.93 linux-modules-5.4.0-1086-bluefield - 5.4.0-1086.93 linux-image-unsigned-5.4.0-1086-bluefield - 5.4.0-1086.93 linux-tools-5.4.0-1086-bluefield - 5.4.0-1086.93 No subscription required linux-tools-iot - 5.4.0.1038.36 linux-iot - 5.4.0.1038.36 linux-image-iot - 5.4.0.1038.36 linux-headers-iot - 5.4.0.1038.36 No subscription required linux-image-bluefield - 5.4.0.1086.82 linux-headers-bluefield - 5.4.0.1086.82 linux-tools-bluefield - 5.4.0.1086.82 linux-bluefield - 5.4.0.1086.82 No subscription required Medium CVE-2021-47063 CVE-2021-47070 CVE-2023-52504 CVE-2024-0841 CVE-2024-26688 CVE-2024-26712 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26748 CVE-2024-26749 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26772 CVE-2024-26773 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26793 CVE-2024-26801 CVE-2024-26804 CVE-2024-26805 CVE-2024-26835 CVE-2024-26839 CVE-2024-26840 CVE-2024-26845 CVE-2024-26848 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27416 CVE-2024-27417 Ubuntu 20.04 LTS Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; (CVE-2024-26925, CVE-2024-26643) Update Instructions: Run `sudo pro fix USN-6868-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.4.0-1039-iot - 5.4.0-1039.40 linux-tools-5.4.0-1039-iot - 5.4.0-1039.40 linux-headers-5.4.0-1039-iot - 5.4.0-1039.40 linux-iot-tools-5.4.0-1039 - 5.4.0-1039.40 linux-image-5.4.0-1039-iot - 5.4.0-1039.40 linux-buildinfo-5.4.0-1039-iot - 5.4.0-1039.40 linux-iot-tools-common - 5.4.0-1039.40 linux-image-unsigned-5.4.0-1039-iot - 5.4.0-1039.40 linux-iot-headers-5.4.0-1039 - 5.4.0-1039.40 No subscription required linux-tools-5.4.0-1046-xilinx-zynqmp - 5.4.0-1046.50 linux-modules-5.4.0-1046-xilinx-zynqmp - 5.4.0-1046.50 linux-buildinfo-5.4.0-1046-xilinx-zynqmp - 5.4.0-1046.50 linux-image-5.4.0-1046-xilinx-zynqmp - 5.4.0-1046.50 linux-xilinx-zynqmp-tools-5.4.0-1046 - 5.4.0-1046.50 linux-xilinx-zynqmp-headers-5.4.0-1046 - 5.4.0-1046.50 linux-headers-5.4.0-1046-xilinx-zynqmp - 5.4.0-1046.50 No subscription required linux-tools-5.4.0-1074-ibm - 5.4.0-1074.79 linux-ibm-tools-5.4.0-1074 - 5.4.0-1074.79 linux-image-unsigned-5.4.0-1074-ibm - 5.4.0-1074.79 linux-modules-extra-5.4.0-1074-ibm - 5.4.0-1074.79 linux-headers-5.4.0-1074-ibm - 5.4.0-1074.79 linux-modules-5.4.0-1074-ibm - 5.4.0-1074.79 linux-image-5.4.0-1074-ibm - 5.4.0-1074.79 linux-buildinfo-5.4.0-1074-ibm - 5.4.0-1074.79 linux-ibm-source-5.4.0 - 5.4.0-1074.79 linux-ibm-headers-5.4.0-1074 - 5.4.0-1074.79 linux-ibm-cloud-tools-common - 5.4.0-1074.79 linux-ibm-tools-common - 5.4.0-1074.79 No subscription required linux-buildinfo-5.4.0-1087-bluefield - 5.4.0-1087.94 linux-modules-5.4.0-1087-bluefield - 5.4.0-1087.94 linux-headers-5.4.0-1087-bluefield - 5.4.0-1087.94 linux-bluefield-tools-5.4.0-1087 - 5.4.0-1087.94 linux-image-5.4.0-1087-bluefield - 5.4.0-1087.94 linux-tools-5.4.0-1087-bluefield - 5.4.0-1087.94 linux-image-unsigned-5.4.0-1087-bluefield - 5.4.0-1087.94 linux-bluefield-headers-5.4.0-1087 - 5.4.0-1087.94 No subscription required linux-image-unsigned-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-buildinfo-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-gkeop-source-5.4.0 - 5.4.0-1094.98 linux-cloud-tools-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-tools-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-gkeop-headers-5.4.0-1094 - 5.4.0-1094.98 linux-gkeop-cloud-tools-5.4.0-1094 - 5.4.0-1094.98 linux-gkeop-tools-5.4.0-1094 - 5.4.0-1094.98 linux-image-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-modules-extra-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-headers-5.4.0-1094-gkeop - 5.4.0-1094.98 linux-modules-5.4.0-1094-gkeop - 5.4.0-1094.98 No subscription required linux-image-5.4.0-1111-raspi - 5.4.0-1111.123 linux-modules-5.4.0-1111-raspi - 5.4.0-1111.123 linux-tools-5.4.0-1111-raspi - 5.4.0-1111.123 linux-headers-5.4.0-1111-raspi - 5.4.0-1111.123 linux-raspi-tools-5.4.0-1111 - 5.4.0-1111.123 linux-raspi-headers-5.4.0-1111 - 5.4.0-1111.123 linux-buildinfo-5.4.0-1111-raspi - 5.4.0-1111.123 No subscription required linux-headers-5.4.0-1115-kvm - 5.4.0-1115.122 linux-tools-5.4.0-1115-kvm - 5.4.0-1115.122 linux-kvm-tools-5.4.0-1115 - 5.4.0-1115.122 linux-buildinfo-5.4.0-1115-kvm - 5.4.0-1115.122 linux-image-5.4.0-1115-kvm - 5.4.0-1115.122 linux-modules-5.4.0-1115-kvm - 5.4.0-1115.122 linux-kvm-headers-5.4.0-1115 - 5.4.0-1115.122 linux-image-unsigned-5.4.0-1115-kvm - 5.4.0-1115.122 No subscription required linux-image-unsigned-5.4.0-1126-oracle - 5.4.0-1126.135 linux-modules-5.4.0-1126-oracle - 5.4.0-1126.135 linux-oracle-headers-5.4.0-1126 - 5.4.0-1126.135 linux-modules-extra-5.4.0-1126-oracle - 5.4.0-1126.135 linux-image-5.4.0-1126-oracle - 5.4.0-1126.135 linux-buildinfo-5.4.0-1126-oracle - 5.4.0-1126.135 linux-oracle-tools-5.4.0-1126 - 5.4.0-1126.135 linux-headers-5.4.0-1126-oracle - 5.4.0-1126.135 linux-tools-5.4.0-1126-oracle - 5.4.0-1126.135 No subscription required linux-modules-extra-5.4.0-1127-aws - 5.4.0-1127.137 linux-cloud-tools-5.4.0-1127-aws - 5.4.0-1127.137 linux-aws-tools-5.4.0-1127 - 5.4.0-1127.137 linux-buildinfo-5.4.0-1127-aws - 5.4.0-1127.137 linux-aws-headers-5.4.0-1127 - 5.4.0-1127.137 linux-headers-5.4.0-1127-aws - 5.4.0-1127.137 linux-tools-5.4.0-1127-aws - 5.4.0-1127.137 linux-image-5.4.0-1127-aws - 5.4.0-1127.137 linux-image-unsigned-5.4.0-1127-aws - 5.4.0-1127.137 linux-modules-5.4.0-1127-aws - 5.4.0-1127.137 linux-aws-cloud-tools-5.4.0-1127 - 5.4.0-1127.137 No subscription required linux-gcp-headers-5.4.0-1131 - 5.4.0-1131.140 linux-modules-5.4.0-1131-gcp - 5.4.0-1131.140 linux-image-unsigned-5.4.0-1131-gcp - 5.4.0-1131.140 linux-tools-5.4.0-1131-gcp - 5.4.0-1131.140 linux-modules-extra-5.4.0-1131-gcp - 5.4.0-1131.140 linux-image-5.4.0-1131-gcp - 5.4.0-1131.140 linux-gcp-tools-5.4.0-1131 - 5.4.0-1131.140 linux-buildinfo-5.4.0-1131-gcp - 5.4.0-1131.140 linux-headers-5.4.0-1131-gcp - 5.4.0-1131.140 No subscription required linux-modules-5.4.0-1132-azure - 5.4.0-1132.139 linux-azure-cloud-tools-5.4.0-1132 - 5.4.0-1132.139 linux-headers-5.4.0-1132-azure - 5.4.0-1132.139 linux-azure-tools-5.4.0-1132 - 5.4.0-1132.139 linux-azure-headers-5.4.0-1132 - 5.4.0-1132.139 linux-modules-extra-5.4.0-1132-azure - 5.4.0-1132.139 linux-image-5.4.0-1132-azure - 5.4.0-1132.139 linux-tools-5.4.0-1132-azure - 5.4.0-1132.139 linux-buildinfo-5.4.0-1132-azure - 5.4.0-1132.139 linux-cloud-tools-5.4.0-1132-azure - 5.4.0-1132.139 linux-image-unsigned-5.4.0-1132-azure - 5.4.0-1132.139 No subscription required linux-headers-5.4.0-187-generic - 5.4.0-187.207 linux-tools-host - 5.4.0-187.207 linux-tools-common - 5.4.0-187.207 linux-doc - 5.4.0-187.207 linux-modules-5.4.0-187-generic - 5.4.0-187.207 linux-cloud-tools-5.4.0-187-generic - 5.4.0-187.207 linux-cloud-tools-5.4.0-187-lowlatency - 5.4.0-187.207 linux-modules-5.4.0-187-generic-lpae - 5.4.0-187.207 linux-tools-5.4.0-187-lowlatency - 5.4.0-187.207 linux-libc-dev - 5.4.0-187.207 linux-source-5.4.0 - 5.4.0-187.207 linux-image-5.4.0-187-lowlatency - 5.4.0-187.207 linux-image-unsigned-5.4.0-187-lowlatency - 5.4.0-187.207 linux-image-5.4.0-187-generic-lpae - 5.4.0-187.207 linux-buildinfo-5.4.0-187-generic - 5.4.0-187.207 linux-image-5.4.0-187-generic - 5.4.0-187.207 linux-tools-5.4.0-187-generic - 5.4.0-187.207 linux-modules-5.4.0-187-lowlatency - 5.4.0-187.207 linux-headers-5.4.0-187-generic-lpae - 5.4.0-187.207 linux-cloud-tools-common - 5.4.0-187.207 linux-headers-5.4.0-187-lowlatency - 5.4.0-187.207 linux-buildinfo-5.4.0-187-generic-lpae - 5.4.0-187.207 linux-buildinfo-5.4.0-187-lowlatency - 5.4.0-187.207 linux-image-unsigned-5.4.0-187-generic - 5.4.0-187.207 linux-tools-5.4.0-187 - 5.4.0-187.207 linux-headers-5.4.0-187 - 5.4.0-187.207 linux-tools-5.4.0-187-generic-lpae - 5.4.0-187.207 linux-modules-extra-5.4.0-187-generic - 5.4.0-187.207 linux-cloud-tools-5.4.0-187 - 5.4.0-187.207 No subscription required linux-iot - 5.4.0.1039.37 linux-image-iot - 5.4.0.1039.37 linux-headers-iot - 5.4.0.1039.37 linux-tools-iot - 5.4.0.1039.37 No subscription required linux-image-xilinx-zynqmp - 5.4.0.1046.46 linux-xilinx-zynqmp - 5.4.0.1046.46 linux-tools-xilinx-zynqmp - 5.4.0.1046.46 linux-headers-xilinx-zynqmp - 5.4.0.1046.46 No subscription required linux-tools-ibm-lts-20.04 - 5.4.0.1074.103 linux-headers-ibm-lts-20.04 - 5.4.0.1074.103 linux-image-ibm-lts-20.04 - 5.4.0.1074.103 linux-ibm-lts-20.04 - 5.4.0.1074.103 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1074.103 No subscription required linux-image-bluefield - 5.4.0.1087.83 linux-bluefield - 5.4.0.1087.83 linux-headers-bluefield - 5.4.0.1087.83 linux-tools-bluefield - 5.4.0.1087.83 No subscription required linux-headers-gkeop - 5.4.0.1094.92 linux-cloud-tools-gkeop-5.4 - 5.4.0.1094.92 linux-image-gkeop - 5.4.0.1094.92 linux-modules-extra-gkeop-5.4 - 5.4.0.1094.92 linux-gkeop-5.4 - 5.4.0.1094.92 linux-image-gkeop-5.4 - 5.4.0.1094.92 linux-gkeop - 5.4.0.1094.92 linux-headers-gkeop-5.4 - 5.4.0.1094.92 linux-modules-extra-gkeop - 5.4.0.1094.92 linux-tools-gkeop - 5.4.0.1094.92 linux-tools-gkeop-5.4 - 5.4.0.1094.92 linux-cloud-tools-gkeop - 5.4.0.1094.92 No subscription required linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1111.141 linux-image-raspi2 - 5.4.0.1111.141 linux-raspi2 - 5.4.0.1111.141 linux-headers-raspi2 - 5.4.0.1111.141 linux-image-raspi - 5.4.0.1111.141 linux-image-raspi-hwe-18.04 - 5.4.0.1111.141 linux-image-raspi2-hwe-18.04 - 5.4.0.1111.141 linux-tools-raspi - 5.4.0.1111.141 linux-headers-raspi-hwe-18.04 - 5.4.0.1111.141 linux-headers-raspi2-hwe-18.04 - 5.4.0.1111.141 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1111.141 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1111.141 linux-headers-raspi - 5.4.0.1111.141 linux-raspi2-hwe-18.04-edge - 5.4.0.1111.141 linux-image-raspi-hwe-18.04-edge - 5.4.0.1111.141 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1111.141 linux-raspi-hwe-18.04 - 5.4.0.1111.141 linux-raspi-hwe-18.04-edge - 5.4.0.1111.141 linux-raspi2-hwe-18.04 - 5.4.0.1111.141 linux-tools-raspi-hwe-18.04 - 5.4.0.1111.141 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1111.141 linux-tools-raspi2-hwe-18.04 - 5.4.0.1111.141 linux-tools-raspi2 - 5.4.0.1111.141 linux-raspi - 5.4.0.1111.141 No subscription required linux-tools-kvm - 5.4.0.1115.111 linux-headers-kvm - 5.4.0.1115.111 linux-kvm - 5.4.0.1115.111 linux-image-kvm - 5.4.0.1115.111 No subscription required linux-tools-oracle-lts-20.04 - 5.4.0.1126.119 linux-oracle-lts-20.04 - 5.4.0.1126.119 linux-headers-oracle-lts-20.04 - 5.4.0.1126.119 linux-image-oracle-lts-20.04 - 5.4.0.1126.119 No subscription required linux-modules-extra-aws-lts-20.04 - 5.4.0.1127.124 linux-tools-aws-lts-20.04 - 5.4.0.1127.124 linux-image-aws-lts-20.04 - 5.4.0.1127.124 linux-headers-aws-lts-20.04 - 5.4.0.1127.124 linux-aws-lts-20.04 - 5.4.0.1127.124 No subscription required linux-gcp-lts-20.04 - 5.4.0.1131.133 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1131.133 linux-headers-gcp-lts-20.04 - 5.4.0.1131.133 linux-image-gcp-lts-20.04 - 5.4.0.1131.133 linux-tools-gcp-lts-20.04 - 5.4.0.1131.133 No subscription required linux-azure-lts-20.04 - 5.4.0.1132.126 linux-modules-extra-azure-lts-20.04 - 5.4.0.1132.126 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1132.126 linux-image-azure-lts-20.04 - 5.4.0.1132.126 linux-tools-azure-lts-20.04 - 5.4.0.1132.126 linux-headers-azure-lts-20.04 - 5.4.0.1132.126 No subscription required linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.187.185 linux-cloud-tools-virtual - 5.4.0.187.185 linux-image-generic-hwe-18.04 - 5.4.0.187.185 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.187.185 linux-image-virtual - 5.4.0.187.185 linux-oem-osp1-tools-host - 5.4.0.187.185 linux-image-oem - 5.4.0.187.185 linux-tools-lowlatency - 5.4.0.187.185 linux-headers-lowlatency-hwe-18.04 - 5.4.0.187.185 linux-generic-lpae - 5.4.0.187.185 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.187.185 linux-lowlatency-hwe-18.04-edge - 5.4.0.187.185 linux-image-extra-virtual-hwe-18.04 - 5.4.0.187.185 linux-oem - 5.4.0.187.185 linux-image-oem-osp1 - 5.4.0.187.185 linux-image-generic-lpae-hwe-18.04 - 5.4.0.187.185 linux-crashdump - 5.4.0.187.185 linux-tools-lowlatency-hwe-18.04 - 5.4.0.187.185 linux-headers-generic-hwe-18.04 - 5.4.0.187.185 linux-tools-oem - 5.4.0.187.185 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.187.185 linux-headers-virtual-hwe-18.04-edge - 5.4.0.187.185 linux-headers-generic-lpae - 5.4.0.187.185 linux-lowlatency - 5.4.0.187.185 linux-tools-oem-osp1 - 5.4.0.187.185 linux-source - 5.4.0.187.185 linux-tools-virtual-hwe-18.04-edge - 5.4.0.187.185 linux-tools-generic-lpae - 5.4.0.187.185 linux-cloud-tools-generic - 5.4.0.187.185 linux-tools-generic - 5.4.0.187.185 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.187.185 linux-generic-lpae-hwe-18.04-edge - 5.4.0.187.185 linux-tools-virtual-hwe-18.04 - 5.4.0.187.185 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.187.185 linux-virtual - 5.4.0.187.185 linux-generic - 5.4.0.187.185 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.187.185 linux-tools-generic-hwe-18.04-edge - 5.4.0.187.185 linux-headers-virtual-hwe-18.04 - 5.4.0.187.185 linux-image-virtual-hwe-18.04 - 5.4.0.187.185 linux-oem-tools-host - 5.4.0.187.185 linux-headers-lowlatency - 5.4.0.187.185 linux-image-generic-hwe-18.04-edge - 5.4.0.187.185 linux-generic-hwe-18.04-edge - 5.4.0.187.185 linux-image-extra-virtual - 5.4.0.187.185 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.187.185 linux-cloud-tools-lowlatency - 5.4.0.187.185 linux-headers-oem-osp1 - 5.4.0.187.185 linux-tools-virtual - 5.4.0.187.185 linux-virtual-hwe-18.04 - 5.4.0.187.185 linux-generic-lpae-hwe-18.04 - 5.4.0.187.185 linux-tools-generic-hwe-18.04 - 5.4.0.187.185 linux-headers-generic-hwe-18.04-edge - 5.4.0.187.185 linux-headers-oem - 5.4.0.187.185 linux-headers-generic - 5.4.0.187.185 linux-image-generic - 5.4.0.187.185 linux-oem-osp1 - 5.4.0.187.185 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.187.185 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.187.185 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.187.185 linux-image-lowlatency-hwe-18.04 - 5.4.0.187.185 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.187.185 linux-virtual-hwe-18.04-edge - 5.4.0.187.185 linux-headers-virtual - 5.4.0.187.185 linux-lowlatency-hwe-18.04 - 5.4.0.187.185 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.187.185 linux-image-virtual-hwe-18.04-edge - 5.4.0.187.185 linux-generic-hwe-18.04 - 5.4.0.187.185 linux-image-generic-lpae - 5.4.0.187.185 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.187.185 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.187.185 linux-image-lowlatency - 5.4.0.187.185 No subscription required High CVE-2024-2201 CVE-2024-26643 CVE-2024-26925 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; (CVE-2024-26924, CVE-2024-26643) Update Instructions: Run `sudo pro fix USN-6869-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-headers-5.15.0-113-lowlatency-64k - 5.15.0-113.123~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-113.123~20.04.1 linux-buildinfo-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-buildinfo-5.15.0-113-lowlatency-64k - 5.15.0-113.123~20.04.1 linux-modules-iwlwifi-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-113 - 5.15.0-113.123~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-113.123~20.04.1 linux-image-unsigned-5.15.0-113-lowlatency-64k - 5.15.0-113.123~20.04.1 linux-tools-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-image-5.15.0-113-lowlatency-64k - 5.15.0-113.123~20.04.1 linux-image-unsigned-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-113 - 5.15.0-113.123~20.04.1 linux-headers-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-tools-5.15.0-113-lowlatency-64k - 5.15.0-113.123~20.04.1 linux-image-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-cloud-tools-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-113.123~20.04.1 linux-modules-5.15.0-113-lowlatency-64k - 5.15.0-113.123~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-113 - 5.15.0-113.123~20.04.1 linux-modules-5.15.0-113-lowlatency - 5.15.0-113.123~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 No subscription required High CVE-2024-26643 CVE-2024-26924 Ubuntu 20.04 LTS It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. (CVE-2024-21823) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; (CVE-2024-26643, CVE-2024-26924) Update Instructions: Run `sudo pro fix USN-6870-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-tools-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-headers-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-modules-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-gkeop-5.15-tools-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-modules-extra-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-image-unsigned-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-cloud-tools-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-gkeop-5.15-headers-5.15.0-1047 - 5.15.0-1047.54~20.04.1 linux-image-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 linux-buildinfo-5.15.0-1047-gkeop - 5.15.0-1047.54~20.04.1 No subscription required linux-cloud-tools-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1059.65~20.04.1 linux-modules-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1059.65~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1059 - 5.15.0-1059.65~20.04.1 linux-image-unsigned-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-modules-extra-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-tools-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1059 - 5.15.0-1059.65~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1059.65~20.04.1 linux-buildinfo-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-headers-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-image-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1059 - 5.15.0-1059.65~20.04.1 linux-modules-iwlwifi-5.15.0-1059-intel-iotg - 5.15.0-1059.65~20.04.1 No subscription required linux-tools-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 linux-headers-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 linux-buildinfo-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 linux-modules-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 linux-image-unsigned-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 linux-image-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 linux-oracle-5.15-tools-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-oracle-5.15-headers-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-modules-extra-5.15.0-1062-oracle - 5.15.0-1062.68~20.04.1 No subscription required linux-azure-5.15-headers-5.15.0-1067 - 5.15.0-1067.76~20.04.1 linux-image-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-modules-extra-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-azure-5.15-cloud-tools-5.15.0-1067 - 5.15.0-1067.76~20.04.1 linux-buildinfo-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-azure-5.15-tools-5.15.0-1067 - 5.15.0-1067.76~20.04.1 linux-modules-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-headers-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-image-unsigned-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-tools-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 linux-cloud-tools-5.15.0-1067-azure - 5.15.0-1067.76~20.04.1 No subscription required linux-image-5.15.0-1067-azure-fde - 5.15.0-1067.76~20.04.1.1 linux-image-unsigned-5.15.0-1067-azure-fde - 5.15.0-1067.76~20.04.1.1 No subscription required linux-image-gkeop-edge - 5.15.0.1047.54~20.04.1 linux-gkeop-5.15 - 5.15.0.1047.54~20.04.1 linux-headers-gkeop-edge - 5.15.0.1047.54~20.04.1 linux-tools-gkeop-edge - 5.15.0.1047.54~20.04.1 linux-gkeop-edge - 5.15.0.1047.54~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1047.54~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1047.54~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1047.54~20.04.1 linux-cloud-tools-gkeop-5.15 - 5.15.0.1047.54~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1047.54~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1047.54~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1047.54~20.04.1 No subscription required linux-image-intel-iotg - 5.15.0.1059.65~20.04.1 linux-intel - 5.15.0.1059.65~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1059.65~20.04.1 linux-image-intel - 5.15.0.1059.65~20.04.1 linux-cloud-tools-intel - 5.15.0.1059.65~20.04.1 linux-tools-intel - 5.15.0.1059.65~20.04.1 linux-intel-iotg - 5.15.0.1059.65~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1059.65~20.04.1 linux-intel-iotg-edge - 5.15.0.1059.65~20.04.1 linux-tools-intel-iotg - 5.15.0.1059.65~20.04.1 linux-headers-intel - 5.15.0.1059.65~20.04.1 linux-headers-intel-iotg - 5.15.0.1059.65~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1059.65~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1062.68~20.04.1 linux-tools-oracle - 5.15.0.1062.68~20.04.1 linux-tools-oracle-edge - 5.15.0.1062.68~20.04.1 linux-oracle-edge - 5.15.0.1062.68~20.04.1 linux-image-oracle-edge - 5.15.0.1062.68~20.04.1 linux-headers-oracle-edge - 5.15.0.1062.68~20.04.1 linux-image-oracle - 5.15.0.1062.68~20.04.1 linux-oracle - 5.15.0.1062.68~20.04.1 No subscription required linux-tools-azure-edge - 5.15.0.1067.76~20.04.1 linux-cloud-tools-azure - 5.15.0.1067.76~20.04.1 linux-headers-azure-cvm - 5.15.0.1067.76~20.04.1 linux-tools-azure - 5.15.0.1067.76~20.04.1 linux-image-azure-edge - 5.15.0.1067.76~20.04.1 linux-image-azure-cvm - 5.15.0.1067.76~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1067.76~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1067.76~20.04.1 linux-modules-extra-azure - 5.15.0.1067.76~20.04.1 linux-azure - 5.15.0.1067.76~20.04.1 linux-image-azure - 5.15.0.1067.76~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1067.76~20.04.1 linux-headers-azure-edge - 5.15.0.1067.76~20.04.1 linux-azure-edge - 5.15.0.1067.76~20.04.1 linux-tools-azure-cvm - 5.15.0.1067.76~20.04.1 linux-azure-cvm - 5.15.0.1067.76~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1067.76~20.04.1 linux-headers-azure - 5.15.0.1067.76~20.04.1 No subscription required linux-cloud-tools-azure-fde-edge - 5.15.0.1067.76~20.04.1.44 linux-modules-extra-azure-fde-edge - 5.15.0.1067.76~20.04.1.44 linux-tools-azure-fde-edge - 5.15.0.1067.76~20.04.1.44 linux-headers-azure-fde-edge - 5.15.0.1067.76~20.04.1.44 linux-image-azure-fde - 5.15.0.1067.76~20.04.1.44 linux-image-azure-fde-edge - 5.15.0.1067.76~20.04.1.44 linux-azure-fde - 5.15.0.1067.76~20.04.1.44 linux-cloud-tools-azure-fde - 5.15.0.1067.76~20.04.1.44 linux-azure-fde-edge - 5.15.0.1067.76~20.04.1.44 linux-modules-extra-azure-fde - 5.15.0.1067.76~20.04.1.44 linux-tools-azure-fde - 5.15.0.1067.76~20.04.1.44 linux-headers-azure-fde - 5.15.0.1067.76~20.04.1.44 No subscription required High CVE-2024-21823 CVE-2024-26643 CVE-2024-26924 Ubuntu 20.04 LTS It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. (CVE-2024-21823) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; (CVE-2024-26643, CVE-2024-26924) Update Instructions: Run `sudo pro fix USN-6870-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-modules-extra-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-aws-5.15-cloud-tools-5.15.0-1064 - 5.15.0-1064.70~20.04.1 linux-cloud-tools-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-headers-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-image-unsigned-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-image-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-aws-5.15-tools-5.15.0-1064 - 5.15.0-1064.70~20.04.1 linux-modules-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-tools-5.15.0-1064-aws - 5.15.0-1064.70~20.04.1 linux-aws-5.15-headers-5.15.0-1064 - 5.15.0-1064.70~20.04.1 No subscription required linux-modules-extra-aws - 5.15.0.1064.70~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1064.70~20.04.1 linux-tools-aws-edge - 5.15.0.1064.70~20.04.1 linux-aws - 5.15.0.1064.70~20.04.1 linux-image-aws-edge - 5.15.0.1064.70~20.04.1 linux-tools-aws - 5.15.0.1064.70~20.04.1 linux-headers-aws - 5.15.0.1064.70~20.04.1 linux-headers-aws-edge - 5.15.0.1064.70~20.04.1 linux-aws-edge - 5.15.0.1064.70~20.04.1 linux-image-aws - 5.15.0.1064.70~20.04.1 No subscription required High CVE-2024-21823 CVE-2024-26643 CVE-2024-26924 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. (CVE-2024-21823) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - x86 architecture; - ACPI drivers; - Block layer subsystem; - Clock framework and drivers; - CPU frequency scaling framework; - Cryptographic API; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - MMC subsystem; - Network drivers; - NTB driver; - NVME drivers; - PCI subsystem; - MediaTek PM domains; - Power supply drivers; - SPI subsystem; - Media staging drivers; - TCM subsystem; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - EROFS file system; - Ext4 file system; - F2FS file system; - Network file system client; - NTFS3 file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Netfilter; - TLS protocol; - io_uring subsystem; - Bluetooth subsystem; - Memory management; - Ethernet bridge; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Multipath TCP; - Netlink; - NET/ROM layer; - Packet sockets; - RDS protocol; - Sun RPC protocol; - Unix domain sockets; - Wireless networking; - USB sound devices; (CVE-2024-26901, CVE-2024-35844, CVE-2024-27024, CVE-2024-26835, CVE-2024-26879, CVE-2024-26846, CVE-2024-35829, CVE-2024-26804, CVE-2024-26802, CVE-2024-27039, CVE-2024-27075, CVE-2024-27076, CVE-2024-26863, CVE-2024-27046, CVE-2024-26776, CVE-2024-26875, CVE-2024-26885, CVE-2024-26583, CVE-2024-26777, CVE-2024-26803, CVE-2024-27047, CVE-2024-26748, CVE-2024-27044, CVE-2024-27416, CVE-2024-26906, CVE-2024-27405, CVE-2024-26749, CVE-2024-27436, CVE-2024-26895, CVE-2023-52662, CVE-2024-26772, CVE-2023-52645, CVE-2024-26787, CVE-2024-26788, CVE-2023-52497, CVE-2024-26795, CVE-2024-26763, CVE-2024-27414, CVE-2024-26870, CVE-2024-27412, CVE-2024-27078, CVE-2024-27388, CVE-2024-26894, CVE-2023-52641, CVE-2024-27053, CVE-2024-26584, CVE-2024-26752, CVE-2024-35845, CVE-2024-26884, CVE-2024-26782, CVE-2024-26859, CVE-2024-26809, CVE-2024-27038, CVE-2024-26897, CVE-2024-26750, CVE-2023-52644, CVE-2024-26848, CVE-2024-26833, CVE-2024-26801, CVE-2024-26872, CVE-2023-52620, CVE-2023-52652, CVE-2024-26839, CVE-2024-26851, CVE-2024-26805, CVE-2024-26659, CVE-2024-26791, CVE-2023-52640, CVE-2024-26883, CVE-2024-26737, CVE-2024-27028, CVE-2024-26603, CVE-2024-27073, CVE-2024-26792, CVE-2024-35830, CVE-2024-26585, CVE-2024-27045, CVE-2024-26880, CVE-2024-27074, CVE-2023-52434, CVE-2024-26778, CVE-2024-26754, CVE-2024-27034, CVE-2024-35828, CVE-2024-26643, CVE-2024-26774, CVE-2024-26878, CVE-2024-26733, CVE-2024-27043, CVE-2023-52656, CVE-2024-26816, CVE-2024-26907, CVE-2024-26838, CVE-2024-26651, CVE-2024-26790, CVE-2024-26840, CVE-2024-26751, CVE-2024-27410, CVE-2023-52447, CVE-2024-27431, CVE-2024-26861, CVE-2024-27077, CVE-2024-26779, CVE-2024-27054, CVE-2024-26601, CVE-2024-26874, CVE-2024-26764, CVE-2023-52650, CVE-2024-26843, CVE-2024-26856, CVE-2024-26820, CVE-2024-26903, CVE-2024-27037, CVE-2024-26798, CVE-2024-27415, CVE-2024-27419, CVE-2024-26736, CVE-2024-27403, CVE-2024-27432, CVE-2024-26735, CVE-2024-26793, CVE-2024-26881, CVE-2024-26889, CVE-2024-27052, CVE-2024-26766, CVE-2024-26882, CVE-2024-27417, CVE-2024-26688, CVE-2024-26747, CVE-2024-26877, CVE-2024-26744, CVE-2024-27051, CVE-2024-26743, CVE-2024-26857, CVE-2024-26855, CVE-2024-26852, CVE-2024-26771, CVE-2024-26891, CVE-2024-27030, CVE-2024-26769, CVE-2024-27413, CVE-2024-26898, CVE-2024-26915, CVE-2024-26845, CVE-2024-27065, CVE-2024-26924, CVE-2024-26862, CVE-2024-27390, CVE-2024-26773) Update Instructions: Run `sudo pro fix USN-6871-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-modules-5.15.0-113-generic-64k - 5.15.0-113.123~20.04.1 linux-headers-5.15.0-113-generic-64k - 5.15.0-113.123~20.04.1 linux-tools-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-hwe-5.15-tools-5.15.0-113 - 5.15.0-113.123~20.04.1 linux-modules-iwlwifi-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-hwe-5.15-headers-5.15.0-113 - 5.15.0-113.123~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-113.123~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-113.123~20.04.1 linux-cloud-tools-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-tools-5.15.0-113-generic-lpae - 5.15.0-113.123~20.04.1 linux-buildinfo-5.15.0-113-generic-lpae - 5.15.0-113.123~20.04.1 linux-modules-extra-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-image-5.15.0-113-generic-lpae - 5.15.0-113.123~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-113.123~20.04.1 linux-image-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-modules-5.15.0-113-generic-lpae - 5.15.0-113.123~20.04.1 linux-modules-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-113 - 5.15.0-113.123~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-113.123~20.04.1 linux-buildinfo-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-tools-5.15.0-113-generic-64k - 5.15.0-113.123~20.04.1 linux-image-5.15.0-113-generic-64k - 5.15.0-113.123~20.04.1 linux-headers-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-buildinfo-5.15.0-113-generic-64k - 5.15.0-113.123~20.04.1 linux-image-unsigned-5.15.0-113-generic-64k - 5.15.0-113.123~20.04.1 linux-image-unsigned-5.15.0-113-generic - 5.15.0-113.123~20.04.1 linux-headers-5.15.0-113-generic-lpae - 5.15.0-113.123~20.04.1 No subscription required linux-tools-oem-20.04 - 5.15.0.113.123~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-image-oem-20.04c - 5.15.0.113.123~20.04.1 linux-image-oem-20.04b - 5.15.0.113.123~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-oem-20.04d - 5.15.0.113.123~20.04.1 linux-headers-oem-20.04 - 5.15.0.113.123~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-cloud-tools-generic-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.113.123~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-tools-oem-20.04c - 5.15.0.113.123~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-oem-20.04 - 5.15.0.113.123~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-oem-20.04d - 5.15.0.113.123~20.04.1 linux-oem-20.04b - 5.15.0.113.123~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-oem-20.04 - 5.15.0.113.123~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-tools-oem-20.04b - 5.15.0.113.123~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-headers-oem-20.04b - 5.15.0.113.123~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-generic-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-headers-oem-20.04d - 5.15.0.113.123~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-oem-20.04c - 5.15.0.113.123~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.113.123~20.04.1 linux-headers-oem-20.04c - 5.15.0.113.123~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.113.123~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-tools-oem-20.04d - 5.15.0.113.123~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.113.123~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.113.123~20.04.1 No subscription required High CVE-2023-52434 CVE-2023-52447 CVE-2023-52497 CVE-2023-52620 CVE-2023-52640 CVE-2023-52641 CVE-2023-52644 CVE-2023-52645 CVE-2023-52650 CVE-2023-52652 CVE-2023-52656 CVE-2023-52662 CVE-2023-6270 CVE-2023-7042 CVE-2024-0841 CVE-2024-21823 CVE-2024-22099 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26601 CVE-2024-26603 CVE-2024-26643 CVE-2024-26651 CVE-2024-26659 CVE-2024-26688 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26816 CVE-2024-26820 CVE-2024-26833 CVE-2024-26835 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26848 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875 CVE-2024-26877 CVE-2024-26878 CVE-2024-26879 CVE-2024-26880 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26915 CVE-2024-26924 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27034 CVE-2024-27037 CVE-2024-27038 CVE-2024-27039 CVE-2024-27043 CVE-2024-27044 CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27390 CVE-2024-27403 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27415 CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27436 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35844 CVE-2024-35845 Ubuntu 20.04 LTS It was discovered that Kopano Core allowed out-of-bounds access. An attacker could use this issue to expose private information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-19907) It was discovered that Kopano Core allowed possible authentication with expired passwords. An attacker could use this issue to bypass authentication. (CVE-2022-26562) Update Instructions: Run `sudo pro fix USN-6876-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kopano-archiver - 8.7.0-7ubuntu1.1 kopano-backup - 8.7.0-7ubuntu1.1 kopano-monitor - 8.7.0-7ubuntu1.1 kopano-presence - 8.7.0-7ubuntu1.1 kopano-search - 8.7.0-7ubuntu1.1 kopano-contacts - 8.7.0-7ubuntu1.1 kopano-spamd - 8.7.0-7ubuntu1.1 kopano-core - 8.7.0-7ubuntu1.1 kopano-l10n - 8.7.0-7ubuntu1.1 php-mapi - 8.7.0-7ubuntu1.1 kopano-server - 8.7.0-7ubuntu1.1 python3-kopano - 8.7.0-7ubuntu1.1 kopano-ical - 8.7.0-7ubuntu1.1 kopano-dagent - 8.7.0-7ubuntu1.1 kopano-dev - 8.7.0-7ubuntu1.1 python3-mapi - 8.7.0-7ubuntu1.1 kopano-spooler - 8.7.0-7ubuntu1.1 kopano-common - 8.7.0-7ubuntu1.1 kopano-libs - 8.7.0-7ubuntu1.1 kopano-utils - 8.7.0-7ubuntu1.1 kopano-gateway - 8.7.0-7ubuntu1.1 No subscription required Medium CVE-2019-19907 CVE-2022-26562 Ubuntu 20.04 LTS Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2023-31620, CVE-2023-31622, CVE-2023-31624, CVE-2023-31626, CVE-2023-31627, CVE-2023-31629, CVE-2023-31630, CVE-2023-31631, CVE-2023-48951) Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affects Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-48945, CVE-2023-48946, CVE-2023-48947, CVE-2023-48950) Update Instructions: Run `sudo pro fix USN-6879-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvirtodbc0 - 6.1.6+repack-0ubuntu10+esm2 libvirtuoso5.5-cil - 6.1.6+repack-0ubuntu10+esm2 virtuoso-minimal - 6.1.6+repack-0ubuntu10+esm2 virtuoso-opensource - 6.1.6+repack-0ubuntu10+esm2 virtuoso-opensource-6.1 - 6.1.6+repack-0ubuntu10+esm2 virtuoso-opensource-6.1-bin - 6.1.6+repack-0ubuntu10+esm2 virtuoso-opensource-6.1-common - 6.1.6+repack-0ubuntu10+esm2 virtuoso-server - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-bpel - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-conductor - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-demo - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-doc - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-isparql - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-ods - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-rdfmappers - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-sparqldemo - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-syncml - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vad-tutorial - 6.1.6+repack-0ubuntu10+esm2 virtuoso-vsp-startpage - 6.1.6+repack-0ubuntu10+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-31620 CVE-2023-31622 CVE-2023-31624 CVE-2023-31626 CVE-2023-31627 CVE-2023-31629 CVE-2023-31630 CVE-2023-31631 CVE-2023-48945 CVE-2023-48946 CVE-2023-48947 CVE-2023-48950 CVE-2023-48951 Ubuntu 20.04 LTS Sam Shahsavar discovered that Apache Tomcat did not properly reject HTTP requests with an invalid Content-Length header. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. Update Instructions: Run `sudo pro fix USN-6880-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtomcat9-embed-java - 9.0.31-1ubuntu0.5 libtomcat9-java - 9.0.31-1ubuntu0.5 tomcat9 - 9.0.31-1ubuntu0.5 tomcat9-admin - 9.0.31-1ubuntu0.5 tomcat9-common - 9.0.31-1ubuntu0.5 tomcat9-docs - 9.0.31-1ubuntu0.5 tomcat9-examples - 9.0.31-1ubuntu0.5 tomcat9-user - 9.0.31-1ubuntu0.5 No subscription required Medium CVE-2022-42252 Ubuntu 20.04 LTS It was discovered that Exim did not enforce STARTTLS sync point on client side. An attacker could possibly use this issue to perform response injection during MTA SMTP sending. Update Instructions: Run `sudo pro fix USN-6881-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.93-13ubuntu1.11 exim4-base - 4.93-13ubuntu1.11 exim4-config - 4.93-13ubuntu1.11 exim4-daemon-heavy - 4.93-13ubuntu1.11 exim4-daemon-light - 4.93-13ubuntu1.11 exim4-dev - 4.93-13ubuntu1.11 eximon4 - 4.93-13ubuntu1.11 No subscription required Low CVE-2021-38371 Ubuntu 20.04 LTS Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6882-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-api - 2:16.4.2-0ubuntu2.8 cinder-backup - 2:16.4.2-0ubuntu2.8 cinder-common - 2:16.4.2-0ubuntu2.8 cinder-scheduler - 2:16.4.2-0ubuntu2.8 cinder-volume - 2:16.4.2-0ubuntu2.8 python3-cinder - 2:16.4.2-0ubuntu2.8 No subscription required Medium CVE-2024-32498 Ubuntu 20.04 LTS USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6882-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cinder-api - 2:16.4.2-0ubuntu2.9 cinder-backup - 2:16.4.2-0ubuntu2.9 cinder-common - 2:16.4.2-0ubuntu2.9 cinder-scheduler - 2:16.4.2-0ubuntu2.9 cinder-volume - 2:16.4.2-0ubuntu2.9 python3-cinder - 2:16.4.2-0ubuntu2.9 No subscription required Medium CVE-2022-47951 CVE-2024-32498 Ubuntu 20.04 LTS Martin Kaesberger discovered that Glance incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6883-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glance - 2:20.2.0-0ubuntu1.2 glance-api - 2:20.2.0-0ubuntu1.2 glance-common - 2:20.2.0-0ubuntu1.2 python-glance-doc - 2:20.2.0-0ubuntu1.2 python3-glance - 2:20.2.0-0ubuntu1.2 No subscription required Medium CVE-2024-32498 Ubuntu 20.04 LTS Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6884-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.8 nova-api - 2:21.2.4-0ubuntu2.8 nova-api-metadata - 2:21.2.4-0ubuntu2.8 nova-api-os-compute - 2:21.2.4-0ubuntu2.8 nova-api-os-volume - 2:21.2.4-0ubuntu2.8 nova-cells - 2:21.2.4-0ubuntu2.8 nova-common - 2:21.2.4-0ubuntu2.8 nova-compute - 2:21.2.4-0ubuntu2.8 nova-compute-kvm - 2:21.2.4-0ubuntu2.8 nova-compute-libvirt - 2:21.2.4-0ubuntu2.8 nova-compute-lxc - 2:21.2.4-0ubuntu2.8 nova-compute-qemu - 2:21.2.4-0ubuntu2.8 nova-compute-vmware - 2:21.2.4-0ubuntu2.8 nova-compute-xen - 2:21.2.4-0ubuntu2.8 nova-conductor - 2:21.2.4-0ubuntu2.8 nova-doc - 2:21.2.4-0ubuntu2.8 nova-novncproxy - 2:21.2.4-0ubuntu2.8 nova-scheduler - 2:21.2.4-0ubuntu2.8 nova-serialproxy - 2:21.2.4-0ubuntu2.8 nova-spiceproxy - 2:21.2.4-0ubuntu2.8 nova-volume - 2:21.2.4-0ubuntu2.8 python3-nova - 2:21.2.4-0ubuntu2.8 No subscription required Medium CVE-2024-32498 Ubuntu 20.04 LTS Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-36387) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs with incorrect encodings to backends. A remote attacker could possibly use this issue to bypass authentication. (CVE-2024-38473) Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions. (CVE-2024-38474, CVE-2024-38475, CVE-2024-39573) Orange Tsai discovered that the Apache HTTP Server incorrectly handled certain response headers. A remote attacker could possibly use this issue to obtain sensitive information, execute local scripts, or perform SSRF attacks. (CVE-2024-38476) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-38477) It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code. (CVE-2024-39884) Update Instructions: Run `sudo pro fix USN-6885-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.41-4ubuntu3.19 apache2-bin - 2.4.41-4ubuntu3.19 apache2-data - 2.4.41-4ubuntu3.19 apache2-dev - 2.4.41-4ubuntu3.19 apache2-doc - 2.4.41-4ubuntu3.19 apache2-ssl-dev - 2.4.41-4ubuntu3.19 apache2-suexec-custom - 2.4.41-4ubuntu3.19 apache2-suexec-pristine - 2.4.41-4ubuntu3.19 apache2-utils - 2.4.41-4ubuntu3.19 libapache2-mod-md - 2.4.41-4ubuntu3.19 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.19 No subscription required High CVE-2024-36387 CVE-2024-38473 CVE-2024-38474 CVE-2024-38475 CVE-2024-38476 CVE-2024-38477 CVE-2024-39573 CVE-2024-39884 Ubuntu 20.04 LTS USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-36387) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs with incorrect encodings to backends. A remote attacker could possibly use this issue to bypass authentication. (CVE-2024-38473) Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions. (CVE-2024-38474, CVE-2024-38475, CVE-2024-39573) Orange Tsai discovered that the Apache HTTP Server incorrectly handled certain response headers. A remote attacker could possibly use this issue to obtain sensitive information, execute local scripts, or perform SSRF attacks. (CVE-2024-38476) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-38477) It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code. (CVE-2024-39884) Update Instructions: Run `sudo pro fix USN-6885-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.41-4ubuntu3.20 apache2-bin - 2.4.41-4ubuntu3.20 apache2-data - 2.4.41-4ubuntu3.20 apache2-dev - 2.4.41-4ubuntu3.20 apache2-doc - 2.4.41-4ubuntu3.20 apache2-ssl-dev - 2.4.41-4ubuntu3.20 apache2-suexec-custom - 2.4.41-4ubuntu3.20 apache2-suexec-pristine - 2.4.41-4ubuntu3.20 apache2-utils - 2.4.41-4ubuntu3.20 libapache2-mod-md - 2.4.41-4ubuntu3.20 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.20 No subscription required None https://launchpad.net/bugs/2072648 Ubuntu 20.04 LTS USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions. (CVE-2024-38474) Update Instructions: Run `sudo pro fix USN-6885-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.41-4ubuntu3.23 apache2-bin - 2.4.41-4ubuntu3.23 apache2-data - 2.4.41-4ubuntu3.23 apache2-dev - 2.4.41-4ubuntu3.23 apache2-doc - 2.4.41-4ubuntu3.23 apache2-ssl-dev - 2.4.41-4ubuntu3.23 apache2-suexec-custom - 2.4.41-4ubuntu3.23 apache2-suexec-pristine - 2.4.41-4ubuntu3.23 apache2-utils - 2.4.41-4ubuntu3.23 libapache2-mod-md - 2.4.41-4ubuntu3.23 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.23 No subscription required None https://launchpad.net/bugs/2103723 Ubuntu 20.04 LTS It was discovered that the Go net/http module did not properly handle the requests when request\'s headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-45288) It was discovered that the Go net/http module did not properly validate the subdomain match or exact match of the initial domain. An attacker could possibly use this issue to read sensitive information. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-45289) It was discovered that the Go net/http module did not properly validate the total size of the parsed form when parsing a multipart form. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-45290) It was discovered that the Go crypto/x509 module did not properly handle a certificate chain which contains a certificate with an unknown public key algorithm. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-24783) It was discovered that the Go net/mail module did not properly handle comments within display names in the ParseAddressList function. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-24784) It was discovered that the Go html/template module did not validate errors returned from MarshalJSON methods. An attacker could possibly use this issue to inject arbitrary code into the Go template. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-24785) It was discovered that the Go net module did not properly validate the DNS message in response to a query. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.22. (CVE-2024-24788) It was discovered that the Go archive/zip module did not properly handle certain types of invalid zip files differs from the behavior of most zip implementations. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2024-24789) It was discovered that the Go net/netip module did not work as expected for IPv4-mapped IPv6 addresses in various Is methods. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2024-24790) Update Instructions: Run `sudo pro fix USN-6886-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.21 - 1.21.1-1~ubuntu20.04.3 golang-1.21-doc - 1.21.1-1~ubuntu20.04.3 golang-1.21-go - 1.21.1-1~ubuntu20.04.3 golang-1.21-src - 1.21.1-1~ubuntu20.04.3 No subscription required Medium CVE-2023-45288 CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2024-24788 CVE-2024-24789 CVE-2024-24790 Ubuntu 20.04 LTS Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. (CVE-2024-38875) It was discovered that Django incorrectly handled authenticating users with unusable passwords. A remote attacker could possibly use this issue to perform a timing attack and enumerate users. (CVE-2024-39329) Josh Schneier discovered that Django incorrectly handled file path validation when the storage class is being derived. A remote attacker could possibly use this issue to save files into arbitrary directories. (CVE-2024-39330) It was discovered that Django incorrectly handled certain long strings that included a specific set of characters. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. (CVE-2024-39614) Update Instructions: Run `sudo pro fix USN-6888-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.23 python3-django - 2:2.2.12-1ubuntu0.23 No subscription required Medium CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-6601, CVE-2024-6604, CVE-2024-6607, CVE-2024-6608, CVE-2024-6610, CVE-2024-6611, CVE-2024-6612, CVE-2024-6613, CVE-2024-6614, CVE-2024-6615) It was discovered that Firefox did not properly manage certain memory operations in the NSS. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-6602, CVE-2024-6609) Irvan Kurniawan discovered that Firefox did not properly manage memory during thread creation. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-6603) It was discovered that Firefox incorrectly handled array accesses in the clipboard component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-6606) Update Instructions: Run `sudo pro fix USN-6890-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 128.0+build2-0ubuntu0.20.04.1 firefox-dev - 128.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 128.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 128.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 128.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604 CVE-2024-6606 CVE-2024-6607 CVE-2024-6608 CVE-2024-6609 CVE-2024-6610 CVE-2024-6611 CVE-2024-6612 CVE-2024-6613 CVE-2024-6614 CVE-2024-6615 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2015-20107) It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-1060, CVE-2018-1061) It was discovered that Python failed to initialize Expat’s hash salt. A remote attacker could possibly use this issue to cause hash collisions, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-14647) It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-20406) It was discovered that Python incorrectly validated the domain when handling cookies. An attacker could possibly trick Python into sending cookies to the wrong domain. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-20852) Jonathan Birch and Panayiotis Panayiotou discovered that Python incorrectly handled Unicode encoding during NFKC normalization. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9636, CVE-2019-10160) It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-16056) It was discovered that the Python documentation XML-RPC server incorrectly handled certain fields. A remote attacker could use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-16935) It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514) It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-18348) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-20907) Colin Read and Nicolas Edet discovered that Python incorrectly handled parsing certain X509 certificates. An attacker could possibly use this issue to cause Python to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-5010) It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain urls. A remote attacker could possibly use this issue to perform CRLF injection attacks. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9740, CVE-2019-9947) Sihoon Lee discovered that Python incorrectly handled the local_file: scheme. A remote attacker could possibly use this issue to bypass blocklist meschanisms. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9948) It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-14422) It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-26116) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-27619, CVE-2021-3177) It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-8492) It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-29921) David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426) It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3733) It was discovered that Python incorrectly handled certain server responses. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3737) It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-0391) Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-42919) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45061, CVE-2023-24329) It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48560) It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48564) It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity (XXE) injection, resulting in a denial of service or information disclosure. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48565) It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48566) It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40217) It was discovered that Python incorrectly handled null bytes when normalizing pathnames. An attacker could possibly use this issue to bypass certain filename checks. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-41105) It was discovered that Python incorrectly handled privilege with certain parameters. An attacker could possibly use this issue to maintain the original processes' groups before starting the new process. This issue only affected Ubuntu 23.10. (CVE-2023-6507) It was discovered that Python incorrectly handled symlinks in temp files. An attacker could possibly use this issue to modify the permissions of files. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-6597) It was discovered that Python incorrectly handled certain crafted zip files. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2024-0450) Update Instructions: Run `sudo pro fix USN-6891-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.10 libpython3.8 - 3.8.10-0ubuntu1~20.04.10 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.10 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.10 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.10 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.10 python3.8 - 3.8.10-0ubuntu1~20.04.10 python3.8-dev - 3.8.10-0ubuntu1~20.04.10 python3.8-doc - 3.8.10-0ubuntu1~20.04.10 python3.8-examples - 3.8.10-0ubuntu1~20.04.10 python3.8-full - 3.8.10-0ubuntu1~20.04.10 python3.8-minimal - 3.8.10-0ubuntu1~20.04.10 python3.8-venv - 3.8.10-0ubuntu1~20.04.10 No subscription required idle-python3.9 - 3.9.5-3ubuntu0~20.04.1+esm2 libpython3.9 - 3.9.5-3ubuntu0~20.04.1+esm2 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm2 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm2 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1+esm2 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9 - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9-doc - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9-examples - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9-full - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm2 python3.9-venv - 3.9.5-3ubuntu0~20.04.1+esm2 No subscription required High CVE-2015-20107 CVE-2018-1060 CVE-2018-1061 CVE-2018-14647 CVE-2018-20406 CVE-2018-20852 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935 CVE-2019-17514 CVE-2019-18348 CVE-2019-20907 CVE-2019-5010 CVE-2019-9636 CVE-2019-9674 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2020-14422 CVE-2020-26116 CVE-2020-27619 CVE-2020-8492 CVE-2021-29921 CVE-2021-3177 CVE-2021-3426 CVE-2021-3733 CVE-2021-3737 CVE-2021-4189 CVE-2022-0391 CVE-2022-42919 CVE-2022-45061 CVE-2022-48560 CVE-2022-48564 CVE-2022-48565 CVE-2022-48566 CVE-2023-24329 CVE-2023-40217 CVE-2023-41105 CVE-2023-6507 CVE-2023-6597 CVE-2024-0450 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. (CVE-2024-21823) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - x86 architecture; - ACPI drivers; - Block layer subsystem; - Clock framework and drivers; - CPU frequency scaling framework; - Cryptographic API; - DMA engine subsystem; - EFI core; - GPU drivers; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - MMC subsystem; - Network drivers; - NTB driver; - NVME drivers; - PCI subsystem; - MediaTek PM domains; - Power supply drivers; - SPI subsystem; - Media staging drivers; - TCM subsystem; - USB subsystem; - Framebuffer layer; - AFS file system; - File systems infrastructure; - BTRFS file system; - EROFS file system; - Ext4 file system; - F2FS file system; - Network file system client; - NTFS3 file system; - Diskquota system; - SMB network file system; - BPF subsystem; - Netfilter; - TLS protocol; - io_uring subsystem; - Bluetooth subsystem; - Memory management; - Ethernet bridge; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - Multipath TCP; - Netlink; - NET/ROM layer; - Packet sockets; - RDS protocol; - Sun RPC protocol; - Unix domain sockets; - Wireless networking; - USB sound devices; (CVE-2024-26643, CVE-2024-26735, CVE-2024-27024, CVE-2024-26838, CVE-2024-27045, CVE-2024-26747, CVE-2024-26774, CVE-2024-26889, CVE-2024-26766, CVE-2024-26878, CVE-2024-35845, CVE-2024-27034, CVE-2024-26857, CVE-2024-26863, CVE-2024-27030, CVE-2024-27043, CVE-2023-52662, CVE-2024-26787, CVE-2024-26782, CVE-2023-52434, CVE-2024-26802, CVE-2024-26776, CVE-2024-26584, CVE-2024-26875, CVE-2023-52650, CVE-2024-26879, CVE-2024-26820, CVE-2024-27410, CVE-2024-26859, CVE-2024-26744, CVE-2024-26743, CVE-2024-27075, CVE-2024-35830, CVE-2024-26779, CVE-2024-26843, CVE-2024-26778, CVE-2024-27046, CVE-2024-27412, CVE-2024-26839, CVE-2024-26773, CVE-2024-26748, CVE-2023-52620, CVE-2024-26805, CVE-2024-26915, CVE-2024-26848, CVE-2024-26688, CVE-2024-26840, CVE-2024-26856, CVE-2024-27414, CVE-2023-52645, CVE-2024-26880, CVE-2023-52656, CVE-2024-27053, CVE-2024-26752, CVE-2024-27047, CVE-2024-27416, CVE-2024-26882, CVE-2024-26803, CVE-2024-27073, CVE-2024-26884, CVE-2024-26769, CVE-2024-26737, CVE-2024-27054, CVE-2024-27044, CVE-2024-26777, CVE-2024-26749, CVE-2024-27436, CVE-2024-26788, CVE-2024-26751, CVE-2024-35828, CVE-2024-26891, CVE-2024-26771, CVE-2024-26877, CVE-2024-26733, CVE-2024-26793, CVE-2024-26659, CVE-2024-27419, CVE-2024-26870, CVE-2024-26651, CVE-2024-27413, CVE-2024-26895, CVE-2024-27065, CVE-2024-26881, CVE-2023-52640, CVE-2024-27415, CVE-2024-26795, CVE-2024-26603, CVE-2024-26754, CVE-2024-26874, CVE-2023-52644, CVE-2024-26798, CVE-2024-26862, CVE-2024-26861, CVE-2024-26907, CVE-2024-26897, CVE-2024-26801, CVE-2024-27388, CVE-2024-26894, CVE-2024-27077, CVE-2024-26792, CVE-2024-26583, CVE-2023-52497, CVE-2024-26804, CVE-2024-26764, CVE-2023-52641, CVE-2024-26585, CVE-2024-27076, CVE-2024-27405, CVE-2024-26898, CVE-2024-35829, CVE-2024-26835, CVE-2024-26852, CVE-2024-27390, CVE-2024-26791, CVE-2024-27403, CVE-2024-26906, CVE-2024-27074, CVE-2024-26601, CVE-2024-35844, CVE-2024-26816, CVE-2024-27028, CVE-2024-27432, CVE-2024-26901, CVE-2024-27078, CVE-2024-26872, CVE-2024-26833, CVE-2024-27039, CVE-2024-26846, CVE-2024-26855, CVE-2024-26885, CVE-2024-27038, CVE-2024-27037, CVE-2024-26883, CVE-2024-26924, CVE-2024-27051, CVE-2024-26845, CVE-2024-26809, CVE-2024-27431, CVE-2023-52652, CVE-2023-52447, CVE-2024-27417, CVE-2024-26772, CVE-2024-26736, CVE-2024-26903, CVE-2024-26750, CVE-2024-26790, CVE-2024-27052, CVE-2024-26851, CVE-2024-26763) Update Instructions: Run `sudo pro fix USN-6892-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 linux-headers-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 linux-ibm-5.15-headers-5.15.0-1057 - 5.15.0-1057.60~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1057.60~20.04.1 linux-ibm-5.15-tools-5.15.0-1057 - 5.15.0-1057.60~20.04.1 linux-image-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 linux-image-unsigned-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 linux-modules-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 linux-modules-extra-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 linux-tools-5.15.0-1057-ibm - 5.15.0-1057.60~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1057.60~20.04.1 linux-headers-ibm-edge - 5.15.0.1057.60~20.04.1 linux-ibm - 5.15.0.1057.60~20.04.1 linux-ibm-edge - 5.15.0.1057.60~20.04.1 linux-image-ibm - 5.15.0.1057.60~20.04.1 linux-image-ibm-edge - 5.15.0.1057.60~20.04.1 linux-tools-ibm - 5.15.0.1057.60~20.04.1 linux-tools-ibm-edge - 5.15.0.1057.60~20.04.1 No subscription required High CVE-2023-52434 CVE-2023-52447 CVE-2023-52497 CVE-2023-52620 CVE-2023-52640 CVE-2023-52641 CVE-2023-52644 CVE-2023-52645 CVE-2023-52650 CVE-2023-52652 CVE-2023-52656 CVE-2023-52662 CVE-2023-6270 CVE-2023-7042 CVE-2024-0841 CVE-2024-21823 CVE-2024-22099 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26601 CVE-2024-26603 CVE-2024-26643 CVE-2024-26651 CVE-2024-26659 CVE-2024-26688 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750 CVE-2024-26751 CVE-2024-26752 CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795 CVE-2024-26798 CVE-2024-26801 CVE-2024-26802 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809 CVE-2024-26816 CVE-2024-26820 CVE-2024-26833 CVE-2024-26835 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26848 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875 CVE-2024-26877 CVE-2024-26878 CVE-2024-26879 CVE-2024-26880 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889 CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26915 CVE-2024-26924 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27034 CVE-2024-27037 CVE-2024-27038 CVE-2024-27039 CVE-2024-27043 CVE-2024-27044 CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27390 CVE-2024-27403 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413 CVE-2024-27414 CVE-2024-27415 CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27432 CVE-2024-27436 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35844 CVE-2024-35845 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2024-35969, CVE-2024-35819, CVE-2024-26851, CVE-2024-26816, CVE-2024-26643, CVE-2023-52656, CVE-2024-27020, CVE-2024-35821, CVE-2024-35930, CVE-2024-35936, CVE-2024-27075, CVE-2024-26817, CVE-2024-26984, CVE-2024-35895, CVE-2024-35853, CVE-2024-27043, CVE-2024-35978, CVE-2024-35960, CVE-2024-26882, CVE-2024-35806, CVE-2024-35830, CVE-2024-26852, CVE-2024-35915, CVE-2024-36006, CVE-2024-35935, CVE-2024-26926, CVE-2024-35877, CVE-2024-27396, CVE-2024-26654, CVE-2024-27077, CVE-2024-27078, CVE-2024-27000, CVE-2024-35888, CVE-2024-27437, CVE-2024-26994, CVE-2024-26973, CVE-2024-26687, CVE-2024-26955, CVE-2024-26898, CVE-2024-26859, CVE-2023-52620, CVE-2024-35893, CVE-2024-26903, CVE-2024-26862, CVE-2024-35950, CVE-2023-52644, CVE-2024-26969, CVE-2024-27028, CVE-2024-35984, CVE-2024-36007, CVE-2024-35925, CVE-2024-36020, CVE-2024-26956, CVE-2024-35789, CVE-2024-26878, CVE-2024-35855, CVE-2024-35822, CVE-2023-52699, CVE-2024-27044, CVE-2024-27030, CVE-2024-27065, CVE-2024-26993, CVE-2024-27395, CVE-2024-27013, CVE-2024-35922, CVE-2024-26586, CVE-2024-36004, CVE-2024-35897, CVE-2024-35807, CVE-2024-26901, CVE-2024-27076, CVE-2023-52880, CVE-2022-48627, CVE-2024-26894, CVE-2023-52650, CVE-2024-27001, CVE-2024-26863, CVE-2024-26651, CVE-2024-35886, CVE-2024-35982, CVE-2024-26883, CVE-2024-26935, CVE-2024-27074, CVE-2024-35849, CVE-2024-35955, CVE-2024-26965, CVE-2024-35898, CVE-2024-26855, CVE-2024-35933, CVE-2024-35823, CVE-2024-35815, CVE-2024-26880, CVE-2024-26874, CVE-2024-26642, CVE-2024-26937, CVE-2024-35854, CVE-2024-35997, CVE-2024-27059, CVE-2024-26812, CVE-2024-26999, CVE-2024-26923, CVE-2024-26934, CVE-2024-27024, CVE-2024-27419, CVE-2024-35847, CVE-2024-26974, CVE-2024-26875, CVE-2024-35805, CVE-2024-27008, CVE-2024-26889, CVE-2024-27053, CVE-2024-27388, CVE-2024-26981, CVE-2024-26976, CVE-2024-35973, CVE-2024-35852, CVE-2024-35809, CVE-2024-27004, CVE-2024-26884, CVE-2024-35899, CVE-2024-26931, CVE-2024-35813, CVE-2024-26922, CVE-2024-26957, CVE-2024-35944, CVE-2024-27038, CVE-2024-35910, CVE-2024-26925, CVE-2024-26820, CVE-2024-26857, CVE-2024-26828, CVE-2024-35825, CVE-2024-26813, CVE-2024-27046, CVE-2024-26810, CVE-2024-27436, CVE-2024-27073, CVE-2024-35828, CVE-2024-35900, CVE-2024-26966) Update Instructions: Run `sudo pro fix USN-6896-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1075-ibm - 5.4.0-1075.80 linux-headers-5.4.0-1075-ibm - 5.4.0-1075.80 linux-ibm-cloud-tools-common - 5.4.0-1075.80 linux-ibm-headers-5.4.0-1075 - 5.4.0-1075.80 linux-ibm-source-5.4.0 - 5.4.0-1075.80 linux-ibm-tools-5.4.0-1075 - 5.4.0-1075.80 linux-ibm-tools-common - 5.4.0-1075.80 linux-image-5.4.0-1075-ibm - 5.4.0-1075.80 linux-image-unsigned-5.4.0-1075-ibm - 5.4.0-1075.80 linux-modules-5.4.0-1075-ibm - 5.4.0-1075.80 linux-modules-extra-5.4.0-1075-ibm - 5.4.0-1075.80 linux-tools-5.4.0-1075-ibm - 5.4.0-1075.80 No subscription required linux-bluefield-headers-5.4.0-1088 - 5.4.0-1088.95 linux-bluefield-tools-5.4.0-1088 - 5.4.0-1088.95 linux-buildinfo-5.4.0-1088-bluefield - 5.4.0-1088.95 linux-headers-5.4.0-1088-bluefield - 5.4.0-1088.95 linux-image-5.4.0-1088-bluefield - 5.4.0-1088.95 linux-image-unsigned-5.4.0-1088-bluefield - 5.4.0-1088.95 linux-modules-5.4.0-1088-bluefield - 5.4.0-1088.95 linux-tools-5.4.0-1088-bluefield - 5.4.0-1088.95 No subscription required linux-buildinfo-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-cloud-tools-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-gkeop-cloud-tools-5.4.0-1095 - 5.4.0-1095.99 linux-gkeop-headers-5.4.0-1095 - 5.4.0-1095.99 linux-gkeop-source-5.4.0 - 5.4.0-1095.99 linux-gkeop-tools-5.4.0-1095 - 5.4.0-1095.99 linux-headers-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-image-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-image-unsigned-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-modules-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-modules-extra-5.4.0-1095-gkeop - 5.4.0-1095.99 linux-tools-5.4.0-1095-gkeop - 5.4.0-1095.99 No subscription required linux-buildinfo-5.4.0-1116-kvm - 5.4.0-1116.123 linux-headers-5.4.0-1116-kvm - 5.4.0-1116.123 linux-image-5.4.0-1116-kvm - 5.4.0-1116.123 linux-image-unsigned-5.4.0-1116-kvm - 5.4.0-1116.123 linux-kvm-headers-5.4.0-1116 - 5.4.0-1116.123 linux-kvm-tools-5.4.0-1116 - 5.4.0-1116.123 linux-modules-5.4.0-1116-kvm - 5.4.0-1116.123 linux-tools-5.4.0-1116-kvm - 5.4.0-1116.123 No subscription required linux-buildinfo-5.4.0-1132-gcp - 5.4.0-1132.141 linux-gcp-headers-5.4.0-1132 - 5.4.0-1132.141 linux-gcp-tools-5.4.0-1132 - 5.4.0-1132.141 linux-headers-5.4.0-1132-gcp - 5.4.0-1132.141 linux-image-5.4.0-1132-gcp - 5.4.0-1132.141 linux-image-unsigned-5.4.0-1132-gcp - 5.4.0-1132.141 linux-modules-5.4.0-1132-gcp - 5.4.0-1132.141 linux-modules-extra-5.4.0-1132-gcp - 5.4.0-1132.141 linux-tools-5.4.0-1132-gcp - 5.4.0-1132.141 No subscription required linux-azure-cloud-tools-5.4.0-1133 - 5.4.0-1133.140 linux-azure-headers-5.4.0-1133 - 5.4.0-1133.140 linux-azure-tools-5.4.0-1133 - 5.4.0-1133.140 linux-buildinfo-5.4.0-1133-azure - 5.4.0-1133.140 linux-cloud-tools-5.4.0-1133-azure - 5.4.0-1133.140 linux-headers-5.4.0-1133-azure - 5.4.0-1133.140 linux-image-5.4.0-1133-azure - 5.4.0-1133.140 linux-image-unsigned-5.4.0-1133-azure - 5.4.0-1133.140 linux-modules-5.4.0-1133-azure - 5.4.0-1133.140 linux-modules-extra-5.4.0-1133-azure - 5.4.0-1133.140 linux-tools-5.4.0-1133-azure - 5.4.0-1133.140 No subscription required linux-buildinfo-5.4.0-189-generic - 5.4.0-189.209 linux-buildinfo-5.4.0-189-generic-lpae - 5.4.0-189.209 linux-buildinfo-5.4.0-189-lowlatency - 5.4.0-189.209 linux-cloud-tools-5.4.0-189 - 5.4.0-189.209 linux-cloud-tools-5.4.0-189-generic - 5.4.0-189.209 linux-cloud-tools-5.4.0-189-lowlatency - 5.4.0-189.209 linux-cloud-tools-common - 5.4.0-189.209 linux-doc - 5.4.0-189.209 linux-headers-5.4.0-189 - 5.4.0-189.209 linux-headers-5.4.0-189-generic - 5.4.0-189.209 linux-headers-5.4.0-189-generic-lpae - 5.4.0-189.209 linux-headers-5.4.0-189-lowlatency - 5.4.0-189.209 linux-image-5.4.0-189-generic - 5.4.0-189.209 linux-image-5.4.0-189-generic-lpae - 5.4.0-189.209 linux-image-5.4.0-189-lowlatency - 5.4.0-189.209 linux-image-unsigned-5.4.0-189-generic - 5.4.0-189.209 linux-image-unsigned-5.4.0-189-lowlatency - 5.4.0-189.209 linux-libc-dev - 5.4.0-189.209 linux-modules-5.4.0-189-generic - 5.4.0-189.209 linux-modules-5.4.0-189-generic-lpae - 5.4.0-189.209 linux-modules-5.4.0-189-lowlatency - 5.4.0-189.209 linux-modules-extra-5.4.0-189-generic - 5.4.0-189.209 linux-source-5.4.0 - 5.4.0-189.209 linux-tools-5.4.0-189 - 5.4.0-189.209 linux-tools-5.4.0-189-generic - 5.4.0-189.209 linux-tools-5.4.0-189-generic-lpae - 5.4.0-189.209 linux-tools-5.4.0-189-lowlatency - 5.4.0-189.209 linux-tools-common - 5.4.0-189.209 linux-tools-host - 5.4.0-189.209 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1075.104 linux-ibm-lts-20.04 - 5.4.0.1075.104 linux-image-ibm-lts-20.04 - 5.4.0.1075.104 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1075.104 linux-tools-ibm-lts-20.04 - 5.4.0.1075.104 No subscription required linux-bluefield - 5.4.0.1088.84 linux-headers-bluefield - 5.4.0.1088.84 linux-image-bluefield - 5.4.0.1088.84 linux-tools-bluefield - 5.4.0.1088.84 No subscription required linux-cloud-tools-gkeop - 5.4.0.1095.93 linux-cloud-tools-gkeop-5.4 - 5.4.0.1095.93 linux-gkeop - 5.4.0.1095.93 linux-gkeop-5.4 - 5.4.0.1095.93 linux-headers-gkeop - 5.4.0.1095.93 linux-headers-gkeop-5.4 - 5.4.0.1095.93 linux-image-gkeop - 5.4.0.1095.93 linux-image-gkeop-5.4 - 5.4.0.1095.93 linux-modules-extra-gkeop - 5.4.0.1095.93 linux-modules-extra-gkeop-5.4 - 5.4.0.1095.93 linux-tools-gkeop - 5.4.0.1095.93 linux-tools-gkeop-5.4 - 5.4.0.1095.93 No subscription required linux-headers-kvm - 5.4.0.1116.112 linux-image-kvm - 5.4.0.1116.112 linux-kvm - 5.4.0.1116.112 linux-tools-kvm - 5.4.0.1116.112 No subscription required linux-gcp-lts-20.04 - 5.4.0.1132.134 linux-headers-gcp-lts-20.04 - 5.4.0.1132.134 linux-image-gcp-lts-20.04 - 5.4.0.1132.134 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1132.134 linux-tools-gcp-lts-20.04 - 5.4.0.1132.134 No subscription required linux-azure-lts-20.04 - 5.4.0.1133.127 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1133.127 linux-headers-azure-lts-20.04 - 5.4.0.1133.127 linux-image-azure-lts-20.04 - 5.4.0.1133.127 linux-modules-extra-azure-lts-20.04 - 5.4.0.1133.127 linux-tools-azure-lts-20.04 - 5.4.0.1133.127 No subscription required linux-cloud-tools-generic - 5.4.0.189.187 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.189.187 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.189.187 linux-cloud-tools-lowlatency - 5.4.0.189.187 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.189.187 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.189.187 linux-cloud-tools-virtual - 5.4.0.189.187 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.189.187 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.189.187 linux-crashdump - 5.4.0.189.187 linux-generic - 5.4.0.189.187 linux-generic-hwe-18.04 - 5.4.0.189.187 linux-generic-hwe-18.04-edge - 5.4.0.189.187 linux-generic-lpae - 5.4.0.189.187 linux-generic-lpae-hwe-18.04 - 5.4.0.189.187 linux-generic-lpae-hwe-18.04-edge - 5.4.0.189.187 linux-headers-generic - 5.4.0.189.187 linux-headers-generic-hwe-18.04 - 5.4.0.189.187 linux-headers-generic-hwe-18.04-edge - 5.4.0.189.187 linux-headers-generic-lpae - 5.4.0.189.187 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.189.187 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.189.187 linux-headers-lowlatency - 5.4.0.189.187 linux-headers-lowlatency-hwe-18.04 - 5.4.0.189.187 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.189.187 linux-headers-oem - 5.4.0.189.187 linux-headers-oem-osp1 - 5.4.0.189.187 linux-headers-virtual - 5.4.0.189.187 linux-headers-virtual-hwe-18.04 - 5.4.0.189.187 linux-headers-virtual-hwe-18.04-edge - 5.4.0.189.187 linux-image-extra-virtual - 5.4.0.189.187 linux-image-extra-virtual-hwe-18.04 - 5.4.0.189.187 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.189.187 linux-image-generic - 5.4.0.189.187 linux-image-generic-hwe-18.04 - 5.4.0.189.187 linux-image-generic-hwe-18.04-edge - 5.4.0.189.187 linux-image-generic-lpae - 5.4.0.189.187 linux-image-generic-lpae-hwe-18.04 - 5.4.0.189.187 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.189.187 linux-image-lowlatency - 5.4.0.189.187 linux-image-lowlatency-hwe-18.04 - 5.4.0.189.187 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.189.187 linux-image-oem - 5.4.0.189.187 linux-image-oem-osp1 - 5.4.0.189.187 linux-image-virtual - 5.4.0.189.187 linux-image-virtual-hwe-18.04 - 5.4.0.189.187 linux-image-virtual-hwe-18.04-edge - 5.4.0.189.187 linux-lowlatency - 5.4.0.189.187 linux-lowlatency-hwe-18.04 - 5.4.0.189.187 linux-lowlatency-hwe-18.04-edge - 5.4.0.189.187 linux-oem - 5.4.0.189.187 linux-oem-osp1 - 5.4.0.189.187 linux-oem-osp1-tools-host - 5.4.0.189.187 linux-oem-tools-host - 5.4.0.189.187 linux-source - 5.4.0.189.187 linux-tools-generic - 5.4.0.189.187 linux-tools-generic-hwe-18.04 - 5.4.0.189.187 linux-tools-generic-hwe-18.04-edge - 5.4.0.189.187 linux-tools-generic-lpae - 5.4.0.189.187 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.189.187 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.189.187 linux-tools-lowlatency - 5.4.0.189.187 linux-tools-lowlatency-hwe-18.04 - 5.4.0.189.187 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.189.187 linux-tools-oem - 5.4.0.189.187 linux-tools-oem-osp1 - 5.4.0.189.187 linux-tools-virtual - 5.4.0.189.187 linux-tools-virtual-hwe-18.04 - 5.4.0.189.187 linux-tools-virtual-hwe-18.04-edge - 5.4.0.189.187 linux-virtual - 5.4.0.189.187 linux-virtual-hwe-18.04 - 5.4.0.189.187 linux-virtual-hwe-18.04-edge - 5.4.0.189.187 No subscription required High CVE-2022-48627 CVE-2023-52620 CVE-2023-52644 CVE-2023-52650 CVE-2023-52656 CVE-2023-52699 CVE-2023-52880 CVE-2023-6270 CVE-2023-7042 CVE-2024-22099 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26586 CVE-2024-26642 CVE-2024-26643 CVE-2024-26651 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26812 CVE-2024-26813 CVE-2024-26816 CVE-2024-26817 CVE-2024-26820 CVE-2024-26828 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26857 CVE-2024-26859 CVE-2024-26862 CVE-2024-26863 CVE-2024-26874 CVE-2024-26875 CVE-2024-26878 CVE-2024-26880 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26889 CVE-2024-26894 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26981 CVE-2024-26984 CVE-2024-26993 CVE-2024-26994 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27013 CVE-2024-27020 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27038 CVE-2024-27043 CVE-2024-27044 CVE-2024-27046 CVE-2024-27053 CVE-2024-27059 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27395 CVE-2024-27396 CVE-2024-27419 CVE-2024-27436 CVE-2024-27437 CVE-2024-35789 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35828 CVE-2024-35830 CVE-2024-35847 CVE-2024-35849 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35877 CVE-2024-35886 CVE-2024-35888 CVE-2024-35893 CVE-2024-35895 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35910 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35935 CVE-2024-35936 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35960 CVE-2024-35969 CVE-2024-35973 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35997 CVE-2024-36004 CVE-2024-36006 CVE-2024-36007 CVE-2024-36020 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2023-52620, CVE-2023-52650, CVE-2024-26999, CVE-2024-26857, CVE-2024-35984, CVE-2024-27043, CVE-2024-26810, CVE-2023-52880, CVE-2024-35915, CVE-2024-26955, CVE-2024-27396, CVE-2024-35922, CVE-2024-27395, CVE-2024-35899, CVE-2024-35809, CVE-2024-27000, CVE-2024-27004, CVE-2024-35830, CVE-2024-26931, CVE-2024-26993, CVE-2024-27013, CVE-2024-26812, CVE-2024-35893, CVE-2024-27073, CVE-2024-26687, CVE-2024-26969, CVE-2024-26901, CVE-2024-26875, CVE-2024-26976, CVE-2024-26889, CVE-2024-26586, CVE-2024-36020, CVE-2024-26859, CVE-2024-35944, CVE-2024-35888, CVE-2024-26965, CVE-2024-36007, CVE-2024-35847, CVE-2024-27436, CVE-2024-35982, CVE-2023-52699, CVE-2024-26903, CVE-2024-26966, CVE-2024-35910, CVE-2024-26973, CVE-2024-35895, CVE-2024-27008, CVE-2024-26934, CVE-2024-26923, CVE-2024-26956, CVE-2024-27001, CVE-2024-26651, CVE-2024-26894, CVE-2024-27028, CVE-2024-27053, CVE-2024-27059, CVE-2023-52656, CVE-2024-26878, CVE-2024-35806, CVE-2024-27038, CVE-2024-27076, CVE-2024-26994, CVE-2024-27077, CVE-2024-27437, CVE-2024-26813, CVE-2024-26828, CVE-2024-35807, CVE-2024-35969, CVE-2024-35805, CVE-2024-26862, CVE-2022-48627, CVE-2024-26926, CVE-2024-35933, CVE-2024-35898, CVE-2024-27024, CVE-2024-35789, CVE-2024-35819, CVE-2024-35930, CVE-2024-26654, CVE-2024-26922, CVE-2024-26984, CVE-2024-26880, CVE-2024-27388, CVE-2024-27046, CVE-2024-26820, CVE-2024-36006, CVE-2024-26883, CVE-2024-27078, CVE-2024-35813, CVE-2024-35935, CVE-2024-35855, CVE-2024-35973, CVE-2024-27044, CVE-2024-35886, CVE-2024-26642, CVE-2024-35997, CVE-2024-35822, CVE-2024-27074, CVE-2024-35853, CVE-2024-35936, CVE-2024-35821, CVE-2024-26981, CVE-2024-35852, CVE-2024-26852, CVE-2024-26863, CVE-2024-27065, CVE-2024-35828, CVE-2024-26974, CVE-2024-35823, CVE-2024-35900, CVE-2024-36004, CVE-2024-35960, CVE-2024-35978, CVE-2024-26855, CVE-2024-26816, CVE-2024-35897, CVE-2024-35815, CVE-2024-26884, CVE-2023-52644, CVE-2024-27419, CVE-2024-26882, CVE-2024-35955, CVE-2024-35877, CVE-2024-26957, CVE-2024-35849, CVE-2024-26817, CVE-2024-35925, CVE-2024-26935, CVE-2024-27020, CVE-2024-35950, CVE-2024-26937, CVE-2024-26898, CVE-2024-35854, CVE-2024-26851, CVE-2024-27030, CVE-2024-26874, CVE-2024-35825, CVE-2024-27075) Update Instructions: Run `sudo pro fix USN-6896-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1047-xilinx-zynqmp - 5.4.0-1047.51 linux-headers-5.4.0-1047-xilinx-zynqmp - 5.4.0-1047.51 linux-image-5.4.0-1047-xilinx-zynqmp - 5.4.0-1047.51 linux-modules-5.4.0-1047-xilinx-zynqmp - 5.4.0-1047.51 linux-tools-5.4.0-1047-xilinx-zynqmp - 5.4.0-1047.51 linux-xilinx-zynqmp-headers-5.4.0-1047 - 5.4.0-1047.51 linux-xilinx-zynqmp-tools-5.4.0-1047 - 5.4.0-1047.51 No subscription required linux-buildinfo-5.4.0-1127-oracle - 5.4.0-1127.136 linux-headers-5.4.0-1127-oracle - 5.4.0-1127.136 linux-image-5.4.0-1127-oracle - 5.4.0-1127.136 linux-image-unsigned-5.4.0-1127-oracle - 5.4.0-1127.136 linux-modules-5.4.0-1127-oracle - 5.4.0-1127.136 linux-modules-extra-5.4.0-1127-oracle - 5.4.0-1127.136 linux-oracle-headers-5.4.0-1127 - 5.4.0-1127.136 linux-oracle-tools-5.4.0-1127 - 5.4.0-1127.136 linux-tools-5.4.0-1127-oracle - 5.4.0-1127.136 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1047.47 linux-image-xilinx-zynqmp - 5.4.0.1047.47 linux-tools-xilinx-zynqmp - 5.4.0.1047.47 linux-xilinx-zynqmp - 5.4.0.1047.47 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1127.120 linux-image-oracle-lts-20.04 - 5.4.0.1127.120 linux-oracle-lts-20.04 - 5.4.0.1127.120 linux-tools-oracle-lts-20.04 - 5.4.0.1127.120 No subscription required High CVE-2022-48627 CVE-2023-52620 CVE-2023-52644 CVE-2023-52650 CVE-2023-52656 CVE-2023-52699 CVE-2023-52880 CVE-2023-6270 CVE-2023-7042 CVE-2024-22099 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26586 CVE-2024-26642 CVE-2024-26651 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26812 CVE-2024-26813 CVE-2024-26816 CVE-2024-26817 CVE-2024-26820 CVE-2024-26828 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26857 CVE-2024-26859 CVE-2024-26862 CVE-2024-26863 CVE-2024-26874 CVE-2024-26875 CVE-2024-26878 CVE-2024-26880 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26889 CVE-2024-26894 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26922 CVE-2024-26923 CVE-2024-26926 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26981 CVE-2024-26984 CVE-2024-26993 CVE-2024-26994 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27013 CVE-2024-27020 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27038 CVE-2024-27043 CVE-2024-27044 CVE-2024-27046 CVE-2024-27053 CVE-2024-27059 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27395 CVE-2024-27396 CVE-2024-27419 CVE-2024-27436 CVE-2024-27437 CVE-2024-35789 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35828 CVE-2024-35830 CVE-2024-35847 CVE-2024-35849 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35877 CVE-2024-35886 CVE-2024-35888 CVE-2024-35893 CVE-2024-35895 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35910 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35935 CVE-2024-35936 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35960 CVE-2024-35969 CVE-2024-35973 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35997 CVE-2024-36004 CVE-2024-36006 CVE-2024-36007 CVE-2024-36020 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2024-35930, CVE-2024-26687, CVE-2024-26828, CVE-2024-26903, CVE-2024-35893, CVE-2024-35847, CVE-2024-35849, CVE-2024-35789, CVE-2024-26812, CVE-2024-26898, CVE-2024-26937, CVE-2024-35809, CVE-2023-52620, CVE-2024-35852, CVE-2024-26922, CVE-2024-26923, CVE-2024-27001, CVE-2024-35915, CVE-2024-35935, CVE-2024-26974, CVE-2024-26859, CVE-2024-26999, CVE-2024-26981, CVE-2024-35982, CVE-2024-26969, CVE-2024-26889, CVE-2024-26984, CVE-2024-27077, CVE-2024-26973, CVE-2024-27436, CVE-2024-26965, CVE-2024-35855, CVE-2024-27024, CVE-2024-26934, CVE-2024-35806, CVE-2024-35895, CVE-2024-27076, CVE-2024-26931, CVE-2024-35888, CVE-2024-35899, CVE-2024-35815, CVE-2024-35825, CVE-2024-27078, CVE-2024-36006, CVE-2024-26810, CVE-2023-52699, CVE-2024-26862, CVE-2024-35821, CVE-2024-26851, CVE-2024-26901, CVE-2024-35922, CVE-2024-35944, CVE-2024-35828, CVE-2024-27396, CVE-2024-35969, CVE-2024-26956, CVE-2024-35900, CVE-2024-26955, CVE-2024-26855, CVE-2024-26993, CVE-2024-27028, CVE-2024-26894, CVE-2024-27065, CVE-2024-27046, CVE-2024-35936, CVE-2024-26813, CVE-2024-26957, CVE-2024-26883, CVE-2024-35854, CVE-2024-35807, CVE-2024-35984, CVE-2024-27053, CVE-2024-26994, CVE-2023-52880, CVE-2024-35823, CVE-2024-35997, CVE-2023-52656, CVE-2024-35955, CVE-2024-36004, CVE-2024-35973, CVE-2024-26976, CVE-2024-26651, CVE-2024-26857, CVE-2024-27074, CVE-2024-35933, CVE-2024-27000, CVE-2024-27030, CVE-2024-35813, CVE-2024-26586, CVE-2023-52644, CVE-2024-26817, CVE-2024-26654, CVE-2024-27043, CVE-2024-27437, CVE-2024-26882, CVE-2024-36020, CVE-2024-27038, CVE-2024-35853, CVE-2024-35925, CVE-2024-26874, CVE-2024-35877, CVE-2024-36007, CVE-2024-35898, CVE-2024-27059, CVE-2024-27388, CVE-2024-27020, CVE-2024-26880, CVE-2024-27395, CVE-2024-35805, CVE-2022-48627, CVE-2024-27044, CVE-2024-35830, CVE-2024-26926, CVE-2024-35897, CVE-2024-35819, CVE-2024-26863, CVE-2024-35910, CVE-2024-27008, CVE-2024-26820, CVE-2024-26852, CVE-2024-27073, CVE-2024-26935, CVE-2024-26816, CVE-2024-35960, CVE-2024-35950, CVE-2024-27013, CVE-2023-52650, CVE-2024-27419, CVE-2024-26966, CVE-2024-26642, CVE-2024-26884, CVE-2024-35822, CVE-2024-27075, CVE-2024-35886, CVE-2024-35978, CVE-2024-26875, CVE-2024-27004, CVE-2024-26878) Update Instructions: Run `sudo pro fix USN-6896-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1112-raspi - 5.4.0-1112.124 linux-headers-5.4.0-1112-raspi - 5.4.0-1112.124 linux-image-5.4.0-1112-raspi - 5.4.0-1112.124 linux-modules-5.4.0-1112-raspi - 5.4.0-1112.124 linux-raspi-headers-5.4.0-1112 - 5.4.0-1112.124 linux-raspi-tools-5.4.0-1112 - 5.4.0-1112.124 linux-tools-5.4.0-1112-raspi - 5.4.0-1112.124 No subscription required linux-headers-raspi - 5.4.0.1112.142 linux-headers-raspi-hwe-18.04 - 5.4.0.1112.142 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1112.142 linux-headers-raspi2 - 5.4.0.1112.142 linux-headers-raspi2-hwe-18.04 - 5.4.0.1112.142 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1112.142 linux-image-raspi - 5.4.0.1112.142 linux-image-raspi-hwe-18.04 - 5.4.0.1112.142 linux-image-raspi-hwe-18.04-edge - 5.4.0.1112.142 linux-image-raspi2 - 5.4.0.1112.142 linux-image-raspi2-hwe-18.04 - 5.4.0.1112.142 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1112.142 linux-raspi - 5.4.0.1112.142 linux-raspi-hwe-18.04 - 5.4.0.1112.142 linux-raspi-hwe-18.04-edge - 5.4.0.1112.142 linux-raspi2 - 5.4.0.1112.142 linux-raspi2-hwe-18.04 - 5.4.0.1112.142 linux-raspi2-hwe-18.04-edge - 5.4.0.1112.142 linux-tools-raspi - 5.4.0.1112.142 linux-tools-raspi-hwe-18.04 - 5.4.0.1112.142 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1112.142 linux-tools-raspi2 - 5.4.0.1112.142 linux-tools-raspi2-hwe-18.04 - 5.4.0.1112.142 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1112.142 No subscription required High CVE-2022-48627 CVE-2023-52620 CVE-2023-52644 CVE-2023-52650 CVE-2023-52656 CVE-2023-52699 CVE-2023-52880 CVE-2023-6270 CVE-2023-7042 CVE-2024-22099 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26586 CVE-2024-26642 CVE-2024-26651 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26812 CVE-2024-26813 CVE-2024-26816 CVE-2024-26817 CVE-2024-26820 CVE-2024-26828 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26857 CVE-2024-26859 CVE-2024-26862 CVE-2024-26863 CVE-2024-26874 CVE-2024-26875 CVE-2024-26878 CVE-2024-26880 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26889 CVE-2024-26894 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26922 CVE-2024-26923 CVE-2024-26926 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26981 CVE-2024-26984 CVE-2024-26993 CVE-2024-26994 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27013 CVE-2024-27020 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27038 CVE-2024-27043 CVE-2024-27044 CVE-2024-27046 CVE-2024-27053 CVE-2024-27059 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27395 CVE-2024-27396 CVE-2024-27419 CVE-2024-27436 CVE-2024-27437 CVE-2024-35789 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35828 CVE-2024-35830 CVE-2024-35847 CVE-2024-35849 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35877 CVE-2024-35886 CVE-2024-35888 CVE-2024-35893 CVE-2024-35895 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35910 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35935 CVE-2024-35936 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35960 CVE-2024-35969 CVE-2024-35973 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35997 CVE-2024-36004 CVE-2024-36006 CVE-2024-36007 CVE-2024-36020 Ubuntu 20.04 LTS It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2024-35982, CVE-2024-26862, CVE-2024-35997, CVE-2024-26851, CVE-2024-26817, CVE-2024-26820, CVE-2024-26974, CVE-2024-35806, CVE-2024-26903, CVE-2024-35822, CVE-2024-27076, CVE-2024-26901, CVE-2024-26955, CVE-2024-26976, CVE-2024-35821, CVE-2024-27038, CVE-2024-26994, CVE-2023-52656, CVE-2024-27008, CVE-2024-26966, CVE-2024-26898, CVE-2024-26931, CVE-2024-35888, CVE-2024-26810, CVE-2024-26969, CVE-2024-35960, CVE-2024-26884, CVE-2024-26999, CVE-2024-35847, CVE-2024-35807, CVE-2024-26857, CVE-2024-35915, CVE-2023-52880, CVE-2024-35936, CVE-2024-26875, CVE-2024-26973, CVE-2024-35899, CVE-2024-35910, CVE-2024-27020, CVE-2024-26828, CVE-2024-26957, CVE-2024-35925, CVE-2024-27046, CVE-2024-26923, CVE-2024-27053, CVE-2024-26586, CVE-2024-26878, CVE-2024-26880, CVE-2024-27077, CVE-2024-26812, CVE-2024-27043, CVE-2024-35973, CVE-2024-26855, CVE-2024-26981, CVE-2024-27065, CVE-2024-26687, CVE-2024-35852, CVE-2024-26894, CVE-2024-26852, CVE-2024-35900, CVE-2024-35955, CVE-2022-48627, CVE-2024-35944, CVE-2024-27028, CVE-2024-35825, CVE-2024-36004, CVE-2024-27024, CVE-2024-27075, CVE-2024-27001, CVE-2024-35854, CVE-2024-27073, CVE-2024-27013, CVE-2024-27059, CVE-2024-26863, CVE-2023-52644, CVE-2024-35809, CVE-2024-26889, CVE-2024-36006, CVE-2024-35950, CVE-2024-35849, CVE-2024-27419, CVE-2024-27436, CVE-2024-26922, CVE-2024-35853, CVE-2024-35828, CVE-2024-35805, CVE-2024-26956, CVE-2024-27004, CVE-2023-52620, CVE-2024-26642, CVE-2024-26859, CVE-2024-35877, CVE-2024-26651, CVE-2024-26984, CVE-2024-36007, CVE-2024-26816, CVE-2024-27000, CVE-2024-35897, CVE-2024-36020, CVE-2024-26935, CVE-2024-27388, CVE-2024-35984, CVE-2024-35819, CVE-2024-35935, CVE-2024-35895, CVE-2024-35930, CVE-2024-26874, CVE-2024-26937, CVE-2024-26993, CVE-2024-27395, CVE-2024-26965, CVE-2024-35933, CVE-2024-35815, CVE-2023-52699, CVE-2024-35886, CVE-2024-35922, CVE-2024-27030, CVE-2024-35978, CVE-2024-35855, CVE-2024-35813, CVE-2024-27396, CVE-2024-26654, CVE-2024-27437, CVE-2024-35789, CVE-2024-26926, CVE-2024-35830, CVE-2024-27078, CVE-2023-52650, CVE-2024-27044, CVE-2024-26882, CVE-2024-35969, CVE-2024-26813, CVE-2024-35893, CVE-2024-26883, CVE-2024-27074, CVE-2024-35823, CVE-2024-35898, CVE-2024-26934) Update Instructions: Run `sudo pro fix USN-6896-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1040-iot - 5.4.0-1040.41 linux-headers-5.4.0-1040-iot - 5.4.0-1040.41 linux-image-5.4.0-1040-iot - 5.4.0-1040.41 linux-image-unsigned-5.4.0-1040-iot - 5.4.0-1040.41 linux-iot-headers-5.4.0-1040 - 5.4.0-1040.41 linux-iot-tools-5.4.0-1040 - 5.4.0-1040.41 linux-iot-tools-common - 5.4.0-1040.41 linux-modules-5.4.0-1040-iot - 5.4.0-1040.41 linux-tools-5.4.0-1040-iot - 5.4.0-1040.41 No subscription required linux-aws-cloud-tools-5.4.0-1128 - 5.4.0-1128.138 linux-aws-headers-5.4.0-1128 - 5.4.0-1128.138 linux-aws-tools-5.4.0-1128 - 5.4.0-1128.138 linux-buildinfo-5.4.0-1128-aws - 5.4.0-1128.138 linux-cloud-tools-5.4.0-1128-aws - 5.4.0-1128.138 linux-headers-5.4.0-1128-aws - 5.4.0-1128.138 linux-image-5.4.0-1128-aws - 5.4.0-1128.138 linux-image-unsigned-5.4.0-1128-aws - 5.4.0-1128.138 linux-modules-5.4.0-1128-aws - 5.4.0-1128.138 linux-modules-extra-5.4.0-1128-aws - 5.4.0-1128.138 linux-tools-5.4.0-1128-aws - 5.4.0-1128.138 No subscription required linux-headers-iot - 5.4.0.1040.38 linux-image-iot - 5.4.0.1040.38 linux-iot - 5.4.0.1040.38 linux-tools-iot - 5.4.0.1040.38 No subscription required linux-aws-lts-20.04 - 5.4.0.1128.125 linux-headers-aws-lts-20.04 - 5.4.0.1128.125 linux-image-aws-lts-20.04 - 5.4.0.1128.125 linux-modules-extra-aws-lts-20.04 - 5.4.0.1128.125 linux-tools-aws-lts-20.04 - 5.4.0.1128.125 No subscription required High CVE-2022-48627 CVE-2023-52620 CVE-2023-52644 CVE-2023-52650 CVE-2023-52656 CVE-2023-52699 CVE-2023-52880 CVE-2023-6270 CVE-2023-7042 CVE-2024-22099 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26586 CVE-2024-26642 CVE-2024-26651 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26812 CVE-2024-26813 CVE-2024-26816 CVE-2024-26817 CVE-2024-26820 CVE-2024-26828 CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26857 CVE-2024-26859 CVE-2024-26862 CVE-2024-26863 CVE-2024-26874 CVE-2024-26875 CVE-2024-26878 CVE-2024-26880 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26889 CVE-2024-26894 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26922 CVE-2024-26923 CVE-2024-26926 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26981 CVE-2024-26984 CVE-2024-26993 CVE-2024-26994 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27013 CVE-2024-27020 CVE-2024-27024 CVE-2024-27028 CVE-2024-27030 CVE-2024-27038 CVE-2024-27043 CVE-2024-27044 CVE-2024-27046 CVE-2024-27053 CVE-2024-27059 CVE-2024-27065 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27395 CVE-2024-27396 CVE-2024-27419 CVE-2024-27436 CVE-2024-27437 CVE-2024-35789 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35828 CVE-2024-35830 CVE-2024-35847 CVE-2024-35849 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35877 CVE-2024-35886 CVE-2024-35888 CVE-2024-35893 CVE-2024-35895 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35910 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35935 CVE-2024-35936 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35960 CVE-2024-35969 CVE-2024-35973 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35997 CVE-2024-36004 CVE-2024-36006 CVE-2024-36007 CVE-2024-36020 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29506) It was discovered that Ghostscript incorrectly handled certain API parameters. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-29507) It was discovered that Ghostscript incorrectly handled certain BaseFont names. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-29508) It was discovered that Ghostscript incorrectly handled certain PDF passwords that contained NULL bytes. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29509) It was discovered that Ghostscript incorrectly handled certain certain file paths when doing OCR. An attacker could use this issue to read arbitrary files and write error messages to arbitrary files. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29511) Update Instructions: Run `sudo pro fix USN-6897-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.13 ghostscript-doc - 9.50~dfsg-5ubuntu4.13 ghostscript-x - 9.50~dfsg-5ubuntu4.13 libgs-dev - 9.50~dfsg-5ubuntu4.13 libgs9 - 9.50~dfsg-5ubuntu4.13 libgs9-common - 9.50~dfsg-5ubuntu4.13 No subscription required Medium CVE-2024-29506 CVE-2024-29507 CVE-2024-29508 CVE-2024-29509 CVE-2024-29511 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - ALSA SH drivers; - KVM core; (CVE-2024-35955, CVE-2024-35805, CVE-2024-26814, CVE-2024-27008, CVE-2024-26970, CVE-2024-35944, CVE-2024-27013, CVE-2024-35938, CVE-2024-35853, CVE-2024-35969, CVE-2024-26981, CVE-2024-26929, CVE-2024-27020, CVE-2024-35885, CVE-2024-35973, CVE-2024-35958, CVE-2024-26961, CVE-2024-35912, CVE-2024-35890, CVE-2024-35804, CVE-2024-35813, CVE-2024-27393, CVE-2024-26956, CVE-2024-35915, CVE-2024-26642, CVE-2024-35847, CVE-2024-26960, CVE-2024-26923, CVE-2024-35935, CVE-2024-36025, CVE-2024-35898, CVE-2024-26810, CVE-2024-35809, CVE-2024-26813, CVE-2024-36007, CVE-2024-35817, CVE-2024-35849, CVE-2024-35819, CVE-2024-35884, CVE-2024-35922, CVE-2024-36008, CVE-2024-27004, CVE-2024-35902, CVE-2024-26828, CVE-2024-35791, CVE-2024-35930, CVE-2024-26973, CVE-2024-26984, CVE-2024-35806, CVE-2024-26629, CVE-2024-26955, CVE-2024-26937, CVE-2024-27059, CVE-2024-35872, CVE-2024-35978, CVE-2024-26950, CVE-2024-27018, CVE-2024-35857, CVE-2024-35990, CVE-2024-27437, CVE-2024-35822, CVE-2024-36020, CVE-2024-26931, CVE-2024-26977, CVE-2024-26654, CVE-2024-26988, CVE-2024-36005, CVE-2024-26969, CVE-2024-35960, CVE-2024-27016, CVE-2024-36006, CVE-2024-35936, CVE-2024-35982, CVE-2024-36029, CVE-2024-27395, CVE-2024-26999, CVE-2024-35871, CVE-2024-35893, CVE-2024-26925, CVE-2024-26965, CVE-2024-35933, CVE-2024-35976, CVE-2024-35899, CVE-2024-35852, CVE-2024-35918, CVE-2024-26951, CVE-2024-27001, CVE-2024-35905, CVE-2024-35907, CVE-2024-26976, CVE-2024-27000, CVE-2024-35910, CVE-2024-35950, CVE-2024-26974, CVE-2024-35785, CVE-2023-52488, CVE-2023-52880, CVE-2024-35877, CVE-2024-35888, CVE-2024-35807, CVE-2024-35796, CVE-2024-35821, CVE-2024-35854, CVE-2024-27015, CVE-2024-35823, CVE-2024-35900, CVE-2024-35815, CVE-2024-26966, CVE-2024-26817, CVE-2024-35896, CVE-2024-27396, CVE-2024-27009, CVE-2024-35940, CVE-2024-26996, CVE-2024-35825, CVE-2024-35984, CVE-2024-35886, CVE-2024-27019, CVE-2024-26922, CVE-2024-35989, CVE-2024-26926, CVE-2024-35988, CVE-2024-26957, CVE-2024-26812, CVE-2024-35925, CVE-2024-35970, CVE-2024-26989, CVE-2024-26811, CVE-2024-35895, CVE-2024-26935, CVE-2024-26958, CVE-2024-35855, CVE-2024-35879, CVE-2024-26993, CVE-2024-35934, CVE-2024-36004, CVE-2024-35997, CVE-2024-26994, CVE-2023-52699, CVE-2024-35789, CVE-2024-26964, CVE-2024-26687, CVE-2024-35851, CVE-2024-35897, CVE-2024-26934) Update Instructions: Run `sudo pro fix USN-6898-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-cloud-tools-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1048 - 5.15.0-1048.55~20.04.1 linux-gkeop-5.15-headers-5.15.0-1048 - 5.15.0-1048.55~20.04.1 linux-gkeop-5.15-tools-5.15.0-1048 - 5.15.0-1048.55~20.04.1 linux-headers-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-image-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-image-unsigned-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-modules-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-modules-extra-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 linux-tools-5.15.0-1048-gkeop - 5.15.0-1048.55~20.04.1 No subscription required linux-buildinfo-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-cloud-tools-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-headers-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-image-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-image-unsigned-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1060 - 5.15.0-1060.66~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1060.66~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1060 - 5.15.0-1060.66~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1060 - 5.15.0-1060.66~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1060.66~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1060.66~20.04.1 linux-modules-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-modules-extra-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-modules-iwlwifi-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 linux-tools-5.15.0-1060-intel-iotg - 5.15.0-1060.66~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1048.55~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1048.55~20.04.1 linux-gkeop-5.15 - 5.15.0.1048.55~20.04.1 linux-gkeop-edge - 5.15.0.1048.55~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1048.55~20.04.1 linux-headers-gkeop-edge - 5.15.0.1048.55~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1048.55~20.04.1 linux-image-gkeop-edge - 5.15.0.1048.55~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1048.55~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1048.55~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1048.55~20.04.1 linux-tools-gkeop-edge - 5.15.0.1048.55~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1060.66~20.04.1 linux-headers-intel - 5.15.0.1060.66~20.04.1 linux-headers-intel-iotg - 5.15.0.1060.66~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1060.66~20.04.1 linux-image-intel - 5.15.0.1060.66~20.04.1 linux-image-intel-iotg - 5.15.0.1060.66~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1060.66~20.04.1 linux-intel - 5.15.0.1060.66~20.04.1 linux-intel-iotg - 5.15.0.1060.66~20.04.1 linux-intel-iotg-edge - 5.15.0.1060.66~20.04.1 linux-tools-intel - 5.15.0.1060.66~20.04.1 linux-tools-intel-iotg - 5.15.0.1060.66~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1060.66~20.04.1 No subscription required High CVE-2022-38096 CVE-2023-52488 CVE-2023-52699 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26629 CVE-2024-26642 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - ALSA SH drivers; - KVM core; (CVE-2024-35955, CVE-2024-35805, CVE-2024-26814, CVE-2024-27008, CVE-2024-26970, CVE-2024-35944, CVE-2024-27013, CVE-2024-35938, CVE-2024-35853, CVE-2024-35969, CVE-2024-26981, CVE-2024-26929, CVE-2024-27020, CVE-2024-35885, CVE-2024-35973, CVE-2024-35958, CVE-2024-26961, CVE-2024-35912, CVE-2024-35890, CVE-2024-35804, CVE-2024-35813, CVE-2024-27393, CVE-2024-26956, CVE-2024-35915, CVE-2024-26642, CVE-2024-35847, CVE-2024-26960, CVE-2024-26923, CVE-2024-35935, CVE-2024-36025, CVE-2024-35898, CVE-2024-26810, CVE-2024-35809, CVE-2024-26813, CVE-2024-36007, CVE-2024-35817, CVE-2024-35849, CVE-2024-35819, CVE-2024-35884, CVE-2024-35922, CVE-2024-36008, CVE-2024-27004, CVE-2024-35902, CVE-2024-26828, CVE-2024-35791, CVE-2024-35930, CVE-2024-26973, CVE-2024-26984, CVE-2024-35806, CVE-2024-26629, CVE-2024-26955, CVE-2024-26937, CVE-2024-27059, CVE-2024-35872, CVE-2024-35978, CVE-2024-26950, CVE-2024-27018, CVE-2024-35857, CVE-2024-35990, CVE-2024-27437, CVE-2024-35822, CVE-2024-36020, CVE-2024-26931, CVE-2024-26977, CVE-2024-26654, CVE-2024-26988, CVE-2024-36005, CVE-2024-26969, CVE-2024-35960, CVE-2024-27016, CVE-2024-36006, CVE-2024-35936, CVE-2024-35982, CVE-2024-36029, CVE-2024-27395, CVE-2024-26999, CVE-2024-35871, CVE-2024-35893, CVE-2024-26925, CVE-2024-26965, CVE-2024-35933, CVE-2024-35976, CVE-2024-35899, CVE-2024-35852, CVE-2024-35918, CVE-2024-26951, CVE-2024-27001, CVE-2024-35905, CVE-2024-35907, CVE-2024-26976, CVE-2024-27000, CVE-2024-35910, CVE-2024-35950, CVE-2024-26974, CVE-2024-35785, CVE-2023-52488, CVE-2023-52880, CVE-2024-35877, CVE-2024-35888, CVE-2024-35807, CVE-2024-35796, CVE-2024-35821, CVE-2024-35854, CVE-2024-27015, CVE-2024-35823, CVE-2024-35900, CVE-2024-35815, CVE-2024-26966, CVE-2024-26817, CVE-2024-35896, CVE-2024-27396, CVE-2024-27009, CVE-2024-35940, CVE-2024-26996, CVE-2024-35825, CVE-2024-35984, CVE-2024-35886, CVE-2024-27019, CVE-2024-26922, CVE-2024-35989, CVE-2024-26926, CVE-2024-35988, CVE-2024-26957, CVE-2024-26812, CVE-2024-35925, CVE-2024-35970, CVE-2024-26989, CVE-2024-26811, CVE-2024-35895, CVE-2024-26935, CVE-2024-26958, CVE-2024-35855, CVE-2024-35879, CVE-2024-26993, CVE-2024-35934, CVE-2024-36004, CVE-2024-35997, CVE-2024-26994, CVE-2023-52699, CVE-2024-35789, CVE-2024-26964, CVE-2024-26687, CVE-2024-35851, CVE-2024-35897, CVE-2024-26934) Update Instructions: Run `sudo pro fix USN-6898-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 linux-headers-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 linux-ibm-5.15-headers-5.15.0-1058 - 5.15.0-1058.61~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1058.61~20.04.1 linux-ibm-5.15-tools-5.15.0-1058 - 5.15.0-1058.61~20.04.1 linux-image-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 linux-image-unsigned-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 linux-modules-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 linux-modules-extra-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 linux-tools-5.15.0-1058-ibm - 5.15.0-1058.61~20.04.1 No subscription required linux-buildinfo-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 linux-headers-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 linux-image-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 linux-image-unsigned-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 linux-modules-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 linux-modules-extra-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 linux-oracle-5.15-headers-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-oracle-5.15-tools-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-tools-5.15.0-1063-oracle - 5.15.0-1063.69~20.04.1 No subscription required linux-buildinfo-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-buildinfo-5.15.0-116-lowlatency-64k - 5.15.0-116.126~20.04.1 linux-cloud-tools-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-headers-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-headers-5.15.0-116-lowlatency-64k - 5.15.0-116.126~20.04.1 linux-image-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-image-5.15.0-116-lowlatency-64k - 5.15.0-116.126~20.04.1 linux-image-unsigned-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-image-unsigned-5.15.0-116-lowlatency-64k - 5.15.0-116.126~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-116 - 5.15.0-116.126~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-116.126~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-116 - 5.15.0-116.126~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-116 - 5.15.0-116.126~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-116.126~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-116.126~20.04.1 linux-modules-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-modules-5.15.0-116-lowlatency-64k - 5.15.0-116.126~20.04.1 linux-modules-iwlwifi-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-tools-5.15.0-116-lowlatency - 5.15.0-116.126~20.04.1 linux-tools-5.15.0-116-lowlatency-64k - 5.15.0-116.126~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1058.61~20.04.1 linux-headers-ibm-edge - 5.15.0.1058.61~20.04.1 linux-ibm - 5.15.0.1058.61~20.04.1 linux-ibm-edge - 5.15.0.1058.61~20.04.1 linux-image-ibm - 5.15.0.1058.61~20.04.1 linux-image-ibm-edge - 5.15.0.1058.61~20.04.1 linux-tools-ibm - 5.15.0.1058.61~20.04.1 linux-tools-ibm-edge - 5.15.0.1058.61~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1063.69~20.04.1 linux-headers-oracle-edge - 5.15.0.1063.69~20.04.1 linux-image-oracle - 5.15.0.1063.69~20.04.1 linux-image-oracle-edge - 5.15.0.1063.69~20.04.1 linux-oracle - 5.15.0.1063.69~20.04.1 linux-oracle-edge - 5.15.0.1063.69~20.04.1 linux-tools-oracle - 5.15.0.1063.69~20.04.1 linux-tools-oracle-edge - 5.15.0.1063.69~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.116.126~20.04.1 No subscription required High CVE-2022-38096 CVE-2023-52488 CVE-2023-52699 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26629 CVE-2024-26642 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - ALSA SH drivers; - KVM core; (CVE-2024-35955, CVE-2024-35805, CVE-2024-26814, CVE-2024-27008, CVE-2024-26970, CVE-2024-35944, CVE-2024-27013, CVE-2024-35938, CVE-2024-35853, CVE-2024-35969, CVE-2024-26981, CVE-2024-26929, CVE-2024-27020, CVE-2024-35885, CVE-2024-35973, CVE-2024-35958, CVE-2024-26961, CVE-2024-35912, CVE-2024-35890, CVE-2024-35804, CVE-2024-35813, CVE-2024-27393, CVE-2024-26956, CVE-2024-35915, CVE-2024-26642, CVE-2024-35847, CVE-2024-26960, CVE-2024-26923, CVE-2024-35935, CVE-2024-36025, CVE-2024-35898, CVE-2024-26810, CVE-2024-35809, CVE-2024-26813, CVE-2024-36007, CVE-2024-35817, CVE-2024-35849, CVE-2024-35819, CVE-2024-35884, CVE-2024-35922, CVE-2024-36008, CVE-2024-27004, CVE-2024-35902, CVE-2024-26828, CVE-2024-35791, CVE-2024-35930, CVE-2024-26973, CVE-2024-26984, CVE-2024-35806, CVE-2024-26629, CVE-2024-26955, CVE-2024-26937, CVE-2024-27059, CVE-2024-35872, CVE-2024-35978, CVE-2024-26950, CVE-2024-27018, CVE-2024-35857, CVE-2024-35990, CVE-2024-27437, CVE-2024-35822, CVE-2024-36020, CVE-2024-26931, CVE-2024-26977, CVE-2024-26654, CVE-2024-26988, CVE-2024-36005, CVE-2024-26969, CVE-2024-35960, CVE-2024-27016, CVE-2024-36006, CVE-2024-35936, CVE-2024-35982, CVE-2024-36029, CVE-2024-27395, CVE-2024-26999, CVE-2024-35871, CVE-2024-35893, CVE-2024-26925, CVE-2024-26965, CVE-2024-35933, CVE-2024-35976, CVE-2024-35899, CVE-2024-35852, CVE-2024-35918, CVE-2024-26951, CVE-2024-27001, CVE-2024-35905, CVE-2024-35907, CVE-2024-26976, CVE-2024-27000, CVE-2024-35910, CVE-2024-35950, CVE-2024-26974, CVE-2024-35785, CVE-2023-52488, CVE-2023-52880, CVE-2024-35877, CVE-2024-35888, CVE-2024-35807, CVE-2024-35796, CVE-2024-35821, CVE-2024-35854, CVE-2024-27015, CVE-2024-35823, CVE-2024-35900, CVE-2024-35815, CVE-2024-26966, CVE-2024-26817, CVE-2024-35896, CVE-2024-27396, CVE-2024-27009, CVE-2024-35940, CVE-2024-26996, CVE-2024-35825, CVE-2024-35984, CVE-2024-35886, CVE-2024-27019, CVE-2024-26922, CVE-2024-35989, CVE-2024-26926, CVE-2024-35988, CVE-2024-26957, CVE-2024-26812, CVE-2024-35925, CVE-2024-35970, CVE-2024-26989, CVE-2024-26811, CVE-2024-35895, CVE-2024-26935, CVE-2024-26958, CVE-2024-35855, CVE-2024-35879, CVE-2024-26993, CVE-2024-35934, CVE-2024-36004, CVE-2024-35997, CVE-2024-26994, CVE-2023-52699, CVE-2024-35789, CVE-2024-26964, CVE-2024-26687, CVE-2024-35851, CVE-2024-35897, CVE-2024-26934) Update Instructions: Run `sudo pro fix USN-6898-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-buildinfo-5.15.0-116-generic-64k - 5.15.0-116.126~20.04.1 linux-buildinfo-5.15.0-116-generic-lpae - 5.15.0-116.126~20.04.1 linux-cloud-tools-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-headers-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-headers-5.15.0-116-generic-64k - 5.15.0-116.126~20.04.1 linux-headers-5.15.0-116-generic-lpae - 5.15.0-116.126~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-116 - 5.15.0-116.126~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-116.126~20.04.1 linux-hwe-5.15-headers-5.15.0-116 - 5.15.0-116.126~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-116.126~20.04.1 linux-hwe-5.15-tools-5.15.0-116 - 5.15.0-116.126~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-116.126~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-116.126~20.04.1 linux-image-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-image-5.15.0-116-generic-64k - 5.15.0-116.126~20.04.1 linux-image-5.15.0-116-generic-lpae - 5.15.0-116.126~20.04.1 linux-image-unsigned-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-image-unsigned-5.15.0-116-generic-64k - 5.15.0-116.126~20.04.1 linux-modules-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-modules-5.15.0-116-generic-64k - 5.15.0-116.126~20.04.1 linux-modules-5.15.0-116-generic-lpae - 5.15.0-116.126~20.04.1 linux-modules-extra-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-modules-iwlwifi-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-tools-5.15.0-116-generic - 5.15.0-116.126~20.04.1 linux-tools-5.15.0-116-generic-64k - 5.15.0-116.126~20.04.1 linux-tools-5.15.0-116-generic-lpae - 5.15.0-116.126~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-generic-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-headers-oem-20.04 - 5.15.0.116.126~20.04.1 linux-headers-oem-20.04b - 5.15.0.116.126~20.04.1 linux-headers-oem-20.04c - 5.15.0.116.126~20.04.1 linux-headers-oem-20.04d - 5.15.0.116.126~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-image-oem-20.04 - 5.15.0.116.126~20.04.1 linux-image-oem-20.04b - 5.15.0.116.126~20.04.1 linux-image-oem-20.04c - 5.15.0.116.126~20.04.1 linux-image-oem-20.04d - 5.15.0.116.126~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.116.126~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.116.126~20.04.1 linux-oem-20.04 - 5.15.0.116.126~20.04.1 linux-oem-20.04b - 5.15.0.116.126~20.04.1 linux-oem-20.04c - 5.15.0.116.126~20.04.1 linux-oem-20.04d - 5.15.0.116.126~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-tools-oem-20.04 - 5.15.0.116.126~20.04.1 linux-tools-oem-20.04b - 5.15.0.116.126~20.04.1 linux-tools-oem-20.04c - 5.15.0.116.126~20.04.1 linux-tools-oem-20.04d - 5.15.0.116.126~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.116.126~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.116.126~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.116.126~20.04.1 No subscription required High CVE-2022-38096 CVE-2023-52488 CVE-2023-52699 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26629 CVE-2024-26642 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - ALSA SH drivers; - KVM core; (CVE-2024-35872, CVE-2024-35807, CVE-2024-27013, CVE-2024-35989, CVE-2024-36008, CVE-2024-26957, CVE-2024-35912, CVE-2024-27000, CVE-2024-35918, CVE-2024-26977, CVE-2024-35821, CVE-2024-35853, CVE-2024-26814, CVE-2024-35823, CVE-2024-35958, CVE-2024-26813, CVE-2024-26811, CVE-2024-26937, CVE-2024-26951, CVE-2024-35925, CVE-2024-26929, CVE-2024-35988, CVE-2024-35902, CVE-2024-26994, CVE-2024-27001, CVE-2024-36029, CVE-2024-36005, CVE-2024-35970, CVE-2024-36007, CVE-2024-35809, CVE-2024-27019, CVE-2024-26970, CVE-2024-27059, CVE-2024-35877, CVE-2024-35899, CVE-2024-26989, CVE-2024-27008, CVE-2024-26812, CVE-2024-35969, CVE-2024-35785, CVE-2024-35871, CVE-2024-35847, CVE-2024-36006, CVE-2024-35973, CVE-2024-27396, CVE-2024-35849, CVE-2024-35990, CVE-2024-26960, CVE-2024-26931, CVE-2024-35852, CVE-2024-26965, CVE-2024-35960, CVE-2024-35813, CVE-2024-26976, CVE-2024-36004, CVE-2024-35895, CVE-2024-27018, CVE-2024-26969, CVE-2024-27016, CVE-2024-27437, CVE-2024-26956, CVE-2024-26629, CVE-2024-35879, CVE-2024-35817, CVE-2024-26922, CVE-2024-35815, CVE-2024-35935, CVE-2024-35940, CVE-2023-52880, CVE-2024-35851, CVE-2024-35854, CVE-2024-35893, CVE-2024-26973, CVE-2024-35997, CVE-2024-26984, CVE-2024-26961, CVE-2024-26966, CVE-2024-35885, CVE-2024-27020, CVE-2024-26950, CVE-2024-35934, CVE-2024-26988, CVE-2024-35938, CVE-2024-26958, CVE-2024-35888, CVE-2024-27395, CVE-2024-35915, CVE-2024-35806, CVE-2024-26934, CVE-2024-35825, CVE-2024-35796, CVE-2024-35900, CVE-2024-35791, CVE-2024-26925, CVE-2024-35982, CVE-2024-26810, CVE-2024-26955, CVE-2024-26935, CVE-2024-35805, CVE-2024-35896, CVE-2024-35855, CVE-2024-35819, CVE-2024-26642, CVE-2024-27009, CVE-2024-35804, CVE-2024-35898, CVE-2024-35822, CVE-2024-35930, CVE-2024-35789, CVE-2024-26687, CVE-2024-26964, CVE-2024-35978, CVE-2024-35976, CVE-2024-35936, CVE-2024-26926, CVE-2024-26993, CVE-2024-35933, CVE-2024-35884, CVE-2024-26974, CVE-2024-35922, CVE-2024-35886, CVE-2024-27004, CVE-2024-36020, CVE-2024-35955, CVE-2024-26996, CVE-2024-26981, CVE-2024-36025, CVE-2024-26654, CVE-2024-27015, CVE-2024-35984, CVE-2024-26828, CVE-2024-35950, CVE-2024-35944, CVE-2024-35905, CVE-2024-35890, CVE-2024-26923, CVE-2024-35897, CVE-2024-27393, CVE-2023-52699, CVE-2024-26817, CVE-2024-35910, CVE-2024-35857, CVE-2024-35907, CVE-2023-52488, CVE-2024-26999) Update Instructions: Run `sudo pro fix USN-6898-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-aws-5.15-headers-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-aws-5.15-tools-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-buildinfo-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-cloud-tools-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-headers-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-image-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-image-unsigned-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-modules-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-modules-extra-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 linux-tools-5.15.0-1065-aws - 5.15.0-1065.71~20.04.1 No subscription required linux-aws - 5.15.0.1065.71~20.04.1 linux-aws-edge - 5.15.0.1065.71~20.04.1 linux-headers-aws - 5.15.0.1065.71~20.04.1 linux-headers-aws-edge - 5.15.0.1065.71~20.04.1 linux-image-aws - 5.15.0.1065.71~20.04.1 linux-image-aws-edge - 5.15.0.1065.71~20.04.1 linux-modules-extra-aws - 5.15.0.1065.71~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1065.71~20.04.1 linux-tools-aws - 5.15.0.1065.71~20.04.1 linux-tools-aws-edge - 5.15.0.1065.71~20.04.1 No subscription required High CVE-2022-38096 CVE-2023-52488 CVE-2023-52699 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26629 CVE-2024-26642 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029 Ubuntu 20.04 LTS It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges. Update Instructions: Run `sudo pro fix USN-6899-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gtk-2.0 - 2.24.32-4ubuntu4.1 gtk2-engines-pixbuf - 2.24.32-4ubuntu4.1 gtk2.0-examples - 2.24.32-4ubuntu4.1 libgail-common - 2.24.32-4ubuntu4.1 libgail-dev - 2.24.32-4ubuntu4.1 libgail-doc - 2.24.32-4ubuntu4.1 libgail18 - 2.24.32-4ubuntu4.1 libgtk2.0-0 - 2.24.32-4ubuntu4.1 libgtk2.0-bin - 2.24.32-4ubuntu4.1 libgtk2.0-common - 2.24.32-4ubuntu4.1 libgtk2.0-dev - 2.24.32-4ubuntu4.1 libgtk2.0-doc - 2.24.32-4ubuntu4.1 No subscription required gir1.2-gtk-3.0 - 3.24.20-0ubuntu1.2 gtk-3-examples - 3.24.20-0ubuntu1.2 gtk-update-icon-cache - 3.24.20-0ubuntu1.2 libgail-3-0 - 3.24.20-0ubuntu1.2 libgail-3-dev - 3.24.20-0ubuntu1.2 libgail-3-doc - 3.24.20-0ubuntu1.2 libgtk-3-0 - 3.24.20-0ubuntu1.2 libgtk-3-bin - 3.24.20-0ubuntu1.2 libgtk-3-common - 3.24.20-0ubuntu1.2 libgtk-3-dev - 3.24.20-0ubuntu1.2 libgtk-3-doc - 3.24.20-0ubuntu1.2 No subscription required Medium CVE-2024-6655 Ubuntu 20.04 LTS It was discovered that stunnel did not properly validate client certificates when configured to use both the redirect and verifyChain options. A remote attacker could potentially use this issue to obtain sensitive information by accessing the tunneled service. Update Instructions: Run `sudo pro fix USN-6901-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: stunnel4 - 3:5.56-1ubuntu0.2 No subscription required Medium CVE-2021-20230 Ubuntu 20.04 LTS It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code. Update Instructions: Run `sudo pro fix USN-6902-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apache2 - 2.4.41-4ubuntu3.21 apache2-bin - 2.4.41-4ubuntu3.21 apache2-data - 2.4.41-4ubuntu3.21 apache2-dev - 2.4.41-4ubuntu3.21 apache2-doc - 2.4.41-4ubuntu3.21 apache2-ssl-dev - 2.4.41-4ubuntu3.21 apache2-suexec-custom - 2.4.41-4ubuntu3.21 apache2-suexec-pristine - 2.4.41-4ubuntu3.21 apache2-utils - 2.4.41-4ubuntu3.21 libapache2-mod-md - 2.4.41-4ubuntu3.21 libapache2-mod-proxy-uwsgi - 2.4.41-4ubuntu3.21 No subscription required Medium CVE-2024-40725 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-6600, CVE-2024-6601, CVE-2024-6604) Ronald Crane discovered that Thunderbird did not properly manage certain memory operations in the NSS. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-6602) Irvan Kurniawan discovered that Thunderbird did not properly manage memory during thread creation. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-6603) Update Instructions: Run `sudo pro fix USN-6903-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-dev - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.13.0+build5-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.13.0+build5-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.13.0+build5-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.13.0+build5-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.13.0+build5-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-6600 CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604 Ubuntu 20.04 LTS It was discovered that PyMongo incorrectly handled certain BSON. An attacker could possibly use this issue to read sensitive information or cause a crash. Update Instructions: Run `sudo pro fix USN-6904-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pymongo-doc - 3.10.1-0ubuntu2.1 python3-bson - 3.10.1-0ubuntu2.1 python3-bson-ext - 3.10.1-0ubuntu2.1 python3-gridfs - 3.10.1-0ubuntu2.1 python3-pymongo - 3.10.1-0ubuntu2.1 python3-pymongo-ext - 3.10.1-0ubuntu2.1 No subscription required Medium CVE-2024-5629 Ubuntu 20.04 LTS It was discovered that Rack incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. (CVE-2023-27539) It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-27530) Update Instructions: Run `sudo pro fix USN-6905-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm4 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-27530 CVE-2023-27539 Ubuntu 20.04 LTS It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-6906-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy-zipp - 1.0.0-1ubuntu0.1 python-zipp - 1.0.0-1ubuntu0.1 python3-zipp - 1.0.0-1ubuntu0.1 No subscription required Medium CVE-2024-5569 Ubuntu 20.04 LTS Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes (ESI) processing. A remote attacker could possibly use this issue to cause a memory corruption error, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-6907-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: squid - 4.10-1ubuntu1.13 squid-cgi - 4.10-1ubuntu1.13 squid-common - 4.10-1ubuntu1.13 squid-purge - 4.10-1ubuntu1.13 squidclient - 4.10-1ubuntu1.13 No subscription required Medium CVE-2024-37894 Ubuntu 20.04 LTS It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable, resulting in a denial of service. (CVE-2024-0760) Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2024-1737) It was discovered that Bind incorrectly handled a large number of SIG(0) signed requests. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2024-1975) Daniel Stränger discovered that Bind incorrectly handled serving both stable cache data and authoritative zone content. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2024-4076) On Ubuntu 20.04 LTS, Bind has been updated from 9.16 to 9.18. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://kb.isc.org/docs/changes-to-be-aware-of-when-moving-from-bind-916-to-918 Update Instructions: Run `sudo pro fix USN-6909-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bind9 - 1:9.18.28-0ubuntu0.20.04.1 bind9-dnsutils - 1:9.18.28-0ubuntu0.20.04.1 bind9-doc - 1:9.18.28-0ubuntu0.20.04.1 bind9-host - 1:9.18.28-0ubuntu0.20.04.1 bind9-libs - 1:9.18.28-0ubuntu0.20.04.1 bind9-utils - 1:9.18.28-0ubuntu0.20.04.1 bind9utils - 1:9.18.28-0ubuntu0.20.04.1 dnsutils - 1:9.18.28-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-0760 CVE-2024-1737 CVE-2024-1975 CVE-2024-4076 Ubuntu 20.04 LTS Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain commands. A remote attacker could possibly use this issue to terminate the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-7559) Peter Stöckli discovered that Apache ActiveMQ incorrectly handled hostname verification. A remote attacker could possibly use this issue to perform a person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-11775) Jonathan Gallimore and Colm Ó hÉigeartaigh discovered that Apache ActiveMQ incorrectly handled authentication in certain functions. A remote attacker could possibly use this issue to perform a person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-13920) Gregor Tudan discovered that Apache ActiveMQ incorrectly handled LDAP authentication. A remote attacker could possibly use this issue to acquire unauthenticated access. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26117) It was discovered that Apache ActiveMQ incorrectly handled authentication. A remote attacker could possibly use this issue to run arbitrary code. (CVE-2022-41678) It was discovered that Apache ActiveMQ incorrectly handled deserialization. A remote attacker could possibly use this issue to run arbitrary shell commands. (CVE-2023-46604) Update Instructions: Run `sudo pro fix USN-6910-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: activemq - 5.15.11-1ubuntu0.1~esm1 libactivemq-java - 5.15.11-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2015-7559 CVE-2018-11775 CVE-2020-13920 CVE-2021-26117 CVE-2022-41678 CVE-2023-46604 Ubuntu 20.04 LTS Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. Update Instructions: Run `sudo pro fix USN-6911-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nova-ajax-console-proxy - 2:21.2.4-0ubuntu2.11 nova-api - 2:21.2.4-0ubuntu2.11 nova-api-metadata - 2:21.2.4-0ubuntu2.11 nova-api-os-compute - 2:21.2.4-0ubuntu2.11 nova-api-os-volume - 2:21.2.4-0ubuntu2.11 nova-cells - 2:21.2.4-0ubuntu2.11 nova-common - 2:21.2.4-0ubuntu2.11 nova-compute - 2:21.2.4-0ubuntu2.11 nova-compute-kvm - 2:21.2.4-0ubuntu2.11 nova-compute-libvirt - 2:21.2.4-0ubuntu2.11 nova-compute-lxc - 2:21.2.4-0ubuntu2.11 nova-compute-qemu - 2:21.2.4-0ubuntu2.11 nova-compute-vmware - 2:21.2.4-0ubuntu2.11 nova-compute-xen - 2:21.2.4-0ubuntu2.11 nova-conductor - 2:21.2.4-0ubuntu2.11 nova-doc - 2:21.2.4-0ubuntu2.11 nova-novncproxy - 2:21.2.4-0ubuntu2.11 nova-scheduler - 2:21.2.4-0ubuntu2.11 nova-serialproxy - 2:21.2.4-0ubuntu2.11 nova-spiceproxy - 2:21.2.4-0ubuntu2.11 nova-volume - 2:21.2.4-0ubuntu2.11 python3-nova - 2:21.2.4-0ubuntu2.11 No subscription required Medium CVE-2024-40767 Ubuntu 20.04 LTS Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account on a vulnerable CASified service. This security update introduces an incompatible API change. After applying this update, third party applications need to be modified to pass in an additional service base URL argument when constructing the client class. For more information please refer to the section "Upgrading 1.5.0 -> 1.6.0" of the phpCAS upgrading document: https://github.com/apereo/phpCAS/blob/master/docs/Upgrading Update Instructions: Run `sudo pro fix USN-6913-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-cas - 1.3.8-1ubuntu0.20.04.1 No subscription required Medium CVE-2022-39369 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Microsoft Azure Network Adapter (MANA) driver; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - Distributed Switch Architecture; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - Key management; - ALSA SH drivers; - KVM core; (CVE-2024-26993, CVE-2024-26996, CVE-2024-35879, CVE-2024-26812, CVE-2024-26984, CVE-2024-26817, CVE-2024-35950, CVE-2024-26960, CVE-2024-27437, CVE-2024-26964, CVE-2024-27059, CVE-2024-35969, CVE-2024-35936, CVE-2024-35912, CVE-2024-35915, CVE-2024-35938, CVE-2024-27019, CVE-2024-35822, CVE-2024-35997, CVE-2024-35855, CVE-2024-26925, CVE-2024-26654, CVE-2024-26923, CVE-2024-36031, CVE-2024-36020, CVE-2024-35823, CVE-2024-35852, CVE-2024-35989, CVE-2024-27000, CVE-2024-35853, CVE-2024-27013, CVE-2024-35854, CVE-2024-35922, CVE-2024-26937, CVE-2023-52880, CVE-2024-26974, CVE-2024-26629, CVE-2024-35804, CVE-2024-35958, CVE-2024-26814, CVE-2024-35890, CVE-2024-35940, CVE-2024-26999, CVE-2024-35847, CVE-2024-27015, CVE-2024-26687, CVE-2024-26970, CVE-2024-35930, CVE-2024-26813, CVE-2024-26810, CVE-2024-26969, CVE-2024-26977, CVE-2024-26956, CVE-2024-35901, CVE-2024-27020, CVE-2024-35905, CVE-2024-35785, CVE-2024-27009, CVE-2024-35877, CVE-2024-35893, CVE-2024-26989, CVE-2024-26642, CVE-2024-35857, CVE-2024-35935, CVE-2024-26828, CVE-2024-26965, CVE-2024-35888, CVE-2024-35900, CVE-2024-26951, CVE-2024-35809, CVE-2024-27008, CVE-2024-26958, CVE-2024-35973, CVE-2024-26935, CVE-2024-26934, CVE-2024-35982, CVE-2023-52488, CVE-2024-35884, CVE-2024-35907, CVE-2024-27018, CVE-2024-26929, CVE-2024-35984, CVE-2024-35899, CVE-2024-26976, CVE-2024-26922, CVE-2024-35817, CVE-2024-26961, CVE-2024-35925, CVE-2024-35821, CVE-2024-36005, CVE-2024-35988, CVE-2024-35970, CVE-2024-27001, CVE-2024-35960, CVE-2022-48808, CVE-2024-35927, CVE-2024-35806, CVE-2024-27016, CVE-2024-35897, CVE-2024-26957, CVE-2024-36025, CVE-2024-35872, CVE-2024-26988, CVE-2024-35819, CVE-2024-35896, CVE-2024-36007, CVE-2024-35944, CVE-2024-35990, CVE-2024-36006, CVE-2024-36004, CVE-2024-35955, CVE-2024-35898, CVE-2024-26973, CVE-2024-26950, CVE-2024-36008, CVE-2024-35805, CVE-2024-35807, CVE-2024-35934, CVE-2024-26926, CVE-2024-35902, CVE-2024-35918, CVE-2024-35895, CVE-2024-35978, CVE-2024-35849, CVE-2024-35791, CVE-2024-26931, CVE-2024-35886, CVE-2024-26981, CVE-2024-27395, CVE-2024-35815, CVE-2024-26994, CVE-2024-35825, CVE-2024-35789, CVE-2024-35813, CVE-2024-35885, CVE-2024-35851, CVE-2024-35796, CVE-2023-52699, CVE-2024-35871, CVE-2024-26811, CVE-2024-26966, CVE-2024-35976, CVE-2024-26955, CVE-2024-36029, CVE-2024-27396, CVE-2024-27004, CVE-2024-27393, CVE-2024-35910, CVE-2024-35933) Update Instructions: Run `sudo pro fix USN-6917-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1068 - 5.15.0-1068.77~20.04.1 linux-azure-5.15-headers-5.15.0-1068 - 5.15.0-1068.77~20.04.1 linux-azure-5.15-tools-5.15.0-1068 - 5.15.0-1068.77~20.04.1 linux-buildinfo-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-cloud-tools-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-headers-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-image-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-image-unsigned-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-modules-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-modules-extra-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 linux-tools-5.15.0-1068-azure - 5.15.0-1068.77~20.04.1 No subscription required linux-image-5.15.0-1068-azure-fde - 5.15.0-1068.77~20.04.1.1 linux-image-unsigned-5.15.0-1068-azure-fde - 5.15.0-1068.77~20.04.1.1 No subscription required linux-azure - 5.15.0.1068.77~20.04.1 linux-azure-cvm - 5.15.0.1068.77~20.04.1 linux-azure-edge - 5.15.0.1068.77~20.04.1 linux-cloud-tools-azure - 5.15.0.1068.77~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1068.77~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1068.77~20.04.1 linux-headers-azure - 5.15.0.1068.77~20.04.1 linux-headers-azure-cvm - 5.15.0.1068.77~20.04.1 linux-headers-azure-edge - 5.15.0.1068.77~20.04.1 linux-image-azure - 5.15.0.1068.77~20.04.1 linux-image-azure-cvm - 5.15.0.1068.77~20.04.1 linux-image-azure-edge - 5.15.0.1068.77~20.04.1 linux-modules-extra-azure - 5.15.0.1068.77~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1068.77~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1068.77~20.04.1 linux-tools-azure - 5.15.0.1068.77~20.04.1 linux-tools-azure-cvm - 5.15.0.1068.77~20.04.1 linux-tools-azure-edge - 5.15.0.1068.77~20.04.1 No subscription required linux-azure-fde - 5.15.0.1068.77~20.04.1.45 linux-azure-fde-edge - 5.15.0.1068.77~20.04.1.45 linux-cloud-tools-azure-fde - 5.15.0.1068.77~20.04.1.45 linux-cloud-tools-azure-fde-edge - 5.15.0.1068.77~20.04.1.45 linux-headers-azure-fde - 5.15.0.1068.77~20.04.1.45 linux-headers-azure-fde-edge - 5.15.0.1068.77~20.04.1.45 linux-image-azure-fde - 5.15.0.1068.77~20.04.1.45 linux-image-azure-fde-edge - 5.15.0.1068.77~20.04.1.45 linux-modules-extra-azure-fde - 5.15.0.1068.77~20.04.1.45 linux-modules-extra-azure-fde-edge - 5.15.0.1068.77~20.04.1.45 linux-tools-azure-fde - 5.15.0.1068.77~20.04.1.45 linux-tools-azure-fde-edge - 5.15.0.1068.77~20.04.1.45 No subscription required High CVE-2022-38096 CVE-2022-48808 CVE-2023-52488 CVE-2023-52699 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-26629 CVE-2024-26642 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35901 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35927 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029 CVE-2024-36031 Ubuntu 20.04 LTS Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - SMB network file system; - Netfilter; - Bluetooth subsystem; (CVE-2024-26886, CVE-2024-26952, CVE-2023-52752, CVE-2024-27017, CVE-2024-36016) Update Instructions: Run `sudo pro fix USN-6923-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-cloud-tools-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-gkeop-5.15-headers-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-gkeop-5.15-tools-5.15.0-1049 - 5.15.0-1049.56~20.04.1 linux-headers-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-image-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-image-unsigned-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-modules-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-modules-extra-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 linux-tools-5.15.0-1049-gkeop - 5.15.0-1049.56~20.04.1 No subscription required linux-buildinfo-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-cloud-tools-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-headers-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-image-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-image-unsigned-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1061 - 5.15.0-1061.67~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1061.67~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1061 - 5.15.0-1061.67~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1061 - 5.15.0-1061.67~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1061.67~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1061.67~20.04.1 linux-modules-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-modules-extra-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-modules-iwlwifi-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 linux-tools-5.15.0-1061-intel-iotg - 5.15.0-1061.67~20.04.1 No subscription required linux-buildinfo-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-buildinfo-5.15.0-117-generic-64k - 5.15.0-117.127~20.04.1 linux-buildinfo-5.15.0-117-generic-lpae - 5.15.0-117.127~20.04.1 linux-buildinfo-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-buildinfo-5.15.0-117-lowlatency-64k - 5.15.0-117.127~20.04.1 linux-cloud-tools-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-cloud-tools-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-headers-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-headers-5.15.0-117-generic-64k - 5.15.0-117.127~20.04.1 linux-headers-5.15.0-117-generic-lpae - 5.15.0-117.127~20.04.1 linux-headers-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-headers-5.15.0-117-lowlatency-64k - 5.15.0-117.127~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-117 - 5.15.0-117.127~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-117.127~20.04.1 linux-hwe-5.15-headers-5.15.0-117 - 5.15.0-117.127~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-117.127~20.04.1 linux-hwe-5.15-tools-5.15.0-117 - 5.15.0-117.127~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-117.127~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-117.127~20.04.1 linux-image-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-image-5.15.0-117-generic-64k - 5.15.0-117.127~20.04.1 linux-image-5.15.0-117-generic-lpae - 5.15.0-117.127~20.04.1 linux-image-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-image-5.15.0-117-lowlatency-64k - 5.15.0-117.127~20.04.1 linux-image-unsigned-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-image-unsigned-5.15.0-117-generic-64k - 5.15.0-117.127~20.04.1 linux-image-unsigned-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-image-unsigned-5.15.0-117-lowlatency-64k - 5.15.0-117.127~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-117 - 5.15.0-117.127~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-117.127~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-117 - 5.15.0-117.127~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-117 - 5.15.0-117.127~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-117.127~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-117.127~20.04.1 linux-modules-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-modules-5.15.0-117-generic-64k - 5.15.0-117.127~20.04.1 linux-modules-5.15.0-117-generic-lpae - 5.15.0-117.127~20.04.1 linux-modules-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-modules-5.15.0-117-lowlatency-64k - 5.15.0-117.127~20.04.1 linux-modules-extra-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-modules-iwlwifi-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-modules-iwlwifi-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-tools-5.15.0-117-generic - 5.15.0-117.127~20.04.1 linux-tools-5.15.0-117-generic-64k - 5.15.0-117.127~20.04.1 linux-tools-5.15.0-117-generic-lpae - 5.15.0-117.127~20.04.1 linux-tools-5.15.0-117-lowlatency - 5.15.0-117.127~20.04.1 linux-tools-5.15.0-117-lowlatency-64k - 5.15.0-117.127~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1049.56~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1049.56~20.04.1 linux-gkeop-5.15 - 5.15.0.1049.56~20.04.1 linux-gkeop-edge - 5.15.0.1049.56~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1049.56~20.04.1 linux-headers-gkeop-edge - 5.15.0.1049.56~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1049.56~20.04.1 linux-image-gkeop-edge - 5.15.0.1049.56~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1049.56~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1049.56~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1049.56~20.04.1 linux-tools-gkeop-edge - 5.15.0.1049.56~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1061.67~20.04.1 linux-headers-intel - 5.15.0.1061.67~20.04.1 linux-headers-intel-iotg - 5.15.0.1061.67~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1061.67~20.04.1 linux-image-intel - 5.15.0.1061.67~20.04.1 linux-image-intel-iotg - 5.15.0.1061.67~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1061.67~20.04.1 linux-intel - 5.15.0.1061.67~20.04.1 linux-intel-iotg - 5.15.0.1061.67~20.04.1 linux-intel-iotg-edge - 5.15.0.1061.67~20.04.1 linux-tools-intel - 5.15.0.1061.67~20.04.1 linux-tools-intel-iotg - 5.15.0.1061.67~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1061.67~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-generic-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-headers-oem-20.04 - 5.15.0.117.127~20.04.1 linux-headers-oem-20.04b - 5.15.0.117.127~20.04.1 linux-headers-oem-20.04c - 5.15.0.117.127~20.04.1 linux-headers-oem-20.04d - 5.15.0.117.127~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-image-oem-20.04 - 5.15.0.117.127~20.04.1 linux-image-oem-20.04b - 5.15.0.117.127~20.04.1 linux-image-oem-20.04c - 5.15.0.117.127~20.04.1 linux-image-oem-20.04d - 5.15.0.117.127~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.117.127~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.117.127~20.04.1 linux-oem-20.04 - 5.15.0.117.127~20.04.1 linux-oem-20.04b - 5.15.0.117.127~20.04.1 linux-oem-20.04c - 5.15.0.117.127~20.04.1 linux-oem-20.04d - 5.15.0.117.127~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-tools-oem-20.04 - 5.15.0.117.127~20.04.1 linux-tools-oem-20.04b - 5.15.0.117.127~20.04.1 linux-tools-oem-20.04c - 5.15.0.117.127~20.04.1 linux-tools-oem-20.04d - 5.15.0.117.127~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.117.127~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.117.127~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.117.127~20.04.1 No subscription required High CVE-2023-52752 CVE-2024-25742 CVE-2024-26886 CVE-2024-26952 CVE-2024-27017 CVE-2024-36016 Ubuntu 20.04 LTS Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - SMB network file system; - Netfilter; - Bluetooth subsystem; (CVE-2024-26886, CVE-2023-52752, CVE-2024-36016, CVE-2024-26952, CVE-2024-27017) Update Instructions: Run `sudo pro fix USN-6923-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 linux-headers-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 linux-ibm-5.15-headers-5.15.0-1059 - 5.15.0-1059.62~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1059.62~20.04.1 linux-ibm-5.15-tools-5.15.0-1059 - 5.15.0-1059.62~20.04.1 linux-image-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 linux-image-unsigned-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 linux-modules-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 linux-modules-extra-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 linux-tools-5.15.0-1059-ibm - 5.15.0-1059.62~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-aws-5.15-headers-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-aws-5.15-tools-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-buildinfo-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-cloud-tools-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-headers-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-image-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-image-unsigned-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-modules-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-modules-extra-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 linux-tools-5.15.0-1066-aws - 5.15.0-1066.72~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1059.62~20.04.1 linux-headers-ibm-edge - 5.15.0.1059.62~20.04.1 linux-ibm - 5.15.0.1059.62~20.04.1 linux-ibm-edge - 5.15.0.1059.62~20.04.1 linux-image-ibm - 5.15.0.1059.62~20.04.1 linux-image-ibm-edge - 5.15.0.1059.62~20.04.1 linux-tools-ibm - 5.15.0.1059.62~20.04.1 linux-tools-ibm-edge - 5.15.0.1059.62~20.04.1 No subscription required linux-aws - 5.15.0.1066.72~20.04.1 linux-aws-edge - 5.15.0.1066.72~20.04.1 linux-headers-aws - 5.15.0.1066.72~20.04.1 linux-headers-aws-edge - 5.15.0.1066.72~20.04.1 linux-image-aws - 5.15.0.1066.72~20.04.1 linux-image-aws-edge - 5.15.0.1066.72~20.04.1 linux-modules-extra-aws - 5.15.0.1066.72~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1066.72~20.04.1 linux-tools-aws - 5.15.0.1066.72~20.04.1 linux-tools-aws-edge - 5.15.0.1066.72~20.04.1 No subscription required High CVE-2023-52752 CVE-2024-25742 CVE-2024-26886 CVE-2024-26952 CVE-2024-27017 CVE-2024-36016 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM SCMI message protocol; - InfiniBand drivers; - TTY drivers; - TLS protocol; (CVE-2024-26584, CVE-2024-36016, CVE-2024-26585, CVE-2021-47131, CVE-2024-26907, CVE-2022-48655, CVE-2024-26583) Update Instructions: Run `sudo pro fix USN-6924-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1041-iot - 5.4.0-1041.42 linux-headers-5.4.0-1041-iot - 5.4.0-1041.42 linux-image-5.4.0-1041-iot - 5.4.0-1041.42 linux-image-unsigned-5.4.0-1041-iot - 5.4.0-1041.42 linux-iot-headers-5.4.0-1041 - 5.4.0-1041.42 linux-iot-tools-5.4.0-1041 - 5.4.0-1041.42 linux-iot-tools-common - 5.4.0-1041.42 linux-modules-5.4.0-1041-iot - 5.4.0-1041.42 linux-tools-5.4.0-1041-iot - 5.4.0-1041.42 No subscription required linux-buildinfo-5.4.0-1048-xilinx-zynqmp - 5.4.0-1048.52 linux-headers-5.4.0-1048-xilinx-zynqmp - 5.4.0-1048.52 linux-image-5.4.0-1048-xilinx-zynqmp - 5.4.0-1048.52 linux-modules-5.4.0-1048-xilinx-zynqmp - 5.4.0-1048.52 linux-tools-5.4.0-1048-xilinx-zynqmp - 5.4.0-1048.52 linux-xilinx-zynqmp-headers-5.4.0-1048 - 5.4.0-1048.52 linux-xilinx-zynqmp-tools-5.4.0-1048 - 5.4.0-1048.52 No subscription required linux-buildinfo-5.4.0-1076-ibm - 5.4.0-1076.81 linux-headers-5.4.0-1076-ibm - 5.4.0-1076.81 linux-ibm-cloud-tools-common - 5.4.0-1076.81 linux-ibm-headers-5.4.0-1076 - 5.4.0-1076.81 linux-ibm-source-5.4.0 - 5.4.0-1076.81 linux-ibm-tools-5.4.0-1076 - 5.4.0-1076.81 linux-ibm-tools-common - 5.4.0-1076.81 linux-image-5.4.0-1076-ibm - 5.4.0-1076.81 linux-image-unsigned-5.4.0-1076-ibm - 5.4.0-1076.81 linux-modules-5.4.0-1076-ibm - 5.4.0-1076.81 linux-modules-extra-5.4.0-1076-ibm - 5.4.0-1076.81 linux-tools-5.4.0-1076-ibm - 5.4.0-1076.81 No subscription required linux-bluefield-headers-5.4.0-1089 - 5.4.0-1089.96 linux-bluefield-tools-5.4.0-1089 - 5.4.0-1089.96 linux-buildinfo-5.4.0-1089-bluefield - 5.4.0-1089.96 linux-headers-5.4.0-1089-bluefield - 5.4.0-1089.96 linux-image-5.4.0-1089-bluefield - 5.4.0-1089.96 linux-image-unsigned-5.4.0-1089-bluefield - 5.4.0-1089.96 linux-modules-5.4.0-1089-bluefield - 5.4.0-1089.96 linux-tools-5.4.0-1089-bluefield - 5.4.0-1089.96 No subscription required linux-buildinfo-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-cloud-tools-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-gkeop-cloud-tools-5.4.0-1096 - 5.4.0-1096.100 linux-gkeop-headers-5.4.0-1096 - 5.4.0-1096.100 linux-gkeop-source-5.4.0 - 5.4.0-1096.100 linux-gkeop-tools-5.4.0-1096 - 5.4.0-1096.100 linux-headers-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-image-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-image-unsigned-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-modules-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-modules-extra-5.4.0-1096-gkeop - 5.4.0-1096.100 linux-tools-5.4.0-1096-gkeop - 5.4.0-1096.100 No subscription required linux-buildinfo-5.4.0-1113-raspi - 5.4.0-1113.125 linux-headers-5.4.0-1113-raspi - 5.4.0-1113.125 linux-image-5.4.0-1113-raspi - 5.4.0-1113.125 linux-modules-5.4.0-1113-raspi - 5.4.0-1113.125 linux-raspi-headers-5.4.0-1113 - 5.4.0-1113.125 linux-raspi-tools-5.4.0-1113 - 5.4.0-1113.125 linux-tools-5.4.0-1113-raspi - 5.4.0-1113.125 No subscription required linux-buildinfo-5.4.0-1117-kvm - 5.4.0-1117.124 linux-headers-5.4.0-1117-kvm - 5.4.0-1117.124 linux-image-5.4.0-1117-kvm - 5.4.0-1117.124 linux-image-unsigned-5.4.0-1117-kvm - 5.4.0-1117.124 linux-kvm-headers-5.4.0-1117 - 5.4.0-1117.124 linux-kvm-tools-5.4.0-1117 - 5.4.0-1117.124 linux-modules-5.4.0-1117-kvm - 5.4.0-1117.124 linux-tools-5.4.0-1117-kvm - 5.4.0-1117.124 No subscription required linux-buildinfo-5.4.0-1133-gcp - 5.4.0-1133.142 linux-gcp-headers-5.4.0-1133 - 5.4.0-1133.142 linux-gcp-tools-5.4.0-1133 - 5.4.0-1133.142 linux-headers-5.4.0-1133-gcp - 5.4.0-1133.142 linux-image-5.4.0-1133-gcp - 5.4.0-1133.142 linux-image-unsigned-5.4.0-1133-gcp - 5.4.0-1133.142 linux-modules-5.4.0-1133-gcp - 5.4.0-1133.142 linux-modules-extra-5.4.0-1133-gcp - 5.4.0-1133.142 linux-tools-5.4.0-1133-gcp - 5.4.0-1133.142 No subscription required linux-azure-cloud-tools-5.4.0-1134 - 5.4.0-1134.141 linux-azure-headers-5.4.0-1134 - 5.4.0-1134.141 linux-azure-tools-5.4.0-1134 - 5.4.0-1134.141 linux-buildinfo-5.4.0-1134-azure - 5.4.0-1134.141 linux-cloud-tools-5.4.0-1134-azure - 5.4.0-1134.141 linux-headers-5.4.0-1134-azure - 5.4.0-1134.141 linux-image-5.4.0-1134-azure - 5.4.0-1134.141 linux-image-unsigned-5.4.0-1134-azure - 5.4.0-1134.141 linux-modules-5.4.0-1134-azure - 5.4.0-1134.141 linux-modules-extra-5.4.0-1134-azure - 5.4.0-1134.141 linux-tools-5.4.0-1134-azure - 5.4.0-1134.141 No subscription required linux-buildinfo-5.4.0-190-generic - 5.4.0-190.210 linux-buildinfo-5.4.0-190-generic-lpae - 5.4.0-190.210 linux-buildinfo-5.4.0-190-lowlatency - 5.4.0-190.210 linux-cloud-tools-5.4.0-190 - 5.4.0-190.210 linux-cloud-tools-5.4.0-190-generic - 5.4.0-190.210 linux-cloud-tools-5.4.0-190-lowlatency - 5.4.0-190.210 linux-cloud-tools-common - 5.4.0-190.210 linux-doc - 5.4.0-190.210 linux-headers-5.4.0-190 - 5.4.0-190.210 linux-headers-5.4.0-190-generic - 5.4.0-190.210 linux-headers-5.4.0-190-generic-lpae - 5.4.0-190.210 linux-headers-5.4.0-190-lowlatency - 5.4.0-190.210 linux-image-5.4.0-190-generic - 5.4.0-190.210 linux-image-5.4.0-190-generic-lpae - 5.4.0-190.210 linux-image-5.4.0-190-lowlatency - 5.4.0-190.210 linux-image-unsigned-5.4.0-190-generic - 5.4.0-190.210 linux-image-unsigned-5.4.0-190-lowlatency - 5.4.0-190.210 linux-libc-dev - 5.4.0-190.210 linux-modules-5.4.0-190-generic - 5.4.0-190.210 linux-modules-5.4.0-190-generic-lpae - 5.4.0-190.210 linux-modules-5.4.0-190-lowlatency - 5.4.0-190.210 linux-modules-extra-5.4.0-190-generic - 5.4.0-190.210 linux-source-5.4.0 - 5.4.0-190.210 linux-tools-5.4.0-190 - 5.4.0-190.210 linux-tools-5.4.0-190-generic - 5.4.0-190.210 linux-tools-5.4.0-190-generic-lpae - 5.4.0-190.210 linux-tools-5.4.0-190-lowlatency - 5.4.0-190.210 linux-tools-common - 5.4.0-190.210 linux-tools-host - 5.4.0-190.210 No subscription required linux-headers-iot - 5.4.0.1041.39 linux-image-iot - 5.4.0.1041.39 linux-iot - 5.4.0.1041.39 linux-tools-iot - 5.4.0.1041.39 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1048.48 linux-image-xilinx-zynqmp - 5.4.0.1048.48 linux-tools-xilinx-zynqmp - 5.4.0.1048.48 linux-xilinx-zynqmp - 5.4.0.1048.48 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1076.105 linux-ibm-lts-20.04 - 5.4.0.1076.105 linux-image-ibm-lts-20.04 - 5.4.0.1076.105 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1076.105 linux-tools-ibm-lts-20.04 - 5.4.0.1076.105 No subscription required linux-bluefield - 5.4.0.1089.85 linux-headers-bluefield - 5.4.0.1089.85 linux-image-bluefield - 5.4.0.1089.85 linux-tools-bluefield - 5.4.0.1089.85 No subscription required linux-cloud-tools-gkeop - 5.4.0.1096.94 linux-cloud-tools-gkeop-5.4 - 5.4.0.1096.94 linux-gkeop - 5.4.0.1096.94 linux-gkeop-5.4 - 5.4.0.1096.94 linux-headers-gkeop - 5.4.0.1096.94 linux-headers-gkeop-5.4 - 5.4.0.1096.94 linux-image-gkeop - 5.4.0.1096.94 linux-image-gkeop-5.4 - 5.4.0.1096.94 linux-modules-extra-gkeop - 5.4.0.1096.94 linux-modules-extra-gkeop-5.4 - 5.4.0.1096.94 linux-tools-gkeop - 5.4.0.1096.94 linux-tools-gkeop-5.4 - 5.4.0.1096.94 No subscription required linux-headers-raspi - 5.4.0.1113.143 linux-headers-raspi-hwe-18.04 - 5.4.0.1113.143 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1113.143 linux-headers-raspi2 - 5.4.0.1113.143 linux-headers-raspi2-hwe-18.04 - 5.4.0.1113.143 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1113.143 linux-image-raspi - 5.4.0.1113.143 linux-image-raspi-hwe-18.04 - 5.4.0.1113.143 linux-image-raspi-hwe-18.04-edge - 5.4.0.1113.143 linux-image-raspi2 - 5.4.0.1113.143 linux-image-raspi2-hwe-18.04 - 5.4.0.1113.143 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1113.143 linux-raspi - 5.4.0.1113.143 linux-raspi-hwe-18.04 - 5.4.0.1113.143 linux-raspi-hwe-18.04-edge - 5.4.0.1113.143 linux-raspi2 - 5.4.0.1113.143 linux-raspi2-hwe-18.04 - 5.4.0.1113.143 linux-raspi2-hwe-18.04-edge - 5.4.0.1113.143 linux-tools-raspi - 5.4.0.1113.143 linux-tools-raspi-hwe-18.04 - 5.4.0.1113.143 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1113.143 linux-tools-raspi2 - 5.4.0.1113.143 linux-tools-raspi2-hwe-18.04 - 5.4.0.1113.143 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1113.143 No subscription required linux-headers-kvm - 5.4.0.1117.113 linux-image-kvm - 5.4.0.1117.113 linux-kvm - 5.4.0.1117.113 linux-tools-kvm - 5.4.0.1117.113 No subscription required linux-gcp-lts-20.04 - 5.4.0.1133.135 linux-headers-gcp-lts-20.04 - 5.4.0.1133.135 linux-image-gcp-lts-20.04 - 5.4.0.1133.135 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1133.135 linux-tools-gcp-lts-20.04 - 5.4.0.1133.135 No subscription required linux-azure-lts-20.04 - 5.4.0.1134.128 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1134.128 linux-headers-azure-lts-20.04 - 5.4.0.1134.128 linux-image-azure-lts-20.04 - 5.4.0.1134.128 linux-modules-extra-azure-lts-20.04 - 5.4.0.1134.128 linux-tools-azure-lts-20.04 - 5.4.0.1134.128 No subscription required linux-cloud-tools-generic - 5.4.0.190.188 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.190.188 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.190.188 linux-cloud-tools-lowlatency - 5.4.0.190.188 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.190.188 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.190.188 linux-cloud-tools-virtual - 5.4.0.190.188 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.190.188 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.190.188 linux-crashdump - 5.4.0.190.188 linux-generic - 5.4.0.190.188 linux-generic-hwe-18.04 - 5.4.0.190.188 linux-generic-hwe-18.04-edge - 5.4.0.190.188 linux-generic-lpae - 5.4.0.190.188 linux-generic-lpae-hwe-18.04 - 5.4.0.190.188 linux-generic-lpae-hwe-18.04-edge - 5.4.0.190.188 linux-headers-generic - 5.4.0.190.188 linux-headers-generic-hwe-18.04 - 5.4.0.190.188 linux-headers-generic-hwe-18.04-edge - 5.4.0.190.188 linux-headers-generic-lpae - 5.4.0.190.188 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.190.188 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.190.188 linux-headers-lowlatency - 5.4.0.190.188 linux-headers-lowlatency-hwe-18.04 - 5.4.0.190.188 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.190.188 linux-headers-oem - 5.4.0.190.188 linux-headers-oem-osp1 - 5.4.0.190.188 linux-headers-virtual - 5.4.0.190.188 linux-headers-virtual-hwe-18.04 - 5.4.0.190.188 linux-headers-virtual-hwe-18.04-edge - 5.4.0.190.188 linux-image-extra-virtual - 5.4.0.190.188 linux-image-extra-virtual-hwe-18.04 - 5.4.0.190.188 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.190.188 linux-image-generic - 5.4.0.190.188 linux-image-generic-hwe-18.04 - 5.4.0.190.188 linux-image-generic-hwe-18.04-edge - 5.4.0.190.188 linux-image-generic-lpae - 5.4.0.190.188 linux-image-generic-lpae-hwe-18.04 - 5.4.0.190.188 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.190.188 linux-image-lowlatency - 5.4.0.190.188 linux-image-lowlatency-hwe-18.04 - 5.4.0.190.188 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.190.188 linux-image-oem - 5.4.0.190.188 linux-image-oem-osp1 - 5.4.0.190.188 linux-image-virtual - 5.4.0.190.188 linux-image-virtual-hwe-18.04 - 5.4.0.190.188 linux-image-virtual-hwe-18.04-edge - 5.4.0.190.188 linux-lowlatency - 5.4.0.190.188 linux-lowlatency-hwe-18.04 - 5.4.0.190.188 linux-lowlatency-hwe-18.04-edge - 5.4.0.190.188 linux-oem - 5.4.0.190.188 linux-oem-osp1 - 5.4.0.190.188 linux-oem-osp1-tools-host - 5.4.0.190.188 linux-oem-tools-host - 5.4.0.190.188 linux-source - 5.4.0.190.188 linux-tools-generic - 5.4.0.190.188 linux-tools-generic-hwe-18.04 - 5.4.0.190.188 linux-tools-generic-hwe-18.04-edge - 5.4.0.190.188 linux-tools-generic-lpae - 5.4.0.190.188 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.190.188 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.190.188 linux-tools-lowlatency - 5.4.0.190.188 linux-tools-lowlatency-hwe-18.04 - 5.4.0.190.188 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.190.188 linux-tools-oem - 5.4.0.190.188 linux-tools-oem-osp1 - 5.4.0.190.188 linux-tools-virtual - 5.4.0.190.188 linux-tools-virtual-hwe-18.04 - 5.4.0.190.188 linux-tools-virtual-hwe-18.04-edge - 5.4.0.190.188 linux-virtual - 5.4.0.190.188 linux-virtual-hwe-18.04 - 5.4.0.190.188 linux-virtual-hwe-18.04-edge - 5.4.0.190.188 No subscription required High CVE-2021-47131 CVE-2022-48655 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26907 CVE-2024-36016 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM SCMI message protocol; - InfiniBand drivers; - TTY drivers; - TLS protocol; (CVE-2022-48655, CVE-2024-36016, CVE-2024-26584, CVE-2021-47131, CVE-2024-26907, CVE-2024-26585, CVE-2024-26583) Update Instructions: Run `sudo pro fix USN-6924-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-5.4.0-1129 - 5.4.0-1129.139 linux-aws-headers-5.4.0-1129 - 5.4.0-1129.139 linux-aws-tools-5.4.0-1129 - 5.4.0-1129.139 linux-buildinfo-5.4.0-1129-aws - 5.4.0-1129.139 linux-cloud-tools-5.4.0-1129-aws - 5.4.0-1129.139 linux-headers-5.4.0-1129-aws - 5.4.0-1129.139 linux-image-5.4.0-1129-aws - 5.4.0-1129.139 linux-image-unsigned-5.4.0-1129-aws - 5.4.0-1129.139 linux-modules-5.4.0-1129-aws - 5.4.0-1129.139 linux-modules-extra-5.4.0-1129-aws - 5.4.0-1129.139 linux-tools-5.4.0-1129-aws - 5.4.0-1129.139 No subscription required linux-aws-lts-20.04 - 5.4.0.1129.126 linux-headers-aws-lts-20.04 - 5.4.0.1129.126 linux-image-aws-lts-20.04 - 5.4.0.1129.126 linux-modules-extra-aws-lts-20.04 - 5.4.0.1129.126 linux-tools-aws-lts-20.04 - 5.4.0.1129.126 No subscription required High CVE-2021-47131 CVE-2022-48655 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26907 CVE-2024-36016 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - Distributed Switch Architecture; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - ALSA SH drivers; - KVM core; (CVE-2024-35902, CVE-2024-35958, CVE-2024-35978, CVE-2024-35886, CVE-2024-35807, CVE-2024-26994, CVE-2024-36004, CVE-2024-35955, CVE-2024-26925, CVE-2024-27059, CVE-2024-35989, CVE-2024-35940, CVE-2024-26952, CVE-2024-35907, CVE-2024-35819, CVE-2024-35872, CVE-2024-36016, CVE-2023-52488, CVE-2024-35884, CVE-2024-26886, CVE-2024-27018, CVE-2024-35905, CVE-2024-35897, CVE-2024-26929, CVE-2024-36007, CVE-2024-35855, CVE-2024-35885, CVE-2024-26965, CVE-2024-35896, CVE-2024-36029, CVE-2024-35813, CVE-2024-26811, CVE-2024-26923, CVE-2024-26961, CVE-2024-26958, CVE-2024-35997, CVE-2024-35809, CVE-2024-27396, CVE-2023-52880, CVE-2024-26966, CVE-2024-27017, CVE-2024-26812, CVE-2024-35960, CVE-2024-35805, CVE-2024-35982, CVE-2024-35976, CVE-2024-35888, CVE-2024-26955, CVE-2024-27019, CVE-2024-35970, CVE-2024-35984, CVE-2024-27393, CVE-2024-26977, CVE-2024-27000, CVE-2024-35918, CVE-2024-26937, CVE-2024-35785, CVE-2024-35933, CVE-2024-26973, CVE-2022-48808, CVE-2024-35922, CVE-2024-35915, CVE-2024-35806, CVE-2024-26976, CVE-2024-26934, CVE-2024-26981, CVE-2024-36005, CVE-2024-26935, CVE-2024-26960, CVE-2024-26642, CVE-2024-27395, CVE-2024-35900, CVE-2024-26814, CVE-2024-26922, CVE-2024-35804, CVE-2024-26957, CVE-2024-35930, CVE-2023-52699, CVE-2024-36020, CVE-2024-35796, CVE-2024-35934, CVE-2024-26931, CVE-2024-35899, CVE-2024-27004, CVE-2024-35853, CVE-2024-35871, CVE-2024-26984, CVE-2024-35925, CVE-2024-35969, CVE-2024-35789, CVE-2024-35879, CVE-2024-36006, CVE-2024-26813, CVE-2024-35988, CVE-2024-36008, CVE-2024-35910, CVE-2024-35791, CVE-2024-26974, CVE-2024-26993, CVE-2024-35849, CVE-2024-26926, CVE-2024-35877, CVE-2024-26989, CVE-2024-35935, CVE-2024-26817, CVE-2024-35912, CVE-2024-27013, CVE-2024-35973, CVE-2024-35890, CVE-2024-35823, CVE-2024-35822, CVE-2024-27015, CVE-2024-35944, CVE-2024-35821, CVE-2024-26687, CVE-2024-27009, CVE-2024-35895, CVE-2024-35852, CVE-2024-35893, CVE-2024-26810, CVE-2024-26950, CVE-2024-35817, CVE-2024-26996, CVE-2024-27020, CVE-2024-35990, CVE-2024-26956, CVE-2024-27001, CVE-2024-26988, CVE-2024-26629, CVE-2024-26654, CVE-2024-35851, CVE-2024-27437, CVE-2024-35854, CVE-2024-35857, CVE-2024-26964, CVE-2024-35847, CVE-2024-35936, CVE-2023-52752, CVE-2024-36025, CVE-2024-26924, CVE-2024-26643, CVE-2024-26969, CVE-2024-35950, CVE-2024-35825, CVE-2024-27016, CVE-2024-35938, CVE-2024-26999, CVE-2024-35898, CVE-2024-26828, CVE-2024-35815, CVE-2024-26970, CVE-2024-26951, CVE-2024-27008) Update Instructions: Run `sudo pro fix USN-6927-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-gcp-5.15-headers-5.15.0-1065 - 5.15.0-1065.73~20.04.1 linux-gcp-5.15-tools-5.15.0-1065 - 5.15.0-1065.73~20.04.1 linux-headers-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-image-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-image-unsigned-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-modules-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-modules-extra-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-modules-iwlwifi-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 linux-tools-5.15.0-1065-gcp - 5.15.0-1065.73~20.04.1 No subscription required linux-gcp - 5.15.0.1065.73~20.04.1 linux-gcp-edge - 5.15.0.1065.73~20.04.1 linux-headers-gcp - 5.15.0.1065.73~20.04.1 linux-headers-gcp-edge - 5.15.0.1065.73~20.04.1 linux-image-gcp - 5.15.0.1065.73~20.04.1 linux-image-gcp-edge - 5.15.0.1065.73~20.04.1 linux-modules-extra-gcp - 5.15.0.1065.73~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1065.73~20.04.1 linux-tools-gcp - 5.15.0.1065.73~20.04.1 linux-tools-gcp-edge - 5.15.0.1065.73~20.04.1 No subscription required High CVE-2022-38096 CVE-2022-48808 CVE-2023-52488 CVE-2023-52699 CVE-2023-52752 CVE-2023-52880 CVE-2024-23307 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-24861 CVE-2024-25739 CVE-2024-25742 CVE-2024-26629 CVE-2024-26642 CVE-2024-26643 CVE-2024-26654 CVE-2024-26687 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814 CVE-2024-26817 CVE-2024-26828 CVE-2024-26886 CVE-2024-26922 CVE-2024-26923 CVE-2024-26924 CVE-2024-26925 CVE-2024-26926 CVE-2024-26929 CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26950 CVE-2024-26951 CVE-2024-26952 CVE-2024-26955 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26964 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26977 CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26993 CVE-2024-26994 CVE-2024-26996 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27009 CVE-2024-27013 CVE-2024-27015 CVE-2024-27016 CVE-2024-27017 CVE-2024-27018 CVE-2024-27019 CVE-2024-27020 CVE-2024-27059 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27437 CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35804 CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35847 CVE-2024-35849 CVE-2024-35851 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35857 CVE-2024-35871 CVE-2024-35872 CVE-2024-35877 CVE-2024-35879 CVE-2024-35884 CVE-2024-35885 CVE-2024-35886 CVE-2024-35888 CVE-2024-35890 CVE-2024-35893 CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905 CVE-2024-35907 CVE-2024-35910 CVE-2024-35912 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925 CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935 CVE-2024-35936 CVE-2024-35938 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950 CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35969 CVE-2024-35970 CVE-2024-35973 CVE-2024-35976 CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35988 CVE-2024-35989 CVE-2024-35990 CVE-2024-35997 CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007 CVE-2024-36008 CVE-2024-36016 CVE-2024-36020 CVE-2024-36025 CVE-2024-36029 Ubuntu 20.04 LTS It was discovered that the Python ssl module contained a memory race condition when handling the APIs to obtain the CA certificates and certificate store statistics. This could possibly result in applications obtaining wrong results, leading to various SSL issues. (CVE-2024-0397) It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered "private" or "globally reachable". This could possibly result in applications applying incorrect security policies. (CVE-2024-4032) Update Instructions: Run `sudo pro fix USN-6928-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.11 libpython3.8 - 3.8.10-0ubuntu1~20.04.11 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.11 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.11 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.11 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.11 python3.8 - 3.8.10-0ubuntu1~20.04.11 python3.8-dev - 3.8.10-0ubuntu1~20.04.11 python3.8-doc - 3.8.10-0ubuntu1~20.04.11 python3.8-examples - 3.8.10-0ubuntu1~20.04.11 python3.8-full - 3.8.10-0ubuntu1~20.04.11 python3.8-minimal - 3.8.10-0ubuntu1~20.04.11 python3.8-venv - 3.8.10-0ubuntu1~20.04.11 No subscription required Medium CVE-2024-0397 CVE-2024-4032 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 8 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 8 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 8 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21140) Yakov Shafranovich discovered that the Concurrency component of OpenJDK 8 incorrectly performed header validation in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21144) Sergey Bylokhov discovered that OpenJDK 8 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21147) Update Instructions: Run `sudo pro fix USN-6929-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u422-b05-1~20.04 openjdk-8-doc - 8u422-b05-1~20.04 openjdk-8-jdk - 8u422-b05-1~20.04 openjdk-8-jdk-headless - 8u422-b05-1~20.04 openjdk-8-jre - 8u422-b05-1~20.04 openjdk-8-jre-headless - 8u422-b05-1~20.04 openjdk-8-jre-zero - 8u422-b05-1~20.04 openjdk-8-source - 8u422-b05-1~20.04 No subscription required Medium CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21144 CVE-2024-21145 CVE-2024-21147 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 11 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 11 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 11 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21140) Yakov Shafranovich discovered that the Concurrency component of OpenJDK 11 incorrectly performed header validation in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-21144) Sergey Bylokhov discovered that OpenJDK 11 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21147) Update Instructions: Run `sudo pro fix USN-6930-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.24+8-1ubuntu3~20.04 openjdk-11-doc - 11.0.24+8-1ubuntu3~20.04 openjdk-11-jdk - 11.0.24+8-1ubuntu3~20.04 openjdk-11-jdk-headless - 11.0.24+8-1ubuntu3~20.04 openjdk-11-jre - 11.0.24+8-1ubuntu3~20.04 openjdk-11-jre-headless - 11.0.24+8-1ubuntu3~20.04 openjdk-11-jre-zero - 11.0.24+8-1ubuntu3~20.04 openjdk-11-source - 11.0.24+8-1ubuntu3~20.04 No subscription required Medium CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21144 CVE-2024-21145 CVE-2024-21147 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 17 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 17 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 17 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21140) Sergey Bylokhov discovered that OpenJDK 17 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21147) Update Instructions: Run `sudo pro fix USN-6931-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.12+7-1ubuntu2~20.04 openjdk-17-doc - 17.0.12+7-1ubuntu2~20.04 openjdk-17-jdk - 17.0.12+7-1ubuntu2~20.04 openjdk-17-jdk-headless - 17.0.12+7-1ubuntu2~20.04 openjdk-17-jre - 17.0.12+7-1ubuntu2~20.04 openjdk-17-jre-headless - 17.0.12+7-1ubuntu2~20.04 openjdk-17-jre-zero - 17.0.12+7-1ubuntu2~20.04 openjdk-17-source - 17.0.12+7-1ubuntu2~20.04 No subscription required Medium CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 21 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 21 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 21 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21140) Sergey Bylokhov discovered that OpenJDK 21 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-21147) Update Instructions: Run `sudo pro fix USN-6932-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-demo - 21.0.4+7-1ubuntu2~20.04 openjdk-21-doc - 21.0.4+7-1ubuntu2~20.04 openjdk-21-jdk - 21.0.4+7-1ubuntu2~20.04 openjdk-21-jdk-headless - 21.0.4+7-1ubuntu2~20.04 openjdk-21-jre - 21.0.4+7-1ubuntu2~20.04 openjdk-21-jre-headless - 21.0.4+7-1ubuntu2~20.04 openjdk-21-jre-zero - 21.0.4+7-1ubuntu2~20.04 openjdk-21-source - 21.0.4+7-1ubuntu2~20.04 openjdk-21-testsupport - 21.0.4+7-1ubuntu2~20.04 No subscription required Medium CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 Ubuntu 20.04 LTS It was discovered that ClickHouse incorrectly handled memory, leading to a heap out-of-bounds data read. An attacker could possibly use this issue to cause a denial of service, or leak sensitive information. (CVE-2021-42387, CVE-2021-41388) It was discovered that ClickHouse incorrectly handled memory, leading to a heap-based buffer overflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2021-43305) Update Instructions: Run `sudo pro fix USN-6933-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clickhouse-client - 18.16.1+ds-7ubuntu0.1 clickhouse-common - 18.16.1+ds-7ubuntu0.1 clickhouse-server - 18.16.1+ds-7ubuntu0.1 clickhouse-tools - 18.16.1+ds-7ubuntu0.1 No subscription required Medium CVE-2021-42387 CVE-2021-42388 CVE-2021-43305 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.39 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-38.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-39.html https://www.oracle.com/security-alerts/cpujul2024.html Update Instructions: Run `sudo pro fix USN-6934-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.39-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.39-0ubuntu0.20.04.1 mysql-client - 8.0.39-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.39-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.39-0ubuntu0.20.04.1 mysql-router - 8.0.39-0ubuntu0.20.04.1 mysql-server - 8.0.39-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.39-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.39-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.39-0ubuntu0.20.04.1 mysql-testsuite - 8.0.39-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.39-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-20996 CVE-2024-21125 CVE-2024-21127 CVE-2024-21129 CVE-2024-21130 CVE-2024-21134 CVE-2024-21142 CVE-2024-21162 CVE-2024-21163 CVE-2024-21165 CVE-2024-21171 CVE-2024-21173 CVE-2024-21177 CVE-2024-21179 CVE-2024-21185 Ubuntu 20.04 LTS It was discovered that prometheus-alertmanager didn't properly sanitize input it received through an API endpoint. An attacker with permission to send requests to this endpoint could potentially inject arbitrary code. On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, this vulnerability is only present if the UI has been explicitly activated. Update Instructions: Run `sudo pro fix USN-6935-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-prometheus-alertmanager-dev - 0.15.3+ds-3ubuntu1.2 prometheus-alertmanager - 0.15.3+ds-3ubuntu1.2 No subscription required Medium CVE-2023-40577 Ubuntu 20.04 LTS It was discovered that OpenSSL incorrectly handled TLSv1.3 sessions when certain non-default TLS server configurations were in use. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. (CVE-2024-2511) It was discovered that OpenSSL incorrectly handled checking excessively long DSA keys or parameters. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-4603) William Ahern discovered that OpenSSL incorrectly handled certain memory operations in a rarely-used API. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-4741) Joseph Birr-Pixton discovered that OpenSSL incorrectly handled calling a certain API with an empty supported client protocols buffer. A remote attacker could possibly use this issue to obtain sensitive information, or cause OpenSSL to crash, resulting in a denial of service. (CVE-2024-5535) Update Instructions: Run `sudo pro fix USN-6937-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 1.1.1f-1ubuntu2.23 libssl-doc - 1.1.1f-1ubuntu2.23 libssl1.1 - 1.1.1f-1ubuntu2.23 openssl - 1.1.1f-1ubuntu2.23 No subscription required Low CVE-2024-2511 CVE-2024-4603 CVE-2024-4741 CVE-2024-5535 Ubuntu 20.04 LTS Phillip Szelat discovered that Exim misparses multiline MIME header filenames. A remote attacker could use this issue to bypass a MIME filename extension-blocking protection mechanism and possibly deliver executable attachments to the mailboxes of end users. Update Instructions: Run `sudo pro fix USN-6939-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: exim4 - 4.93-13ubuntu1.12 exim4-base - 4.93-13ubuntu1.12 exim4-config - 4.93-13ubuntu1.12 exim4-daemon-heavy - 4.93-13ubuntu1.12 exim4-daemon-light - 4.93-13ubuntu1.12 exim4-dev - 4.93-13ubuntu1.12 eximon4 - 4.93-13ubuntu1.12 No subscription required Medium CVE-2024-39929 Ubuntu 20.04 LTS Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. (CVE-2024-1724) Zeyad Gouda discovered that snapd failed to properly check the file type when extracting a snap. An attacker who could convince a user to install a malicious snap containing non-regular files could then cause snapd to block indefinitely while trying to read from such files and cause a denial of service. (CVE-2024-29068) Zeyad Gouda discovered that snapd failed to properly check the destination of symbolic links when extracting a snap. An attacker who could convince a user to install a malicious snap containing crafted symbolic links could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow a local unprivileged user to gain access to privileged information. (CVE-2024-29069) Update Instructions: Run `sudo pro fix USN-6940-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-snapcore-snapd-dev - 2.63+20.04ubuntu0.1 golang-github-ubuntu-core-snappy-dev - 2.63+20.04ubuntu0.1 snap-confine - 2.63+20.04ubuntu0.1 snapd - 2.63+20.04ubuntu0.1 snapd-xdg-open - 2.63+20.04ubuntu0.1 ubuntu-core-launcher - 2.63+20.04ubuntu0.1 ubuntu-core-snapd-units - 2.63+20.04ubuntu0.1 ubuntu-snappy - 2.63+20.04ubuntu0.1 ubuntu-snappy-cli - 2.63+20.04ubuntu0.1 No subscription required Medium CVE-2024-1724 CVE-2024-29068 CVE-2024-29069 Ubuntu 20.04 LTS It was discovered that Gross incorrectly handled memory when composing log entries. An attacker could possibly use this issue to cause Gross to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6942-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gross - 1.0.2-4ubuntu0.20.04.1 No subscription required Medium CVE-2023-52159 Ubuntu 20.04 LTS It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS (CVE-2020-9484) It was discovered that Tomcat incorrectly handled certain HTTP/2 connection requests. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. This issue only affected tomcat8 for Ubuntu 18.04 LTS (CVE-2021-25122) Thomas Wozenilek discovered that Tomcat incorrectly handled certain TLS packets. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected tomcat8 for Ubuntu 18.04 LTS (CVE-2021-41079) Trung Pham discovered that a race condition existed in Tomcat when handling session files with FileStore. A remote attacker could possibly use this issue to execute arbitrary code. This issue affected tomcat8 for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, and tomcat9 for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS (CVE-2022-23181) It was discovered that Tomcat's documentation incorrectly stated that EncryptInterceptor provided availability protection when running over an untrusted network. A remote attacker could possibly use this issue to cause a denial of service even if EncryptInterceptor was being used. This issue affected tomcat8 for Ubuntu 18.04 LTS, and tomcat9 for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS (CVE-2022-29885) Update Instructions: Run `sudo pro fix USN-6943-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtomcat9-embed-java - 9.0.31-1ubuntu0.6 libtomcat9-java - 9.0.31-1ubuntu0.6 tomcat9 - 9.0.31-1ubuntu0.6 tomcat9-admin - 9.0.31-1ubuntu0.6 tomcat9-common - 9.0.31-1ubuntu0.6 tomcat9-docs - 9.0.31-1ubuntu0.6 tomcat9-examples - 9.0.31-1ubuntu0.6 tomcat9-user - 9.0.31-1ubuntu0.6 No subscription required Medium CVE-2020-9484 CVE-2021-25122 CVE-2021-41079 CVE-2022-23181 CVE-2022-29885 Ubuntu 20.04 LTS Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. Update Instructions: Run `sudo pro fix USN-6944-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.23 libcurl3-gnutls - 7.68.0-1ubuntu2.23 libcurl3-nss - 7.68.0-1ubuntu2.23 libcurl4 - 7.68.0-1ubuntu2.23 libcurl4-doc - 7.68.0-1ubuntu2.23 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.23 libcurl4-nss-dev - 7.68.0-1ubuntu2.23 libcurl4-openssl-dev - 7.68.0-1ubuntu2.23 No subscription required Medium CVE-2024-7264 Ubuntu 20.04 LTS Rory McNamara discovered that wpa_supplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root. Update Instructions: Run `sudo pro fix USN-6945-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hostapd - 2:2.9-1ubuntu4.4 wpagui - 2:2.9-1ubuntu4.4 wpasupplicant - 2:2.9-1ubuntu4.4 No subscription required Medium CVE-2024-5290 https://launchpad.net/bugs/2067613 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain strings in floatformat function. An attacker could possibly use this issue to cause a memory exhaustion. (CVE-2024-41989) It was discovered that Django incorrectly handled very large inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-41990) It was discovered that Django in AdminURLFieldWidget incorrectly handled certain inputs with a very large number of Unicode characters. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-41991) It was discovered that Django incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a potential SQL injection. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-42005) Update Instructions: Run `sudo pro fix USN-6946-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.24 python3-django - 2:2.2.12-1ubuntu0.24 No subscription required Medium CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005 Ubuntu 20.04 LTS It was discovered that Kerberos incorrectly handled GSS message tokens where an unwrapped token could appear to be truncated. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-37370) It was discovered that Kerberos incorrectly handled GSS message tokens when sent a token with invalid length fields. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-37371) Update Instructions: Run `sudo pro fix USN-6947-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-admin-server - 1.17-6ubuntu4.6 krb5-doc - 1.17-6ubuntu4.6 krb5-gss-samples - 1.17-6ubuntu4.6 krb5-k5tls - 1.17-6ubuntu4.6 krb5-kdc - 1.17-6ubuntu4.6 krb5-kdc-ldap - 1.17-6ubuntu4.6 krb5-kpropd - 1.17-6ubuntu4.6 krb5-locales - 1.17-6ubuntu4.6 krb5-multidev - 1.17-6ubuntu4.6 krb5-otp - 1.17-6ubuntu4.6 krb5-pkinit - 1.17-6ubuntu4.6 krb5-user - 1.17-6ubuntu4.6 libgssapi-krb5-2 - 1.17-6ubuntu4.6 libgssrpc4 - 1.17-6ubuntu4.6 libk5crypto3 - 1.17-6ubuntu4.6 libkadm5clnt-mit11 - 1.17-6ubuntu4.6 libkadm5srv-mit11 - 1.17-6ubuntu4.6 libkdb5-9 - 1.17-6ubuntu4.6 libkrad-dev - 1.17-6ubuntu4.6 libkrad0 - 1.17-6ubuntu4.6 libkrb5-3 - 1.17-6ubuntu4.6 libkrb5-dev - 1.17-6ubuntu4.6 libkrb5support0 - 1.17-6ubuntu4.6 No subscription required Medium CVE-2024-37370 CVE-2024-37371 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - EEPROM drivers; - Network drivers; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - 9P distributed file system; - Network file system client; - SMB network file system; - Socket messages infrastructure; - Dynamic debug library; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - NSH protocol; - Phonet protocol; - TIPC protocol; - Wireless networking; - Key management; - ALSA framework; - HD-audio driver; (CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975, CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848, CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398, CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937, CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959, CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889, CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946, CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941, CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950, CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969, CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401, CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953, CVE-2024-36944, CVE-2024-36939) Update Instructions: Run `sudo pro fix USN-6950-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-cloud-tools-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-headers-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-image-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-image-unsigned-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1062.68~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1062 - 5.15.0-1062.68~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1062.68~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1062.68~20.04.1 linux-modules-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-modules-extra-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-modules-iwlwifi-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 linux-tools-5.15.0-1062-intel-iotg - 5.15.0-1062.68~20.04.1 No subscription required linux-buildinfo-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-gcp-5.15-headers-5.15.0-1066 - 5.15.0-1066.74~20.04.1 linux-gcp-5.15-tools-5.15.0-1066 - 5.15.0-1066.74~20.04.1 linux-headers-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-image-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-image-unsigned-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-modules-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-modules-extra-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-modules-iwlwifi-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 linux-tools-5.15.0-1066-gcp - 5.15.0-1066.74~20.04.1 No subscription required linux-buildinfo-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-buildinfo-5.15.0-118-lowlatency-64k - 5.15.0-118.128~20.04.1 linux-cloud-tools-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-headers-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-headers-5.15.0-118-lowlatency-64k - 5.15.0-118.128~20.04.1 linux-image-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-image-5.15.0-118-lowlatency-64k - 5.15.0-118.128~20.04.1 linux-image-unsigned-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-image-unsigned-5.15.0-118-lowlatency-64k - 5.15.0-118.128~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-118 - 5.15.0-118.128~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-118.128~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-118 - 5.15.0-118.128~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-118 - 5.15.0-118.128~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-118.128~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-118.128~20.04.1 linux-modules-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-modules-5.15.0-118-lowlatency-64k - 5.15.0-118.128~20.04.1 linux-modules-iwlwifi-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-tools-5.15.0-118-lowlatency - 5.15.0-118.128~20.04.1 linux-tools-5.15.0-118-lowlatency-64k - 5.15.0-118.128~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1062.68~20.04.1 linux-headers-intel - 5.15.0.1062.68~20.04.1 linux-headers-intel-iotg - 5.15.0.1062.68~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1062.68~20.04.1 linux-image-intel - 5.15.0.1062.68~20.04.1 linux-image-intel-iotg - 5.15.0.1062.68~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1062.68~20.04.1 linux-intel - 5.15.0.1062.68~20.04.1 linux-intel-iotg - 5.15.0.1062.68~20.04.1 linux-intel-iotg-edge - 5.15.0.1062.68~20.04.1 linux-tools-intel - 5.15.0.1062.68~20.04.1 linux-tools-intel-iotg - 5.15.0.1062.68~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1062.68~20.04.1 No subscription required linux-gcp - 5.15.0.1066.74~20.04.1 linux-gcp-edge - 5.15.0.1066.74~20.04.1 linux-headers-gcp - 5.15.0.1066.74~20.04.1 linux-headers-gcp-edge - 5.15.0.1066.74~20.04.1 linux-image-gcp - 5.15.0.1066.74~20.04.1 linux-image-gcp-edge - 5.15.0.1066.74~20.04.1 linux-modules-extra-gcp - 5.15.0.1066.74~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1066.74~20.04.1 linux-tools-gcp - 5.15.0.1066.74~20.04.1 linux-tools-gcp-edge - 5.15.0.1066.74~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.118.128~20.04.1 No subscription required High CVE-2023-52585 CVE-2023-52882 CVE-2024-26900 CVE-2024-26936 CVE-2024-26980 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-35848 CVE-2024-35947 CVE-2024-36017 CVE-2024-36031 CVE-2024-36880 CVE-2024-36883 CVE-2024-36886 CVE-2024-36889 CVE-2024-36897 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36906 CVE-2024-36916 CVE-2024-36919 CVE-2024-36928 CVE-2024-36929 CVE-2024-36931 CVE-2024-36933 CVE-2024-36934 CVE-2024-36937 CVE-2024-36938 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36944 CVE-2024-36946 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36953 CVE-2024-36954 CVE-2024-36955 CVE-2024-36957 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36965 CVE-2024-36967 CVE-2024-36969 CVE-2024-36975 CVE-2024-38600 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - EEPROM drivers; - Network drivers; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - 9P distributed file system; - Network file system client; - SMB network file system; - Socket messages infrastructure; - Dynamic debug library; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - NSH protocol; - Phonet protocol; - TIPC protocol; - Wireless networking; - Key management; - ALSA framework; - HD-audio driver; (CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975, CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848, CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398, CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937, CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959, CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889, CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946, CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941, CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950, CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969, CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401, CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953, CVE-2024-36944, CVE-2024-36939) Update Instructions: Run `sudo pro fix USN-6950-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-cloud-tools-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-gkeop-5.15-headers-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-gkeop-5.15-tools-5.15.0-1050 - 5.15.0-1050.57~20.04.1 linux-headers-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-image-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-image-unsigned-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-modules-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-modules-extra-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 linux-tools-5.15.0-1050-gkeop - 5.15.0-1050.57~20.04.1 No subscription required linux-buildinfo-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 linux-headers-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 linux-ibm-5.15-headers-5.15.0-1060 - 5.15.0-1060.63~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1060.63~20.04.1 linux-ibm-5.15-tools-5.15.0-1060 - 5.15.0-1060.63~20.04.1 linux-image-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 linux-image-unsigned-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 linux-modules-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 linux-modules-extra-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 linux-tools-5.15.0-1060-ibm - 5.15.0-1060.63~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-aws-5.15-headers-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-aws-5.15-tools-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-buildinfo-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-cloud-tools-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-headers-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-image-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-image-unsigned-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-modules-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-modules-extra-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 linux-tools-5.15.0-1067-aws - 5.15.0-1067.73~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1050.57~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1050.57~20.04.1 linux-gkeop-5.15 - 5.15.0.1050.57~20.04.1 linux-gkeop-edge - 5.15.0.1050.57~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1050.57~20.04.1 linux-headers-gkeop-edge - 5.15.0.1050.57~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1050.57~20.04.1 linux-image-gkeop-edge - 5.15.0.1050.57~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1050.57~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1050.57~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1050.57~20.04.1 linux-tools-gkeop-edge - 5.15.0.1050.57~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1060.63~20.04.1 linux-headers-ibm-edge - 5.15.0.1060.63~20.04.1 linux-ibm - 5.15.0.1060.63~20.04.1 linux-ibm-edge - 5.15.0.1060.63~20.04.1 linux-image-ibm - 5.15.0.1060.63~20.04.1 linux-image-ibm-edge - 5.15.0.1060.63~20.04.1 linux-tools-ibm - 5.15.0.1060.63~20.04.1 linux-tools-ibm-edge - 5.15.0.1060.63~20.04.1 No subscription required linux-aws - 5.15.0.1067.73~20.04.1 linux-aws-edge - 5.15.0.1067.73~20.04.1 linux-headers-aws - 5.15.0.1067.73~20.04.1 linux-headers-aws-edge - 5.15.0.1067.73~20.04.1 linux-image-aws - 5.15.0.1067.73~20.04.1 linux-image-aws-edge - 5.15.0.1067.73~20.04.1 linux-modules-extra-aws - 5.15.0.1067.73~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1067.73~20.04.1 linux-tools-aws - 5.15.0.1067.73~20.04.1 linux-tools-aws-edge - 5.15.0.1067.73~20.04.1 No subscription required High CVE-2023-52585 CVE-2023-52882 CVE-2024-26900 CVE-2024-26936 CVE-2024-26980 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-35848 CVE-2024-35947 CVE-2024-36017 CVE-2024-36031 CVE-2024-36880 CVE-2024-36883 CVE-2024-36886 CVE-2024-36889 CVE-2024-36897 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36906 CVE-2024-36916 CVE-2024-36919 CVE-2024-36928 CVE-2024-36929 CVE-2024-36931 CVE-2024-36933 CVE-2024-36934 CVE-2024-36937 CVE-2024-36938 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36944 CVE-2024-36946 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36953 CVE-2024-36954 CVE-2024-36955 CVE-2024-36957 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36965 CVE-2024-36967 CVE-2024-36969 CVE-2024-36975 CVE-2024-38600 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - EEPROM drivers; - Network drivers; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - 9P distributed file system; - Network file system client; - SMB network file system; - Socket messages infrastructure; - Dynamic debug library; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - NSH protocol; - Phonet protocol; - TIPC protocol; - Wireless networking; - Key management; - ALSA framework; - HD-audio driver; (CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975, CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848, CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398, CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937, CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959, CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889, CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946, CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941, CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950, CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969, CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401, CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953, CVE-2024-36944, CVE-2024-36939) Update Instructions: Run `sudo pro fix USN-6950-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-buildinfo-5.15.0-118-generic-64k - 5.15.0-118.128~20.04.1 linux-buildinfo-5.15.0-118-generic-lpae - 5.15.0-118.128~20.04.1 linux-cloud-tools-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-headers-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-headers-5.15.0-118-generic-64k - 5.15.0-118.128~20.04.1 linux-headers-5.15.0-118-generic-lpae - 5.15.0-118.128~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-118 - 5.15.0-118.128~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-118.128~20.04.1 linux-hwe-5.15-headers-5.15.0-118 - 5.15.0-118.128~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-118.128~20.04.1 linux-hwe-5.15-tools-5.15.0-118 - 5.15.0-118.128~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-118.128~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-118.128~20.04.1 linux-image-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-image-5.15.0-118-generic-64k - 5.15.0-118.128~20.04.1 linux-image-5.15.0-118-generic-lpae - 5.15.0-118.128~20.04.1 linux-image-unsigned-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-image-unsigned-5.15.0-118-generic-64k - 5.15.0-118.128~20.04.1 linux-modules-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-modules-5.15.0-118-generic-64k - 5.15.0-118.128~20.04.1 linux-modules-5.15.0-118-generic-lpae - 5.15.0-118.128~20.04.1 linux-modules-extra-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-modules-iwlwifi-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-tools-5.15.0-118-generic - 5.15.0-118.128~20.04.1 linux-tools-5.15.0-118-generic-64k - 5.15.0-118.128~20.04.1 linux-tools-5.15.0-118-generic-lpae - 5.15.0-118.128~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-generic-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-headers-oem-20.04 - 5.15.0.118.128~20.04.1 linux-headers-oem-20.04b - 5.15.0.118.128~20.04.1 linux-headers-oem-20.04c - 5.15.0.118.128~20.04.1 linux-headers-oem-20.04d - 5.15.0.118.128~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-image-oem-20.04 - 5.15.0.118.128~20.04.1 linux-image-oem-20.04b - 5.15.0.118.128~20.04.1 linux-image-oem-20.04c - 5.15.0.118.128~20.04.1 linux-image-oem-20.04d - 5.15.0.118.128~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.118.128~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.118.128~20.04.1 linux-oem-20.04 - 5.15.0.118.128~20.04.1 linux-oem-20.04b - 5.15.0.118.128~20.04.1 linux-oem-20.04c - 5.15.0.118.128~20.04.1 linux-oem-20.04d - 5.15.0.118.128~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-tools-oem-20.04 - 5.15.0.118.128~20.04.1 linux-tools-oem-20.04b - 5.15.0.118.128~20.04.1 linux-tools-oem-20.04c - 5.15.0.118.128~20.04.1 linux-tools-oem-20.04d - 5.15.0.118.128~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.118.128~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.118.128~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.118.128~20.04.1 No subscription required High CVE-2023-52585 CVE-2023-52882 CVE-2024-26900 CVE-2024-26936 CVE-2024-26980 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-35848 CVE-2024-35947 CVE-2024-36017 CVE-2024-36031 CVE-2024-36880 CVE-2024-36883 CVE-2024-36886 CVE-2024-36889 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36906 CVE-2024-36916 CVE-2024-36919 CVE-2024-36928 CVE-2024-36929 CVE-2024-36931 CVE-2024-36933 CVE-2024-36934 CVE-2024-36937 CVE-2024-36938 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36944 CVE-2024-36946 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36953 CVE-2024-36954 CVE-2024-36955 CVE-2024-36957 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36965 CVE-2024-36967 CVE-2024-36969 CVE-2024-36975 CVE-2024-38600 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - GPU drivers; - HW tracing; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399, CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919, CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558, CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633, CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886, CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971, CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353, CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661, CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381, CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017, CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612, CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567, CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019, CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882, CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940, CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582, CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954, CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902, CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941, CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270, CVE-2024-39292, CVE-2024-39471, CVE-2022-48674) Update Instructions: Run `sudo pro fix USN-6951-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1042-iot - 5.4.0-1042.43 linux-headers-5.4.0-1042-iot - 5.4.0-1042.43 linux-image-5.4.0-1042-iot - 5.4.0-1042.43 linux-image-unsigned-5.4.0-1042-iot - 5.4.0-1042.43 linux-iot-headers-5.4.0-1042 - 5.4.0-1042.43 linux-iot-tools-5.4.0-1042 - 5.4.0-1042.43 linux-iot-tools-common - 5.4.0-1042.43 linux-modules-5.4.0-1042-iot - 5.4.0-1042.43 linux-tools-5.4.0-1042-iot - 5.4.0-1042.43 No subscription required linux-buildinfo-5.4.0-1049-xilinx-zynqmp - 5.4.0-1049.53 linux-headers-5.4.0-1049-xilinx-zynqmp - 5.4.0-1049.53 linux-image-5.4.0-1049-xilinx-zynqmp - 5.4.0-1049.53 linux-modules-5.4.0-1049-xilinx-zynqmp - 5.4.0-1049.53 linux-tools-5.4.0-1049-xilinx-zynqmp - 5.4.0-1049.53 linux-xilinx-zynqmp-headers-5.4.0-1049 - 5.4.0-1049.53 linux-xilinx-zynqmp-tools-5.4.0-1049 - 5.4.0-1049.53 No subscription required linux-buildinfo-5.4.0-1077-ibm - 5.4.0-1077.82 linux-headers-5.4.0-1077-ibm - 5.4.0-1077.82 linux-ibm-cloud-tools-common - 5.4.0-1077.82 linux-ibm-headers-5.4.0-1077 - 5.4.0-1077.82 linux-ibm-source-5.4.0 - 5.4.0-1077.82 linux-ibm-tools-5.4.0-1077 - 5.4.0-1077.82 linux-ibm-tools-common - 5.4.0-1077.82 linux-image-5.4.0-1077-ibm - 5.4.0-1077.82 linux-image-unsigned-5.4.0-1077-ibm - 5.4.0-1077.82 linux-modules-5.4.0-1077-ibm - 5.4.0-1077.82 linux-modules-extra-5.4.0-1077-ibm - 5.4.0-1077.82 linux-tools-5.4.0-1077-ibm - 5.4.0-1077.82 No subscription required linux-buildinfo-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-cloud-tools-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-gkeop-cloud-tools-5.4.0-1097 - 5.4.0-1097.101 linux-gkeop-headers-5.4.0-1097 - 5.4.0-1097.101 linux-gkeop-source-5.4.0 - 5.4.0-1097.101 linux-gkeop-tools-5.4.0-1097 - 5.4.0-1097.101 linux-headers-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-image-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-image-unsigned-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-modules-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-modules-extra-5.4.0-1097-gkeop - 5.4.0-1097.101 linux-tools-5.4.0-1097-gkeop - 5.4.0-1097.101 No subscription required linux-buildinfo-5.4.0-1114-raspi - 5.4.0-1114.126 linux-headers-5.4.0-1114-raspi - 5.4.0-1114.126 linux-image-5.4.0-1114-raspi - 5.4.0-1114.126 linux-modules-5.4.0-1114-raspi - 5.4.0-1114.126 linux-raspi-headers-5.4.0-1114 - 5.4.0-1114.126 linux-raspi-tools-5.4.0-1114 - 5.4.0-1114.126 linux-tools-5.4.0-1114-raspi - 5.4.0-1114.126 No subscription required linux-buildinfo-5.4.0-1118-kvm - 5.4.0-1118.125 linux-headers-5.4.0-1118-kvm - 5.4.0-1118.125 linux-image-5.4.0-1118-kvm - 5.4.0-1118.125 linux-image-unsigned-5.4.0-1118-kvm - 5.4.0-1118.125 linux-kvm-headers-5.4.0-1118 - 5.4.0-1118.125 linux-kvm-tools-5.4.0-1118 - 5.4.0-1118.125 linux-modules-5.4.0-1118-kvm - 5.4.0-1118.125 linux-tools-5.4.0-1118-kvm - 5.4.0-1118.125 No subscription required linux-aws-cloud-tools-5.4.0-1130 - 5.4.0-1130.140 linux-aws-headers-5.4.0-1130 - 5.4.0-1130.140 linux-aws-tools-5.4.0-1130 - 5.4.0-1130.140 linux-buildinfo-5.4.0-1130-aws - 5.4.0-1130.140 linux-cloud-tools-5.4.0-1130-aws - 5.4.0-1130.140 linux-headers-5.4.0-1130-aws - 5.4.0-1130.140 linux-image-5.4.0-1130-aws - 5.4.0-1130.140 linux-image-unsigned-5.4.0-1130-aws - 5.4.0-1130.140 linux-modules-5.4.0-1130-aws - 5.4.0-1130.140 linux-modules-extra-5.4.0-1130-aws - 5.4.0-1130.140 linux-tools-5.4.0-1130-aws - 5.4.0-1130.140 No subscription required linux-buildinfo-5.4.0-1134-gcp - 5.4.0-1134.143 linux-gcp-headers-5.4.0-1134 - 5.4.0-1134.143 linux-gcp-tools-5.4.0-1134 - 5.4.0-1134.143 linux-headers-5.4.0-1134-gcp - 5.4.0-1134.143 linux-image-5.4.0-1134-gcp - 5.4.0-1134.143 linux-image-unsigned-5.4.0-1134-gcp - 5.4.0-1134.143 linux-modules-5.4.0-1134-gcp - 5.4.0-1134.143 linux-modules-extra-5.4.0-1134-gcp - 5.4.0-1134.143 linux-tools-5.4.0-1134-gcp - 5.4.0-1134.143 No subscription required linux-buildinfo-5.4.0-192-generic - 5.4.0-192.212 linux-buildinfo-5.4.0-192-generic-lpae - 5.4.0-192.212 linux-buildinfo-5.4.0-192-lowlatency - 5.4.0-192.212 linux-cloud-tools-5.4.0-192 - 5.4.0-192.212 linux-cloud-tools-5.4.0-192-generic - 5.4.0-192.212 linux-cloud-tools-5.4.0-192-lowlatency - 5.4.0-192.212 linux-cloud-tools-common - 5.4.0-192.212 linux-doc - 5.4.0-192.212 linux-headers-5.4.0-192 - 5.4.0-192.212 linux-headers-5.4.0-192-generic - 5.4.0-192.212 linux-headers-5.4.0-192-generic-lpae - 5.4.0-192.212 linux-headers-5.4.0-192-lowlatency - 5.4.0-192.212 linux-image-5.4.0-192-generic - 5.4.0-192.212 linux-image-5.4.0-192-generic-lpae - 5.4.0-192.212 linux-image-5.4.0-192-lowlatency - 5.4.0-192.212 linux-image-unsigned-5.4.0-192-generic - 5.4.0-192.212 linux-image-unsigned-5.4.0-192-lowlatency - 5.4.0-192.212 linux-libc-dev - 5.4.0-192.212 linux-modules-5.4.0-192-generic - 5.4.0-192.212 linux-modules-5.4.0-192-generic-lpae - 5.4.0-192.212 linux-modules-5.4.0-192-lowlatency - 5.4.0-192.212 linux-modules-extra-5.4.0-192-generic - 5.4.0-192.212 linux-source-5.4.0 - 5.4.0-192.212 linux-tools-5.4.0-192 - 5.4.0-192.212 linux-tools-5.4.0-192-generic - 5.4.0-192.212 linux-tools-5.4.0-192-generic-lpae - 5.4.0-192.212 linux-tools-5.4.0-192-lowlatency - 5.4.0-192.212 linux-tools-common - 5.4.0-192.212 linux-tools-host - 5.4.0-192.212 No subscription required linux-headers-iot - 5.4.0.1042.40 linux-image-iot - 5.4.0.1042.40 linux-iot - 5.4.0.1042.40 linux-tools-iot - 5.4.0.1042.40 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1049.49 linux-image-xilinx-zynqmp - 5.4.0.1049.49 linux-tools-xilinx-zynqmp - 5.4.0.1049.49 linux-xilinx-zynqmp - 5.4.0.1049.49 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1077.106 linux-ibm-lts-20.04 - 5.4.0.1077.106 linux-image-ibm-lts-20.04 - 5.4.0.1077.106 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1077.106 linux-tools-ibm-lts-20.04 - 5.4.0.1077.106 No subscription required linux-cloud-tools-gkeop - 5.4.0.1097.95 linux-cloud-tools-gkeop-5.4 - 5.4.0.1097.95 linux-gkeop - 5.4.0.1097.95 linux-gkeop-5.4 - 5.4.0.1097.95 linux-headers-gkeop - 5.4.0.1097.95 linux-headers-gkeop-5.4 - 5.4.0.1097.95 linux-image-gkeop - 5.4.0.1097.95 linux-image-gkeop-5.4 - 5.4.0.1097.95 linux-modules-extra-gkeop - 5.4.0.1097.95 linux-modules-extra-gkeop-5.4 - 5.4.0.1097.95 linux-tools-gkeop - 5.4.0.1097.95 linux-tools-gkeop-5.4 - 5.4.0.1097.95 No subscription required linux-headers-raspi - 5.4.0.1114.144 linux-headers-raspi-hwe-18.04 - 5.4.0.1114.144 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1114.144 linux-headers-raspi2 - 5.4.0.1114.144 linux-headers-raspi2-hwe-18.04 - 5.4.0.1114.144 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1114.144 linux-image-raspi - 5.4.0.1114.144 linux-image-raspi-hwe-18.04 - 5.4.0.1114.144 linux-image-raspi-hwe-18.04-edge - 5.4.0.1114.144 linux-image-raspi2 - 5.4.0.1114.144 linux-image-raspi2-hwe-18.04 - 5.4.0.1114.144 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1114.144 linux-raspi - 5.4.0.1114.144 linux-raspi-hwe-18.04 - 5.4.0.1114.144 linux-raspi-hwe-18.04-edge - 5.4.0.1114.144 linux-raspi2 - 5.4.0.1114.144 linux-raspi2-hwe-18.04 - 5.4.0.1114.144 linux-raspi2-hwe-18.04-edge - 5.4.0.1114.144 linux-tools-raspi - 5.4.0.1114.144 linux-tools-raspi-hwe-18.04 - 5.4.0.1114.144 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1114.144 linux-tools-raspi2 - 5.4.0.1114.144 linux-tools-raspi2-hwe-18.04 - 5.4.0.1114.144 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1114.144 No subscription required linux-headers-kvm - 5.4.0.1118.114 linux-image-kvm - 5.4.0.1118.114 linux-kvm - 5.4.0.1118.114 linux-tools-kvm - 5.4.0.1118.114 No subscription required linux-aws-lts-20.04 - 5.4.0.1130.127 linux-headers-aws-lts-20.04 - 5.4.0.1130.127 linux-image-aws-lts-20.04 - 5.4.0.1130.127 linux-modules-extra-aws-lts-20.04 - 5.4.0.1130.127 linux-tools-aws-lts-20.04 - 5.4.0.1130.127 No subscription required linux-gcp-lts-20.04 - 5.4.0.1134.136 linux-headers-gcp-lts-20.04 - 5.4.0.1134.136 linux-image-gcp-lts-20.04 - 5.4.0.1134.136 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1134.136 linux-tools-gcp-lts-20.04 - 5.4.0.1134.136 No subscription required linux-cloud-tools-generic - 5.4.0.192.190 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.192.190 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.192.190 linux-cloud-tools-lowlatency - 5.4.0.192.190 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.192.190 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.192.190 linux-cloud-tools-virtual - 5.4.0.192.190 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.192.190 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.192.190 linux-crashdump - 5.4.0.192.190 linux-generic - 5.4.0.192.190 linux-generic-hwe-18.04 - 5.4.0.192.190 linux-generic-hwe-18.04-edge - 5.4.0.192.190 linux-generic-lpae - 5.4.0.192.190 linux-generic-lpae-hwe-18.04 - 5.4.0.192.190 linux-generic-lpae-hwe-18.04-edge - 5.4.0.192.190 linux-headers-generic - 5.4.0.192.190 linux-headers-generic-hwe-18.04 - 5.4.0.192.190 linux-headers-generic-hwe-18.04-edge - 5.4.0.192.190 linux-headers-generic-lpae - 5.4.0.192.190 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.192.190 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.192.190 linux-headers-lowlatency - 5.4.0.192.190 linux-headers-lowlatency-hwe-18.04 - 5.4.0.192.190 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.192.190 linux-headers-oem - 5.4.0.192.190 linux-headers-oem-osp1 - 5.4.0.192.190 linux-headers-virtual - 5.4.0.192.190 linux-headers-virtual-hwe-18.04 - 5.4.0.192.190 linux-headers-virtual-hwe-18.04-edge - 5.4.0.192.190 linux-image-extra-virtual - 5.4.0.192.190 linux-image-extra-virtual-hwe-18.04 - 5.4.0.192.190 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.192.190 linux-image-generic - 5.4.0.192.190 linux-image-generic-hwe-18.04 - 5.4.0.192.190 linux-image-generic-hwe-18.04-edge - 5.4.0.192.190 linux-image-generic-lpae - 5.4.0.192.190 linux-image-generic-lpae-hwe-18.04 - 5.4.0.192.190 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.192.190 linux-image-lowlatency - 5.4.0.192.190 linux-image-lowlatency-hwe-18.04 - 5.4.0.192.190 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.192.190 linux-image-oem - 5.4.0.192.190 linux-image-oem-osp1 - 5.4.0.192.190 linux-image-virtual - 5.4.0.192.190 linux-image-virtual-hwe-18.04 - 5.4.0.192.190 linux-image-virtual-hwe-18.04-edge - 5.4.0.192.190 linux-lowlatency - 5.4.0.192.190 linux-lowlatency-hwe-18.04 - 5.4.0.192.190 linux-lowlatency-hwe-18.04-edge - 5.4.0.192.190 linux-oem - 5.4.0.192.190 linux-oem-osp1 - 5.4.0.192.190 linux-oem-osp1-tools-host - 5.4.0.192.190 linux-oem-tools-host - 5.4.0.192.190 linux-source - 5.4.0.192.190 linux-tools-generic - 5.4.0.192.190 linux-tools-generic-hwe-18.04 - 5.4.0.192.190 linux-tools-generic-hwe-18.04-edge - 5.4.0.192.190 linux-tools-generic-lpae - 5.4.0.192.190 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.192.190 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.192.190 linux-tools-lowlatency - 5.4.0.192.190 linux-tools-lowlatency-hwe-18.04 - 5.4.0.192.190 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.192.190 linux-tools-oem - 5.4.0.192.190 linux-tools-oem-osp1 - 5.4.0.192.190 linux-tools-virtual - 5.4.0.192.190 linux-tools-virtual-hwe-18.04 - 5.4.0.192.190 linux-tools-virtual-hwe-18.04-edge - 5.4.0.192.190 linux-virtual - 5.4.0.192.190 linux-virtual-hwe-18.04 - 5.4.0.192.190 linux-virtual-hwe-18.04-edge - 5.4.0.192.190 No subscription required High CVE-2022-48674 CVE-2022-48772 CVE-2023-52434 CVE-2023-52585 CVE-2023-52752 CVE-2023-52882 CVE-2024-26886 CVE-2024-27019 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-31076 CVE-2024-33621 CVE-2024-35947 CVE-2024-35976 CVE-2024-36014 CVE-2024-36015 CVE-2024-36017 CVE-2024-36270 CVE-2024-36286 CVE-2024-36883 CVE-2024-36886 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36919 CVE-2024-36933 CVE-2024-36934 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36946 CVE-2024-36950 CVE-2024-36954 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36971 CVE-2024-37356 CVE-2024-38381 CVE-2024-38549 CVE-2024-38552 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38578 CVE-2024-38579 CVE-2024-38582 CVE-2024-38583 CVE-2024-38587 CVE-2024-38589 CVE-2024-38596 CVE-2024-38598 CVE-2024-38599 CVE-2024-38600 CVE-2024-38601 CVE-2024-38607 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38621 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38780 CVE-2024-39276 CVE-2024-39292 CVE-2024-39301 CVE-2024-39467 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39488 CVE-2024-39489 CVE-2024-39493 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - GPU drivers; - HW tracing; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399, CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919, CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558, CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633, CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886, CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971, CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353, CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661, CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381, CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017, CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612, CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567, CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019, CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882, CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940, CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582, CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954, CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902, CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941, CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270, CVE-2024-39292, CVE-2024-39471, CVE-2022-48674) Update Instructions: Run `sudo pro fix USN-6951-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1135 - 5.4.0-1135.142 linux-azure-headers-5.4.0-1135 - 5.4.0-1135.142 linux-azure-tools-5.4.0-1135 - 5.4.0-1135.142 linux-buildinfo-5.4.0-1135-azure - 5.4.0-1135.142 linux-cloud-tools-5.4.0-1135-azure - 5.4.0-1135.142 linux-headers-5.4.0-1135-azure - 5.4.0-1135.142 linux-image-5.4.0-1135-azure - 5.4.0-1135.142 linux-image-unsigned-5.4.0-1135-azure - 5.4.0-1135.142 linux-modules-5.4.0-1135-azure - 5.4.0-1135.142 linux-modules-extra-5.4.0-1135-azure - 5.4.0-1135.142 linux-tools-5.4.0-1135-azure - 5.4.0-1135.142 No subscription required linux-azure-lts-20.04 - 5.4.0.1135.129 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1135.129 linux-headers-azure-lts-20.04 - 5.4.0.1135.129 linux-image-azure-lts-20.04 - 5.4.0.1135.129 linux-modules-extra-azure-lts-20.04 - 5.4.0.1135.129 linux-tools-azure-lts-20.04 - 5.4.0.1135.129 No subscription required High CVE-2022-48674 CVE-2022-48772 CVE-2023-52434 CVE-2023-52585 CVE-2023-52752 CVE-2023-52882 CVE-2024-26886 CVE-2024-27019 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-31076 CVE-2024-33621 CVE-2024-35947 CVE-2024-35976 CVE-2024-36014 CVE-2024-36015 CVE-2024-36017 CVE-2024-36270 CVE-2024-36286 CVE-2024-36883 CVE-2024-36886 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36919 CVE-2024-36933 CVE-2024-36934 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36946 CVE-2024-36950 CVE-2024-36954 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36971 CVE-2024-37356 CVE-2024-38381 CVE-2024-38549 CVE-2024-38552 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38578 CVE-2024-38579 CVE-2024-38582 CVE-2024-38583 CVE-2024-38587 CVE-2024-38589 CVE-2024-38596 CVE-2024-38598 CVE-2024-38599 CVE-2024-38600 CVE-2024-38601 CVE-2024-38607 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38621 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38780 CVE-2024-39276 CVE-2024-39292 CVE-2024-39301 CVE-2024-39467 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39488 CVE-2024-39489 CVE-2024-39493 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - GPU drivers; - HW tracing; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399, CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919, CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558, CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633, CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886, CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971, CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353, CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661, CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381, CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017, CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612, CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567, CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019, CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882, CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940, CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582, CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954, CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902, CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941, CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270, CVE-2024-39292, CVE-2024-39471, CVE-2022-48674) Update Instructions: Run `sudo pro fix USN-6951-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1090 - 5.4.0-1090.97 linux-bluefield-tools-5.4.0-1090 - 5.4.0-1090.97 linux-buildinfo-5.4.0-1090-bluefield - 5.4.0-1090.97 linux-headers-5.4.0-1090-bluefield - 5.4.0-1090.97 linux-image-5.4.0-1090-bluefield - 5.4.0-1090.97 linux-image-unsigned-5.4.0-1090-bluefield - 5.4.0-1090.97 linux-modules-5.4.0-1090-bluefield - 5.4.0-1090.97 linux-tools-5.4.0-1090-bluefield - 5.4.0-1090.97 No subscription required linux-bluefield - 5.4.0.1090.86 linux-headers-bluefield - 5.4.0.1090.86 linux-image-bluefield - 5.4.0.1090.86 linux-tools-bluefield - 5.4.0.1090.86 No subscription required High CVE-2022-48674 CVE-2022-48772 CVE-2023-52434 CVE-2023-52585 CVE-2023-52752 CVE-2023-52882 CVE-2024-26886 CVE-2024-27019 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-31076 CVE-2024-33621 CVE-2024-35947 CVE-2024-35976 CVE-2024-36014 CVE-2024-36015 CVE-2024-36017 CVE-2024-36270 CVE-2024-36286 CVE-2024-36883 CVE-2024-36886 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36919 CVE-2024-36933 CVE-2024-36934 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36946 CVE-2024-36950 CVE-2024-36954 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36971 CVE-2024-37356 CVE-2024-38381 CVE-2024-38549 CVE-2024-38552 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38578 CVE-2024-38579 CVE-2024-38582 CVE-2024-38583 CVE-2024-38587 CVE-2024-38589 CVE-2024-38596 CVE-2024-38598 CVE-2024-38599 CVE-2024-38600 CVE-2024-38601 CVE-2024-38607 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38621 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38780 CVE-2024-39276 CVE-2024-39292 CVE-2024-39301 CVE-2024-39467 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39488 CVE-2024-39489 CVE-2024-39493 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - ARM SCMI message protocol; - GPU drivers; - HW tracing; - InfiniBand drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Mellanox drivers; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-26584, CVE-2023-52434, CVE-2024-36933, CVE-2024-36286, CVE-2024-36886, CVE-2024-38579, CVE-2022-48772, CVE-2024-39493, CVE-2024-38637, CVE-2024-36016, CVE-2023-52752, CVE-2024-38558, CVE-2024-39488, CVE-2024-38559, CVE-2024-36919, CVE-2024-36905, CVE-2024-39489, CVE-2024-39475, CVE-2021-47131, CVE-2024-26585, CVE-2024-38578, CVE-2024-38567, CVE-2024-38596, CVE-2024-38598, CVE-2024-36940, CVE-2024-38552, CVE-2024-37356, CVE-2024-38780, CVE-2024-38589, CVE-2024-36959, CVE-2024-27399, CVE-2024-36017, CVE-2024-38661, CVE-2024-36939, CVE-2024-36904, CVE-2024-36902, CVE-2024-38381, CVE-2024-36883, CVE-2024-37353, CVE-2024-38560, CVE-2024-39292, CVE-2024-36934, CVE-2024-38621, CVE-2024-38599, CVE-2024-36941, CVE-2022-48655, CVE-2024-26886, CVE-2024-36014, CVE-2024-38613, CVE-2024-27398, CVE-2024-27019, CVE-2024-36954, CVE-2024-39471, CVE-2024-26583, CVE-2024-35947, CVE-2024-31076, CVE-2024-38659, CVE-2024-38549, CVE-2024-38618, CVE-2024-38565, CVE-2024-27401, CVE-2022-48674, CVE-2024-38582, CVE-2024-38634, CVE-2024-38627, CVE-2024-39480, CVE-2024-36015, CVE-2023-52585, CVE-2024-36270, CVE-2024-26907, CVE-2024-38615, CVE-2024-38600, CVE-2024-38612, CVE-2024-36946, CVE-2024-39301, CVE-2024-38601, CVE-2024-38635, CVE-2024-33621, CVE-2024-36964, CVE-2024-38633, CVE-2024-39467, CVE-2024-38607, CVE-2024-36971, CVE-2024-35976, CVE-2024-38587, CVE-2023-52882, CVE-2024-36950, CVE-2024-39276, CVE-2024-36960, CVE-2024-38583) Update Instructions: Run `sudo pro fix USN-6953-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1129-oracle - 5.4.0-1129.138 linux-headers-5.4.0-1129-oracle - 5.4.0-1129.138 linux-image-5.4.0-1129-oracle - 5.4.0-1129.138 linux-image-unsigned-5.4.0-1129-oracle - 5.4.0-1129.138 linux-modules-5.4.0-1129-oracle - 5.4.0-1129.138 linux-modules-extra-5.4.0-1129-oracle - 5.4.0-1129.138 linux-oracle-headers-5.4.0-1129 - 5.4.0-1129.138 linux-oracle-tools-5.4.0-1129 - 5.4.0-1129.138 linux-tools-5.4.0-1129-oracle - 5.4.0-1129.138 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1129.122 linux-image-oracle-lts-20.04 - 5.4.0.1129.122 linux-oracle-lts-20.04 - 5.4.0.1129.122 linux-tools-oracle-lts-20.04 - 5.4.0.1129.122 No subscription required High CVE-2021-47131 CVE-2022-48655 CVE-2022-48674 CVE-2022-48772 CVE-2023-52434 CVE-2023-52585 CVE-2023-52752 CVE-2023-52882 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26886 CVE-2024-26907 CVE-2024-27019 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-31076 CVE-2024-33621 CVE-2024-35947 CVE-2024-35976 CVE-2024-36014 CVE-2024-36015 CVE-2024-36016 CVE-2024-36017 CVE-2024-36270 CVE-2024-36286 CVE-2024-36883 CVE-2024-36886 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36919 CVE-2024-36933 CVE-2024-36934 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36946 CVE-2024-36950 CVE-2024-36954 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36971 CVE-2024-37356 CVE-2024-38381 CVE-2024-38549 CVE-2024-38552 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38578 CVE-2024-38579 CVE-2024-38582 CVE-2024-38583 CVE-2024-38587 CVE-2024-38589 CVE-2024-38596 CVE-2024-38598 CVE-2024-38599 CVE-2024-38600 CVE-2024-38601 CVE-2024-38607 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38621 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38780 CVE-2024-39276 CVE-2024-39292 CVE-2024-39301 CVE-2024-39467 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39488 CVE-2024-39489 CVE-2024-39493 Ubuntu 20.04 LTS Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - EEPROM drivers; - Network drivers; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - TTY drivers; - 9P distributed file system; - Network file system client; - SMB network file system; - Socket messages infrastructure; - Dynamic debug library; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NSH protocol; - Phonet protocol; - TIPC protocol; - Wireless networking; - Key management; - ALSA framework; - HD-audio driver; (CVE-2024-36933, CVE-2024-36960, CVE-2024-26936, CVE-2024-36975, CVE-2023-52882, CVE-2024-27401, CVE-2024-36929, CVE-2024-36939, CVE-2024-35947, CVE-2024-36883, CVE-2024-26886, CVE-2024-36952, CVE-2024-36950, CVE-2024-36940, CVE-2024-36897, CVE-2023-52585, CVE-2024-26900, CVE-2024-36959, CVE-2024-36928, CVE-2024-36938, CVE-2024-36016, CVE-2024-36965, CVE-2024-36967, CVE-2024-36889, CVE-2024-36905, CVE-2024-36969, CVE-2024-36916, CVE-2024-36954, CVE-2024-27017, CVE-2024-36941, CVE-2024-36957, CVE-2024-27399, CVE-2024-36937, CVE-2024-36955, CVE-2024-38600, CVE-2023-52752, CVE-2024-36953, CVE-2024-26980, CVE-2024-36902, CVE-2024-26952, CVE-2024-36904, CVE-2024-36964, CVE-2024-36946, CVE-2024-36880, CVE-2024-36906, CVE-2024-36947, CVE-2024-36886, CVE-2024-36934, CVE-2024-35848, CVE-2024-36919, CVE-2024-36017, CVE-2024-36944, CVE-2024-36931, CVE-2024-27398) Update Instructions: Run `sudo pro fix USN-6956-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1070 - 5.15.0-1070.79~20.04.1 linux-azure-5.15-headers-5.15.0-1070 - 5.15.0-1070.79~20.04.1 linux-azure-5.15-tools-5.15.0-1070 - 5.15.0-1070.79~20.04.1 linux-buildinfo-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-cloud-tools-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-headers-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-image-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-image-unsigned-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-modules-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-modules-extra-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-modules-involflt-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 linux-tools-5.15.0-1070-azure - 5.15.0-1070.79~20.04.1 No subscription required linux-image-5.15.0-1070-azure-fde - 5.15.0-1070.79~20.04.1.1 linux-image-unsigned-5.15.0-1070-azure-fde - 5.15.0-1070.79~20.04.1.1 No subscription required linux-azure - 5.15.0.1070.79~20.04.1 linux-azure-cvm - 5.15.0.1070.79~20.04.1 linux-azure-edge - 5.15.0.1070.79~20.04.1 linux-cloud-tools-azure - 5.15.0.1070.79~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1070.79~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1070.79~20.04.1 linux-headers-azure - 5.15.0.1070.79~20.04.1 linux-headers-azure-cvm - 5.15.0.1070.79~20.04.1 linux-headers-azure-edge - 5.15.0.1070.79~20.04.1 linux-image-azure - 5.15.0.1070.79~20.04.1 linux-image-azure-cvm - 5.15.0.1070.79~20.04.1 linux-image-azure-edge - 5.15.0.1070.79~20.04.1 linux-modules-extra-azure - 5.15.0.1070.79~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1070.79~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1070.79~20.04.1 linux-modules-involflt-azure - 5.15.0.1070.79~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1070.79~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1070.79~20.04.1 linux-tools-azure - 5.15.0.1070.79~20.04.1 linux-tools-azure-cvm - 5.15.0.1070.79~20.04.1 linux-tools-azure-edge - 5.15.0.1070.79~20.04.1 No subscription required linux-azure-fde - 5.15.0.1070.79~20.04.1.47 linux-azure-fde-edge - 5.15.0.1070.79~20.04.1.47 linux-cloud-tools-azure-fde - 5.15.0.1070.79~20.04.1.47 linux-cloud-tools-azure-fde-edge - 5.15.0.1070.79~20.04.1.47 linux-headers-azure-fde - 5.15.0.1070.79~20.04.1.47 linux-headers-azure-fde-edge - 5.15.0.1070.79~20.04.1.47 linux-image-azure-fde - 5.15.0.1070.79~20.04.1.47 linux-image-azure-fde-edge - 5.15.0.1070.79~20.04.1.47 linux-modules-extra-azure-fde - 5.15.0.1070.79~20.04.1.47 linux-modules-extra-azure-fde-edge - 5.15.0.1070.79~20.04.1.47 linux-tools-azure-fde - 5.15.0.1070.79~20.04.1.47 linux-tools-azure-fde-edge - 5.15.0.1070.79~20.04.1.47 No subscription required High CVE-2023-52585 CVE-2023-52752 CVE-2023-52882 CVE-2024-25742 CVE-2024-26886 CVE-2024-26900 CVE-2024-26936 CVE-2024-26952 CVE-2024-26980 CVE-2024-27017 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-35848 CVE-2024-35947 CVE-2024-36016 CVE-2024-36017 CVE-2024-36880 CVE-2024-36883 CVE-2024-36886 CVE-2024-36889 CVE-2024-36897 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36906 CVE-2024-36916 CVE-2024-36919 CVE-2024-36928 CVE-2024-36929 CVE-2024-36931 CVE-2024-36933 CVE-2024-36934 CVE-2024-36937 CVE-2024-36938 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36944 CVE-2024-36946 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36953 CVE-2024-36954 CVE-2024-36955 CVE-2024-36957 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36965 CVE-2024-36967 CVE-2024-36969 CVE-2024-36975 CVE-2024-38600 Ubuntu 20.04 LTS Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - EEPROM drivers; - Network drivers; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - TTY drivers; - 9P distributed file system; - Network file system client; - SMB network file system; - Socket messages infrastructure; - Dynamic debug library; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NSH protocol; - Phonet protocol; - TIPC protocol; - Wireless networking; - Key management; - ALSA framework; - HD-audio driver; (CVE-2024-36947, CVE-2024-36919, CVE-2024-36929, CVE-2024-36955, CVE-2023-52585, CVE-2024-36931, CVE-2024-27399, CVE-2024-36957, CVE-2024-26980, CVE-2024-27398, CVE-2024-36902, CVE-2024-36928, CVE-2024-36960, CVE-2024-36904, CVE-2024-27017, CVE-2024-36959, CVE-2024-36880, CVE-2024-26936, CVE-2024-36975, CVE-2023-52882, CVE-2024-35848, CVE-2024-36886, CVE-2024-36889, CVE-2024-27401, CVE-2024-36906, CVE-2024-36937, CVE-2024-36016, CVE-2024-36964, CVE-2024-36933, CVE-2024-36031, CVE-2024-36969, CVE-2024-36954, CVE-2024-26900, CVE-2024-26952, CVE-2024-36017, CVE-2024-35947, CVE-2024-36965, CVE-2023-52752, CVE-2024-36905, CVE-2024-36938, CVE-2024-36952, CVE-2024-36940, CVE-2024-36916, CVE-2024-38600, CVE-2024-36946, CVE-2024-36953, CVE-2024-36967, CVE-2024-26886, CVE-2024-36934, CVE-2024-36950, CVE-2024-36941, CVE-2024-36883, CVE-2024-36944, CVE-2024-36939, CVE-2024-36897) Update Instructions: Run `sudo pro fix USN-6957-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 linux-headers-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 linux-image-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 linux-image-unsigned-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 linux-modules-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 linux-modules-extra-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 linux-oracle-5.15-headers-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-oracle-5.15-tools-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-tools-5.15.0-1065-oracle - 5.15.0-1065.71~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1065.71~20.04.1 linux-headers-oracle-edge - 5.15.0.1065.71~20.04.1 linux-image-oracle - 5.15.0.1065.71~20.04.1 linux-image-oracle-edge - 5.15.0.1065.71~20.04.1 linux-oracle - 5.15.0.1065.71~20.04.1 linux-oracle-edge - 5.15.0.1065.71~20.04.1 linux-tools-oracle - 5.15.0.1065.71~20.04.1 linux-tools-oracle-edge - 5.15.0.1065.71~20.04.1 No subscription required High CVE-2023-52585 CVE-2023-52752 CVE-2023-52882 CVE-2024-25742 CVE-2024-26886 CVE-2024-26900 CVE-2024-26936 CVE-2024-26952 CVE-2024-26980 CVE-2024-27017 CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-35848 CVE-2024-35947 CVE-2024-36016 CVE-2024-36017 CVE-2024-36031 CVE-2024-36880 CVE-2024-36883 CVE-2024-36886 CVE-2024-36889 CVE-2024-36897 CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36906 CVE-2024-36916 CVE-2024-36919 CVE-2024-36928 CVE-2024-36929 CVE-2024-36931 CVE-2024-36933 CVE-2024-36934 CVE-2024-36937 CVE-2024-36938 CVE-2024-36939 CVE-2024-36940 CVE-2024-36941 CVE-2024-36944 CVE-2024-36946 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36953 CVE-2024-36954 CVE-2024-36955 CVE-2024-36957 CVE-2024-36959 CVE-2024-36960 CVE-2024-36964 CVE-2024-36965 CVE-2024-36967 CVE-2024-36969 CVE-2024-36975 CVE-2024-38600 Ubuntu 20.04 LTS It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2017-7960) It was discovered that Libcroco was incorrectly handling invalid UTF-8 values when processing CSS files. An attacker could possibly use this issue to cause a denial of service. (CVE-2017-8834, CVE-2017-8871) It was discovered that Libcroco was incorrectly implementing recursion in one of its parsing functions, which could cause an infinite recursion loop and a stack overflow due to stack consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-12825) Update Instructions: Run `sudo pro fix USN-6958-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcroco-tools - 0.6.13-1ubuntu0.1 libcroco3 - 0.6.13-1ubuntu0.1 libcroco3-dev - 0.6.13-1ubuntu0.1 No subscription required Low CVE-2017-7960 CVE-2017-8834 CVE-2017-8871 CVE-2020-12825 Ubuntu 20.04 LTS Nick Browning discovered that RMagick incorrectly handled memory under certain operations. An attacker could possibly use this issue to cause a denial of service through memory exhaustion. Update Instructions: Run `sudo pro fix USN-6960-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rmagick - 2.16.0-6ubuntu0.1 ruby-rmagick-doc - 2.16.0-6ubuntu0.1 No subscription required Medium CVE-2023-5349 Ubuntu 20.04 LTS It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-48174) It was discovered that BusyBox incorrectly managed memory when evaluating certain awk expressions. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-42363, CVE-2023-42364, CVE-2023-42365) Update Instructions: Run `sudo pro fix USN-6961-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: busybox - 1:1.30.1-4ubuntu6.5 busybox-initramfs - 1:1.30.1-4ubuntu6.5 busybox-static - 1:1.30.1-4ubuntu6.5 busybox-syslogd - 1:1.30.1-4ubuntu6.5 udhcpc - 1:1.30.1-4ubuntu6.5 udhcpd - 1:1.30.1-4ubuntu6.5 No subscription required Medium CVE-2022-48174 CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly allowed users to enable macros when a cryptographic signature failed to validate. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary macros. Update Instructions: Run `sudo pro fix USN-6962-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.11 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.11 No subscription required gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.11 libjuh-java - 1:6.4.7-0ubuntu0.20.04.11 libjurt-java - 1:6.4.7-0ubuntu0.20.04.11 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.11 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.11 libreoffice - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.11 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.11 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.11 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.11 libridl-java - 1:6.4.7-0ubuntu0.20.04.11 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.11 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.11 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.11 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.11 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.11 libunoil-java - 1:6.4.7-0ubuntu0.20.04.11 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.11 python3-access2base - 1:6.4.7-0ubuntu0.20.04.11 python3-uno - 1:6.4.7-0ubuntu0.20.04.11 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.11 ure - 1:6.4.7-0ubuntu0.20.04.11 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.11 No subscription required Medium CVE-2024-6472 Ubuntu 20.04 LTS It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks. Update Instructions: Run `sudo pro fix USN-6963-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnome-shell - 3.36.9-0ubuntu0.20.04.4 gnome-shell-common - 3.36.9-0ubuntu0.20.04.4 gnome-shell-extension-prefs - 3.36.9-0ubuntu0.20.04.4 No subscription required Medium CVE-2024-36472 Ubuntu 20.04 LTS Noriko Totsuka discovered that ORC incorrectly handled certain crafted file. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6964-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liborc-0.4-0 - 1:0.4.31-1ubuntu0.1 liborc-0.4-dev - 1:0.4.31-1ubuntu0.1 liborc-0.4-dev-bin - 1:0.4.31-1ubuntu0.1 liborc-0.4-doc - 1:0.4.31-1ubuntu0.1 No subscription required Medium CVE-2024-40897 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-7520) Irvan Kurniawan discovered that Firefox did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-7522) Rob Wu discovered that Firefox did not properly check permissions when creating a StreamFilter. An attacker could possibly use this issue to modify response body of requests on any site using a web extension. (CVE-2024-7525) Update Instructions: Run `sudo pro fix USN-6966-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 129.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 129.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 129.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 129.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 129.0.1+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-7518 CVE-2024-7519 CVE-2024-7520 CVE-2024-7521 CVE-2024-7522 CVE-2024-7524 CVE-2024-7525 CVE-2024-7526 CVE-2024-7527 CVE-2024-7528 CVE-2024-7529 CVE-2024-7530 CVE-2024-7531 Ubuntu 20.04 LTS USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-7520) Irvan Kurniawan discovered that Firefox did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-7522) Rob Wu discovered that Firefox did not properly check permissions when creating a StreamFilter. An attacker could possibly use this issue to modify response body of requests on any site using a web extension. (CVE-2024-7525) Update Instructions: Run `sudo pro fix USN-6966-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 129.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 129.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nl - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 129.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 129.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 129.0.2+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2077485 Ubuntu 20.04 LTS It was discovered that some Intel® Core™ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. (CVE-2023-42667) It was discovered that some Intel® Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. (CVE-2023-49141) It was discovered that some Intel® Processors did not correctly transition between the executive monitor and SMI transfer monitor (STM). A privileged local attacker could use this to escalate their privileges. (CVE-2024-24853) It was discovered that some 3rd, 4th, and 5th Generation Intel® Xeon® Processors failed to properly implement a protection mechanism. A local attacker could use this to potentially escalate their privileges. (CVE-2024-24980) It was discovered that some 3rd Generation Intel Xeon Scalable Processors did not properly handle mirrored regions with different values. A privileged local user could use this to cause a denial of service (system crash). (CVE-2024-25939) Update Instructions: Run `sudo pro fix USN-6967-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20240813.0ubuntu0.20.04.2 No subscription required Medium CVE-2023-42667 CVE-2023-49141 CVE-2024-24853 CVE-2024-24980 CVE-2024-25939 Ubuntu 20.04 LTS Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser. Update Instructions: Run `sudo pro fix USN-6968-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.20-0ubuntu0.20.04.1 libecpg-dev - 12.20-0ubuntu0.20.04.1 libecpg6 - 12.20-0ubuntu0.20.04.1 libpgtypes3 - 12.20-0ubuntu0.20.04.1 libpq-dev - 12.20-0ubuntu0.20.04.1 libpq5 - 12.20-0ubuntu0.20.04.1 postgresql-12 - 12.20-0ubuntu0.20.04.1 postgresql-client-12 - 12.20-0ubuntu0.20.04.1 postgresql-doc-12 - 12.20-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.20-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.20-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.20-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.20-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-7348 Ubuntu 20.04 LTS It was discovered that Cacti did not properly apply checks to the "Package Import" feature. An attacker could possibly use this issue to perform arbitrary code execution. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-25641) It was discovered that Cacti did not properly sanitize values when using javascript based API. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-29894) It was discovered that Cacti did not properly sanitize values when managing data queries. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. (CVE-2024-31443) It was discovered that Cacti did not properly sanitize values when reading tree rules with Automation API. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. (CVE-2024-31444) It was discovered that Cacti did not properly sanitize "get_request_var('filter')" values in the "api_automation.php" file. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-31445) It was discovered that Cacti did not properly sanitize data stored in "form_save()" function in the "graph_template_inputs.php" file. A remote attacker could possibly use this issue to perform SQL injection attacks. (CVE-2024-31458) It was discovered that Cacti did not properly validate the file urls from the lib/plugin.php file. An attacker could possibly use this issue to perform arbitrary code execution. (CVE-2024-31459) It was discovered that Cacti did not properly validate the data stored in the "automation_tree_rules.php". A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-31460) It was discovered that Cacti did not properly verify the user password. An attacker could possibly use this issue to bypass authentication mechanism. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-34360) Update Instructions: Run `sudo pro fix USN-6969-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cacti - 1.2.10+ds1-1ubuntu1.1 No subscription required Medium CVE-2024-25641 CVE-2024-29894 CVE-2024-31443 CVE-2024-31444 CVE-2024-31445 CVE-2024-31458 CVE-2024-31459 CVE-2024-31460 CVE-2024-34340 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - MMC subsystem; - Network drivers; - SCSI drivers; - GFS2 file system; - IPv4 networking; - IPv6 networking; - HD-audio driver; (CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929, CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760) Update Instructions: Run `sudo pro fix USN-6973-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1050-xilinx-zynqmp - 5.4.0-1050.54 linux-headers-5.4.0-1050-xilinx-zynqmp - 5.4.0-1050.54 linux-image-5.4.0-1050-xilinx-zynqmp - 5.4.0-1050.54 linux-modules-5.4.0-1050-xilinx-zynqmp - 5.4.0-1050.54 linux-tools-5.4.0-1050-xilinx-zynqmp - 5.4.0-1050.54 linux-xilinx-zynqmp-headers-5.4.0-1050 - 5.4.0-1050.54 linux-xilinx-zynqmp-tools-5.4.0-1050 - 5.4.0-1050.54 No subscription required linux-buildinfo-5.4.0-1078-ibm - 5.4.0-1078.83 linux-headers-5.4.0-1078-ibm - 5.4.0-1078.83 linux-ibm-cloud-tools-common - 5.4.0-1078.83 linux-ibm-headers-5.4.0-1078 - 5.4.0-1078.83 linux-ibm-source-5.4.0 - 5.4.0-1078.83 linux-ibm-tools-5.4.0-1078 - 5.4.0-1078.83 linux-ibm-tools-common - 5.4.0-1078.83 linux-image-5.4.0-1078-ibm - 5.4.0-1078.83 linux-image-unsigned-5.4.0-1078-ibm - 5.4.0-1078.83 linux-modules-5.4.0-1078-ibm - 5.4.0-1078.83 linux-modules-extra-5.4.0-1078-ibm - 5.4.0-1078.83 linux-tools-5.4.0-1078-ibm - 5.4.0-1078.83 No subscription required linux-bluefield-headers-5.4.0-1091 - 5.4.0-1091.98 linux-bluefield-tools-5.4.0-1091 - 5.4.0-1091.98 linux-buildinfo-5.4.0-1091-bluefield - 5.4.0-1091.98 linux-headers-5.4.0-1091-bluefield - 5.4.0-1091.98 linux-image-5.4.0-1091-bluefield - 5.4.0-1091.98 linux-image-unsigned-5.4.0-1091-bluefield - 5.4.0-1091.98 linux-modules-5.4.0-1091-bluefield - 5.4.0-1091.98 linux-tools-5.4.0-1091-bluefield - 5.4.0-1091.98 No subscription required linux-buildinfo-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-cloud-tools-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-gkeop-cloud-tools-5.4.0-1098 - 5.4.0-1098.102 linux-gkeop-headers-5.4.0-1098 - 5.4.0-1098.102 linux-gkeop-source-5.4.0 - 5.4.0-1098.102 linux-gkeop-tools-5.4.0-1098 - 5.4.0-1098.102 linux-headers-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-image-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-image-unsigned-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-modules-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-modules-extra-5.4.0-1098-gkeop - 5.4.0-1098.102 linux-tools-5.4.0-1098-gkeop - 5.4.0-1098.102 No subscription required linux-buildinfo-5.4.0-1115-raspi - 5.4.0-1115.127 linux-headers-5.4.0-1115-raspi - 5.4.0-1115.127 linux-image-5.4.0-1115-raspi - 5.4.0-1115.127 linux-modules-5.4.0-1115-raspi - 5.4.0-1115.127 linux-raspi-headers-5.4.0-1115 - 5.4.0-1115.127 linux-raspi-tools-5.4.0-1115 - 5.4.0-1115.127 linux-tools-5.4.0-1115-raspi - 5.4.0-1115.127 No subscription required linux-buildinfo-5.4.0-1119-kvm - 5.4.0-1119.127 linux-headers-5.4.0-1119-kvm - 5.4.0-1119.127 linux-image-5.4.0-1119-kvm - 5.4.0-1119.127 linux-image-unsigned-5.4.0-1119-kvm - 5.4.0-1119.127 linux-kvm-headers-5.4.0-1119 - 5.4.0-1119.127 linux-kvm-tools-5.4.0-1119 - 5.4.0-1119.127 linux-modules-5.4.0-1119-kvm - 5.4.0-1119.127 linux-tools-5.4.0-1119-kvm - 5.4.0-1119.127 No subscription required linux-buildinfo-5.4.0-1130-oracle - 5.4.0-1130.139 linux-headers-5.4.0-1130-oracle - 5.4.0-1130.139 linux-image-5.4.0-1130-oracle - 5.4.0-1130.139 linux-image-unsigned-5.4.0-1130-oracle - 5.4.0-1130.139 linux-modules-5.4.0-1130-oracle - 5.4.0-1130.139 linux-modules-extra-5.4.0-1130-oracle - 5.4.0-1130.139 linux-oracle-headers-5.4.0-1130 - 5.4.0-1130.139 linux-oracle-tools-5.4.0-1130 - 5.4.0-1130.139 linux-tools-5.4.0-1130-oracle - 5.4.0-1130.139 No subscription required linux-aws-cloud-tools-5.4.0-1131 - 5.4.0-1131.141 linux-aws-headers-5.4.0-1131 - 5.4.0-1131.141 linux-aws-tools-5.4.0-1131 - 5.4.0-1131.141 linux-buildinfo-5.4.0-1131-aws - 5.4.0-1131.141 linux-cloud-tools-5.4.0-1131-aws - 5.4.0-1131.141 linux-headers-5.4.0-1131-aws - 5.4.0-1131.141 linux-image-5.4.0-1131-aws - 5.4.0-1131.141 linux-image-unsigned-5.4.0-1131-aws - 5.4.0-1131.141 linux-modules-5.4.0-1131-aws - 5.4.0-1131.141 linux-modules-extra-5.4.0-1131-aws - 5.4.0-1131.141 linux-tools-5.4.0-1131-aws - 5.4.0-1131.141 No subscription required linux-buildinfo-5.4.0-1135-gcp - 5.4.0-1135.144 linux-gcp-headers-5.4.0-1135 - 5.4.0-1135.144 linux-gcp-tools-5.4.0-1135 - 5.4.0-1135.144 linux-headers-5.4.0-1135-gcp - 5.4.0-1135.144 linux-image-5.4.0-1135-gcp - 5.4.0-1135.144 linux-image-unsigned-5.4.0-1135-gcp - 5.4.0-1135.144 linux-modules-5.4.0-1135-gcp - 5.4.0-1135.144 linux-modules-extra-5.4.0-1135-gcp - 5.4.0-1135.144 linux-tools-5.4.0-1135-gcp - 5.4.0-1135.144 No subscription required linux-azure-cloud-tools-5.4.0-1136 - 5.4.0-1136.143 linux-azure-headers-5.4.0-1136 - 5.4.0-1136.143 linux-azure-tools-5.4.0-1136 - 5.4.0-1136.143 linux-buildinfo-5.4.0-1136-azure - 5.4.0-1136.143 linux-cloud-tools-5.4.0-1136-azure - 5.4.0-1136.143 linux-headers-5.4.0-1136-azure - 5.4.0-1136.143 linux-image-5.4.0-1136-azure - 5.4.0-1136.143 linux-image-unsigned-5.4.0-1136-azure - 5.4.0-1136.143 linux-modules-5.4.0-1136-azure - 5.4.0-1136.143 linux-modules-extra-5.4.0-1136-azure - 5.4.0-1136.143 linux-tools-5.4.0-1136-azure - 5.4.0-1136.143 No subscription required linux-buildinfo-5.4.0-193-generic - 5.4.0-193.213 linux-buildinfo-5.4.0-193-generic-lpae - 5.4.0-193.213 linux-buildinfo-5.4.0-193-lowlatency - 5.4.0-193.213 linux-cloud-tools-5.4.0-193 - 5.4.0-193.213 linux-cloud-tools-5.4.0-193-generic - 5.4.0-193.213 linux-cloud-tools-5.4.0-193-lowlatency - 5.4.0-193.213 linux-cloud-tools-common - 5.4.0-193.213 linux-doc - 5.4.0-193.213 linux-headers-5.4.0-193 - 5.4.0-193.213 linux-headers-5.4.0-193-generic - 5.4.0-193.213 linux-headers-5.4.0-193-generic-lpae - 5.4.0-193.213 linux-headers-5.4.0-193-lowlatency - 5.4.0-193.213 linux-image-5.4.0-193-generic - 5.4.0-193.213 linux-image-5.4.0-193-generic-lpae - 5.4.0-193.213 linux-image-5.4.0-193-lowlatency - 5.4.0-193.213 linux-image-unsigned-5.4.0-193-generic - 5.4.0-193.213 linux-image-unsigned-5.4.0-193-lowlatency - 5.4.0-193.213 linux-libc-dev - 5.4.0-193.213 linux-modules-5.4.0-193-generic - 5.4.0-193.213 linux-modules-5.4.0-193-generic-lpae - 5.4.0-193.213 linux-modules-5.4.0-193-lowlatency - 5.4.0-193.213 linux-modules-extra-5.4.0-193-generic - 5.4.0-193.213 linux-source-5.4.0 - 5.4.0-193.213 linux-tools-5.4.0-193 - 5.4.0-193.213 linux-tools-5.4.0-193-generic - 5.4.0-193.213 linux-tools-5.4.0-193-generic-lpae - 5.4.0-193.213 linux-tools-5.4.0-193-lowlatency - 5.4.0-193.213 linux-tools-common - 5.4.0-193.213 linux-tools-host - 5.4.0-193.213 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1050.50 linux-image-xilinx-zynqmp - 5.4.0.1050.50 linux-tools-xilinx-zynqmp - 5.4.0.1050.50 linux-xilinx-zynqmp - 5.4.0.1050.50 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1078.107 linux-ibm-lts-20.04 - 5.4.0.1078.107 linux-image-ibm-lts-20.04 - 5.4.0.1078.107 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1078.107 linux-tools-ibm-lts-20.04 - 5.4.0.1078.107 No subscription required linux-bluefield - 5.4.0.1091.87 linux-headers-bluefield - 5.4.0.1091.87 linux-image-bluefield - 5.4.0.1091.87 linux-tools-bluefield - 5.4.0.1091.87 No subscription required linux-cloud-tools-gkeop - 5.4.0.1098.96 linux-cloud-tools-gkeop-5.4 - 5.4.0.1098.96 linux-gkeop - 5.4.0.1098.96 linux-gkeop-5.4 - 5.4.0.1098.96 linux-headers-gkeop - 5.4.0.1098.96 linux-headers-gkeop-5.4 - 5.4.0.1098.96 linux-image-gkeop - 5.4.0.1098.96 linux-image-gkeop-5.4 - 5.4.0.1098.96 linux-modules-extra-gkeop - 5.4.0.1098.96 linux-modules-extra-gkeop-5.4 - 5.4.0.1098.96 linux-tools-gkeop - 5.4.0.1098.96 linux-tools-gkeop-5.4 - 5.4.0.1098.96 No subscription required linux-headers-raspi - 5.4.0.1115.145 linux-headers-raspi-hwe-18.04 - 5.4.0.1115.145 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1115.145 linux-headers-raspi2 - 5.4.0.1115.145 linux-headers-raspi2-hwe-18.04 - 5.4.0.1115.145 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1115.145 linux-image-raspi - 5.4.0.1115.145 linux-image-raspi-hwe-18.04 - 5.4.0.1115.145 linux-image-raspi-hwe-18.04-edge - 5.4.0.1115.145 linux-image-raspi2 - 5.4.0.1115.145 linux-image-raspi2-hwe-18.04 - 5.4.0.1115.145 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1115.145 linux-raspi - 5.4.0.1115.145 linux-raspi-hwe-18.04 - 5.4.0.1115.145 linux-raspi-hwe-18.04-edge - 5.4.0.1115.145 linux-raspi2 - 5.4.0.1115.145 linux-raspi2-hwe-18.04 - 5.4.0.1115.145 linux-raspi2-hwe-18.04-edge - 5.4.0.1115.145 linux-tools-raspi - 5.4.0.1115.145 linux-tools-raspi-hwe-18.04 - 5.4.0.1115.145 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1115.145 linux-tools-raspi2 - 5.4.0.1115.145 linux-tools-raspi2-hwe-18.04 - 5.4.0.1115.145 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1115.145 No subscription required linux-headers-kvm - 5.4.0.1119.115 linux-image-kvm - 5.4.0.1119.115 linux-kvm - 5.4.0.1119.115 linux-tools-kvm - 5.4.0.1119.115 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1130.123 linux-image-oracle-lts-20.04 - 5.4.0.1130.123 linux-oracle-lts-20.04 - 5.4.0.1130.123 linux-tools-oracle-lts-20.04 - 5.4.0.1130.123 No subscription required linux-aws-lts-20.04 - 5.4.0.1131.128 linux-headers-aws-lts-20.04 - 5.4.0.1131.128 linux-image-aws-lts-20.04 - 5.4.0.1131.128 linux-modules-extra-aws-lts-20.04 - 5.4.0.1131.128 linux-tools-aws-lts-20.04 - 5.4.0.1131.128 No subscription required linux-gcp-lts-20.04 - 5.4.0.1135.137 linux-headers-gcp-lts-20.04 - 5.4.0.1135.137 linux-image-gcp-lts-20.04 - 5.4.0.1135.137 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1135.137 linux-tools-gcp-lts-20.04 - 5.4.0.1135.137 No subscription required linux-azure-lts-20.04 - 5.4.0.1136.130 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1136.130 linux-headers-azure-lts-20.04 - 5.4.0.1136.130 linux-image-azure-lts-20.04 - 5.4.0.1136.130 linux-modules-extra-azure-lts-20.04 - 5.4.0.1136.130 linux-tools-azure-lts-20.04 - 5.4.0.1136.130 No subscription required linux-cloud-tools-generic - 5.4.0.193.191 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.193.191 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.193.191 linux-cloud-tools-lowlatency - 5.4.0.193.191 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.193.191 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.193.191 linux-cloud-tools-virtual - 5.4.0.193.191 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.193.191 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.193.191 linux-crashdump - 5.4.0.193.191 linux-generic - 5.4.0.193.191 linux-generic-hwe-18.04 - 5.4.0.193.191 linux-generic-hwe-18.04-edge - 5.4.0.193.191 linux-generic-lpae - 5.4.0.193.191 linux-generic-lpae-hwe-18.04 - 5.4.0.193.191 linux-generic-lpae-hwe-18.04-edge - 5.4.0.193.191 linux-headers-generic - 5.4.0.193.191 linux-headers-generic-hwe-18.04 - 5.4.0.193.191 linux-headers-generic-hwe-18.04-edge - 5.4.0.193.191 linux-headers-generic-lpae - 5.4.0.193.191 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.193.191 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.193.191 linux-headers-lowlatency - 5.4.0.193.191 linux-headers-lowlatency-hwe-18.04 - 5.4.0.193.191 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.193.191 linux-headers-oem - 5.4.0.193.191 linux-headers-oem-osp1 - 5.4.0.193.191 linux-headers-virtual - 5.4.0.193.191 linux-headers-virtual-hwe-18.04 - 5.4.0.193.191 linux-headers-virtual-hwe-18.04-edge - 5.4.0.193.191 linux-image-extra-virtual - 5.4.0.193.191 linux-image-extra-virtual-hwe-18.04 - 5.4.0.193.191 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.193.191 linux-image-generic - 5.4.0.193.191 linux-image-generic-hwe-18.04 - 5.4.0.193.191 linux-image-generic-hwe-18.04-edge - 5.4.0.193.191 linux-image-generic-lpae - 5.4.0.193.191 linux-image-generic-lpae-hwe-18.04 - 5.4.0.193.191 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.193.191 linux-image-lowlatency - 5.4.0.193.191 linux-image-lowlatency-hwe-18.04 - 5.4.0.193.191 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.193.191 linux-image-oem - 5.4.0.193.191 linux-image-oem-osp1 - 5.4.0.193.191 linux-image-virtual - 5.4.0.193.191 linux-image-virtual-hwe-18.04 - 5.4.0.193.191 linux-image-virtual-hwe-18.04-edge - 5.4.0.193.191 linux-lowlatency - 5.4.0.193.191 linux-lowlatency-hwe-18.04 - 5.4.0.193.191 linux-lowlatency-hwe-18.04-edge - 5.4.0.193.191 linux-oem - 5.4.0.193.191 linux-oem-osp1 - 5.4.0.193.191 linux-oem-osp1-tools-host - 5.4.0.193.191 linux-oem-tools-host - 5.4.0.193.191 linux-source - 5.4.0.193.191 linux-tools-generic - 5.4.0.193.191 linux-tools-generic-hwe-18.04 - 5.4.0.193.191 linux-tools-generic-hwe-18.04-edge - 5.4.0.193.191 linux-tools-generic-lpae - 5.4.0.193.191 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.193.191 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.193.191 linux-tools-lowlatency - 5.4.0.193.191 linux-tools-lowlatency-hwe-18.04 - 5.4.0.193.191 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.193.191 linux-tools-oem - 5.4.0.193.191 linux-tools-oem-osp1 - 5.4.0.193.191 linux-tools-virtual - 5.4.0.193.191 linux-tools-virtual-hwe-18.04 - 5.4.0.193.191 linux-tools-virtual-hwe-18.04-edge - 5.4.0.193.191 linux-virtual - 5.4.0.193.191 linux-virtual-hwe-18.04 - 5.4.0.193.191 linux-virtual-hwe-18.04-edge - 5.4.0.193.191 No subscription required High CVE-2021-46926 CVE-2023-52629 CVE-2023-52760 CVE-2024-24860 CVE-2024-26830 CVE-2024-26921 CVE-2024-26929 CVE-2024-36901 CVE-2024-39484 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - User-Mode Linux (UML); - MMC subsystem; - Network drivers; - GFS2 file system; - IPv4 networking; - IPv6 networking; (CVE-2024-26921, CVE-2023-52629, CVE-2024-26680, CVE-2024-26830, CVE-2024-39484, CVE-2024-39292, CVE-2024-36901, CVE-2023-52760) Update Instructions: Run `sudo pro fix USN-6974-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-cloud-tools-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1051 - 5.15.0-1051.58~20.04.1 linux-gkeop-5.15-headers-5.15.0-1051 - 5.15.0-1051.58~20.04.1 linux-gkeop-5.15-tools-5.15.0-1051 - 5.15.0-1051.58~20.04.1 linux-headers-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-image-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-image-unsigned-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-modules-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-modules-extra-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 linux-tools-5.15.0-1051-gkeop - 5.15.0-1051.58~20.04.1 No subscription required linux-buildinfo-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 linux-headers-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 linux-ibm-5.15-headers-5.15.0-1061 - 5.15.0-1061.64~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1061.64~20.04.1 linux-ibm-5.15-tools-5.15.0-1061 - 5.15.0-1061.64~20.04.1 linux-image-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 linux-image-unsigned-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 linux-modules-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 linux-modules-extra-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 linux-tools-5.15.0-1061-ibm - 5.15.0-1061.64~20.04.1 No subscription required linux-buildinfo-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-cloud-tools-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-headers-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-image-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-image-unsigned-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1063.69~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1063 - 5.15.0-1063.69~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1063.69~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1063.69~20.04.1 linux-modules-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-modules-extra-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-modules-iwlwifi-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 linux-tools-5.15.0-1063-intel-iotg - 5.15.0-1063.69~20.04.1 No subscription required linux-buildinfo-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-gcp-5.15-headers-5.15.0-1067 - 5.15.0-1067.75~20.04.1 linux-gcp-5.15-tools-5.15.0-1067 - 5.15.0-1067.75~20.04.1 linux-headers-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-image-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-image-unsigned-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-modules-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-modules-extra-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-modules-iwlwifi-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 linux-tools-5.15.0-1067-gcp - 5.15.0-1067.75~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1068 - 5.15.0-1068.74~20.04.1 linux-aws-5.15-headers-5.15.0-1068 - 5.15.0-1068.74~20.04.1 linux-aws-5.15-tools-5.15.0-1068 - 5.15.0-1068.74~20.04.1 linux-buildinfo-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-cloud-tools-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-headers-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-image-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-image-unsigned-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-modules-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-modules-extra-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 linux-tools-5.15.0-1068-aws - 5.15.0-1068.74~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1071 - 5.15.0-1071.80~20.04.1 linux-azure-5.15-headers-5.15.0-1071 - 5.15.0-1071.80~20.04.1 linux-azure-5.15-tools-5.15.0-1071 - 5.15.0-1071.80~20.04.1 linux-buildinfo-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-cloud-tools-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-headers-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-image-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-image-unsigned-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-modules-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-modules-extra-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-modules-involflt-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 linux-tools-5.15.0-1071-azure - 5.15.0-1071.80~20.04.1 No subscription required linux-image-5.15.0-1071-azure-fde - 5.15.0-1071.80~20.04.1.1 linux-image-unsigned-5.15.0-1071-azure-fde - 5.15.0-1071.80~20.04.1.1 No subscription required linux-buildinfo-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-buildinfo-5.15.0-119-generic-64k - 5.15.0-119.129~20.04.1 linux-buildinfo-5.15.0-119-generic-lpae - 5.15.0-119.129~20.04.1 linux-buildinfo-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-buildinfo-5.15.0-119-lowlatency-64k - 5.15.0-119.129~20.04.1 linux-cloud-tools-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-cloud-tools-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-headers-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-headers-5.15.0-119-generic-64k - 5.15.0-119.129~20.04.1 linux-headers-5.15.0-119-generic-lpae - 5.15.0-119.129~20.04.1 linux-headers-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-headers-5.15.0-119-lowlatency-64k - 5.15.0-119.129~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-119 - 5.15.0-119.129~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-119.129~20.04.1 linux-hwe-5.15-headers-5.15.0-119 - 5.15.0-119.129~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-119.129~20.04.1 linux-hwe-5.15-tools-5.15.0-119 - 5.15.0-119.129~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-119.129~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-119.129~20.04.1 linux-image-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-image-5.15.0-119-generic-64k - 5.15.0-119.129~20.04.1 linux-image-5.15.0-119-generic-lpae - 5.15.0-119.129~20.04.1 linux-image-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-image-5.15.0-119-lowlatency-64k - 5.15.0-119.129~20.04.1 linux-image-unsigned-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-image-unsigned-5.15.0-119-generic-64k - 5.15.0-119.129~20.04.1 linux-image-unsigned-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-image-unsigned-5.15.0-119-lowlatency-64k - 5.15.0-119.129~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-119 - 5.15.0-119.129~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-119.129~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-119 - 5.15.0-119.129~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-119 - 5.15.0-119.129~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-119.129~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-119.129~20.04.1 linux-modules-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-modules-5.15.0-119-generic-64k - 5.15.0-119.129~20.04.1 linux-modules-5.15.0-119-generic-lpae - 5.15.0-119.129~20.04.1 linux-modules-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-modules-5.15.0-119-lowlatency-64k - 5.15.0-119.129~20.04.1 linux-modules-extra-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-modules-iwlwifi-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-modules-iwlwifi-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-tools-5.15.0-119-generic - 5.15.0-119.129~20.04.1 linux-tools-5.15.0-119-generic-64k - 5.15.0-119.129~20.04.1 linux-tools-5.15.0-119-generic-lpae - 5.15.0-119.129~20.04.1 linux-tools-5.15.0-119-lowlatency - 5.15.0-119.129~20.04.1 linux-tools-5.15.0-119-lowlatency-64k - 5.15.0-119.129~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1051.58~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1051.58~20.04.1 linux-gkeop-5.15 - 5.15.0.1051.58~20.04.1 linux-gkeop-edge - 5.15.0.1051.58~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1051.58~20.04.1 linux-headers-gkeop-edge - 5.15.0.1051.58~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1051.58~20.04.1 linux-image-gkeop-edge - 5.15.0.1051.58~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1051.58~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1051.58~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1051.58~20.04.1 linux-tools-gkeop-edge - 5.15.0.1051.58~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1061.64~20.04.1 linux-headers-ibm-edge - 5.15.0.1061.64~20.04.1 linux-ibm - 5.15.0.1061.64~20.04.1 linux-ibm-edge - 5.15.0.1061.64~20.04.1 linux-image-ibm - 5.15.0.1061.64~20.04.1 linux-image-ibm-edge - 5.15.0.1061.64~20.04.1 linux-tools-ibm - 5.15.0.1061.64~20.04.1 linux-tools-ibm-edge - 5.15.0.1061.64~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1063.69~20.04.1 linux-headers-intel - 5.15.0.1063.69~20.04.1 linux-headers-intel-iotg - 5.15.0.1063.69~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1063.69~20.04.1 linux-image-intel - 5.15.0.1063.69~20.04.1 linux-image-intel-iotg - 5.15.0.1063.69~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1063.69~20.04.1 linux-intel - 5.15.0.1063.69~20.04.1 linux-intel-iotg - 5.15.0.1063.69~20.04.1 linux-intel-iotg-edge - 5.15.0.1063.69~20.04.1 linux-tools-intel - 5.15.0.1063.69~20.04.1 linux-tools-intel-iotg - 5.15.0.1063.69~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1063.69~20.04.1 No subscription required linux-gcp - 5.15.0.1067.75~20.04.1 linux-gcp-edge - 5.15.0.1067.75~20.04.1 linux-headers-gcp - 5.15.0.1067.75~20.04.1 linux-headers-gcp-edge - 5.15.0.1067.75~20.04.1 linux-image-gcp - 5.15.0.1067.75~20.04.1 linux-image-gcp-edge - 5.15.0.1067.75~20.04.1 linux-modules-extra-gcp - 5.15.0.1067.75~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1067.75~20.04.1 linux-tools-gcp - 5.15.0.1067.75~20.04.1 linux-tools-gcp-edge - 5.15.0.1067.75~20.04.1 No subscription required linux-aws - 5.15.0.1068.74~20.04.1 linux-aws-edge - 5.15.0.1068.74~20.04.1 linux-headers-aws - 5.15.0.1068.74~20.04.1 linux-headers-aws-edge - 5.15.0.1068.74~20.04.1 linux-image-aws - 5.15.0.1068.74~20.04.1 linux-image-aws-edge - 5.15.0.1068.74~20.04.1 linux-modules-extra-aws - 5.15.0.1068.74~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1068.74~20.04.1 linux-tools-aws - 5.15.0.1068.74~20.04.1 linux-tools-aws-edge - 5.15.0.1068.74~20.04.1 No subscription required linux-azure - 5.15.0.1071.80~20.04.1 linux-azure-cvm - 5.15.0.1071.80~20.04.1 linux-azure-edge - 5.15.0.1071.80~20.04.1 linux-cloud-tools-azure - 5.15.0.1071.80~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1071.80~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1071.80~20.04.1 linux-headers-azure - 5.15.0.1071.80~20.04.1 linux-headers-azure-cvm - 5.15.0.1071.80~20.04.1 linux-headers-azure-edge - 5.15.0.1071.80~20.04.1 linux-image-azure - 5.15.0.1071.80~20.04.1 linux-image-azure-cvm - 5.15.0.1071.80~20.04.1 linux-image-azure-edge - 5.15.0.1071.80~20.04.1 linux-modules-extra-azure - 5.15.0.1071.80~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1071.80~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1071.80~20.04.1 linux-modules-involflt-azure - 5.15.0.1071.80~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1071.80~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1071.80~20.04.1 linux-tools-azure - 5.15.0.1071.80~20.04.1 linux-tools-azure-cvm - 5.15.0.1071.80~20.04.1 linux-tools-azure-edge - 5.15.0.1071.80~20.04.1 No subscription required linux-azure-fde - 5.15.0.1071.80~20.04.1.48 linux-azure-fde-edge - 5.15.0.1071.80~20.04.1.48 linux-cloud-tools-azure-fde - 5.15.0.1071.80~20.04.1.48 linux-cloud-tools-azure-fde-edge - 5.15.0.1071.80~20.04.1.48 linux-headers-azure-fde - 5.15.0.1071.80~20.04.1.48 linux-headers-azure-fde-edge - 5.15.0.1071.80~20.04.1.48 linux-image-azure-fde - 5.15.0.1071.80~20.04.1.48 linux-image-azure-fde-edge - 5.15.0.1071.80~20.04.1.48 linux-modules-extra-azure-fde - 5.15.0.1071.80~20.04.1.48 linux-modules-extra-azure-fde-edge - 5.15.0.1071.80~20.04.1.48 linux-tools-azure-fde - 5.15.0.1071.80~20.04.1.48 linux-tools-azure-fde-edge - 5.15.0.1071.80~20.04.1.48 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-generic-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-headers-oem-20.04 - 5.15.0.119.129~20.04.1 linux-headers-oem-20.04b - 5.15.0.119.129~20.04.1 linux-headers-oem-20.04c - 5.15.0.119.129~20.04.1 linux-headers-oem-20.04d - 5.15.0.119.129~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-image-oem-20.04 - 5.15.0.119.129~20.04.1 linux-image-oem-20.04b - 5.15.0.119.129~20.04.1 linux-image-oem-20.04c - 5.15.0.119.129~20.04.1 linux-image-oem-20.04d - 5.15.0.119.129~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.119.129~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.119.129~20.04.1 linux-oem-20.04 - 5.15.0.119.129~20.04.1 linux-oem-20.04b - 5.15.0.119.129~20.04.1 linux-oem-20.04c - 5.15.0.119.129~20.04.1 linux-oem-20.04d - 5.15.0.119.129~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-tools-oem-20.04 - 5.15.0.119.129~20.04.1 linux-tools-oem-20.04b - 5.15.0.119.129~20.04.1 linux-tools-oem-20.04c - 5.15.0.119.129~20.04.1 linux-tools-oem-20.04d - 5.15.0.119.129~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.119.129~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.119.129~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.119.129~20.04.1 No subscription required High CVE-2023-52629 CVE-2023-52760 CVE-2024-26680 CVE-2024-26830 CVE-2024-26921 CVE-2024-36901 CVE-2024-39292 CVE-2024-39484 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - User-Mode Linux (UML); - MMC subsystem; - Network drivers; - GFS2 file system; - IPv4 networking; - IPv6 networking; (CVE-2024-26921, CVE-2023-52629, CVE-2024-26680, CVE-2024-26830, CVE-2024-39484, CVE-2024-39292, CVE-2024-36901, CVE-2023-52760) Update Instructions: Run `sudo pro fix USN-6974-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 linux-headers-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 linux-image-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 linux-image-unsigned-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 linux-modules-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 linux-modules-extra-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 linux-oracle-5.15-headers-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-oracle-5.15-tools-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-tools-5.15.0-1066-oracle - 5.15.0-1066.72~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1066.72~20.04.1 linux-headers-oracle-edge - 5.15.0.1066.72~20.04.1 linux-image-oracle - 5.15.0.1066.72~20.04.1 linux-image-oracle-edge - 5.15.0.1066.72~20.04.1 linux-oracle - 5.15.0.1066.72~20.04.1 linux-oracle-edge - 5.15.0.1066.72~20.04.1 linux-tools-oracle - 5.15.0.1066.72~20.04.1 linux-tools-oracle-edge - 5.15.0.1066.72~20.04.1 No subscription required High CVE-2023-52629 CVE-2023-52760 CVE-2024-26680 CVE-2024-26830 CVE-2024-26921 CVE-2024-36901 CVE-2024-39292 CVE-2024-39484 Ubuntu 20.04 LTS Zeng Yunxiang discovered that FFmpeg incorrectly handled memory during video encoding. An attacker could possibly use this issue to perform a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-6983-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm6 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm6 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm6 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm6 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm6 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm6 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm6 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm6 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm6 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm6 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm6 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm6 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm6 libavformat58 - 7:4.2.7-0ubuntu0.1+esm6 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm6 libavresample4 - 7:4.2.7-0ubuntu0.1+esm6 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm6 libavutil56 - 7:4.2.7-0ubuntu0.1+esm6 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm6 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm6 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm6 libswresample3 - 7:4.2.7-0ubuntu0.1+esm6 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm6 libswscale5 - 7:4.2.7-0ubuntu0.1+esm6 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-32230 Ubuntu 20.04 LTS It was discovered that WebOb incorrectly handled certain URLs. An attacker could possibly use this issue to control a redirect or forward to another URL. Update Instructions: Run `sudo pro fix USN-6984-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-webob-doc - 1:1.8.5-2ubuntu0.1 python3-webob - 1:1.8.5-2ubuntu0.1 No subscription required Medium CVE-2024-42353 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-45230) It was discovered that Django incorrectly handled certain email sending failures. A remote attacker could possibly use this issue to enumerate user emails by issuing password reset requests and observing the outcomes. (CVE-2024-45231) Update Instructions: Run `sudo pro fix USN-6987-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.25 python3-django - 2:2.2.12-1ubuntu0.25 No subscription required Medium CVE-2024-45230 CVE-2024-45231 Ubuntu 20.04 LTS Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-41671) It was discovered that Twisted did not properly sanitize certain input. An attacker could use this vulnerability to possibly execute an HTML injection leading to a cross-site scripting (XSS) attack. (CVE-2024-41810) Update Instructions: Run `sudo pro fix USN-6988-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-twisted - 18.9.0-11ubuntu0.20.04.4 python3-twisted-bin - 18.9.0-11ubuntu0.20.04.4 twisted-doc - 18.9.0-11ubuntu0.20.04.4 No subscription required Medium CVE-2024-41671 CVE-2024-41810 Ubuntu 20.04 LTS USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-41671) Update Instructions: Run `sudo pro fix USN-6988-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-twisted - 18.9.0-11ubuntu0.20.04.5 python3-twisted-bin - 18.9.0-11ubuntu0.20.04.5 twisted-doc - 18.9.0-11ubuntu0.20.04.5 No subscription required Medium CVE-2024-41671 Ubuntu 20.04 LTS Johannes Kuhn (DasBrain) discovered that znc incorrectly handled user input under certain operations. An attacker could possibly use this issue to execute arbitrary code on a user's system if the user was tricked into joining a malicious server. Update Instructions: Run `sudo pro fix USN-6990-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: znc-backlog - 0.20180824+1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro znc-push - 1.0.0+git20190521.78d0385+1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro znc - 1.7.5-4ubuntu0.1~esm2 znc-dev - 1.7.5-4ubuntu0.1~esm2 znc-perl - 1.7.5-4ubuntu0.1~esm2 znc-python - 1.7.5-4ubuntu0.1~esm2 znc-tcl - 1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-39844 Ubuntu 20.04 LTS It was discovered that AIOHTTP did not properly restrict file access when the 'follow_symlinks' option was set to True. A remote attacker could possibly use this issue to access unauthorized files on the system. Update Instructions: Run `sudo pro fix USN-6991-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-aiohttp - 3.6.2-1ubuntu1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-23334 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-8382, CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389) Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8381) It was discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8384) Seunghyun Lee discovered that Firefox contained a type confusion vulnerability when handling certain ArrayTypes. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8385) Update Instructions: Run `sudo pro fix USN-6992-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 130.0+build2-0ubuntu0.20.04.1 firefox-dev - 130.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 130.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 130.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 130.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-8381 CVE-2024-8382 CVE-2024-8383 CVE-2024-8384 CVE-2024-8385 CVE-2024-8386 CVE-2024-8387 CVE-2024-8389 Ubuntu 20.04 LTS USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-8382, CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389) Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8381) It was discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8384) Seunghyun Lee discovered that Firefox contained a type confusion vulnerability when handling certain ArrayTypes. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8385) Update Instructions: Run `sudo pro fix USN-6992-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 130.0.1+build1-0ubuntu0.20.04.1 firefox-dev - 130.0.1+build1-0ubuntu0.20.04.1 firefox-geckodriver - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-af - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-an - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ar - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-as - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ast - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-az - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-be - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bg - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bn - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-br - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-bs - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ca - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cak - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cs - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-csb - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-cy - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-da - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-de - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-el - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-en - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eo - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-es - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-et - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-eu - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fa - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fi - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fr - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-fy - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ga - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gd - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gl - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gn - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-gu - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-he - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hi - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hr - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hu - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-hy - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ia - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-id - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-is - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-it - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ja - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ka - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kab - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kk - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-km - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-kn - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ko - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ku - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lg - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lt - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-lv - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mai - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mk - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ml - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mn - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-mr - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ms - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-my - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nb - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ne - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nl - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nn - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-nso - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-oc - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-or - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pa - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pl - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-pt - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ro - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ru - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-si - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sk - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sl - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sq - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sr - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sv - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-sw - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-szl - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ta - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-te - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tg - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-th - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-tr - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uk - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-ur - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-uz - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-vi - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-xh - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 130.0.1+build1-0ubuntu0.20.04.1 firefox-locale-zu - 130.0.1+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 130.0.1+build1-0ubuntu0.20.04.1 No subscription required None https://launchpad.net/bugs/2081668 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when closing a window, leading to a double-free vulnerability. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2024-41957) It was discovered that Vim incorrectly handled memory when adding a new file to an argument list, leading to a use-after-free. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. (CVE-2024-43374) Update Instructions: Run `sudo pro fix USN-6993-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.24 vim-athena - 2:8.1.2269-1ubuntu5.24 vim-common - 2:8.1.2269-1ubuntu5.24 vim-doc - 2:8.1.2269-1ubuntu5.24 vim-gtk - 2:8.1.2269-1ubuntu5.24 vim-gtk3 - 2:8.1.2269-1ubuntu5.24 vim-gui-common - 2:8.1.2269-1ubuntu5.24 vim-nox - 2:8.1.2269-1ubuntu5.24 vim-runtime - 2:8.1.2269-1ubuntu5.24 vim-tiny - 2:8.1.2269-1ubuntu5.24 xxd - 2:8.1.2269-1ubuntu5.24 No subscription required Medium CVE-2024-41957 CVE-2024-43374 Ubuntu 20.04 LTS Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-7521, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, CVE-2024-8382) It was discovered that Thunderbird did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Irvan Kurniawan discovered that Thunderbird did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-7522) Rob Wu discovered that Thunderbird did not properly check permissions when creating a StreamFilter. An attacker could possibly use this issue to modify response body of requests on any site using a web extension. (CVE-2024-7525) Nils Bars discovered that Thunderbird contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8381) It was discovered that Thunderbird did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8384) Update Instructions: Run `sudo pro fix USN-6995-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.15.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.15.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.15.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.15.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.15.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-7519 CVE-2024-7521 CVE-2024-7522 CVE-2024-7525 CVE-2024-7526 CVE-2024-7527 CVE-2024-7529 CVE-2024-8381 CVE-2024-8382 CVE-2024-8384 Ubuntu 20.04 LTS It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-6997-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtiff-dev - 4.1.0+git191117-2ubuntu0.20.04.14 libtiff-doc - 4.1.0+git191117-2ubuntu0.20.04.14 libtiff-opengl - 4.1.0+git191117-2ubuntu0.20.04.14 libtiff-tools - 4.1.0+git191117-2ubuntu0.20.04.14 libtiff5 - 4.1.0+git191117-2ubuntu0.20.04.14 libtiff5-dev - 4.1.0+git191117-2ubuntu0.20.04.14 libtiffxx5 - 4.1.0+git191117-2ubuntu0.20.04.14 No subscription required Medium CVE-2024-7006 Ubuntu 20.04 LTS It was discovered that Unbound incorrectly handled string comparisons, which could lead to a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. (CVE-2024-43167) It was discovered that Unbound incorrectly handled memory in cfg_mark_ports, which could lead to a heap buffer overflow. A local attacker could potentially use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-43168) Update Instructions: Run `sudo pro fix USN-6998-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libunbound-dev - 1.9.4-2ubuntu1.8 libunbound8 - 1.9.4-2ubuntu1.8 python-unbound - 1.9.4-2ubuntu1.8 python3-unbound - 1.9.4-2ubuntu1.8 unbound - 1.9.4-2ubuntu1.8 unbound-anchor - 1.9.4-2ubuntu1.8 unbound-host - 1.9.4-2ubuntu1.8 No subscription required Medium CVE-2024-43167 CVE-2024-43168 Ubuntu 20.04 LTS Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-45490) Shang-Hung Wan discovered that Expat did not properly handle the potential for an integer overflow on 32-bit platforms. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-45491, CVE-2024-45492) Update Instructions: Run `sudo pro fix USN-7000-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.7 libexpat1 - 2.2.9-1ubuntu0.7 libexpat1-dev - 2.2.9-1ubuntu0.7 No subscription required Medium CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 Ubuntu 20.04 LTS Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-45490) Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle the potential for an integer overflow on 32-bit platforms. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-45491) Update Instructions: Run `sudo pro fix USN-7001-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxmltok1 - 1.2-4ubuntu0.20.04.1~esm3 libxmltok1-dev - 1.2-4ubuntu0.20.04.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-45490 CVE-2024-45491 Ubuntu 20.04 LTS It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7002-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy-pkg-resources - 44.0.0-2ubuntu0.1+esm1 pypy-setuptools - 44.0.0-2ubuntu0.1+esm1 python-pkg-resources - 44.0.0-2ubuntu0.1+esm1 python-setuptools - 44.0.0-2ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro python-setuptools-doc - 45.2.0-1ubuntu0.2 python3-pkg-resources - 45.2.0-1ubuntu0.2 python3-setuptools - 45.2.0-1ubuntu0.2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-6345 Ubuntu 20.04 LTS It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - VMware VMCI Driver; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - USB subsystem; - JFFS2 file system; - JFS file system; - File systems infrastructure; - NILFS2 file system; - IOMMU subsystem; - Sun RPC protocol; - Netfilter; - Memory management; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - SoC Audio for Freescale CPUs drivers; (CVE-2024-40905, CVE-2024-41095, CVE-2024-41035, CVE-2024-36974, CVE-2024-40959, CVE-2024-40978, CVE-2024-42236, CVE-2024-40963, CVE-2024-40916, CVE-2024-41006, CVE-2024-39495, CVE-2023-52803, CVE-2024-42070, CVE-2024-41041, CVE-2024-42157, CVE-2024-36894, CVE-2024-42153, CVE-2024-42127, CVE-2024-42224, CVE-2024-40932, CVE-2024-42105, CVE-2024-40968, CVE-2024-41044, CVE-2024-41046, CVE-2023-52887, CVE-2024-42094, CVE-2024-40960, CVE-2024-41007, CVE-2024-40961, CVE-2024-39487, CVE-2024-39502, CVE-2024-42086, CVE-2024-36978, CVE-2024-39503, CVE-2024-41049, CVE-2024-42090, CVE-2024-42232, CVE-2024-39499, CVE-2024-40902, CVE-2024-37078, CVE-2024-39501, CVE-2024-42119, CVE-2024-40901, CVE-2024-42101, CVE-2024-42104, CVE-2024-42145, CVE-2024-41097, CVE-2024-40942, CVE-2024-41034, CVE-2024-40904, CVE-2024-41089, CVE-2024-42084, CVE-2024-42093, CVE-2024-40945, CVE-2024-40958, CVE-2024-42124, CVE-2024-40987, CVE-2024-40912, CVE-2024-39506, CVE-2024-40941, CVE-2024-39509, CVE-2024-40974, CVE-2024-39505, CVE-2024-42115, CVE-2024-40988, CVE-2024-40995, CVE-2024-42097, CVE-2024-41087, CVE-2024-42106, CVE-2024-40984, CVE-2024-40981, CVE-2024-42102, CVE-2024-42148, CVE-2024-42154, CVE-2024-42096, CVE-2024-40934, CVE-2024-40980, CVE-2024-42076, CVE-2024-40943, CVE-2024-42092, CVE-2024-42089, CVE-2024-42223, CVE-2024-38619, CVE-2024-42087, CVE-2024-39469) Update Instructions: Run `sudo pro fix USN-7003-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1079-ibm - 5.4.0-1079.84 linux-headers-5.4.0-1079-ibm - 5.4.0-1079.84 linux-ibm-cloud-tools-common - 5.4.0-1079.84 linux-ibm-headers-5.4.0-1079 - 5.4.0-1079.84 linux-ibm-source-5.4.0 - 5.4.0-1079.84 linux-ibm-tools-5.4.0-1079 - 5.4.0-1079.84 linux-ibm-tools-common - 5.4.0-1079.84 linux-image-5.4.0-1079-ibm - 5.4.0-1079.84 linux-image-unsigned-5.4.0-1079-ibm - 5.4.0-1079.84 linux-modules-5.4.0-1079-ibm - 5.4.0-1079.84 linux-modules-extra-5.4.0-1079-ibm - 5.4.0-1079.84 linux-tools-5.4.0-1079-ibm - 5.4.0-1079.84 No subscription required linux-bluefield-headers-5.4.0-1092 - 5.4.0-1092.99 linux-bluefield-tools-5.4.0-1092 - 5.4.0-1092.99 linux-buildinfo-5.4.0-1092-bluefield - 5.4.0-1092.99 linux-headers-5.4.0-1092-bluefield - 5.4.0-1092.99 linux-image-5.4.0-1092-bluefield - 5.4.0-1092.99 linux-image-unsigned-5.4.0-1092-bluefield - 5.4.0-1092.99 linux-modules-5.4.0-1092-bluefield - 5.4.0-1092.99 linux-tools-5.4.0-1092-bluefield - 5.4.0-1092.99 No subscription required linux-buildinfo-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-cloud-tools-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-gkeop-cloud-tools-5.4.0-1099 - 5.4.0-1099.103 linux-gkeop-headers-5.4.0-1099 - 5.4.0-1099.103 linux-gkeop-source-5.4.0 - 5.4.0-1099.103 linux-gkeop-tools-5.4.0-1099 - 5.4.0-1099.103 linux-headers-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-image-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-image-unsigned-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-modules-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-modules-extra-5.4.0-1099-gkeop - 5.4.0-1099.103 linux-tools-5.4.0-1099-gkeop - 5.4.0-1099.103 No subscription required linux-buildinfo-5.4.0-1120-kvm - 5.4.0-1120.128 linux-headers-5.4.0-1120-kvm - 5.4.0-1120.128 linux-image-5.4.0-1120-kvm - 5.4.0-1120.128 linux-image-unsigned-5.4.0-1120-kvm - 5.4.0-1120.128 linux-kvm-headers-5.4.0-1120 - 5.4.0-1120.128 linux-kvm-tools-5.4.0-1120 - 5.4.0-1120.128 linux-modules-5.4.0-1120-kvm - 5.4.0-1120.128 linux-tools-5.4.0-1120-kvm - 5.4.0-1120.128 No subscription required linux-buildinfo-5.4.0-1131-oracle - 5.4.0-1131.140 linux-headers-5.4.0-1131-oracle - 5.4.0-1131.140 linux-image-5.4.0-1131-oracle - 5.4.0-1131.140 linux-image-unsigned-5.4.0-1131-oracle - 5.4.0-1131.140 linux-modules-5.4.0-1131-oracle - 5.4.0-1131.140 linux-modules-extra-5.4.0-1131-oracle - 5.4.0-1131.140 linux-oracle-headers-5.4.0-1131 - 5.4.0-1131.140 linux-oracle-tools-5.4.0-1131 - 5.4.0-1131.140 linux-tools-5.4.0-1131-oracle - 5.4.0-1131.140 No subscription required linux-aws-cloud-tools-5.4.0-1132 - 5.4.0-1132.142 linux-aws-headers-5.4.0-1132 - 5.4.0-1132.142 linux-aws-tools-5.4.0-1132 - 5.4.0-1132.142 linux-buildinfo-5.4.0-1132-aws - 5.4.0-1132.142 linux-cloud-tools-5.4.0-1132-aws - 5.4.0-1132.142 linux-headers-5.4.0-1132-aws - 5.4.0-1132.142 linux-image-5.4.0-1132-aws - 5.4.0-1132.142 linux-image-unsigned-5.4.0-1132-aws - 5.4.0-1132.142 linux-modules-5.4.0-1132-aws - 5.4.0-1132.142 linux-modules-extra-5.4.0-1132-aws - 5.4.0-1132.142 linux-tools-5.4.0-1132-aws - 5.4.0-1132.142 No subscription required linux-buildinfo-5.4.0-1136-gcp - 5.4.0-1136.145 linux-gcp-headers-5.4.0-1136 - 5.4.0-1136.145 linux-gcp-tools-5.4.0-1136 - 5.4.0-1136.145 linux-headers-5.4.0-1136-gcp - 5.4.0-1136.145 linux-image-5.4.0-1136-gcp - 5.4.0-1136.145 linux-image-unsigned-5.4.0-1136-gcp - 5.4.0-1136.145 linux-modules-5.4.0-1136-gcp - 5.4.0-1136.145 linux-modules-extra-5.4.0-1136-gcp - 5.4.0-1136.145 linux-tools-5.4.0-1136-gcp - 5.4.0-1136.145 No subscription required linux-azure-cloud-tools-5.4.0-1137 - 5.4.0-1137.144 linux-azure-headers-5.4.0-1137 - 5.4.0-1137.144 linux-azure-tools-5.4.0-1137 - 5.4.0-1137.144 linux-buildinfo-5.4.0-1137-azure - 5.4.0-1137.144 linux-cloud-tools-5.4.0-1137-azure - 5.4.0-1137.144 linux-headers-5.4.0-1137-azure - 5.4.0-1137.144 linux-image-5.4.0-1137-azure - 5.4.0-1137.144 linux-image-unsigned-5.4.0-1137-azure - 5.4.0-1137.144 linux-modules-5.4.0-1137-azure - 5.4.0-1137.144 linux-modules-extra-5.4.0-1137-azure - 5.4.0-1137.144 linux-tools-5.4.0-1137-azure - 5.4.0-1137.144 No subscription required linux-buildinfo-5.4.0-195-generic - 5.4.0-195.215 linux-buildinfo-5.4.0-195-generic-lpae - 5.4.0-195.215 linux-buildinfo-5.4.0-195-lowlatency - 5.4.0-195.215 linux-cloud-tools-5.4.0-195 - 5.4.0-195.215 linux-cloud-tools-5.4.0-195-generic - 5.4.0-195.215 linux-cloud-tools-5.4.0-195-lowlatency - 5.4.0-195.215 linux-cloud-tools-common - 5.4.0-195.215 linux-doc - 5.4.0-195.215 linux-headers-5.4.0-195 - 5.4.0-195.215 linux-headers-5.4.0-195-generic - 5.4.0-195.215 linux-headers-5.4.0-195-generic-lpae - 5.4.0-195.215 linux-headers-5.4.0-195-lowlatency - 5.4.0-195.215 linux-image-5.4.0-195-generic - 5.4.0-195.215 linux-image-5.4.0-195-generic-lpae - 5.4.0-195.215 linux-image-5.4.0-195-lowlatency - 5.4.0-195.215 linux-image-unsigned-5.4.0-195-generic - 5.4.0-195.215 linux-image-unsigned-5.4.0-195-lowlatency - 5.4.0-195.215 linux-libc-dev - 5.4.0-195.215 linux-modules-5.4.0-195-generic - 5.4.0-195.215 linux-modules-5.4.0-195-generic-lpae - 5.4.0-195.215 linux-modules-5.4.0-195-lowlatency - 5.4.0-195.215 linux-modules-extra-5.4.0-195-generic - 5.4.0-195.215 linux-source-5.4.0 - 5.4.0-195.215 linux-tools-5.4.0-195 - 5.4.0-195.215 linux-tools-5.4.0-195-generic - 5.4.0-195.215 linux-tools-5.4.0-195-generic-lpae - 5.4.0-195.215 linux-tools-5.4.0-195-lowlatency - 5.4.0-195.215 linux-tools-common - 5.4.0-195.215 linux-tools-host - 5.4.0-195.215 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1079.108 linux-ibm-lts-20.04 - 5.4.0.1079.108 linux-image-ibm-lts-20.04 - 5.4.0.1079.108 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1079.108 linux-tools-ibm-lts-20.04 - 5.4.0.1079.108 No subscription required linux-bluefield - 5.4.0.1092.88 linux-headers-bluefield - 5.4.0.1092.88 linux-image-bluefield - 5.4.0.1092.88 linux-tools-bluefield - 5.4.0.1092.88 No subscription required linux-cloud-tools-gkeop - 5.4.0.1099.97 linux-cloud-tools-gkeop-5.4 - 5.4.0.1099.97 linux-gkeop - 5.4.0.1099.97 linux-gkeop-5.4 - 5.4.0.1099.97 linux-headers-gkeop - 5.4.0.1099.97 linux-headers-gkeop-5.4 - 5.4.0.1099.97 linux-image-gkeop - 5.4.0.1099.97 linux-image-gkeop-5.4 - 5.4.0.1099.97 linux-modules-extra-gkeop - 5.4.0.1099.97 linux-modules-extra-gkeop-5.4 - 5.4.0.1099.97 linux-tools-gkeop - 5.4.0.1099.97 linux-tools-gkeop-5.4 - 5.4.0.1099.97 No subscription required linux-headers-kvm - 5.4.0.1120.116 linux-image-kvm - 5.4.0.1120.116 linux-kvm - 5.4.0.1120.116 linux-tools-kvm - 5.4.0.1120.116 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1131.124 linux-image-oracle-lts-20.04 - 5.4.0.1131.124 linux-oracle-lts-20.04 - 5.4.0.1131.124 linux-tools-oracle-lts-20.04 - 5.4.0.1131.124 No subscription required linux-aws-lts-20.04 - 5.4.0.1132.129 linux-headers-aws-lts-20.04 - 5.4.0.1132.129 linux-image-aws-lts-20.04 - 5.4.0.1132.129 linux-modules-extra-aws-lts-20.04 - 5.4.0.1132.129 linux-tools-aws-lts-20.04 - 5.4.0.1132.129 No subscription required linux-gcp-lts-20.04 - 5.4.0.1136.138 linux-headers-gcp-lts-20.04 - 5.4.0.1136.138 linux-image-gcp-lts-20.04 - 5.4.0.1136.138 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1136.138 linux-tools-gcp-lts-20.04 - 5.4.0.1136.138 No subscription required linux-azure-lts-20.04 - 5.4.0.1137.131 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1137.131 linux-headers-azure-lts-20.04 - 5.4.0.1137.131 linux-image-azure-lts-20.04 - 5.4.0.1137.131 linux-modules-extra-azure-lts-20.04 - 5.4.0.1137.131 linux-tools-azure-lts-20.04 - 5.4.0.1137.131 No subscription required linux-cloud-tools-generic - 5.4.0.195.193 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.195.193 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.195.193 linux-cloud-tools-lowlatency - 5.4.0.195.193 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.195.193 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.195.193 linux-cloud-tools-virtual - 5.4.0.195.193 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.195.193 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.195.193 linux-crashdump - 5.4.0.195.193 linux-generic - 5.4.0.195.193 linux-generic-hwe-18.04 - 5.4.0.195.193 linux-generic-hwe-18.04-edge - 5.4.0.195.193 linux-generic-lpae - 5.4.0.195.193 linux-generic-lpae-hwe-18.04 - 5.4.0.195.193 linux-generic-lpae-hwe-18.04-edge - 5.4.0.195.193 linux-headers-generic - 5.4.0.195.193 linux-headers-generic-hwe-18.04 - 5.4.0.195.193 linux-headers-generic-hwe-18.04-edge - 5.4.0.195.193 linux-headers-generic-lpae - 5.4.0.195.193 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.195.193 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.195.193 linux-headers-lowlatency - 5.4.0.195.193 linux-headers-lowlatency-hwe-18.04 - 5.4.0.195.193 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.195.193 linux-headers-oem - 5.4.0.195.193 linux-headers-oem-osp1 - 5.4.0.195.193 linux-headers-virtual - 5.4.0.195.193 linux-headers-virtual-hwe-18.04 - 5.4.0.195.193 linux-headers-virtual-hwe-18.04-edge - 5.4.0.195.193 linux-image-extra-virtual - 5.4.0.195.193 linux-image-extra-virtual-hwe-18.04 - 5.4.0.195.193 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.195.193 linux-image-generic - 5.4.0.195.193 linux-image-generic-hwe-18.04 - 5.4.0.195.193 linux-image-generic-hwe-18.04-edge - 5.4.0.195.193 linux-image-generic-lpae - 5.4.0.195.193 linux-image-generic-lpae-hwe-18.04 - 5.4.0.195.193 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.195.193 linux-image-lowlatency - 5.4.0.195.193 linux-image-lowlatency-hwe-18.04 - 5.4.0.195.193 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.195.193 linux-image-oem - 5.4.0.195.193 linux-image-oem-osp1 - 5.4.0.195.193 linux-image-virtual - 5.4.0.195.193 linux-image-virtual-hwe-18.04 - 5.4.0.195.193 linux-image-virtual-hwe-18.04-edge - 5.4.0.195.193 linux-lowlatency - 5.4.0.195.193 linux-lowlatency-hwe-18.04 - 5.4.0.195.193 linux-lowlatency-hwe-18.04-edge - 5.4.0.195.193 linux-oem - 5.4.0.195.193 linux-oem-osp1 - 5.4.0.195.193 linux-oem-osp1-tools-host - 5.4.0.195.193 linux-oem-tools-host - 5.4.0.195.193 linux-source - 5.4.0.195.193 linux-tools-generic - 5.4.0.195.193 linux-tools-generic-hwe-18.04 - 5.4.0.195.193 linux-tools-generic-hwe-18.04-edge - 5.4.0.195.193 linux-tools-generic-lpae - 5.4.0.195.193 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.195.193 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.195.193 linux-tools-lowlatency - 5.4.0.195.193 linux-tools-lowlatency-hwe-18.04 - 5.4.0.195.193 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.195.193 linux-tools-oem - 5.4.0.195.193 linux-tools-oem-osp1 - 5.4.0.195.193 linux-tools-virtual - 5.4.0.195.193 linux-tools-virtual-hwe-18.04 - 5.4.0.195.193 linux-tools-virtual-hwe-18.04-edge - 5.4.0.195.193 linux-virtual - 5.4.0.195.193 linux-virtual-hwe-18.04 - 5.4.0.195.193 linux-virtual-hwe-18.04-edge - 5.4.0.195.193 No subscription required Medium CVE-2023-52803 CVE-2023-52887 CVE-2024-36894 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-38619 CVE-2024-39469 CVE-2024-39487 CVE-2024-39495 CVE-2024-39499 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40912 CVE-2024-40916 CVE-2024-40932 CVE-2024-40934 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40968 CVE-2024-40974 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40995 CVE-2024-41006 CVE-2024-41007 CVE-2024-41034 CVE-2024-41035 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049 CVE-2024-41087 CVE-2024-41089 CVE-2024-41095 CVE-2024-41097 CVE-2024-42070 CVE-2024-42076 CVE-2024-42084 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42096 CVE-2024-42097 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119 CVE-2024-42124 CVE-2024-42127 CVE-2024-42145 CVE-2024-42148 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42223 CVE-2024-42224 CVE-2024-42232 CVE-2024-42236 Ubuntu 20.04 LTS It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - VMware VMCI Driver; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - USB subsystem; - JFFS2 file system; - JFS file system; - File systems infrastructure; - NILFS2 file system; - IOMMU subsystem; - Sun RPC protocol; - Netfilter; - Memory management; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - SoC Audio for Freescale CPUs drivers; (CVE-2024-42094, CVE-2024-42154, CVE-2024-42101, CVE-2024-40995, CVE-2024-40959, CVE-2024-42076, CVE-2024-40961, CVE-2024-42096, CVE-2024-42092, CVE-2024-39501, CVE-2024-41046, CVE-2024-42087, CVE-2024-39502, CVE-2024-42090, CVE-2024-40974, CVE-2024-40942, CVE-2024-39509, CVE-2024-40934, CVE-2024-42148, CVE-2024-42127, CVE-2024-42115, CVE-2024-39505, CVE-2024-36978, CVE-2024-39503, CVE-2024-40912, CVE-2024-41034, CVE-2024-42119, CVE-2024-41006, CVE-2024-40902, CVE-2024-40968, CVE-2024-39499, CVE-2024-42093, CVE-2024-40941, CVE-2024-42106, CVE-2024-42145, CVE-2024-41097, CVE-2024-36974, CVE-2024-41044, CVE-2024-39495, CVE-2024-40981, CVE-2024-40987, CVE-2024-42232, CVE-2024-40905, CVE-2024-39506, CVE-2024-42153, CVE-2024-41007, CVE-2024-40978, CVE-2024-40960, CVE-2023-52887, CVE-2024-41087, CVE-2024-41049, CVE-2024-42086, CVE-2024-40958, CVE-2024-40980, CVE-2024-42084, CVE-2024-42224, CVE-2024-39487, CVE-2024-40943, CVE-2024-40984, CVE-2024-41095, CVE-2024-41035, CVE-2024-41089, CVE-2024-36894, CVE-2024-42104, CVE-2024-40988, CVE-2024-42105, CVE-2024-39469, CVE-2024-40901, CVE-2024-40963, CVE-2024-42097, CVE-2024-42089, CVE-2024-42124, CVE-2024-42223, CVE-2023-52803, CVE-2024-42070, CVE-2024-42157, CVE-2024-42102, CVE-2024-40916, CVE-2024-40904, CVE-2024-41041, CVE-2024-40932, CVE-2024-40945, CVE-2024-38619, CVE-2024-37078, CVE-2024-42236) Update Instructions: Run `sudo pro fix USN-7003-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1051-xilinx-zynqmp - 5.4.0-1051.55 linux-headers-5.4.0-1051-xilinx-zynqmp - 5.4.0-1051.55 linux-image-5.4.0-1051-xilinx-zynqmp - 5.4.0-1051.55 linux-modules-5.4.0-1051-xilinx-zynqmp - 5.4.0-1051.55 linux-tools-5.4.0-1051-xilinx-zynqmp - 5.4.0-1051.55 linux-xilinx-zynqmp-headers-5.4.0-1051 - 5.4.0-1051.55 linux-xilinx-zynqmp-tools-5.4.0-1051 - 5.4.0-1051.55 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1051.51 linux-image-xilinx-zynqmp - 5.4.0.1051.51 linux-tools-xilinx-zynqmp - 5.4.0.1051.51 linux-xilinx-zynqmp - 5.4.0.1051.51 No subscription required Medium CVE-2023-52803 CVE-2023-52887 CVE-2024-36894 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-38619 CVE-2024-39469 CVE-2024-39487 CVE-2024-39495 CVE-2024-39499 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40912 CVE-2024-40916 CVE-2024-40932 CVE-2024-40934 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40968 CVE-2024-40974 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40995 CVE-2024-41006 CVE-2024-41007 CVE-2024-41034 CVE-2024-41035 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049 CVE-2024-41087 CVE-2024-41089 CVE-2024-41095 CVE-2024-41097 CVE-2024-42070 CVE-2024-42076 CVE-2024-42084 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42096 CVE-2024-42097 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119 CVE-2024-42124 CVE-2024-42127 CVE-2024-42145 CVE-2024-42148 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42223 CVE-2024-42224 CVE-2024-42232 CVE-2024-42236 Ubuntu 20.04 LTS It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - VMware VMCI Driver; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - USB subsystem; - JFFS2 file system; - JFS file system; - File systems infrastructure; - NILFS2 file system; - IOMMU subsystem; - Sun RPC protocol; - Netfilter; - Memory management; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - SoC Audio for Freescale CPUs drivers; (CVE-2024-41034, CVE-2024-40984, CVE-2024-40987, CVE-2024-42119, CVE-2024-42224, CVE-2024-42101, CVE-2024-42096, CVE-2024-41095, CVE-2024-42087, CVE-2024-42104, CVE-2024-42148, CVE-2024-39495, CVE-2024-40980, CVE-2024-42223, CVE-2024-40961, CVE-2024-40988, CVE-2024-42127, CVE-2024-42090, CVE-2024-42236, CVE-2024-40995, CVE-2024-41007, CVE-2024-40968, CVE-2024-40901, CVE-2024-42097, CVE-2024-41041, CVE-2024-36974, CVE-2024-42115, CVE-2024-40978, CVE-2024-38619, CVE-2024-41049, CVE-2024-41035, CVE-2024-41044, CVE-2024-42154, CVE-2024-39499, CVE-2024-42070, CVE-2024-40959, CVE-2024-39487, CVE-2024-42157, CVE-2024-40916, CVE-2024-42076, CVE-2024-41087, CVE-2024-42094, CVE-2024-42124, CVE-2024-40905, CVE-2024-42145, CVE-2024-40963, CVE-2024-36894, CVE-2024-40942, CVE-2024-42092, CVE-2024-42153, CVE-2024-41089, CVE-2024-40912, CVE-2023-52887, CVE-2024-40934, CVE-2024-41006, CVE-2024-39501, CVE-2024-42084, CVE-2024-39506, CVE-2024-39509, CVE-2024-40943, CVE-2024-42106, CVE-2024-42093, CVE-2024-40902, CVE-2024-42086, CVE-2024-40958, CVE-2024-39502, CVE-2024-42232, CVE-2024-42089, CVE-2024-37078, CVE-2024-39469, CVE-2024-41046, CVE-2024-42102, CVE-2024-40974, CVE-2024-39505, CVE-2024-40960, CVE-2024-42105, CVE-2024-40932, CVE-2024-40904, CVE-2024-40981, CVE-2024-39503, CVE-2024-41097, CVE-2024-40941, CVE-2024-36978, CVE-2023-52803, CVE-2024-40945) Update Instructions: Run `sudo pro fix USN-7003-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1116-raspi - 5.4.0-1116.128 linux-headers-5.4.0-1116-raspi - 5.4.0-1116.128 linux-image-5.4.0-1116-raspi - 5.4.0-1116.128 linux-modules-5.4.0-1116-raspi - 5.4.0-1116.128 linux-raspi-headers-5.4.0-1116 - 5.4.0-1116.128 linux-raspi-tools-5.4.0-1116 - 5.4.0-1116.128 linux-tools-5.4.0-1116-raspi - 5.4.0-1116.128 No subscription required linux-headers-raspi - 5.4.0.1116.146 linux-headers-raspi-hwe-18.04 - 5.4.0.1116.146 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1116.146 linux-headers-raspi2 - 5.4.0.1116.146 linux-headers-raspi2-hwe-18.04 - 5.4.0.1116.146 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1116.146 linux-image-raspi - 5.4.0.1116.146 linux-image-raspi-hwe-18.04 - 5.4.0.1116.146 linux-image-raspi-hwe-18.04-edge - 5.4.0.1116.146 linux-image-raspi2 - 5.4.0.1116.146 linux-image-raspi2-hwe-18.04 - 5.4.0.1116.146 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1116.146 linux-raspi - 5.4.0.1116.146 linux-raspi-hwe-18.04 - 5.4.0.1116.146 linux-raspi-hwe-18.04-edge - 5.4.0.1116.146 linux-raspi2 - 5.4.0.1116.146 linux-raspi2-hwe-18.04 - 5.4.0.1116.146 linux-raspi2-hwe-18.04-edge - 5.4.0.1116.146 linux-tools-raspi - 5.4.0.1116.146 linux-tools-raspi-hwe-18.04 - 5.4.0.1116.146 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1116.146 linux-tools-raspi2 - 5.4.0.1116.146 linux-tools-raspi2-hwe-18.04 - 5.4.0.1116.146 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1116.146 No subscription required Medium CVE-2023-52803 CVE-2023-52887 CVE-2024-36894 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-38619 CVE-2024-39469 CVE-2024-39487 CVE-2024-39495 CVE-2024-39499 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40912 CVE-2024-40916 CVE-2024-40932 CVE-2024-40934 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40968 CVE-2024-40974 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40995 CVE-2024-41006 CVE-2024-41007 CVE-2024-41034 CVE-2024-41035 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049 CVE-2024-41087 CVE-2024-41089 CVE-2024-41095 CVE-2024-41097 CVE-2024-42070 CVE-2024-42076 CVE-2024-42084 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42096 CVE-2024-42097 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119 CVE-2024-42124 CVE-2024-42127 CVE-2024-42145 CVE-2024-42148 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42223 CVE-2024-42224 CVE-2024-42232 CVE-2024-42236 Ubuntu 20.04 LTS It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - SuperH RISC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - USB subsystem; - GFS2 file system; - JFFS2 file system; - JFS file system; - File systems infrastructure; - NILFS2 file system; - IOMMU subsystem; - Sun RPC protocol; - Netfilter; - Memory management; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - HD-audio driver; - SoC Audio for Freescale CPUs drivers; (CVE-2024-42154, CVE-2024-42093, CVE-2024-42096, CVE-2024-40984, CVE-2024-39502, CVE-2024-36901, CVE-2024-41044, CVE-2024-40961, CVE-2024-40981, CVE-2024-42236, CVE-2024-42232, CVE-2024-41041, CVE-2024-40958, CVE-2024-40905, CVE-2024-42084, CVE-2024-40934, CVE-2024-42124, CVE-2024-39505, CVE-2024-39506, CVE-2024-39501, CVE-2021-46926, CVE-2024-40941, CVE-2024-42145, CVE-2024-41089, CVE-2024-40932, CVE-2024-42224, CVE-2024-41097, CVE-2024-40959, CVE-2024-42157, CVE-2024-39469, CVE-2024-39499, CVE-2024-40974, CVE-2024-42094, CVE-2024-36894, CVE-2024-42087, CVE-2024-42104, CVE-2023-52803, CVE-2024-41034, CVE-2024-40995, CVE-2023-52629, CVE-2024-40912, CVE-2024-39484, CVE-2024-41006, CVE-2023-52760, CVE-2024-41095, CVE-2024-41046, CVE-2024-42070, CVE-2023-52887, CVE-2024-40960, CVE-2024-41007, CVE-2024-40901, CVE-2024-42119, CVE-2024-40987, CVE-2024-42148, CVE-2024-41049, CVE-2024-40963, CVE-2024-41087, CVE-2024-42223, CVE-2024-42090, CVE-2024-42105, CVE-2024-42089, CVE-2024-40916, CVE-2024-40942, CVE-2024-40978, CVE-2024-40902, CVE-2024-26921, CVE-2024-39495, CVE-2024-40943, CVE-2024-36978, CVE-2024-26929, CVE-2024-40988, CVE-2024-39503, CVE-2024-42101, CVE-2024-40904, CVE-2024-42086, CVE-2024-42106, CVE-2024-26830, CVE-2024-41035, CVE-2024-42153, CVE-2024-39509, CVE-2024-37078, CVE-2024-42076, CVE-2024-36974, CVE-2024-40980, CVE-2024-40945, CVE-2024-39487, CVE-2024-42092, CVE-2024-38619, CVE-2024-42127, CVE-2024-40968, CVE-2024-42115, CVE-2024-42102, CVE-2024-42097) Update Instructions: Run `sudo pro fix USN-7006-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1043-iot - 5.4.0-1043.44 linux-headers-5.4.0-1043-iot - 5.4.0-1043.44 linux-image-5.4.0-1043-iot - 5.4.0-1043.44 linux-image-unsigned-5.4.0-1043-iot - 5.4.0-1043.44 linux-iot-headers-5.4.0-1043 - 5.4.0-1043.44 linux-iot-tools-5.4.0-1043 - 5.4.0-1043.44 linux-iot-tools-common - 5.4.0-1043.44 linux-modules-5.4.0-1043-iot - 5.4.0-1043.44 linux-tools-5.4.0-1043-iot - 5.4.0-1043.44 No subscription required linux-headers-iot - 5.4.0.1043.41 linux-image-iot - 5.4.0.1043.41 linux-iot - 5.4.0.1043.41 linux-tools-iot - 5.4.0.1043.41 No subscription required High CVE-2021-46926 CVE-2023-52629 CVE-2023-52760 CVE-2023-52803 CVE-2023-52887 CVE-2024-24860 CVE-2024-26830 CVE-2024-26921 CVE-2024-26929 CVE-2024-36894 CVE-2024-36901 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-38619 CVE-2024-39469 CVE-2024-39484 CVE-2024-39487 CVE-2024-39495 CVE-2024-39499 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40912 CVE-2024-40916 CVE-2024-40932 CVE-2024-40934 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40968 CVE-2024-40974 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40995 CVE-2024-41006 CVE-2024-41007 CVE-2024-41034 CVE-2024-41035 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049 CVE-2024-41087 CVE-2024-41089 CVE-2024-41095 CVE-2024-41097 CVE-2024-42070 CVE-2024-42076 CVE-2024-42084 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42096 CVE-2024-42097 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119 CVE-2024-42124 CVE-2024-42127 CVE-2024-42145 CVE-2024-42148 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42223 CVE-2024-42224 CVE-2024-42232 CVE-2024-42236 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. (CVE-2024-25741) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Accessibility subsystem; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - Bluetooth drivers; - Character device driver; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - FPGA Framework; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - HW tracing; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Pin controllers subsystem; - PTP clock framework; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - Media staging drivers; - Thermal drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - eCrypt file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - IOMMU subsystem; - Memory management; - Netfilter; - BPF subsystem; - Kernel debugger infrastructure; - DMA mapping infrastructure; - IRQ subsystem; - Tracing infrastructure; - 9P file system network protocol; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Network traffic control; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - XFRM subsystem; - ALSA framework; - SoC Audio for Freescale CPUs drivers; - Kirkwood ASoC drivers; (CVE-2024-40961, CVE-2024-38597, CVE-2024-39468, CVE-2024-36978, CVE-2024-42161, CVE-2024-38573, CVE-2024-40905, CVE-2024-42094, CVE-2024-36894, CVE-2024-40914, CVE-2024-40956, CVE-2024-42106, CVE-2024-38610, CVE-2024-39506, CVE-2024-42098, CVE-2024-42232, CVE-2024-38590, CVE-2024-39488, CVE-2024-42127, CVE-2024-41006, CVE-2024-42131, CVE-2024-41005, CVE-2024-40963, CVE-2024-38559, CVE-2024-42130, CVE-2024-37078, CVE-2024-42082, CVE-2024-40984, CVE-2024-38560, CVE-2024-42090, CVE-2024-33621, CVE-2024-40974, CVE-2024-42115, CVE-2024-40971, CVE-2024-40943, CVE-2024-38627, CVE-2024-38548, CVE-2024-40934, CVE-2024-38579, CVE-2024-38558, CVE-2024-39495, CVE-2023-52884, CVE-2024-42225, CVE-2024-38659, CVE-2024-40927, CVE-2024-40967, CVE-2024-38624, CVE-2024-38583, CVE-2024-41047, CVE-2024-38623, CVE-2024-39509, CVE-2024-36971, CVE-2024-42120, CVE-2024-38589, CVE-2024-36270, CVE-2024-42105, CVE-2024-36032, CVE-2024-42101, CVE-2024-40908, CVE-2024-42089, CVE-2024-39482, CVE-2024-38662, CVE-2024-41007, CVE-2024-38635, CVE-2023-52887, CVE-2024-40912, CVE-2024-41027, CVE-2024-38598, CVE-2024-38381, CVE-2024-39503, CVE-2024-39301, CVE-2024-40988, CVE-2024-41000, CVE-2024-39507, CVE-2024-35247, CVE-2024-39277, CVE-2024-42229, CVE-2024-42085, CVE-2024-35927, CVE-2024-42224, CVE-2024-38567, CVE-2024-42097, CVE-2024-41049, CVE-2024-39466, CVE-2024-40957, CVE-2024-40978, CVE-2024-42093, CVE-2024-40937, CVE-2024-41034, CVE-2024-41048, CVE-2024-39471, CVE-2024-39502, CVE-2024-38555, CVE-2024-40970, CVE-2024-36972, CVE-2024-40995, CVE-2024-42154, CVE-2024-40916, CVE-2024-39505, CVE-2024-39475, CVE-2024-38599, CVE-2024-38596, CVE-2024-39493, CVE-2024-42124, CVE-2024-38549, CVE-2024-42084, CVE-2024-40942, CVE-2024-42077, CVE-2024-42152, CVE-2024-40904, CVE-2024-31076, CVE-2024-40960, CVE-2024-41035, CVE-2024-40945, CVE-2024-38605, CVE-2024-42140, CVE-2024-41041, CVE-2024-36014, CVE-2024-38612, CVE-2024-41092, CVE-2024-38546, CVE-2024-40902, CVE-2024-42068, CVE-2024-42121, CVE-2024-42236, CVE-2024-34777, CVE-2024-39467, CVE-2024-42087, CVE-2024-39501, CVE-2024-40980, CVE-2024-38550, CVE-2024-42223, CVE-2024-38607, CVE-2024-42247, CVE-2024-41046, CVE-2024-42080, CVE-2024-40901, CVE-2024-38571, CVE-2024-39480, CVE-2024-42070, CVE-2024-41093, CVE-2024-42148, CVE-2024-38601, CVE-2024-39500, CVE-2024-41097, CVE-2024-38565, CVE-2024-38661, CVE-2024-38615, CVE-2024-41040, CVE-2024-34027, CVE-2024-37356, CVE-2024-42157, CVE-2024-40941, CVE-2024-38634, CVE-2024-41004, CVE-2024-38780, CVE-2024-38552, CVE-2024-39276, CVE-2024-38618, CVE-2024-38588, CVE-2024-42086, CVE-2024-41087, CVE-2024-38582, CVE-2024-40932, CVE-2024-39489, CVE-2024-40968, CVE-2024-42119, CVE-2024-42137, CVE-2024-40929, CVE-2024-38591, CVE-2024-36489, CVE-2022-48772, CVE-2024-42153, CVE-2024-40959, CVE-2024-40987, CVE-2024-36015, CVE-2024-41044, CVE-2024-41002, CVE-2024-42109, CVE-2024-38587, CVE-2024-36286, CVE-2024-41055, CVE-2024-39469, CVE-2024-39487, CVE-2024-38580, CVE-2024-38619, CVE-2024-38613, CVE-2024-42145, CVE-2024-41095, CVE-2024-40958, CVE-2024-40911, CVE-2024-42102, CVE-2024-33847, CVE-2024-36974, CVE-2024-40994, CVE-2024-38633, CVE-2024-40981, CVE-2024-40983, CVE-2024-42096, CVE-2024-42104, CVE-2024-42092, CVE-2024-40954, CVE-2024-38637, CVE-2024-42240, CVE-2024-38621, CVE-2024-38578, CVE-2024-38547, CVE-2024-39490, CVE-2024-42076, CVE-2024-42244, CVE-2024-39499, CVE-2024-38586, CVE-2024-41089, CVE-2024-40976, CVE-2024-42095, CVE-2024-40931, CVE-2024-40990) Update Instructions: Run `sudo pro fix USN-7007-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-cloud-tools-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1052 - 5.15.0-1052.59~20.04.1 linux-gkeop-5.15-headers-5.15.0-1052 - 5.15.0-1052.59~20.04.1 linux-gkeop-5.15-tools-5.15.0-1052 - 5.15.0-1052.59~20.04.1 linux-headers-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-image-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-image-unsigned-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-modules-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-modules-extra-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 linux-tools-5.15.0-1052-gkeop - 5.15.0-1052.59~20.04.1 No subscription required linux-buildinfo-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-cloud-tools-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-headers-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-image-unsigned-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1064 - 5.15.0-1064.70~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1064.70~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1064 - 5.15.0-1064.70~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1064 - 5.15.0-1064.70~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1064.70~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1064.70~20.04.1 linux-modules-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-modules-extra-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-modules-iwlwifi-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 linux-tools-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1 No subscription required linux-image-5.15.0-1064-intel-iotg - 5.15.0-1064.70~20.04.1+1 No subscription required linux-buildinfo-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-gcp-5.15-headers-5.15.0-1068 - 5.15.0-1068.76~20.04.1 linux-gcp-5.15-tools-5.15.0-1068 - 5.15.0-1068.76~20.04.1 linux-headers-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-image-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-image-unsigned-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-modules-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-modules-extra-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-modules-iwlwifi-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 linux-tools-5.15.0-1068-gcp - 5.15.0-1068.76~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1069 - 5.15.0-1069.75~20.04.1 linux-aws-5.15-headers-5.15.0-1069 - 5.15.0-1069.75~20.04.1 linux-aws-5.15-tools-5.15.0-1069 - 5.15.0-1069.75~20.04.1 linux-buildinfo-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-cloud-tools-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-headers-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-image-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-image-unsigned-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-modules-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-modules-extra-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 linux-tools-5.15.0-1069-aws - 5.15.0-1069.75~20.04.1 No subscription required linux-buildinfo-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-buildinfo-5.15.0-121-generic-64k - 5.15.0-121.131~20.04.1 linux-buildinfo-5.15.0-121-generic-lpae - 5.15.0-121.131~20.04.1 linux-cloud-tools-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-headers-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-headers-5.15.0-121-generic-64k - 5.15.0-121.131~20.04.1 linux-headers-5.15.0-121-generic-lpae - 5.15.0-121.131~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-121 - 5.15.0-121.131~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-121.131~20.04.1 linux-hwe-5.15-headers-5.15.0-121 - 5.15.0-121.131~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-121.131~20.04.1 linux-hwe-5.15-tools-5.15.0-121 - 5.15.0-121.131~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-121.131~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-generic-64k - 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-generic-lpae - 5.15.0-121.131~20.04.1 linux-image-unsigned-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-image-unsigned-5.15.0-121-generic-64k - 5.15.0-121.131~20.04.1 linux-modules-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-modules-5.15.0-121-generic-64k - 5.15.0-121.131~20.04.1 linux-modules-5.15.0-121-generic-lpae - 5.15.0-121.131~20.04.1 linux-modules-extra-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-modules-iwlwifi-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-tools-5.15.0-121-generic - 5.15.0-121.131~20.04.1 linux-tools-5.15.0-121-generic-64k - 5.15.0-121.131~20.04.1 linux-tools-5.15.0-121-generic-lpae - 5.15.0-121.131~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1052.59~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1052.59~20.04.1 linux-gkeop-5.15 - 5.15.0.1052.59~20.04.1 linux-gkeop-edge - 5.15.0.1052.59~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1052.59~20.04.1 linux-headers-gkeop-edge - 5.15.0.1052.59~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1052.59~20.04.1 linux-image-gkeop-edge - 5.15.0.1052.59~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1052.59~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1052.59~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1052.59~20.04.1 linux-tools-gkeop-edge - 5.15.0.1052.59~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1064.70~20.04.1 linux-headers-intel - 5.15.0.1064.70~20.04.1 linux-headers-intel-iotg - 5.15.0.1064.70~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1064.70~20.04.1 linux-image-intel - 5.15.0.1064.70~20.04.1 linux-image-intel-iotg - 5.15.0.1064.70~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1064.70~20.04.1 linux-intel - 5.15.0.1064.70~20.04.1 linux-intel-iotg - 5.15.0.1064.70~20.04.1 linux-intel-iotg-edge - 5.15.0.1064.70~20.04.1 linux-tools-intel - 5.15.0.1064.70~20.04.1 linux-tools-intel-iotg - 5.15.0.1064.70~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1064.70~20.04.1 No subscription required linux-gcp - 5.15.0.1068.76~20.04.1 linux-gcp-edge - 5.15.0.1068.76~20.04.1 linux-headers-gcp - 5.15.0.1068.76~20.04.1 linux-headers-gcp-edge - 5.15.0.1068.76~20.04.1 linux-image-gcp - 5.15.0.1068.76~20.04.1 linux-image-gcp-edge - 5.15.0.1068.76~20.04.1 linux-modules-extra-gcp - 5.15.0.1068.76~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1068.76~20.04.1 linux-tools-gcp - 5.15.0.1068.76~20.04.1 linux-tools-gcp-edge - 5.15.0.1068.76~20.04.1 No subscription required linux-aws - 5.15.0.1069.75~20.04.1 linux-aws-edge - 5.15.0.1069.75~20.04.1 linux-headers-aws - 5.15.0.1069.75~20.04.1 linux-headers-aws-edge - 5.15.0.1069.75~20.04.1 linux-image-aws - 5.15.0.1069.75~20.04.1 linux-image-aws-edge - 5.15.0.1069.75~20.04.1 linux-modules-extra-aws - 5.15.0.1069.75~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1069.75~20.04.1 linux-tools-aws - 5.15.0.1069.75~20.04.1 linux-tools-aws-edge - 5.15.0.1069.75~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-generic-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-headers-oem-20.04 - 5.15.0.121.131~20.04.1 linux-headers-oem-20.04b - 5.15.0.121.131~20.04.1 linux-headers-oem-20.04c - 5.15.0.121.131~20.04.1 linux-headers-oem-20.04d - 5.15.0.121.131~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-oem-20.04 - 5.15.0.121.131~20.04.1 linux-image-oem-20.04b - 5.15.0.121.131~20.04.1 linux-image-oem-20.04c - 5.15.0.121.131~20.04.1 linux-image-oem-20.04d - 5.15.0.121.131~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.121.131~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.121.131~20.04.1 linux-oem-20.04 - 5.15.0.121.131~20.04.1 linux-oem-20.04b - 5.15.0.121.131~20.04.1 linux-oem-20.04c - 5.15.0.121.131~20.04.1 linux-oem-20.04d - 5.15.0.121.131~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-tools-oem-20.04 - 5.15.0.121.131~20.04.1 linux-tools-oem-20.04b - 5.15.0.121.131~20.04.1 linux-tools-oem-20.04c - 5.15.0.121.131~20.04.1 linux-tools-oem-20.04d - 5.15.0.121.131~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.121.131~20.04.1 No subscription required High CVE-2022-48772 CVE-2023-52884 CVE-2023-52887 CVE-2024-23848 CVE-2024-25741 CVE-2024-31076 CVE-2024-33621 CVE-2024-33847 CVE-2024-34027 CVE-2024-34777 CVE-2024-35247 CVE-2024-35927 CVE-2024-36014 CVE-2024-36015 CVE-2024-36032 CVE-2024-36270 CVE-2024-36286 CVE-2024-36489 CVE-2024-36894 CVE-2024-36971 CVE-2024-36972 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-37356 CVE-2024-38381 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548 CVE-2024-38549 CVE-2024-38550 CVE-2024-38552 CVE-2024-38555 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38571 CVE-2024-38573 CVE-2024-38578 CVE-2024-38579 CVE-2024-38580 CVE-2024-38582 CVE-2024-38583 CVE-2024-38586 CVE-2024-38587 CVE-2024-38588 CVE-2024-38589 CVE-2024-38590 CVE-2024-38591 CVE-2024-38596 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599 CVE-2024-38601 CVE-2024-38605 CVE-2024-38607 CVE-2024-38610 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38619 CVE-2024-38621 CVE-2024-38623 CVE-2024-38624 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38662 CVE-2024-38780 CVE-2024-39276 CVE-2024-39277 CVE-2024-39301 CVE-2024-39466 CVE-2024-39467 CVE-2024-39468 CVE-2024-39469 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39482 CVE-2024-39487 CVE-2024-39488 CVE-2024-39489 CVE-2024-39490 CVE-2024-39493 CVE-2024-39495 CVE-2024-39499 CVE-2024-39500 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40908 CVE-2024-40911 CVE-2024-40912 CVE-2024-40914 CVE-2024-40916 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40937 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40967 CVE-2024-40968 CVE-2024-40970 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40990 CVE-2024-40994 CVE-2024-40995 CVE-2024-41000 CVE-2024-41002 CVE-2024-41004 CVE-2024-41005 CVE-2024-41006 CVE-2024-41007 CVE-2024-41027 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41047 CVE-2024-41048 CVE-2024-41049 CVE-2024-41055 CVE-2024-41087 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095 CVE-2024-41097 CVE-2024-42068 CVE-2024-42070 CVE-2024-42076 CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42084 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42095 CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42109 CVE-2024-42115 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42137 CVE-2024-42140 CVE-2024-42145 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42240 CVE-2024-42244 CVE-2024-42247 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. (CVE-2024-25741) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Accessibility subsystem; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - Bluetooth drivers; - Character device driver; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - FPGA Framework; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - HW tracing; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Pin controllers subsystem; - PTP clock framework; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - Media staging drivers; - Thermal drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - eCrypt file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - IOMMU subsystem; - Memory management; - Netfilter; - BPF subsystem; - Kernel debugger infrastructure; - DMA mapping infrastructure; - IRQ subsystem; - Tracing infrastructure; - 9P file system network protocol; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Network traffic control; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - XFRM subsystem; - ALSA framework; - SoC Audio for Freescale CPUs drivers; - Kirkwood ASoC drivers; (CVE-2024-42140, CVE-2024-38580, CVE-2024-38555, CVE-2024-38591, CVE-2024-40942, CVE-2024-42130, CVE-2024-41095, CVE-2024-40994, CVE-2024-39469, CVE-2024-38610, CVE-2024-42097, CVE-2024-42137, CVE-2024-31076, CVE-2024-38552, CVE-2024-36489, CVE-2024-40983, CVE-2024-40908, CVE-2024-39493, CVE-2024-40970, CVE-2024-40901, CVE-2024-38567, CVE-2024-38599, CVE-2024-38605, CVE-2024-42119, CVE-2024-38590, CVE-2024-38558, CVE-2023-52884, CVE-2024-41000, CVE-2024-42101, CVE-2024-40943, CVE-2024-39507, CVE-2024-42115, CVE-2024-40968, CVE-2024-42095, CVE-2024-41034, CVE-2024-38618, CVE-2024-38633, CVE-2024-40904, CVE-2024-42070, CVE-2024-38583, CVE-2024-39471, CVE-2024-38578, CVE-2024-38637, CVE-2024-40987, CVE-2024-39506, CVE-2024-39482, CVE-2024-42124, CVE-2024-40981, CVE-2024-35927, CVE-2022-48772, CVE-2024-38588, CVE-2023-52887, CVE-2024-40941, CVE-2024-34027, CVE-2024-38627, CVE-2024-42106, CVE-2024-40927, CVE-2024-38559, CVE-2024-39499, CVE-2024-39505, CVE-2024-42120, CVE-2024-38615, CVE-2024-39467, CVE-2024-42232, CVE-2024-38589, CVE-2024-38621, CVE-2024-41002, CVE-2024-40934, CVE-2024-38582, CVE-2024-39480, CVE-2024-38571, CVE-2024-39301, CVE-2024-38612, CVE-2024-39495, CVE-2024-39276, CVE-2024-42096, CVE-2024-41041, CVE-2024-40912, CVE-2024-41089, CVE-2024-41093, CVE-2024-40931, CVE-2024-42092, CVE-2024-41047, CVE-2024-40956, CVE-2024-42229, CVE-2024-40914, CVE-2024-39490, CVE-2024-38548, CVE-2024-41044, CVE-2024-40967, CVE-2024-38596, CVE-2024-40902, CVE-2024-41055, CVE-2024-38601, CVE-2024-42153, CVE-2024-38623, CVE-2024-35247, CVE-2024-38635, CVE-2024-38662, CVE-2024-42086, CVE-2024-42102, CVE-2024-42154, CVE-2024-38587, CVE-2024-39466, CVE-2024-40911, CVE-2024-39503, CVE-2024-42090, CVE-2024-42087, CVE-2024-40929, CVE-2024-37078, CVE-2024-39489, CVE-2024-42244, CVE-2024-40980, CVE-2024-38624, CVE-2024-42105, CVE-2024-36270, CVE-2024-41092, CVE-2024-40937, CVE-2024-38780, CVE-2024-41035, CVE-2024-42104, CVE-2024-40988, CVE-2024-36894, CVE-2024-42157, CVE-2024-38613, CVE-2024-40916, CVE-2024-41040, CVE-2024-36032, CVE-2024-40978, CVE-2024-38579, CVE-2024-38550, CVE-2024-41049, CVE-2024-40959, CVE-2024-42131, CVE-2024-42161, CVE-2024-42247, CVE-2024-37356, CVE-2024-40905, CVE-2024-42098, CVE-2024-40932, CVE-2024-42236, CVE-2024-38565, CVE-2024-38661, CVE-2024-40963, CVE-2024-42240, CVE-2024-40984, CVE-2024-39277, CVE-2024-38573, CVE-2024-39509, CVE-2024-41006, CVE-2024-34777, CVE-2024-42152, CVE-2024-40954, CVE-2024-39501, CVE-2024-42109, CVE-2024-42080, CVE-2024-42225, CVE-2024-41007, CVE-2024-42077, CVE-2024-38634, CVE-2024-40995, CVE-2024-42084, CVE-2024-40974, CVE-2024-38586, CVE-2024-42224, CVE-2024-40960, CVE-2024-39500, CVE-2024-41004, CVE-2024-42145, CVE-2024-38619, CVE-2024-36974, CVE-2024-39502, CVE-2024-41097, CVE-2024-40958, CVE-2024-41027, CVE-2024-36972, CVE-2024-36286, CVE-2024-40990, CVE-2024-42082, CVE-2024-40945, CVE-2024-36014, CVE-2024-42068, CVE-2024-41087, CVE-2024-36978, CVE-2024-42148, CVE-2024-40971, CVE-2024-38546, CVE-2024-39488, CVE-2024-41048, CVE-2024-42121, CVE-2024-38381, CVE-2024-41046, CVE-2024-36971, CVE-2024-42085, CVE-2024-39487, CVE-2024-33847, CVE-2024-38607, CVE-2024-33621, CVE-2024-40957, CVE-2024-42127, CVE-2024-38547, CVE-2024-36015, CVE-2024-38549, CVE-2024-38597, CVE-2024-42093, CVE-2024-42089, CVE-2024-39468, CVE-2024-38560, CVE-2024-42223, CVE-2024-38659, CVE-2024-38598, CVE-2024-40976, CVE-2024-42094, CVE-2024-41005, CVE-2024-39475, CVE-2024-40961, CVE-2024-42076) Update Instructions: Run `sudo pro fix USN-7007-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 linux-headers-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 linux-ibm-5.15-headers-5.15.0-1062 - 5.15.0-1062.65~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1062.65~20.04.1 linux-ibm-5.15-tools-5.15.0-1062 - 5.15.0-1062.65~20.04.1 linux-image-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 linux-image-unsigned-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 linux-modules-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 linux-modules-extra-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 linux-tools-5.15.0-1062-ibm - 5.15.0-1062.65~20.04.1 No subscription required linux-buildinfo-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 linux-headers-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 linux-image-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 linux-image-unsigned-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 linux-modules-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 linux-modules-extra-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 linux-oracle-5.15-headers-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-oracle-5.15-tools-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-tools-5.15.0-1067-oracle - 5.15.0-1067.73~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1062.65~20.04.1 linux-headers-ibm-edge - 5.15.0.1062.65~20.04.1 linux-ibm - 5.15.0.1062.65~20.04.1 linux-ibm-edge - 5.15.0.1062.65~20.04.1 linux-image-ibm - 5.15.0.1062.65~20.04.1 linux-image-ibm-edge - 5.15.0.1062.65~20.04.1 linux-tools-ibm - 5.15.0.1062.65~20.04.1 linux-tools-ibm-edge - 5.15.0.1062.65~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1067.73~20.04.1 linux-headers-oracle-edge - 5.15.0.1067.73~20.04.1 linux-image-oracle - 5.15.0.1067.73~20.04.1 linux-image-oracle-edge - 5.15.0.1067.73~20.04.1 linux-oracle - 5.15.0.1067.73~20.04.1 linux-oracle-edge - 5.15.0.1067.73~20.04.1 linux-tools-oracle - 5.15.0.1067.73~20.04.1 linux-tools-oracle-edge - 5.15.0.1067.73~20.04.1 No subscription required High CVE-2022-48772 CVE-2023-52884 CVE-2023-52887 CVE-2024-23848 CVE-2024-25741 CVE-2024-31076 CVE-2024-33621 CVE-2024-33847 CVE-2024-34027 CVE-2024-34777 CVE-2024-35247 CVE-2024-35927 CVE-2024-36014 CVE-2024-36015 CVE-2024-36032 CVE-2024-36270 CVE-2024-36286 CVE-2024-36489 CVE-2024-36894 CVE-2024-36971 CVE-2024-36972 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-37356 CVE-2024-38381 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548 CVE-2024-38549 CVE-2024-38550 CVE-2024-38552 CVE-2024-38555 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38571 CVE-2024-38573 CVE-2024-38578 CVE-2024-38579 CVE-2024-38580 CVE-2024-38582 CVE-2024-38583 CVE-2024-38586 CVE-2024-38587 CVE-2024-38588 CVE-2024-38589 CVE-2024-38590 CVE-2024-38591 CVE-2024-38596 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599 CVE-2024-38601 CVE-2024-38605 CVE-2024-38607 CVE-2024-38610 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38619 CVE-2024-38621 CVE-2024-38623 CVE-2024-38624 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38662 CVE-2024-38780 CVE-2024-39276 CVE-2024-39277 CVE-2024-39301 CVE-2024-39466 CVE-2024-39467 CVE-2024-39468 CVE-2024-39469 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39482 CVE-2024-39487 CVE-2024-39488 CVE-2024-39489 CVE-2024-39490 CVE-2024-39493 CVE-2024-39495 CVE-2024-39499 CVE-2024-39500 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40908 CVE-2024-40911 CVE-2024-40912 CVE-2024-40914 CVE-2024-40916 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40937 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40967 CVE-2024-40968 CVE-2024-40970 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40990 CVE-2024-40994 CVE-2024-40995 CVE-2024-41000 CVE-2024-41002 CVE-2024-41004 CVE-2024-41005 CVE-2024-41006 CVE-2024-41007 CVE-2024-41027 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41047 CVE-2024-41048 CVE-2024-41049 CVE-2024-41055 CVE-2024-41087 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095 CVE-2024-41097 CVE-2024-42068 CVE-2024-42070 CVE-2024-42076 CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42084 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42095 CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42109 CVE-2024-42115 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42137 CVE-2024-42140 CVE-2024-42145 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42240 CVE-2024-42244 CVE-2024-42247 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. (CVE-2024-25741) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Accessibility subsystem; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - Bluetooth drivers; - Character device driver; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - FPGA Framework; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - HW tracing; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Pin controllers subsystem; - PTP clock framework; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - Media staging drivers; - Thermal drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - eCrypt file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - IOMMU subsystem; - Memory management; - Netfilter; - BPF subsystem; - Kernel debugger infrastructure; - DMA mapping infrastructure; - IRQ subsystem; - Tracing infrastructure; - 9P file system network protocol; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Network traffic control; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - XFRM subsystem; - ALSA framework; - SoC Audio for Freescale CPUs drivers; - Kirkwood ASoC drivers; (CVE-2024-42105, CVE-2024-41002, CVE-2024-38558, CVE-2023-52887, CVE-2024-39487, CVE-2024-39276, CVE-2024-42077, CVE-2024-39493, CVE-2024-40934, CVE-2024-39277, CVE-2024-42087, CVE-2024-38598, CVE-2024-38618, CVE-2024-40981, CVE-2024-42127, CVE-2024-38607, CVE-2024-38586, CVE-2024-40901, CVE-2024-40916, CVE-2024-42247, CVE-2024-42093, CVE-2024-36489, CVE-2024-38615, CVE-2024-42120, CVE-2024-38567, CVE-2024-40957, CVE-2024-39501, CVE-2024-42140, CVE-2024-33621, CVE-2024-38573, CVE-2023-52884, CVE-2024-39468, CVE-2024-41092, CVE-2024-40931, CVE-2024-42145, CVE-2024-39490, CVE-2024-38555, CVE-2024-42086, CVE-2024-38597, CVE-2024-40956, CVE-2024-42223, CVE-2024-36894, CVE-2024-40961, CVE-2024-42076, CVE-2024-40994, CVE-2024-38619, CVE-2024-39467, CVE-2024-39466, CVE-2022-48772, CVE-2024-39507, CVE-2024-40914, CVE-2024-41046, CVE-2024-42094, CVE-2024-38591, CVE-2024-42098, CVE-2024-41027, CVE-2024-41040, CVE-2024-41089, CVE-2024-40945, CVE-2024-39503, CVE-2024-37356, CVE-2024-36286, CVE-2024-39495, CVE-2024-42101, CVE-2024-40941, CVE-2024-42137, CVE-2024-38381, CVE-2024-38627, CVE-2024-31076, CVE-2024-42092, CVE-2024-40932, CVE-2024-40995, CVE-2024-40937, CVE-2024-39489, CVE-2024-42084, CVE-2024-40929, CVE-2024-36978, CVE-2024-36015, CVE-2024-36014, CVE-2024-42124, CVE-2024-40976, CVE-2024-39502, CVE-2024-38599, CVE-2024-38661, CVE-2024-42104, CVE-2024-42096, CVE-2024-40904, CVE-2024-40990, CVE-2024-38579, CVE-2024-40974, CVE-2024-41055, CVE-2024-38633, CVE-2024-38659, CVE-2024-41093, CVE-2024-42154, CVE-2024-38624, CVE-2024-41049, CVE-2024-38552, CVE-2024-38578, CVE-2024-38605, CVE-2024-40970, CVE-2024-38601, CVE-2024-38550, CVE-2024-38559, CVE-2024-38571, CVE-2024-40971, CVE-2024-41097, CVE-2024-40967, CVE-2024-38612, CVE-2024-38587, CVE-2024-41004, CVE-2024-33847, CVE-2024-38580, CVE-2024-39506, CVE-2024-42102, CVE-2024-36032, CVE-2024-38548, CVE-2024-39499, CVE-2024-38610, CVE-2024-42152, CVE-2024-40943, CVE-2024-40959, CVE-2024-39488, CVE-2024-36972, CVE-2024-38637, CVE-2024-40942, CVE-2024-42106, CVE-2024-38546, CVE-2024-38634, CVE-2024-39471, CVE-2024-39482, CVE-2024-41095, CVE-2024-42229, CVE-2024-42131, CVE-2024-41007, CVE-2024-42095, CVE-2024-42097, CVE-2024-39480, CVE-2024-35927, CVE-2024-42153, CVE-2024-42080, CVE-2024-42089, CVE-2024-41087, CVE-2024-39475, CVE-2024-42119, CVE-2024-41041, CVE-2024-38623, CVE-2024-39469, CVE-2024-34777, CVE-2024-42157, CVE-2024-42085, CVE-2024-36270, CVE-2024-34027, CVE-2024-35247, CVE-2024-38549, CVE-2024-40954, CVE-2024-41034, CVE-2024-41044, CVE-2024-39509, CVE-2024-40987, CVE-2024-42161, CVE-2024-40911, CVE-2024-42070, CVE-2024-42109, CVE-2024-37078, CVE-2024-40912, CVE-2024-40988, CVE-2024-40978, CVE-2024-41048, CVE-2024-41005, CVE-2024-40905, CVE-2024-41047, CVE-2024-41006, CVE-2024-38560, CVE-2024-42225, CVE-2024-42148, CVE-2024-38596, CVE-2024-38588, CVE-2024-39301, CVE-2024-38613, CVE-2024-38635, CVE-2024-40960, CVE-2024-39505, CVE-2024-42244, CVE-2024-40963, CVE-2024-39500, CVE-2024-42082, CVE-2024-36971, CVE-2024-42068, CVE-2024-40984, CVE-2024-41035, CVE-2024-38583, CVE-2024-42121, CVE-2024-40968, CVE-2024-40958, CVE-2024-40927, CVE-2024-40980, CVE-2024-40908, CVE-2024-38780, CVE-2024-38590, CVE-2024-42115, CVE-2024-42224, CVE-2024-42232, CVE-2024-42240, CVE-2024-42236, CVE-2024-38547, CVE-2024-38565, CVE-2024-40902, CVE-2024-38662, CVE-2024-42090, CVE-2024-36974, CVE-2024-38621, CVE-2024-41000, CVE-2024-40983, CVE-2024-42130, CVE-2024-38582, CVE-2024-38589) Update Instructions: Run `sudo pro fix USN-7007-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-buildinfo-5.15.0-121-lowlatency-64k - 5.15.0-121.131~20.04.1 linux-cloud-tools-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-headers-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-headers-5.15.0-121-lowlatency-64k - 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-lowlatency-64k - 5.15.0-121.131~20.04.1 linux-image-unsigned-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-image-unsigned-5.15.0-121-lowlatency-64k - 5.15.0-121.131~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-121 - 5.15.0-121.131~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-121.131~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-121 - 5.15.0-121.131~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-121 - 5.15.0-121.131~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-121.131~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-121.131~20.04.1 linux-modules-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-modules-5.15.0-121-lowlatency-64k - 5.15.0-121.131~20.04.1 linux-modules-iwlwifi-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-tools-5.15.0-121-lowlatency - 5.15.0-121.131~20.04.1 linux-tools-5.15.0-121-lowlatency-64k - 5.15.0-121.131~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.121.131~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.121.131~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.121.131~20.04.1 No subscription required High CVE-2022-48772 CVE-2023-52884 CVE-2023-52887 CVE-2024-23848 CVE-2024-25741 CVE-2024-31076 CVE-2024-33621 CVE-2024-33847 CVE-2024-34027 CVE-2024-34777 CVE-2024-35247 CVE-2024-35927 CVE-2024-36014 CVE-2024-36015 CVE-2024-36032 CVE-2024-36270 CVE-2024-36286 CVE-2024-36489 CVE-2024-36894 CVE-2024-36971 CVE-2024-36972 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-37356 CVE-2024-38381 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548 CVE-2024-38549 CVE-2024-38550 CVE-2024-38552 CVE-2024-38555 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38571 CVE-2024-38573 CVE-2024-38578 CVE-2024-38579 CVE-2024-38580 CVE-2024-38582 CVE-2024-38583 CVE-2024-38586 CVE-2024-38587 CVE-2024-38588 CVE-2024-38589 CVE-2024-38590 CVE-2024-38591 CVE-2024-38596 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599 CVE-2024-38601 CVE-2024-38605 CVE-2024-38607 CVE-2024-38610 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38619 CVE-2024-38621 CVE-2024-38623 CVE-2024-38624 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38662 CVE-2024-38780 CVE-2024-39276 CVE-2024-39277 CVE-2024-39301 CVE-2024-39466 CVE-2024-39467 CVE-2024-39468 CVE-2024-39469 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39482 CVE-2024-39487 CVE-2024-39488 CVE-2024-39489 CVE-2024-39490 CVE-2024-39493 CVE-2024-39495 CVE-2024-39499 CVE-2024-39500 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40908 CVE-2024-40911 CVE-2024-40912 CVE-2024-40914 CVE-2024-40916 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40937 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40967 CVE-2024-40968 CVE-2024-40970 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40990 CVE-2024-40994 CVE-2024-40995 CVE-2024-41000 CVE-2024-41002 CVE-2024-41004 CVE-2024-41005 CVE-2024-41006 CVE-2024-41007 CVE-2024-41027 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41047 CVE-2024-41048 CVE-2024-41049 CVE-2024-41055 CVE-2024-41087 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095 CVE-2024-41097 CVE-2024-42068 CVE-2024-42070 CVE-2024-42076 CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42084 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42095 CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42109 CVE-2024-42115 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42137 CVE-2024-42140 CVE-2024-42145 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42240 CVE-2024-42244 CVE-2024-42247 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. (CVE-2024-25741) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Accessibility subsystem; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - Bluetooth drivers; - Character device driver; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - FPGA Framework; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - HW tracing; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Pin controllers subsystem; - PTP clock framework; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - Media staging drivers; - Thermal drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - eCrypt file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - IOMMU subsystem; - Memory management; - Netfilter; - BPF subsystem; - Kernel debugger infrastructure; - DMA mapping infrastructure; - IRQ subsystem; - Tracing infrastructure; - 9P file system network protocol; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Network traffic control; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - XFRM subsystem; - ALSA framework; - SoC Audio for Freescale CPUs drivers; - Kirkwood ASoC drivers; (CVE-2024-38613, CVE-2024-42096, CVE-2024-40908, CVE-2024-42137, CVE-2024-38590, CVE-2024-41044, CVE-2024-39480, CVE-2024-39469, CVE-2024-39471, CVE-2024-42089, CVE-2024-38588, CVE-2024-41092, CVE-2024-42120, CVE-2024-40901, CVE-2024-40981, CVE-2024-42127, CVE-2024-40932, CVE-2024-39475, CVE-2024-40957, CVE-2024-39501, CVE-2024-42090, CVE-2024-40904, CVE-2024-40978, CVE-2022-48772, CVE-2024-40934, CVE-2024-38548, CVE-2024-41005, CVE-2024-36489, CVE-2024-36978, CVE-2024-38573, CVE-2024-42106, CVE-2024-42104, CVE-2024-42085, CVE-2024-38621, CVE-2024-42098, CVE-2024-38662, CVE-2024-38587, CVE-2024-41089, CVE-2024-42095, CVE-2024-40916, CVE-2024-39487, CVE-2024-42229, CVE-2023-52884, CVE-2024-40974, CVE-2024-40980, CVE-2024-42225, CVE-2024-39502, CVE-2024-37356, CVE-2024-39488, CVE-2024-40912, CVE-2024-39507, CVE-2024-38591, CVE-2024-31076, CVE-2024-40984, CVE-2024-39500, CVE-2024-38582, CVE-2024-34027, CVE-2024-36270, CVE-2024-42076, CVE-2024-42247, CVE-2024-42154, CVE-2024-41047, CVE-2024-42244, CVE-2024-41049, CVE-2024-33847, CVE-2024-36015, CVE-2024-42161, CVE-2024-42082, CVE-2024-41048, CVE-2024-40961, CVE-2024-41000, CVE-2024-38598, CVE-2024-41040, CVE-2024-36971, CVE-2024-41007, CVE-2024-36972, CVE-2024-38610, CVE-2024-40937, CVE-2024-38615, CVE-2024-38555, CVE-2024-40943, CVE-2024-39466, CVE-2024-40990, CVE-2024-42115, CVE-2024-40995, CVE-2024-38612, CVE-2024-40987, CVE-2024-38558, CVE-2024-42236, CVE-2024-38381, CVE-2024-42157, CVE-2024-38560, CVE-2024-42101, CVE-2024-40970, CVE-2024-42094, CVE-2024-42148, CVE-2024-35247, CVE-2024-40963, CVE-2024-38580, CVE-2024-38633, CVE-2024-38637, CVE-2024-40905, CVE-2024-41093, CVE-2024-38619, CVE-2024-42093, CVE-2024-40945, CVE-2024-42092, CVE-2024-36286, CVE-2024-40954, CVE-2024-41041, CVE-2024-38571, CVE-2024-39503, CVE-2024-38546, CVE-2024-40976, CVE-2024-36014, CVE-2024-41087, CVE-2024-42109, CVE-2024-42070, CVE-2024-42080, CVE-2024-41006, CVE-2024-42145, CVE-2024-40960, CVE-2024-38597, CVE-2024-42086, CVE-2024-40967, CVE-2024-42130, CVE-2024-42153, CVE-2024-39509, CVE-2024-40914, CVE-2024-39277, CVE-2024-41055, CVE-2024-41095, CVE-2024-38780, CVE-2024-36974, CVE-2024-38607, CVE-2024-38583, CVE-2024-40927, CVE-2024-39490, CVE-2024-38599, CVE-2023-52887, CVE-2024-38565, CVE-2024-38552, CVE-2024-40942, CVE-2024-37078, CVE-2024-40911, CVE-2024-41035, CVE-2024-38550, CVE-2024-42102, CVE-2024-42121, CVE-2024-36032, CVE-2024-42240, CVE-2024-42140, CVE-2024-38589, CVE-2024-40931, CVE-2024-39505, CVE-2024-38596, CVE-2024-42223, CVE-2024-38567, CVE-2024-39495, CVE-2024-40959, CVE-2024-38586, CVE-2024-42087, CVE-2024-38661, CVE-2024-41097, CVE-2024-38559, CVE-2024-38618, CVE-2024-39493, CVE-2024-41002, CVE-2024-40958, CVE-2024-39468, CVE-2024-38601, CVE-2024-39499, CVE-2024-39482, CVE-2024-38579, CVE-2024-42077, CVE-2024-38578, CVE-2024-34777, CVE-2024-39301, CVE-2024-38605, CVE-2024-42131, CVE-2024-42084, CVE-2024-41027, CVE-2024-40968, CVE-2024-38547, CVE-2024-42119, CVE-2024-38627, CVE-2024-40941, CVE-2024-40994, CVE-2024-40988, CVE-2024-40902, CVE-2024-41046, CVE-2024-38549, CVE-2024-39506, CVE-2024-38634, CVE-2024-42124, CVE-2024-42105, CVE-2024-38623, CVE-2024-38624, CVE-2024-33621, CVE-2024-42068, CVE-2024-36894, CVE-2024-39489, CVE-2024-42270, CVE-2024-40929, CVE-2024-39276, CVE-2024-42152, CVE-2024-41034, CVE-2024-40983, CVE-2024-42224, CVE-2024-40956, CVE-2024-40971, CVE-2024-38635, CVE-2024-42097, CVE-2024-42232, CVE-2024-38659, CVE-2024-39467, CVE-2024-41004) Update Instructions: Run `sudo pro fix USN-7009-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1072 - 5.15.0-1072.81~20.04.1 linux-azure-5.15-headers-5.15.0-1072 - 5.15.0-1072.81~20.04.1 linux-azure-5.15-tools-5.15.0-1072 - 5.15.0-1072.81~20.04.1 linux-buildinfo-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-cloud-tools-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-headers-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-image-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-image-unsigned-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-modules-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-modules-extra-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-modules-involflt-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 linux-tools-5.15.0-1072-azure - 5.15.0-1072.81~20.04.1 No subscription required linux-azure - 5.15.0.1072.81~20.04.1 linux-azure-cvm - 5.15.0.1072.81~20.04.1 linux-azure-edge - 5.15.0.1072.81~20.04.1 linux-cloud-tools-azure - 5.15.0.1072.81~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1072.81~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1072.81~20.04.1 linux-headers-azure - 5.15.0.1072.81~20.04.1 linux-headers-azure-cvm - 5.15.0.1072.81~20.04.1 linux-headers-azure-edge - 5.15.0.1072.81~20.04.1 linux-image-azure - 5.15.0.1072.81~20.04.1 linux-image-azure-cvm - 5.15.0.1072.81~20.04.1 linux-image-azure-edge - 5.15.0.1072.81~20.04.1 linux-modules-extra-azure - 5.15.0.1072.81~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1072.81~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1072.81~20.04.1 linux-modules-involflt-azure - 5.15.0.1072.81~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1072.81~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1072.81~20.04.1 linux-tools-azure - 5.15.0.1072.81~20.04.1 linux-tools-azure-cvm - 5.15.0.1072.81~20.04.1 linux-tools-azure-edge - 5.15.0.1072.81~20.04.1 No subscription required High CVE-2022-48772 CVE-2023-52884 CVE-2023-52887 CVE-2024-23848 CVE-2024-25741 CVE-2024-31076 CVE-2024-33621 CVE-2024-33847 CVE-2024-34027 CVE-2024-34777 CVE-2024-35247 CVE-2024-36014 CVE-2024-36015 CVE-2024-36032 CVE-2024-36270 CVE-2024-36286 CVE-2024-36489 CVE-2024-36894 CVE-2024-36971 CVE-2024-36972 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-37356 CVE-2024-38381 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548 CVE-2024-38549 CVE-2024-38550 CVE-2024-38552 CVE-2024-38555 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38571 CVE-2024-38573 CVE-2024-38578 CVE-2024-38579 CVE-2024-38580 CVE-2024-38582 CVE-2024-38583 CVE-2024-38586 CVE-2024-38587 CVE-2024-38588 CVE-2024-38589 CVE-2024-38590 CVE-2024-38591 CVE-2024-38596 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599 CVE-2024-38601 CVE-2024-38605 CVE-2024-38607 CVE-2024-38610 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38619 CVE-2024-38621 CVE-2024-38623 CVE-2024-38624 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38662 CVE-2024-38780 CVE-2024-39276 CVE-2024-39277 CVE-2024-39301 CVE-2024-39466 CVE-2024-39467 CVE-2024-39468 CVE-2024-39469 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39482 CVE-2024-39487 CVE-2024-39488 CVE-2024-39489 CVE-2024-39490 CVE-2024-39493 CVE-2024-39495 CVE-2024-39499 CVE-2024-39500 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40908 CVE-2024-40911 CVE-2024-40912 CVE-2024-40914 CVE-2024-40916 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40937 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40967 CVE-2024-40968 CVE-2024-40970 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40990 CVE-2024-40994 CVE-2024-40995 CVE-2024-41000 CVE-2024-41002 CVE-2024-41004 CVE-2024-41005 CVE-2024-41006 CVE-2024-41007 CVE-2024-41027 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41047 CVE-2024-41048 CVE-2024-41049 CVE-2024-41055 CVE-2024-41087 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095 CVE-2024-41097 CVE-2024-42068 CVE-2024-42070 CVE-2024-42076 CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42084 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42095 CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42109 CVE-2024-42115 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42137 CVE-2024-42140 CVE-2024-42145 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42240 CVE-2024-42244 CVE-2024-42247 CVE-2024-42270 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. (CVE-2024-25741) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Accessibility subsystem; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - Bluetooth drivers; - Character device driver; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - FPGA Framework; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - HW tracing; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Pin controllers subsystem; - PTP clock framework; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - Media staging drivers; - Thermal drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - eCrypt file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - IOMMU subsystem; - Memory management; - Netfilter; - BPF subsystem; - Kernel debugger infrastructure; - DMA mapping infrastructure; - IRQ subsystem; - Tracing infrastructure; - 9P file system network protocol; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Network traffic control; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - XFRM subsystem; - ALSA framework; - SoC Audio for Freescale CPUs drivers; - Kirkwood ASoC drivers; (CVE-2024-42076, CVE-2024-40994, CVE-2024-40932, CVE-2024-41000, CVE-2024-42224, CVE-2024-38633, CVE-2024-40954, CVE-2024-36270, CVE-2024-38623, CVE-2024-38549, CVE-2024-42225, CVE-2024-42085, CVE-2024-42157, CVE-2024-42229, CVE-2024-42109, CVE-2024-41040, CVE-2024-38607, CVE-2024-39493, CVE-2024-38546, CVE-2024-41046, CVE-2024-38567, CVE-2024-42092, CVE-2024-39501, CVE-2024-41005, CVE-2024-42223, CVE-2024-39480, CVE-2024-38571, CVE-2024-41048, CVE-2024-38605, CVE-2024-42094, CVE-2024-38598, CVE-2024-38559, CVE-2024-38558, CVE-2024-40931, CVE-2024-40942, CVE-2024-39495, CVE-2024-40981, CVE-2024-40911, CVE-2024-42148, CVE-2024-33621, CVE-2024-39502, CVE-2024-41095, CVE-2024-40960, CVE-2024-36286, CVE-2024-42232, CVE-2024-42130, CVE-2024-42154, CVE-2024-41087, CVE-2024-41004, CVE-2024-39277, CVE-2024-38560, CVE-2024-36978, CVE-2024-42089, CVE-2024-37356, CVE-2024-38547, CVE-2024-38381, CVE-2024-36015, CVE-2024-38548, CVE-2024-42120, CVE-2024-41092, CVE-2024-40978, CVE-2024-38619, CVE-2024-40914, CVE-2024-41089, CVE-2024-40988, CVE-2024-41047, CVE-2024-38565, CVE-2024-38550, CVE-2023-52887, CVE-2024-38552, CVE-2024-38583, CVE-2024-38613, CVE-2024-40967, CVE-2024-40927, CVE-2024-42124, CVE-2024-42244, CVE-2024-42152, CVE-2024-39509, CVE-2024-38662, CVE-2024-38618, CVE-2024-42140, CVE-2024-38579, CVE-2024-40945, CVE-2024-42101, CVE-2024-42104, CVE-2024-41044, CVE-2024-42161, CVE-2024-42093, CVE-2024-42270, CVE-2024-42097, CVE-2024-40970, CVE-2024-40908, CVE-2024-38582, CVE-2024-42247, CVE-2024-38661, CVE-2024-40941, CVE-2024-42084, CVE-2024-42090, CVE-2024-42131, CVE-2024-42077, CVE-2024-40995, CVE-2024-42105, CVE-2024-41035, CVE-2024-41097, CVE-2024-38780, CVE-2024-35247, CVE-2024-36974, CVE-2024-42070, CVE-2024-40902, CVE-2024-36972, CVE-2024-38586, CVE-2024-38573, CVE-2024-38612, CVE-2024-42121, CVE-2023-52884, CVE-2024-39276, CVE-2024-38615, CVE-2024-42095, CVE-2024-42086, CVE-2024-39507, CVE-2024-40983, CVE-2024-40943, CVE-2024-41002, CVE-2024-40958, CVE-2024-41049, CVE-2024-38596, CVE-2024-37078, CVE-2024-38637, CVE-2024-38621, CVE-2024-42153, CVE-2024-38659, CVE-2024-39468, CVE-2024-38589, CVE-2024-38587, CVE-2024-36971, CVE-2024-38599, CVE-2024-31076, CVE-2024-39490, CVE-2024-40959, CVE-2024-38634, CVE-2024-38624, CVE-2024-42240, CVE-2024-42127, CVE-2024-42102, CVE-2024-38578, CVE-2024-34027, CVE-2024-38601, CVE-2024-42087, CVE-2024-38597, CVE-2024-38591, CVE-2024-39503, CVE-2024-42236, CVE-2024-42082, CVE-2024-40956, CVE-2024-41041, CVE-2024-38580, CVE-2024-39506, CVE-2024-36894, CVE-2024-40987, CVE-2024-39475, CVE-2024-38635, CVE-2024-41007, CVE-2024-39471, CVE-2024-39467, CVE-2022-48772, CVE-2024-40934, CVE-2024-42106, CVE-2024-39469, CVE-2024-40963, CVE-2024-39482, CVE-2024-39505, CVE-2024-36014, CVE-2024-39500, CVE-2024-42096, CVE-2024-41055, CVE-2024-40937, CVE-2024-38590, CVE-2024-38610, CVE-2024-41034, CVE-2024-42115, CVE-2024-40974, CVE-2024-40968, CVE-2024-42080, CVE-2024-40957, CVE-2024-40971, CVE-2024-36032, CVE-2024-39499, CVE-2024-42137, CVE-2024-39489, CVE-2024-40976, CVE-2024-39466, CVE-2024-42145, CVE-2024-36489, CVE-2024-40980, CVE-2024-39301, CVE-2024-40905, CVE-2024-41093, CVE-2024-40912, CVE-2024-42119, CVE-2024-38588, CVE-2024-40916, CVE-2024-39488, CVE-2024-41027, CVE-2024-42068, CVE-2024-40904, CVE-2024-40961, CVE-2024-33847, CVE-2024-38555, CVE-2024-41006, CVE-2024-40929, CVE-2024-34777, CVE-2024-38627, CVE-2024-40984, CVE-2024-40990, CVE-2024-39487, CVE-2024-42098, CVE-2024-40901) Update Instructions: Run `sudo pro fix USN-7009-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1072-azure-fde - 5.15.0-1072.81~20.04.1.1 linux-image-unsigned-5.15.0-1072-azure-fde - 5.15.0-1072.81~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1072.81~20.04.1.49 linux-azure-fde-edge - 5.15.0.1072.81~20.04.1.49 linux-cloud-tools-azure-fde - 5.15.0.1072.81~20.04.1.49 linux-cloud-tools-azure-fde-edge - 5.15.0.1072.81~20.04.1.49 linux-headers-azure-fde - 5.15.0.1072.81~20.04.1.49 linux-headers-azure-fde-edge - 5.15.0.1072.81~20.04.1.49 linux-image-azure-fde - 5.15.0.1072.81~20.04.1.49 linux-image-azure-fde-edge - 5.15.0.1072.81~20.04.1.49 linux-modules-extra-azure-fde - 5.15.0.1072.81~20.04.1.49 linux-modules-extra-azure-fde-edge - 5.15.0.1072.81~20.04.1.49 linux-tools-azure-fde - 5.15.0.1072.81~20.04.1.49 linux-tools-azure-fde-edge - 5.15.0.1072.81~20.04.1.49 No subscription required High CVE-2022-48772 CVE-2023-52884 CVE-2023-52887 CVE-2024-23848 CVE-2024-25741 CVE-2024-31076 CVE-2024-33621 CVE-2024-33847 CVE-2024-34027 CVE-2024-34777 CVE-2024-35247 CVE-2024-36014 CVE-2024-36015 CVE-2024-36032 CVE-2024-36270 CVE-2024-36286 CVE-2024-36489 CVE-2024-36894 CVE-2024-36971 CVE-2024-36972 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-37356 CVE-2024-38381 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548 CVE-2024-38549 CVE-2024-38550 CVE-2024-38552 CVE-2024-38555 CVE-2024-38558 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567 CVE-2024-38571 CVE-2024-38573 CVE-2024-38578 CVE-2024-38579 CVE-2024-38580 CVE-2024-38582 CVE-2024-38583 CVE-2024-38586 CVE-2024-38587 CVE-2024-38588 CVE-2024-38589 CVE-2024-38590 CVE-2024-38591 CVE-2024-38596 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599 CVE-2024-38601 CVE-2024-38605 CVE-2024-38607 CVE-2024-38610 CVE-2024-38612 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38619 CVE-2024-38621 CVE-2024-38623 CVE-2024-38624 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661 CVE-2024-38662 CVE-2024-38780 CVE-2024-39276 CVE-2024-39277 CVE-2024-39301 CVE-2024-39466 CVE-2024-39467 CVE-2024-39468 CVE-2024-39469 CVE-2024-39471 CVE-2024-39475 CVE-2024-39480 CVE-2024-39482 CVE-2024-39487 CVE-2024-39488 CVE-2024-39489 CVE-2024-39490 CVE-2024-39493 CVE-2024-39495 CVE-2024-39499 CVE-2024-39500 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40908 CVE-2024-40911 CVE-2024-40912 CVE-2024-40914 CVE-2024-40916 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40937 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40954 CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40967 CVE-2024-40968 CVE-2024-40970 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40990 CVE-2024-40994 CVE-2024-40995 CVE-2024-41000 CVE-2024-41002 CVE-2024-41004 CVE-2024-41005 CVE-2024-41006 CVE-2024-41007 CVE-2024-41027 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41047 CVE-2024-41048 CVE-2024-41049 CVE-2024-41055 CVE-2024-41087 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095 CVE-2024-41097 CVE-2024-42068 CVE-2024-42070 CVE-2024-42076 CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42084 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42095 CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42109 CVE-2024-42115 CVE-2024-42119 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42137 CVE-2024-42140 CVE-2024-42145 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42240 CVE-2024-42244 CVE-2024-42247 CVE-2024-42270 Ubuntu 20.04 LTS Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-41687, CVE-2021-41688, CVE-2021-41689, CVE-2021-41690) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-2121) It was discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-43272) It was discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-28130) It was discovered that DCMTK incorrectly handled memory when processing an invalid incoming DIMSE message. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-34508, CVE-2024-34509) Update Instructions: Run `sudo pro fix USN-7010-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dcmtk - 3.6.4-2.1ubuntu0.1 dcmtk-doc - 3.6.4-2.1ubuntu0.1 libdcmtk-dev - 3.6.4-2.1ubuntu0.1 libdcmtk14 - 3.6.4-2.1ubuntu0.1 No subscription required Medium CVE-2021-41687 CVE-2021-41688 CVE-2021-41689 CVE-2021-41690 CVE-2022-2121 CVE-2022-43272 CVE-2024-28130 CVE-2024-34508 CVE-2024-34509 Ubuntu 20.04 LTS It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2024-20505) It was discovered that ClamAV incorrectly handled logfile privileges. A local attacker could use this issue to cause ClamAV to overwrite arbitrary files, possibly leading to privilege escalation. (CVE-2024-20506) Update Instructions: Run `sudo pro fix USN-7011-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: clamav - 0.103.12+dfsg-0ubuntu0.20.04.1 clamav-base - 0.103.12+dfsg-0ubuntu0.20.04.1 clamav-daemon - 0.103.12+dfsg-0ubuntu0.20.04.1 clamav-docs - 0.103.12+dfsg-0ubuntu0.20.04.1 clamav-freshclam - 0.103.12+dfsg-0ubuntu0.20.04.1 clamav-milter - 0.103.12+dfsg-0ubuntu0.20.04.1 clamav-testfiles - 0.103.12+dfsg-0ubuntu0.20.04.1 clamdscan - 0.103.12+dfsg-0ubuntu0.20.04.1 libclamav-dev - 0.103.12+dfsg-0ubuntu0.20.04.1 libclamav9 - 0.103.12+dfsg-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-20505 CVE-2024-20506 Ubuntu 20.04 LTS Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations. Update Instructions: Run `sudo pro fix USN-7012-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.24 libcurl3-gnutls - 7.68.0-1ubuntu2.24 libcurl3-nss - 7.68.0-1ubuntu2.24 libcurl4 - 7.68.0-1ubuntu2.24 libcurl4-doc - 7.68.0-1ubuntu2.24 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.24 libcurl4-nss-dev - 7.68.0-1ubuntu2.24 libcurl4-openssl-dev - 7.68.0-1ubuntu2.24 No subscription required Medium CVE-2024-8096 Ubuntu 20.04 LTS It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. (CVE-2024-23184) It was discovered that Dovecot incorrectly handled very large headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. (CVE-2024-23185) Update Instructions: Run `sudo pro fix USN-7013-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dovecot-auth-lua - 1:2.3.7.2-1ubuntu3.7 dovecot-core - 1:2.3.7.2-1ubuntu3.7 dovecot-dev - 1:2.3.7.2-1ubuntu3.7 dovecot-gssapi - 1:2.3.7.2-1ubuntu3.7 dovecot-imapd - 1:2.3.7.2-1ubuntu3.7 dovecot-ldap - 1:2.3.7.2-1ubuntu3.7 dovecot-lmtpd - 1:2.3.7.2-1ubuntu3.7 dovecot-lucene - 1:2.3.7.2-1ubuntu3.7 dovecot-managesieved - 1:2.3.7.2-1ubuntu3.7 dovecot-mysql - 1:2.3.7.2-1ubuntu3.7 dovecot-pgsql - 1:2.3.7.2-1ubuntu3.7 dovecot-pop3d - 1:2.3.7.2-1ubuntu3.7 dovecot-sieve - 1:2.3.7.2-1ubuntu3.7 dovecot-solr - 1:2.3.7.2-1ubuntu3.7 dovecot-sqlite - 1:2.3.7.2-1ubuntu3.7 dovecot-submissiond - 1:2.3.7.2-1ubuntu3.7 mail-stack-delivery - 1:2.3.7.2-1ubuntu3.7 No subscription required Medium CVE-2024-23184 CVE-2024-23185 Ubuntu 20.04 LTS It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7014-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.6 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.6 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.6 libnginx-mod-http-echo - 1.18.0-0ubuntu1.6 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.6 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.6 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.6 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.6 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.6 libnginx-mod-http-lua - 1.18.0-0ubuntu1.6 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.6 libnginx-mod-http-perl - 1.18.0-0ubuntu1.6 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.6 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.6 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.6 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.6 libnginx-mod-mail - 1.18.0-0ubuntu1.6 libnginx-mod-nchan - 1.18.0-0ubuntu1.6 libnginx-mod-rtmp - 1.18.0-0ubuntu1.6 libnginx-mod-stream - 1.18.0-0ubuntu1.6 nginx - 1.18.0-0ubuntu1.6 nginx-common - 1.18.0-0ubuntu1.6 nginx-core - 1.18.0-0ubuntu1.6 nginx-doc - 1.18.0-0ubuntu1.6 nginx-extras - 1.18.0-0ubuntu1.6 nginx-full - 1.18.0-0ubuntu1.6 nginx-light - 1.18.0-0ubuntu1.6 No subscription required Medium CVE-2024-7347 Ubuntu 20.04 LTS It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-6232) It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. (CVE-2024-6923) It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-7592) It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service. (CVE-2024-8088) Update Instructions: Run `sudo pro fix USN-7015-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.12 libpython3.8 - 3.8.10-0ubuntu1~20.04.12 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.12 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.12 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.12 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.12 python3.8 - 3.8.10-0ubuntu1~20.04.12 python3.8-dev - 3.8.10-0ubuntu1~20.04.12 python3.8-doc - 3.8.10-0ubuntu1~20.04.12 python3.8-examples - 3.8.10-0ubuntu1~20.04.12 python3.8-full - 3.8.10-0ubuntu1~20.04.12 python3.8-minimal - 3.8.10-0ubuntu1~20.04.12 python3.8-venv - 3.8.10-0ubuntu1~20.04.12 No subscription required Medium CVE-2023-27043 CVE-2024-6232 CVE-2024-6923 CVE-2024-7592 CVE-2024-8088 Ubuntu 20.04 LTS USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and a second for python3.5 for Ubuntu 16.04 LTS. Original advisory details: It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. This issue only affected python3.5 for Ubuntu 16.04 LTS (CVE-2024-6232) It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-7592) Update Instructions: Run `sudo pro fix USN-7015-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.4+esm2 libpython2.7 - 2.7.18-1~20.04.4+esm2 libpython2.7-dev - 2.7.18-1~20.04.4+esm2 libpython2.7-minimal - 2.7.18-1~20.04.4+esm2 libpython2.7-stdlib - 2.7.18-1~20.04.4+esm2 libpython2.7-testsuite - 2.7.18-1~20.04.4+esm2 python2.7 - 2.7.18-1~20.04.4+esm2 python2.7-dev - 2.7.18-1~20.04.4+esm2 python2.7-doc - 2.7.18-1~20.04.4+esm2 python2.7-examples - 2.7.18-1~20.04.4+esm2 python2.7-minimal - 2.7.18-1~20.04.4+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-6232 CVE-2024-7592 Ubuntu 20.04 LTS USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for python2.7 in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and for python3.5 in Ubuntu 16.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-6232) It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. (CVE-2024-6923) It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-7592) It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service. (CVE-2024-8088) Update Instructions: Run `sudo pro fix USN-7015-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.4+esm3 libpython2.7 - 2.7.18-1~20.04.4+esm3 libpython2.7-dev - 2.7.18-1~20.04.4+esm3 libpython2.7-minimal - 2.7.18-1~20.04.4+esm3 libpython2.7-stdlib - 2.7.18-1~20.04.4+esm3 libpython2.7-testsuite - 2.7.18-1~20.04.4+esm3 python2.7 - 2.7.18-1~20.04.4+esm3 python2.7-dev - 2.7.18-1~20.04.4+esm3 python2.7-doc - 2.7.18-1~20.04.4+esm3 python2.7-examples - 2.7.18-1~20.04.4+esm3 python2.7-minimal - 2.7.18-1~20.04.4+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-27043 Ubuntu 20.04 LTS USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-6232) It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. (CVE-2024-6923) It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-7592) It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service. (CVE-2024-8088) Update Instructions: Run `sudo pro fix USN-7015-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.5 libpython2.7 - 2.7.18-1~20.04.5 libpython2.7-dev - 2.7.18-1~20.04.5 libpython2.7-minimal - 2.7.18-1~20.04.5 libpython2.7-stdlib - 2.7.18-1~20.04.5 libpython2.7-testsuite - 2.7.18-1~20.04.5 python2.7 - 2.7.18-1~20.04.5 python2.7-dev - 2.7.18-1~20.04.5 python2.7-doc - 2.7.18-1~20.04.5 python2.7-examples - 2.7.18-1~20.04.5 python2.7-minimal - 2.7.18-1~20.04.5 No subscription required Medium CVE-2024-6232 CVE-2024-6923 Ubuntu 20.04 LTS USN-7015-5 fixed vulnerabilities in python2.7. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-6232) It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. (CVE-2024-6923) It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-7592) It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service. (CVE-2024-8088) Update Instructions: Run `sudo pro fix USN-7015-6` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.6 libpython2.7 - 2.7.18-1~20.04.6 libpython2.7-dev - 2.7.18-1~20.04.6 libpython2.7-minimal - 2.7.18-1~20.04.6 libpython2.7-stdlib - 2.7.18-1~20.04.6 libpython2.7-testsuite - 2.7.18-1~20.04.6 python2.7 - 2.7.18-1~20.04.6 python2.7-dev - 2.7.18-1~20.04.6 python2.7-doc - 2.7.18-1~20.04.6 python2.7-examples - 2.7.18-1~20.04.6 python2.7-minimal - 2.7.18-1~20.04.6 No subscription required None https://launchpad.net/bugs/2089071 Ubuntu 20.04 LTS Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7017-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: quagga - 1.2.4-4ubuntu0.5 quagga-bgpd - 1.2.4-4ubuntu0.5 quagga-core - 1.2.4-4ubuntu0.5 quagga-doc - 1.2.4-4ubuntu0.5 quagga-isisd - 1.2.4-4ubuntu0.5 quagga-ospf6d - 1.2.4-4ubuntu0.5 quagga-ospfd - 1.2.4-4ubuntu0.5 quagga-pimd - 1.2.4-4ubuntu0.5 quagga-ripd - 1.2.4-4ubuntu0.5 quagga-ripngd - 1.2.4-4ubuntu0.5 No subscription required Medium CVE-2024-44070 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC session sockets; - Integrity Measurement Architecture(IMA) framework; (CVE-2024-39496, CVE-2024-41009, CVE-2024-26677, CVE-2024-42160, CVE-2024-27012, CVE-2024-42228, CVE-2024-39494, CVE-2024-38570) Update Instructions: Run `sudo pro fix USN-7021-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-cloud-tools-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1053 - 5.15.0-1053.60~20.04.1 linux-gkeop-5.15-headers-5.15.0-1053 - 5.15.0-1053.60~20.04.1 linux-gkeop-5.15-tools-5.15.0-1053 - 5.15.0-1053.60~20.04.1 linux-headers-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-image-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-image-unsigned-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-modules-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-modules-extra-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 linux-tools-5.15.0-1053-gkeop - 5.15.0-1053.60~20.04.1 No subscription required linux-buildinfo-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-cloud-tools-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-headers-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-image-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-image-unsigned-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1065.71~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1065 - 5.15.0-1065.71~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1065.71~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1065.71~20.04.1 linux-modules-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-modules-extra-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-modules-iwlwifi-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 linux-tools-5.15.0-1065-intel-iotg - 5.15.0-1065.71~20.04.1 No subscription required linux-buildinfo-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-gcp-5.15-headers-5.15.0-1069 - 5.15.0-1069.77~20.04.1 linux-gcp-5.15-tools-5.15.0-1069 - 5.15.0-1069.77~20.04.1 linux-headers-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-image-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-image-unsigned-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-modules-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-modules-extra-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-modules-iwlwifi-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 linux-tools-5.15.0-1069-gcp - 5.15.0-1069.77~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1070 - 5.15.0-1070.76~20.04.1 linux-aws-5.15-headers-5.15.0-1070 - 5.15.0-1070.76~20.04.1 linux-aws-5.15-tools-5.15.0-1070 - 5.15.0-1070.76~20.04.1 linux-buildinfo-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-cloud-tools-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-headers-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-image-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-image-unsigned-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-modules-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-modules-extra-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 linux-tools-5.15.0-1070-aws - 5.15.0-1070.76~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1073 - 5.15.0-1073.82~20.04.1 linux-azure-5.15-headers-5.15.0-1073 - 5.15.0-1073.82~20.04.1 linux-azure-5.15-tools-5.15.0-1073 - 5.15.0-1073.82~20.04.1 linux-buildinfo-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-cloud-tools-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-headers-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-image-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-image-unsigned-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-modules-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-modules-extra-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-modules-involflt-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 linux-tools-5.15.0-1073-azure - 5.15.0-1073.82~20.04.1 No subscription required linux-buildinfo-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-buildinfo-5.15.0-122-generic-64k - 5.15.0-122.132~20.04.1 linux-buildinfo-5.15.0-122-generic-lpae - 5.15.0-122.132~20.04.1 linux-cloud-tools-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-headers-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-headers-5.15.0-122-generic-64k - 5.15.0-122.132~20.04.1 linux-headers-5.15.0-122-generic-lpae - 5.15.0-122.132~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-122 - 5.15.0-122.132~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-122.132~20.04.1 linux-hwe-5.15-headers-5.15.0-122 - 5.15.0-122.132~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-122.132~20.04.1 linux-hwe-5.15-tools-5.15.0-122 - 5.15.0-122.132~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-122.132~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-122.132~20.04.1 linux-image-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-image-5.15.0-122-generic-64k - 5.15.0-122.132~20.04.1 linux-image-5.15.0-122-generic-lpae - 5.15.0-122.132~20.04.1 linux-image-unsigned-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-image-unsigned-5.15.0-122-generic-64k - 5.15.0-122.132~20.04.1 linux-modules-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-modules-5.15.0-122-generic-64k - 5.15.0-122.132~20.04.1 linux-modules-5.15.0-122-generic-lpae - 5.15.0-122.132~20.04.1 linux-modules-extra-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-modules-iwlwifi-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-tools-5.15.0-122-generic - 5.15.0-122.132~20.04.1 linux-tools-5.15.0-122-generic-64k - 5.15.0-122.132~20.04.1 linux-tools-5.15.0-122-generic-lpae - 5.15.0-122.132~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1053.60~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1053.60~20.04.1 linux-gkeop-5.15 - 5.15.0.1053.60~20.04.1 linux-gkeop-edge - 5.15.0.1053.60~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1053.60~20.04.1 linux-headers-gkeop-edge - 5.15.0.1053.60~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1053.60~20.04.1 linux-image-gkeop-edge - 5.15.0.1053.60~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1053.60~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1053.60~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1053.60~20.04.1 linux-tools-gkeop-edge - 5.15.0.1053.60~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1065.71~20.04.1 linux-headers-intel - 5.15.0.1065.71~20.04.1 linux-headers-intel-iotg - 5.15.0.1065.71~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1065.71~20.04.1 linux-image-intel - 5.15.0.1065.71~20.04.1 linux-image-intel-iotg - 5.15.0.1065.71~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1065.71~20.04.1 linux-intel - 5.15.0.1065.71~20.04.1 linux-intel-iotg - 5.15.0.1065.71~20.04.1 linux-intel-iotg-edge - 5.15.0.1065.71~20.04.1 linux-tools-intel - 5.15.0.1065.71~20.04.1 linux-tools-intel-iotg - 5.15.0.1065.71~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1065.71~20.04.1 No subscription required linux-gcp - 5.15.0.1069.77~20.04.1 linux-gcp-edge - 5.15.0.1069.77~20.04.1 linux-headers-gcp - 5.15.0.1069.77~20.04.1 linux-headers-gcp-edge - 5.15.0.1069.77~20.04.1 linux-image-gcp - 5.15.0.1069.77~20.04.1 linux-image-gcp-edge - 5.15.0.1069.77~20.04.1 linux-modules-extra-gcp - 5.15.0.1069.77~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1069.77~20.04.1 linux-tools-gcp - 5.15.0.1069.77~20.04.1 linux-tools-gcp-edge - 5.15.0.1069.77~20.04.1 No subscription required linux-aws - 5.15.0.1070.76~20.04.1 linux-aws-edge - 5.15.0.1070.76~20.04.1 linux-headers-aws - 5.15.0.1070.76~20.04.1 linux-headers-aws-edge - 5.15.0.1070.76~20.04.1 linux-image-aws - 5.15.0.1070.76~20.04.1 linux-image-aws-edge - 5.15.0.1070.76~20.04.1 linux-modules-extra-aws - 5.15.0.1070.76~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1070.76~20.04.1 linux-tools-aws - 5.15.0.1070.76~20.04.1 linux-tools-aws-edge - 5.15.0.1070.76~20.04.1 No subscription required linux-azure - 5.15.0.1073.82~20.04.1 linux-azure-cvm - 5.15.0.1073.82~20.04.1 linux-azure-edge - 5.15.0.1073.82~20.04.1 linux-cloud-tools-azure - 5.15.0.1073.82~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1073.82~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1073.82~20.04.1 linux-headers-azure - 5.15.0.1073.82~20.04.1 linux-headers-azure-cvm - 5.15.0.1073.82~20.04.1 linux-headers-azure-edge - 5.15.0.1073.82~20.04.1 linux-image-azure - 5.15.0.1073.82~20.04.1 linux-image-azure-cvm - 5.15.0.1073.82~20.04.1 linux-image-azure-edge - 5.15.0.1073.82~20.04.1 linux-modules-extra-azure - 5.15.0.1073.82~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1073.82~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1073.82~20.04.1 linux-modules-involflt-azure - 5.15.0.1073.82~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1073.82~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1073.82~20.04.1 linux-tools-azure - 5.15.0.1073.82~20.04.1 linux-tools-azure-cvm - 5.15.0.1073.82~20.04.1 linux-tools-azure-edge - 5.15.0.1073.82~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-generic-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-headers-oem-20.04 - 5.15.0.122.132~20.04.1 linux-headers-oem-20.04b - 5.15.0.122.132~20.04.1 linux-headers-oem-20.04c - 5.15.0.122.132~20.04.1 linux-headers-oem-20.04d - 5.15.0.122.132~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-oem-20.04 - 5.15.0.122.132~20.04.1 linux-image-oem-20.04b - 5.15.0.122.132~20.04.1 linux-image-oem-20.04c - 5.15.0.122.132~20.04.1 linux-image-oem-20.04d - 5.15.0.122.132~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.122.132~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.122.132~20.04.1 linux-oem-20.04 - 5.15.0.122.132~20.04.1 linux-oem-20.04b - 5.15.0.122.132~20.04.1 linux-oem-20.04c - 5.15.0.122.132~20.04.1 linux-oem-20.04d - 5.15.0.122.132~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-tools-oem-20.04 - 5.15.0.122.132~20.04.1 linux-tools-oem-20.04b - 5.15.0.122.132~20.04.1 linux-tools-oem-20.04c - 5.15.0.122.132~20.04.1 linux-tools-oem-20.04d - 5.15.0.122.132~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.122.132~20.04.1 No subscription required Medium CVE-2024-26677 CVE-2024-27012 CVE-2024-38570 CVE-2024-39494 CVE-2024-39496 CVE-2024-41009 CVE-2024-42160 CVE-2024-42228 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC session sockets; - Integrity Measurement Architecture(IMA) framework; (CVE-2024-27012, CVE-2024-39496, CVE-2024-26677, CVE-2024-42228, CVE-2024-38570, CVE-2024-39494, CVE-2024-42160, CVE-2024-41009) Update Instructions: Run `sudo pro fix USN-7021-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 linux-headers-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 linux-ibm-5.15-headers-5.15.0-1063 - 5.15.0-1063.66~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1063.66~20.04.1 linux-ibm-5.15-tools-5.15.0-1063 - 5.15.0-1063.66~20.04.1 linux-image-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 linux-image-unsigned-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 linux-modules-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 linux-modules-extra-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 linux-tools-5.15.0-1063-ibm - 5.15.0-1063.66~20.04.1 No subscription required linux-buildinfo-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 linux-headers-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 linux-image-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 linux-image-unsigned-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 linux-modules-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 linux-modules-extra-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 linux-oracle-5.15-headers-5.15.0-1068 - 5.15.0-1068.74~20.04.1 linux-oracle-5.15-tools-5.15.0-1068 - 5.15.0-1068.74~20.04.1 linux-tools-5.15.0-1068-oracle - 5.15.0-1068.74~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1063.66~20.04.1 linux-headers-ibm-edge - 5.15.0.1063.66~20.04.1 linux-ibm - 5.15.0.1063.66~20.04.1 linux-ibm-edge - 5.15.0.1063.66~20.04.1 linux-image-ibm - 5.15.0.1063.66~20.04.1 linux-image-ibm-edge - 5.15.0.1063.66~20.04.1 linux-tools-ibm - 5.15.0.1063.66~20.04.1 linux-tools-ibm-edge - 5.15.0.1063.66~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1068.74~20.04.1 linux-headers-oracle-edge - 5.15.0.1068.74~20.04.1 linux-image-oracle - 5.15.0.1068.74~20.04.1 linux-image-oracle-edge - 5.15.0.1068.74~20.04.1 linux-oracle - 5.15.0.1068.74~20.04.1 linux-oracle-edge - 5.15.0.1068.74~20.04.1 linux-tools-oracle - 5.15.0.1068.74~20.04.1 linux-tools-oracle-edge - 5.15.0.1068.74~20.04.1 No subscription required Medium CVE-2024-26677 CVE-2024-27012 CVE-2024-38570 CVE-2024-39494 CVE-2024-39496 CVE-2024-41009 CVE-2024-42160 CVE-2024-42228 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC session sockets; - Integrity Measurement Architecture(IMA) framework; (CVE-2024-39494, CVE-2024-38570, CVE-2024-27012, CVE-2024-39496, CVE-2024-42160, CVE-2024-41009, CVE-2024-42228, CVE-2024-26677) Update Instructions: Run `sudo pro fix USN-7021-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-buildinfo-5.15.0-122-lowlatency-64k - 5.15.0-122.132~20.04.1 linux-cloud-tools-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-headers-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-headers-5.15.0-122-lowlatency-64k - 5.15.0-122.132~20.04.1 linux-image-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-image-5.15.0-122-lowlatency-64k - 5.15.0-122.132~20.04.1 linux-image-unsigned-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-image-unsigned-5.15.0-122-lowlatency-64k - 5.15.0-122.132~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-122 - 5.15.0-122.132~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-122.132~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-122 - 5.15.0-122.132~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-122 - 5.15.0-122.132~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-122.132~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-122.132~20.04.1 linux-modules-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-modules-5.15.0-122-lowlatency-64k - 5.15.0-122.132~20.04.1 linux-modules-iwlwifi-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-tools-5.15.0-122-lowlatency - 5.15.0-122.132~20.04.1 linux-tools-5.15.0-122-lowlatency-64k - 5.15.0-122.132~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.122.132~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.122.132~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.122.132~20.04.1 No subscription required Medium CVE-2024-26677 CVE-2024-27012 CVE-2024-38570 CVE-2024-39494 CVE-2024-39496 CVE-2024-41009 CVE-2024-42160 CVE-2024-42228 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC session sockets; - Integrity Measurement Architecture(IMA) framework; (CVE-2024-41009, CVE-2024-26677, CVE-2024-42160, CVE-2024-39494, CVE-2024-39496, CVE-2024-38570, CVE-2024-27012, CVE-2024-42228) Update Instructions: Run `sudo pro fix USN-7021-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1073-azure-fde - 5.15.0-1073.82~20.04.1.1 linux-image-unsigned-5.15.0-1073-azure-fde - 5.15.0-1073.82~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1073.82~20.04.1.50 linux-azure-fde-edge - 5.15.0.1073.82~20.04.1.50 linux-cloud-tools-azure-fde - 5.15.0.1073.82~20.04.1.50 linux-cloud-tools-azure-fde-edge - 5.15.0.1073.82~20.04.1.50 linux-headers-azure-fde - 5.15.0.1073.82~20.04.1.50 linux-headers-azure-fde-edge - 5.15.0.1073.82~20.04.1.50 linux-image-azure-fde - 5.15.0.1073.82~20.04.1.50 linux-image-azure-fde-edge - 5.15.0.1073.82~20.04.1.50 linux-modules-extra-azure-fde - 5.15.0.1073.82~20.04.1.50 linux-modules-extra-azure-fde-edge - 5.15.0.1073.82~20.04.1.50 linux-tools-azure-fde - 5.15.0.1073.82~20.04.1.50 linux-tools-azure-fde-edge - 5.15.0.1073.82~20.04.1.50 No subscription required Medium CVE-2024-26677 CVE-2024-27012 CVE-2024-38570 CVE-2024-39494 CVE-2024-39496 CVE-2024-41009 CVE-2024-42160 CVE-2024-42228 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; - Netfilter; - RxRPC session sockets; - Integrity Measurement Architecture(IMA) framework; (CVE-2021-47188, CVE-2024-27012, CVE-2024-42228, CVE-2022-48791, CVE-2024-39494, CVE-2022-48863, CVE-2024-26787, CVE-2024-42160, CVE-2024-38570, CVE-2024-26677) Update Instructions: Run `sudo pro fix USN-7022-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1052-xilinx-zynqmp - 5.4.0-1052.56 linux-headers-5.4.0-1052-xilinx-zynqmp - 5.4.0-1052.56 linux-image-5.4.0-1052-xilinx-zynqmp - 5.4.0-1052.56 linux-modules-5.4.0-1052-xilinx-zynqmp - 5.4.0-1052.56 linux-tools-5.4.0-1052-xilinx-zynqmp - 5.4.0-1052.56 linux-xilinx-zynqmp-headers-5.4.0-1052 - 5.4.0-1052.56 linux-xilinx-zynqmp-tools-5.4.0-1052 - 5.4.0-1052.56 No subscription required linux-buildinfo-5.4.0-1080-ibm - 5.4.0-1080.85 linux-headers-5.4.0-1080-ibm - 5.4.0-1080.85 linux-ibm-cloud-tools-common - 5.4.0-1080.85 linux-ibm-headers-5.4.0-1080 - 5.4.0-1080.85 linux-ibm-source-5.4.0 - 5.4.0-1080.85 linux-ibm-tools-5.4.0-1080 - 5.4.0-1080.85 linux-ibm-tools-common - 5.4.0-1080.85 linux-image-5.4.0-1080-ibm - 5.4.0-1080.85 linux-image-unsigned-5.4.0-1080-ibm - 5.4.0-1080.85 linux-modules-5.4.0-1080-ibm - 5.4.0-1080.85 linux-modules-extra-5.4.0-1080-ibm - 5.4.0-1080.85 linux-tools-5.4.0-1080-ibm - 5.4.0-1080.85 No subscription required linux-bluefield-headers-5.4.0-1093 - 5.4.0-1093.100 linux-bluefield-tools-5.4.0-1093 - 5.4.0-1093.100 linux-buildinfo-5.4.0-1093-bluefield - 5.4.0-1093.100 linux-headers-5.4.0-1093-bluefield - 5.4.0-1093.100 linux-image-5.4.0-1093-bluefield - 5.4.0-1093.100 linux-image-unsigned-5.4.0-1093-bluefield - 5.4.0-1093.100 linux-modules-5.4.0-1093-bluefield - 5.4.0-1093.100 linux-tools-5.4.0-1093-bluefield - 5.4.0-1093.100 No subscription required linux-buildinfo-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-cloud-tools-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-gkeop-cloud-tools-5.4.0-1100 - 5.4.0-1100.104 linux-gkeop-headers-5.4.0-1100 - 5.4.0-1100.104 linux-gkeop-source-5.4.0 - 5.4.0-1100.104 linux-gkeop-tools-5.4.0-1100 - 5.4.0-1100.104 linux-headers-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-image-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-image-unsigned-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-modules-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-modules-extra-5.4.0-1100-gkeop - 5.4.0-1100.104 linux-tools-5.4.0-1100-gkeop - 5.4.0-1100.104 No subscription required linux-buildinfo-5.4.0-1121-kvm - 5.4.0-1121.129 linux-headers-5.4.0-1121-kvm - 5.4.0-1121.129 linux-image-5.4.0-1121-kvm - 5.4.0-1121.129 linux-image-unsigned-5.4.0-1121-kvm - 5.4.0-1121.129 linux-kvm-headers-5.4.0-1121 - 5.4.0-1121.129 linux-kvm-tools-5.4.0-1121 - 5.4.0-1121.129 linux-modules-5.4.0-1121-kvm - 5.4.0-1121.129 linux-tools-5.4.0-1121-kvm - 5.4.0-1121.129 No subscription required linux-buildinfo-5.4.0-1132-oracle - 5.4.0-1132.141 linux-headers-5.4.0-1132-oracle - 5.4.0-1132.141 linux-image-5.4.0-1132-oracle - 5.4.0-1132.141 linux-image-unsigned-5.4.0-1132-oracle - 5.4.0-1132.141 linux-modules-5.4.0-1132-oracle - 5.4.0-1132.141 linux-modules-extra-5.4.0-1132-oracle - 5.4.0-1132.141 linux-oracle-headers-5.4.0-1132 - 5.4.0-1132.141 linux-oracle-tools-5.4.0-1132 - 5.4.0-1132.141 linux-tools-5.4.0-1132-oracle - 5.4.0-1132.141 No subscription required linux-aws-cloud-tools-5.4.0-1133 - 5.4.0-1133.143 linux-aws-headers-5.4.0-1133 - 5.4.0-1133.143 linux-aws-tools-5.4.0-1133 - 5.4.0-1133.143 linux-buildinfo-5.4.0-1133-aws - 5.4.0-1133.143 linux-cloud-tools-5.4.0-1133-aws - 5.4.0-1133.143 linux-headers-5.4.0-1133-aws - 5.4.0-1133.143 linux-image-5.4.0-1133-aws - 5.4.0-1133.143 linux-image-unsigned-5.4.0-1133-aws - 5.4.0-1133.143 linux-modules-5.4.0-1133-aws - 5.4.0-1133.143 linux-modules-extra-5.4.0-1133-aws - 5.4.0-1133.143 linux-tools-5.4.0-1133-aws - 5.4.0-1133.143 No subscription required linux-buildinfo-5.4.0-1137-gcp - 5.4.0-1137.146 linux-gcp-headers-5.4.0-1137 - 5.4.0-1137.146 linux-gcp-tools-5.4.0-1137 - 5.4.0-1137.146 linux-headers-5.4.0-1137-gcp - 5.4.0-1137.146 linux-image-5.4.0-1137-gcp - 5.4.0-1137.146 linux-image-unsigned-5.4.0-1137-gcp - 5.4.0-1137.146 linux-modules-5.4.0-1137-gcp - 5.4.0-1137.146 linux-modules-extra-5.4.0-1137-gcp - 5.4.0-1137.146 linux-tools-5.4.0-1137-gcp - 5.4.0-1137.146 No subscription required linux-azure-cloud-tools-5.4.0-1138 - 5.4.0-1138.145 linux-azure-headers-5.4.0-1138 - 5.4.0-1138.145 linux-azure-tools-5.4.0-1138 - 5.4.0-1138.145 linux-buildinfo-5.4.0-1138-azure - 5.4.0-1138.145 linux-cloud-tools-5.4.0-1138-azure - 5.4.0-1138.145 linux-headers-5.4.0-1138-azure - 5.4.0-1138.145 linux-image-5.4.0-1138-azure - 5.4.0-1138.145 linux-image-unsigned-5.4.0-1138-azure - 5.4.0-1138.145 linux-modules-5.4.0-1138-azure - 5.4.0-1138.145 linux-modules-extra-5.4.0-1138-azure - 5.4.0-1138.145 linux-tools-5.4.0-1138-azure - 5.4.0-1138.145 No subscription required linux-buildinfo-5.4.0-196-generic - 5.4.0-196.216 linux-buildinfo-5.4.0-196-generic-lpae - 5.4.0-196.216 linux-buildinfo-5.4.0-196-lowlatency - 5.4.0-196.216 linux-cloud-tools-5.4.0-196 - 5.4.0-196.216 linux-cloud-tools-5.4.0-196-generic - 5.4.0-196.216 linux-cloud-tools-5.4.0-196-lowlatency - 5.4.0-196.216 linux-cloud-tools-common - 5.4.0-196.216 linux-doc - 5.4.0-196.216 linux-headers-5.4.0-196 - 5.4.0-196.216 linux-headers-5.4.0-196-generic - 5.4.0-196.216 linux-headers-5.4.0-196-generic-lpae - 5.4.0-196.216 linux-headers-5.4.0-196-lowlatency - 5.4.0-196.216 linux-image-5.4.0-196-generic - 5.4.0-196.216 linux-image-5.4.0-196-generic-lpae - 5.4.0-196.216 linux-image-5.4.0-196-lowlatency - 5.4.0-196.216 linux-image-unsigned-5.4.0-196-generic - 5.4.0-196.216 linux-image-unsigned-5.4.0-196-lowlatency - 5.4.0-196.216 linux-libc-dev - 5.4.0-196.216 linux-modules-5.4.0-196-generic - 5.4.0-196.216 linux-modules-5.4.0-196-generic-lpae - 5.4.0-196.216 linux-modules-5.4.0-196-lowlatency - 5.4.0-196.216 linux-modules-extra-5.4.0-196-generic - 5.4.0-196.216 linux-source-5.4.0 - 5.4.0-196.216 linux-tools-5.4.0-196 - 5.4.0-196.216 linux-tools-5.4.0-196-generic - 5.4.0-196.216 linux-tools-5.4.0-196-generic-lpae - 5.4.0-196.216 linux-tools-5.4.0-196-lowlatency - 5.4.0-196.216 linux-tools-common - 5.4.0-196.216 linux-tools-host - 5.4.0-196.216 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1052.52 linux-image-xilinx-zynqmp - 5.4.0.1052.52 linux-tools-xilinx-zynqmp - 5.4.0.1052.52 linux-xilinx-zynqmp - 5.4.0.1052.52 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1080.109 linux-ibm-lts-20.04 - 5.4.0.1080.109 linux-image-ibm-lts-20.04 - 5.4.0.1080.109 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1080.109 linux-tools-ibm-lts-20.04 - 5.4.0.1080.109 No subscription required linux-bluefield - 5.4.0.1093.89 linux-headers-bluefield - 5.4.0.1093.89 linux-image-bluefield - 5.4.0.1093.89 linux-tools-bluefield - 5.4.0.1093.89 No subscription required linux-cloud-tools-gkeop - 5.4.0.1100.98 linux-cloud-tools-gkeop-5.4 - 5.4.0.1100.98 linux-gkeop - 5.4.0.1100.98 linux-gkeop-5.4 - 5.4.0.1100.98 linux-headers-gkeop - 5.4.0.1100.98 linux-headers-gkeop-5.4 - 5.4.0.1100.98 linux-image-gkeop - 5.4.0.1100.98 linux-image-gkeop-5.4 - 5.4.0.1100.98 linux-modules-extra-gkeop - 5.4.0.1100.98 linux-modules-extra-gkeop-5.4 - 5.4.0.1100.98 linux-tools-gkeop - 5.4.0.1100.98 linux-tools-gkeop-5.4 - 5.4.0.1100.98 No subscription required linux-headers-kvm - 5.4.0.1121.117 linux-image-kvm - 5.4.0.1121.117 linux-kvm - 5.4.0.1121.117 linux-tools-kvm - 5.4.0.1121.117 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1132.125 linux-image-oracle-lts-20.04 - 5.4.0.1132.125 linux-oracle-lts-20.04 - 5.4.0.1132.125 linux-tools-oracle-lts-20.04 - 5.4.0.1132.125 No subscription required linux-aws-lts-20.04 - 5.4.0.1133.130 linux-headers-aws-lts-20.04 - 5.4.0.1133.130 linux-image-aws-lts-20.04 - 5.4.0.1133.130 linux-modules-extra-aws-lts-20.04 - 5.4.0.1133.130 linux-tools-aws-lts-20.04 - 5.4.0.1133.130 No subscription required linux-gcp-lts-20.04 - 5.4.0.1137.139 linux-headers-gcp-lts-20.04 - 5.4.0.1137.139 linux-image-gcp-lts-20.04 - 5.4.0.1137.139 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1137.139 linux-tools-gcp-lts-20.04 - 5.4.0.1137.139 No subscription required linux-azure-lts-20.04 - 5.4.0.1138.132 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1138.132 linux-headers-azure-lts-20.04 - 5.4.0.1138.132 linux-image-azure-lts-20.04 - 5.4.0.1138.132 linux-modules-extra-azure-lts-20.04 - 5.4.0.1138.132 linux-tools-azure-lts-20.04 - 5.4.0.1138.132 No subscription required linux-cloud-tools-generic - 5.4.0.196.194 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.196.194 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.196.194 linux-cloud-tools-lowlatency - 5.4.0.196.194 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.196.194 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.196.194 linux-cloud-tools-virtual - 5.4.0.196.194 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.196.194 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.196.194 linux-crashdump - 5.4.0.196.194 linux-generic - 5.4.0.196.194 linux-generic-hwe-18.04 - 5.4.0.196.194 linux-generic-hwe-18.04-edge - 5.4.0.196.194 linux-generic-lpae - 5.4.0.196.194 linux-generic-lpae-hwe-18.04 - 5.4.0.196.194 linux-generic-lpae-hwe-18.04-edge - 5.4.0.196.194 linux-headers-generic - 5.4.0.196.194 linux-headers-generic-hwe-18.04 - 5.4.0.196.194 linux-headers-generic-hwe-18.04-edge - 5.4.0.196.194 linux-headers-generic-lpae - 5.4.0.196.194 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.196.194 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.196.194 linux-headers-lowlatency - 5.4.0.196.194 linux-headers-lowlatency-hwe-18.04 - 5.4.0.196.194 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.196.194 linux-headers-oem - 5.4.0.196.194 linux-headers-oem-osp1 - 5.4.0.196.194 linux-headers-virtual - 5.4.0.196.194 linux-headers-virtual-hwe-18.04 - 5.4.0.196.194 linux-headers-virtual-hwe-18.04-edge - 5.4.0.196.194 linux-image-extra-virtual - 5.4.0.196.194 linux-image-extra-virtual-hwe-18.04 - 5.4.0.196.194 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.196.194 linux-image-generic - 5.4.0.196.194 linux-image-generic-hwe-18.04 - 5.4.0.196.194 linux-image-generic-hwe-18.04-edge - 5.4.0.196.194 linux-image-generic-lpae - 5.4.0.196.194 linux-image-generic-lpae-hwe-18.04 - 5.4.0.196.194 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.196.194 linux-image-lowlatency - 5.4.0.196.194 linux-image-lowlatency-hwe-18.04 - 5.4.0.196.194 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.196.194 linux-image-oem - 5.4.0.196.194 linux-image-oem-osp1 - 5.4.0.196.194 linux-image-virtual - 5.4.0.196.194 linux-image-virtual-hwe-18.04 - 5.4.0.196.194 linux-image-virtual-hwe-18.04-edge - 5.4.0.196.194 linux-lowlatency - 5.4.0.196.194 linux-lowlatency-hwe-18.04 - 5.4.0.196.194 linux-lowlatency-hwe-18.04-edge - 5.4.0.196.194 linux-oem - 5.4.0.196.194 linux-oem-osp1 - 5.4.0.196.194 linux-oem-osp1-tools-host - 5.4.0.196.194 linux-oem-tools-host - 5.4.0.196.194 linux-source - 5.4.0.196.194 linux-tools-generic - 5.4.0.196.194 linux-tools-generic-hwe-18.04 - 5.4.0.196.194 linux-tools-generic-hwe-18.04-edge - 5.4.0.196.194 linux-tools-generic-lpae - 5.4.0.196.194 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.196.194 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.196.194 linux-tools-lowlatency - 5.4.0.196.194 linux-tools-lowlatency-hwe-18.04 - 5.4.0.196.194 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.196.194 linux-tools-oem - 5.4.0.196.194 linux-tools-oem-osp1 - 5.4.0.196.194 linux-tools-virtual - 5.4.0.196.194 linux-tools-virtual-hwe-18.04 - 5.4.0.196.194 linux-tools-virtual-hwe-18.04-edge - 5.4.0.196.194 linux-virtual - 5.4.0.196.194 linux-virtual-hwe-18.04 - 5.4.0.196.194 linux-virtual-hwe-18.04-edge - 5.4.0.196.194 No subscription required Medium CVE-2021-47188 CVE-2022-48791 CVE-2022-48863 CVE-2024-26677 CVE-2024-26787 CVE-2024-27012 CVE-2024-38570 CVE-2024-39494 CVE-2024-42160 CVE-2024-42228 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; - Netfilter; - RxRPC session sockets; - Integrity Measurement Architecture(IMA) framework; (CVE-2021-47188, CVE-2024-42160, CVE-2024-42228, CVE-2022-48863, CVE-2024-26677, CVE-2024-26787, CVE-2024-38570, CVE-2024-39494, CVE-2022-48791, CVE-2024-27012) Update Instructions: Run `sudo pro fix USN-7022-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1117-raspi - 5.4.0-1117.129 linux-headers-5.4.0-1117-raspi - 5.4.0-1117.129 linux-image-5.4.0-1117-raspi - 5.4.0-1117.129 linux-modules-5.4.0-1117-raspi - 5.4.0-1117.129 linux-raspi-headers-5.4.0-1117 - 5.4.0-1117.129 linux-raspi-tools-5.4.0-1117 - 5.4.0-1117.129 linux-tools-5.4.0-1117-raspi - 5.4.0-1117.129 No subscription required linux-headers-raspi - 5.4.0.1117.147 linux-headers-raspi-hwe-18.04 - 5.4.0.1117.147 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1117.147 linux-headers-raspi2 - 5.4.0.1117.147 linux-headers-raspi2-hwe-18.04 - 5.4.0.1117.147 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1117.147 linux-image-raspi - 5.4.0.1117.147 linux-image-raspi-hwe-18.04 - 5.4.0.1117.147 linux-image-raspi-hwe-18.04-edge - 5.4.0.1117.147 linux-image-raspi2 - 5.4.0.1117.147 linux-image-raspi2-hwe-18.04 - 5.4.0.1117.147 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1117.147 linux-raspi - 5.4.0.1117.147 linux-raspi-hwe-18.04 - 5.4.0.1117.147 linux-raspi-hwe-18.04-edge - 5.4.0.1117.147 linux-raspi2 - 5.4.0.1117.147 linux-raspi2-hwe-18.04 - 5.4.0.1117.147 linux-raspi2-hwe-18.04-edge - 5.4.0.1117.147 linux-tools-raspi - 5.4.0.1117.147 linux-tools-raspi-hwe-18.04 - 5.4.0.1117.147 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1117.147 linux-tools-raspi2 - 5.4.0.1117.147 linux-tools-raspi2-hwe-18.04 - 5.4.0.1117.147 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1117.147 No subscription required Medium CVE-2021-47188 CVE-2022-48791 CVE-2022-48863 CVE-2024-26677 CVE-2024-26787 CVE-2024-27012 CVE-2024-38570 CVE-2024-39494 CVE-2024-42160 CVE-2024-42228 Ubuntu 20.04 LTS It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical. Update Instructions: Run `sudo pro fix USN-7024-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tgt - 1:1.0.79-2ubuntu1.1 tgt-rbd - 1:1.0.79-2ubuntu1.1 No subscription required Medium CVE-2024-45751 Ubuntu 20.04 LTS It was discovered that LibreOffice would incorrectly handle digital signature verification after repairing a corrupted document. A remote attacker could possibly use this issue to forge valid signatures. Update Instructions: Run `sudo pro fix USN-7025-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.12 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.12 No subscription required gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.12 libjuh-java - 1:6.4.7-0ubuntu0.20.04.12 libjurt-java - 1:6.4.7-0ubuntu0.20.04.12 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.12 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.12 libreoffice - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.12 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.12 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.12 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.12 libridl-java - 1:6.4.7-0ubuntu0.20.04.12 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.12 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.12 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.12 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.12 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.12 libunoil-java - 1:6.4.7-0ubuntu0.20.04.12 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.12 python3-access2base - 1:6.4.7-0ubuntu0.20.04.12 python3-uno - 1:6.4.7-0ubuntu0.20.04.12 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.12 ure - 1:6.4.7-0ubuntu0.20.04.12 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.12 No subscription required Medium CVE-2024-7788 Ubuntu 20.04 LTS It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45939) Xi Lu discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-48337) Xi Lu discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-48338) Xi Lu discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-48339) It was discovered that Emacs incorrectly handled filename sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-28617) It was discovered that Emacs incorrectly handled certain crafted files. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-30203, CVE-2024-30204, CVE-2024-30205) It was discovered that Emacs incorrectly handled certain crafted files. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2024-39331) Update Instructions: Run `sudo pro fix USN-7027-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: emacs - 1:26.3+1-1ubuntu2+esm1 emacs-bin-common - 1:26.3+1-1ubuntu2+esm1 emacs-common - 1:26.3+1-1ubuntu2+esm1 emacs-el - 1:26.3+1-1ubuntu2+esm1 emacs-gtk - 1:26.3+1-1ubuntu2+esm1 emacs-lucid - 1:26.3+1-1ubuntu2+esm1 emacs-nox - 1:26.3+1-1ubuntu2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-45939 CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 CVE-2023-28617 CVE-2024-30203 CVE-2024-30204 CVE-2024-30205 CVE-2024-39331 https://launchpad.net/bugs/2070418 Ubuntu 20.04 LTS USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by intermediate proxies by providing duplicate headers containing underscore characters. Update Instructions: Run `sudo pro fix USN-7031-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: puma - 3.12.4-1ubuntu2+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-45614 Ubuntu 20.04 LTS It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling. Update Instructions: Run `sudo pro fix USN-7032-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtomcat9-embed-java - 9.0.31-1ubuntu0.7 libtomcat9-java - 9.0.31-1ubuntu0.7 tomcat9 - 9.0.31-1ubuntu0.7 tomcat9-admin - 9.0.31-1ubuntu0.7 tomcat9-common - 9.0.31-1ubuntu0.7 tomcat9-docs - 9.0.31-1ubuntu0.7 tomcat9-examples - 9.0.31-1ubuntu0.7 tomcat9-user - 9.0.31-1ubuntu0.7 No subscription required Medium CVE-2023-46589 Ubuntu 20.04 LTS It was discovered that some Intel(R) Processors did not properly restrict access to the Running Average Power Limit (RAPL) interface. This may allow a local privileged attacker to obtain sensitive information. (CVE-2024-23984) It was discovered that some Intel(R) Processors did not properly implement finite state machines (FSMs) in hardware logic. This may allow a local privileged attacker to cause a denial of service (system crash). (CVE-2024-24968) Update Instructions: Run `sudo pro fix USN-7033-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20240910.0ubuntu0.20.04.1 No subscription required Medium CVE-2024-23984 CVE-2024-24968 Ubuntu 20.04 LTS The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.64 version of the Mozilla certificate authority bundle. Update Instructions: Run `sudo pro fix USN-7034-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ca-certificates - 20240203~20.04.1 No subscription required None https://launchpad.net/bugs/2081875 Ubuntu 20.04 LTS It was discovered that the AppArmor policy compiler incorrectly generated looser restrictions than expected for rules allowing mount operations. A local attacker could possibly use this to bypass AppArmor restrictions in applications where some mount operations were permitted. Update Instructions: Run `sudo pro fix USN-7035-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apparmor - 2.13.3-7ubuntu5.4 apparmor-easyprof - 2.13.3-7ubuntu5.4 apparmor-notify - 2.13.3-7ubuntu5.4 apparmor-profiles - 2.13.3-7ubuntu5.4 apparmor-utils - 2.13.3-7ubuntu5.4 dh-apparmor - 2.13.3-7ubuntu5.4 libapache2-mod-apparmor - 2.13.3-7ubuntu5.4 libapparmor-dev - 2.13.3-7ubuntu5.4 libapparmor-perl - 2.13.3-7ubuntu5.4 libapparmor1 - 2.13.3-7ubuntu5.4 libpam-apparmor - 2.13.3-7ubuntu5.4 python3-apparmor - 2.13.3-7ubuntu5.4 python3-libapparmor - 2.13.3-7ubuntu5.4 No subscription required Medium CVE-2016-1585 https://bugs.launchpad.net/apparmor/+bug/1597017 Ubuntu 20.04 LTS It was discovered that OpenJPEG could enter a large loop and continuously print warning messages when given specially crafted input. An attacker could potentially use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-7037-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenjp2-7 - 2.3.1-1ubuntu4.20.04.2 libopenjp2-7-dev - 2.3.1-1ubuntu4.20.04.2 libopenjp2-tools - 2.3.1-1ubuntu4.20.04.2 libopenjp3d-tools - 2.3.1-1ubuntu4.20.04.2 libopenjp3d7 - 2.3.1-1ubuntu4.20.04.2 libopenjpip-dec-server - 2.3.1-1ubuntu4.20.04.2 libopenjpip-server - 2.3.1-1ubuntu4.20.04.2 libopenjpip-viewer - 2.3.1-1ubuntu4.20.04.2 libopenjpip7 - 2.3.1-1ubuntu4.20.04.2 No subscription required Medium CVE-2023-39327 Ubuntu 20.04 LTS Thomas Stangner discovered a permission vulnerability in the Apache Portable Runtime (APR) library. A local attacker could possibly use this issue to read named shared memory segments, potentially exposing sensitive application data. Update Instructions: Run `sudo pro fix USN-7038-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapr1 - 1.6.5-1ubuntu1.1 libapr1-dev - 1.6.5-1ubuntu1.1 No subscription required Medium CVE-2023-49582 Ubuntu 20.04 LTS It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service. Update Instructions: Run `sudo pro fix USN-7040-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-configobj-doc - 5.0.6-4ubuntu0.1 python3-configobj - 5.0.6-4ubuntu0.1 No subscription required Low CVE-2023-26112 Ubuntu 20.04 LTS Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used. Update Instructions: Run `sudo pro fix USN-7041-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cups - 2.3.1-9ubuntu1.9 cups-bsd - 2.3.1-9ubuntu1.9 cups-client - 2.3.1-9ubuntu1.9 cups-common - 2.3.1-9ubuntu1.9 cups-core-drivers - 2.3.1-9ubuntu1.9 cups-daemon - 2.3.1-9ubuntu1.9 cups-ipp-utils - 2.3.1-9ubuntu1.9 cups-ppdc - 2.3.1-9ubuntu1.9 cups-server-common - 2.3.1-9ubuntu1.9 libcups2 - 2.3.1-9ubuntu1.9 libcups2-dev - 2.3.1-9ubuntu1.9 libcupsimage2 - 2.3.1-9ubuntu1.9 libcupsimage2-dev - 2.3.1-9ubuntu1.9 No subscription required Medium CVE-2024-47175 Ubuntu 20.04 LTS Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. (CVE-2024-47176) Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used. (CVE-2024-47076) Update Instructions: Run `sudo pro fix USN-7043-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cups-browsed - 1.27.4-1ubuntu0.3 cups-filters - 1.27.4-1ubuntu0.3 cups-filters-core-drivers - 1.27.4-1ubuntu0.3 libcupsfilters-dev - 1.27.4-1ubuntu0.3 libcupsfilters1 - 1.27.4-1ubuntu0.3 libfontembed-dev - 1.27.4-1ubuntu0.3 libfontembed1 - 1.27.4-1ubuntu0.3 No subscription required Medium CVE-2024-47176 CVE-2024-47076 Ubuntu 20.04 LTS USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer discovery protocol entirely. Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. (CVE-2024-47176) Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used. (CVE-2024-47076) Update Instructions: Run `sudo pro fix USN-7043-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cups-browsed - 1.27.4-1ubuntu0.4 cups-filters - 1.27.4-1ubuntu0.4 cups-filters-core-drivers - 1.27.4-1ubuntu0.4 libcupsfilters-dev - 1.27.4-1ubuntu0.4 libcupsfilters1 - 1.27.4-1ubuntu0.4 libfontembed-dev - 1.27.4-1ubuntu0.4 libfontembed1 - 1.27.4-1ubuntu0.4 No subscription required Medium CVE-2024-47076 CVE-2024-47176 Ubuntu 20.04 LTS It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix. Update Instructions: Run `sudo pro fix USN-7046-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bubblewrap - 0.4.0-1ubuntu4.1 No subscription required flatpak - 1.6.5-0ubuntu0.5 flatpak-tests - 1.6.5-0ubuntu0.5 gir1.2-flatpak-1.0 - 1.6.5-0ubuntu0.5 libflatpak-dev - 1.6.5-0ubuntu0.5 libflatpak-doc - 1.6.5-0ubuntu0.5 libflatpak0 - 1.6.5-0ubuntu0.5 No subscription required Medium CVE-2024-42472 https://launchpad.net/bugs/2077087 Ubuntu 20.04 LTS Vladimír Čunát discovered that Knot Resolver incorrectly handled input during DNSSEC validation. A remote attacker could possibly use this issue to bypass certain validations. (CVE-2019-10190) Vladimír Čunát discovered that Knot Resolver incorrectly handled input during DNSSEC validation. A remote attacker could possibly use this issue to downgrade DNSSEC-secure domains to a DNSSEC-insecure state, resulting in a domain hijacking attack. (CVE-2019-10191) Vladimír Čunát discovered that Knot Resolver incorrectly handled certain DNS replies with many resource records. An attacker could possibly use this issue to consume system resources, resulting in a denial of service. (CVE-2019-19331) Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Knot Resolver incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. (CVE-2020-12667) Update Instructions: Run `sudo pro fix USN-7047-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: knot-resolver - 3.2.1-3ubuntu2.2 knot-resolver-doc - 3.2.1-3ubuntu2.2 knot-resolver-module-http - 3.2.1-3ubuntu2.2 No subscription required Medium CVE-2019-10190 CVE-2019-10191 CVE-2019-19331 CVE-2020-12667 Ubuntu 20.04 LTS Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-7048-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.25 vim-athena - 2:8.1.2269-1ubuntu5.25 vim-common - 2:8.1.2269-1ubuntu5.25 vim-doc - 2:8.1.2269-1ubuntu5.25 vim-gtk - 2:8.1.2269-1ubuntu5.25 vim-gtk3 - 2:8.1.2269-1ubuntu5.25 vim-gui-common - 2:8.1.2269-1ubuntu5.25 vim-nox - 2:8.1.2269-1ubuntu5.25 vim-runtime - 2:8.1.2269-1ubuntu5.25 vim-tiny - 2:8.1.2269-1ubuntu5.25 xxd - 2:8.1.2269-1ubuntu5.25 No subscription required Medium CVE-2024-43802 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data. (CVE-2024-8925) It was discovered that PHP incorrectly handled the cgi.force_redirect configuration option due to environment variable collisions. In certain configurations, an attacker could possibly use this issue bypass force_redirect restrictions. (CVE-2024-8927) It was discovered that PHP-FPM incorrectly handled logging. A remote attacker could possibly use this issue to alter and inject arbitrary contents into log files. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-9026) Update Instructions: Run `sudo pro fix USN-7049-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.24 libphp7.4-embed - 7.4.3-4ubuntu2.24 php7.4 - 7.4.3-4ubuntu2.24 php7.4-bcmath - 7.4.3-4ubuntu2.24 php7.4-bz2 - 7.4.3-4ubuntu2.24 php7.4-cgi - 7.4.3-4ubuntu2.24 php7.4-cli - 7.4.3-4ubuntu2.24 php7.4-common - 7.4.3-4ubuntu2.24 php7.4-curl - 7.4.3-4ubuntu2.24 php7.4-dba - 7.4.3-4ubuntu2.24 php7.4-dev - 7.4.3-4ubuntu2.24 php7.4-enchant - 7.4.3-4ubuntu2.24 php7.4-fpm - 7.4.3-4ubuntu2.24 php7.4-gd - 7.4.3-4ubuntu2.24 php7.4-gmp - 7.4.3-4ubuntu2.24 php7.4-imap - 7.4.3-4ubuntu2.24 php7.4-interbase - 7.4.3-4ubuntu2.24 php7.4-intl - 7.4.3-4ubuntu2.24 php7.4-json - 7.4.3-4ubuntu2.24 php7.4-ldap - 7.4.3-4ubuntu2.24 php7.4-mbstring - 7.4.3-4ubuntu2.24 php7.4-mysql - 7.4.3-4ubuntu2.24 php7.4-odbc - 7.4.3-4ubuntu2.24 php7.4-opcache - 7.4.3-4ubuntu2.24 php7.4-pgsql - 7.4.3-4ubuntu2.24 php7.4-phpdbg - 7.4.3-4ubuntu2.24 php7.4-pspell - 7.4.3-4ubuntu2.24 php7.4-readline - 7.4.3-4ubuntu2.24 php7.4-snmp - 7.4.3-4ubuntu2.24 php7.4-soap - 7.4.3-4ubuntu2.24 php7.4-sqlite3 - 7.4.3-4ubuntu2.24 php7.4-sybase - 7.4.3-4ubuntu2.24 php7.4-tidy - 7.4.3-4ubuntu2.24 php7.4-xml - 7.4.3-4ubuntu2.24 php7.4-xmlrpc - 7.4.3-4ubuntu2.24 php7.4-xsl - 7.4.3-4ubuntu2.24 php7.4-zip - 7.4.3-4ubuntu2.24 No subscription required Medium CVE-2024-8925 CVE-2024-8927 CVE-2024-9026 Ubuntu 20.04 LTS Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could possibly use this issue to intercept and re-use a one-time password. (CVE-2021-43177) Garrett Rappaport discovered that Devise-Two-Factor incorrectly handled generating multi-factor authentication codes. An attacker could possibly use this issue to generate valid multi-factor authentication codes. (CVE-2024-8796) Update Instructions: Run `sudo pro fix USN-7050-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-devise-two-factor - 3.1.0-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-43177 CVE-2024-8796 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Update Instructions: Run `sudo pro fix USN-7051-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-asyncssh-doc - 1.12.2-1ubuntu0.1 python3-asyncssh - 1.12.2-1ubuntu0.1 No subscription required Medium CVE-2023-48795 Ubuntu 20.04 LTS Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypass authentication, and access network devices and services. This update introduces new configuration options called "limit_proxy_state" and "require_message_authenticator" that default to "auto" but should be set to "yes" once all RADIUS devices have been upgraded on a network. Update Instructions: Run `sudo pro fix USN-7055-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freeradius - 3.0.20+dfsg-3ubuntu0.4 freeradius-common - 3.0.20+dfsg-3ubuntu0.4 freeradius-config - 3.0.20+dfsg-3ubuntu0.4 freeradius-dhcp - 3.0.20+dfsg-3ubuntu0.4 freeradius-iodbc - 3.0.20+dfsg-3ubuntu0.4 freeradius-krb5 - 3.0.20+dfsg-3ubuntu0.4 freeradius-ldap - 3.0.20+dfsg-3ubuntu0.4 freeradius-memcached - 3.0.20+dfsg-3ubuntu0.4 freeradius-mysql - 3.0.20+dfsg-3ubuntu0.4 freeradius-postgresql - 3.0.20+dfsg-3ubuntu0.4 freeradius-python3 - 3.0.20+dfsg-3ubuntu0.4 freeradius-redis - 3.0.20+dfsg-3ubuntu0.4 freeradius-rest - 3.0.20+dfsg-3ubuntu0.4 freeradius-utils - 3.0.20+dfsg-3ubuntu0.4 freeradius-yubikey - 3.0.20+dfsg-3ubuntu0.4 libfreeradius-dev - 3.0.20+dfsg-3ubuntu0.4 libfreeradius3 - 3.0.20+dfsg-3ubuntu0.4 No subscription required Medium CVE-2024-3596 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-9392, CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400, CVE-2024-9401, CVE-2024-9402, CVE-2024-9403) Masato Kinugawa discovered that Firefox did not properly validate javascript under the "resource://pdf.js" origin. An attacker could potentially exploit this issue to execute arbitrary javascript code and access cross-origin PDF content. (CVE-2024-9393) Masato Kinugawa discovered that Firefox did not properly validate javascript under the "resource://devtools" origin. An attacker could potentially exploit this issue to execute arbitrary javascript code and access cross-origin JSON content. (CVE-2024-9394) Update Instructions: Run `sudo pro fix USN-7056-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 131.0+build1.1-0ubuntu0.20.04.1 firefox-dev - 131.0+build1.1-0ubuntu0.20.04.1 firefox-geckodriver - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-af - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-an - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ar - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-as - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ast - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-az - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-be - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-bg - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-bn - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-br - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-bs - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ca - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-cak - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-cs - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-csb - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-cy - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-da - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-de - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-el - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-en - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-eo - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-es - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-et - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-eu - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-fa - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-fi - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-fr - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-fy - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ga - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-gd - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-gl - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-gn - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-gu - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-he - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-hi - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-hr - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-hsb - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-hu - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-hy - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ia - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-id - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-is - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-it - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ja - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ka - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-kab - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-kk - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-km - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-kn - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ko - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ku - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-lg - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-lt - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-lv - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-mai - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-mk - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ml - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-mn - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-mr - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ms - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-my - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-nb - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ne - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-nl - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-nn - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-nso - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-oc - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-or - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-pa - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-pl - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-pt - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ro - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ru - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-si - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-sk - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-sl - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-sq - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-sr - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-sv - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-sw - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-szl - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ta - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-te - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-tg - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-th - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-tr - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-uk - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-ur - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-uz - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-vi - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-xh - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 131.0+build1.1-0ubuntu0.20.04.1 firefox-locale-zu - 131.0+build1.1-0ubuntu0.20.04.1 firefox-mozsymbols - 131.0+build1.1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-9392 CVE-2024-9393 CVE-2024-9394 CVE-2024-9396 CVE-2024-9397 CVE-2024-9398 CVE-2024-9399 CVE-2024-9400 CVE-2024-9401 CVE-2024-9402 CVE-2024-9403 Ubuntu 20.04 LTS It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-0161) Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2021-28210) Satoshi Tanda discovered that EDK II incorrectly handled decompressing certain images. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2021-28211) It was discovered that EDK II incorrectly decoded certain strings. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2021-38575) It was discovered that EDK II had integer underflow vulnerability in SmmEntryPoint, which could result in a buffer overflow. An attacker could potentially use this issue to cause a denial of service. (CVE-2021-38578) Elison Niven discovered that OpenSSL, vendored in EDK II, incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. This issue only affected Ubuntu 16.04 LTS. (CVE-2022-1292) Update Instructions: Run `sudo pro fix USN-7060-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ovmf - 0~20191122.bd85bf54-2ubuntu3.6 qemu-efi - 0~20191122.bd85bf54-2ubuntu3.6 qemu-efi-aarch64 - 0~20191122.bd85bf54-2ubuntu3.6 qemu-efi-arm - 0~20191122.bd85bf54-2ubuntu3.6 No subscription required Medium CVE-2019-0161 CVE-2021-28210 CVE-2021-28211 CVE-2021-38575 CVE-2021-38578 CVE-2022-1292 Ubuntu 20.04 LTS It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7062-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gsf-1 - 1.14.46-1ubuntu0.1 libgsf-1-114 - 1.14.46-1ubuntu0.1 libgsf-1-common - 1.14.46-1ubuntu0.1 libgsf-1-dev - 1.14.46-1ubuntu0.1 libgsf-bin - 1.14.46-1ubuntu0.1 No subscription required Medium CVE-2024-36474 CVE-2024-42415 Ubuntu 20.04 LTS Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in plaintext. An attacker could use this issue to gain unauthorized access to an Ubuntu Pro subscription. (CVE-2024-6388) Update Instructions: Run `sudo pro fix USN-7063-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ubuntu-advantage-desktop-daemon - 1.10.ubuntu0.20.04.1 No subscription required Medium CVE-2024-6388 Ubuntu 20.04 LTS It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink. Update Instructions: Run `sudo pro fix USN-7064-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: nano - 4.8-1ubuntu1.1 nano-tiny - 4.8-1ubuntu1.1 No subscription required Low CVE-2024-5742 Ubuntu 20.04 LTS Damien Schaeffer discovered that Firefox did not properly manage memory in the content process when handling Animation timelines, leading to a use after free vulnerability. An attacker could possibly use this issue to achieve remote code execution. Update Instructions: Run `sudo pro fix USN-7065-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 131.0.2+build1-0ubuntu0.20.04.1 firefox-dev - 131.0.2+build1-0ubuntu0.20.04.1 firefox-geckodriver - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-af - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-an - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ar - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-as - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ast - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-az - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-be - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bg - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bn - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-br - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-bs - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ca - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cak - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cs - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-csb - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-cy - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-da - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-de - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-el - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-en - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eo - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-es - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-et - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-eu - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fa - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fi - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fr - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-fy - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ga - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gd - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gl - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gn - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-gu - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-he - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hi - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hr - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hu - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-hy - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ia - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-id - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-is - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-it - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ja - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ka - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kab - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kk - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-km - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-kn - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ko - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ku - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lg - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lt - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-lv - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mai - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mk - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ml - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mn - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-mr - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ms - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-my - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nb - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ne - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nl - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nn - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-nso - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-oc - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-or - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pa - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pl - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-pt - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ro - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ru - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-si - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sk - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sl - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sq - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sr - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sv - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-sw - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-szl - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ta - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-te - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tg - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-th - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-tr - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uk - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-ur - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-uz - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-vi - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-xh - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 131.0.2+build1-0ubuntu0.20.04.1 firefox-locale-zu - 131.0.2+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 131.0.2+build1-0ubuntu0.20.04.1 No subscription required High CVE-2024-9680 Ubuntu 20.04 LTS Damien Schaeffer discovered that Thunderbird did not properly manage certain memory operations when processing content in the Animation timelines. An attacker could potentially exploit this issue to achieve arbitrary code execution. Update Instructions: Run `sudo pro fix USN-7066-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-dev - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.16.0+build2-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.16.0+build2-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.16.0+build2-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.16.0+build2-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.16.0+build2-0ubuntu0.20.04.1 No subscription required High CVE-2024-9680 Ubuntu 20.04 LTS It was discovered that libarchive mishandled certain memory checks, which could result in a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-36227) It was discovered that libarchive mishandled certain memory operations, which could result in an out-of-bounds memory access. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-48957, CVE-2024-48958) Update Instructions: Run `sudo pro fix USN-7070-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.3 libarchive-tools - 3.4.0-2ubuntu1.3 libarchive13 - 3.4.0-2ubuntu1.3 No subscription required Medium CVE-2022-36227 CVE-2024-48957 CVE-2024-48958 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Network traffic control; (CVE-2024-38630, CVE-2024-27397, CVE-2024-45016) Update Instructions: Run `sudo pro fix USN-7072-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-cloud-tools-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1054 - 5.15.0-1054.61~20.04.1 linux-gkeop-5.15-headers-5.15.0-1054 - 5.15.0-1054.61~20.04.1 linux-gkeop-5.15-tools-5.15.0-1054 - 5.15.0-1054.61~20.04.1 linux-headers-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-image-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-image-unsigned-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-modules-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-modules-extra-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 linux-tools-5.15.0-1054-gkeop - 5.15.0-1054.61~20.04.1 No subscription required linux-buildinfo-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 linux-headers-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 linux-ibm-5.15-headers-5.15.0-1064 - 5.15.0-1064.67~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1064.67~20.04.1 linux-ibm-5.15-tools-5.15.0-1064 - 5.15.0-1064.67~20.04.1 linux-image-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 linux-image-unsigned-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 linux-modules-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 linux-modules-extra-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 linux-tools-5.15.0-1064-ibm - 5.15.0-1064.67~20.04.1 No subscription required linux-buildinfo-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-cloud-tools-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-headers-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-image-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-image-unsigned-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1066.72~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1066 - 5.15.0-1066.72~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1066.72~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1066.72~20.04.1 linux-modules-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-modules-extra-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-modules-iwlwifi-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 linux-tools-5.15.0-1066-intel-iotg - 5.15.0-1066.72~20.04.1 No subscription required linux-buildinfo-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 linux-headers-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 linux-image-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 linux-image-unsigned-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 linux-modules-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 linux-modules-extra-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 linux-oracle-5.15-headers-5.15.0-1069 - 5.15.0-1069.75~20.04.1 linux-oracle-5.15-tools-5.15.0-1069 - 5.15.0-1069.75~20.04.1 linux-tools-5.15.0-1069-oracle - 5.15.0-1069.75~20.04.1 No subscription required linux-buildinfo-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-gcp-5.15-headers-5.15.0-1070 - 5.15.0-1070.78~20.04.1 linux-gcp-5.15-tools-5.15.0-1070 - 5.15.0-1070.78~20.04.1 linux-headers-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-image-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-image-unsigned-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-modules-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-modules-extra-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-modules-iwlwifi-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 linux-tools-5.15.0-1070-gcp - 5.15.0-1070.78~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-aws-5.15-headers-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-aws-5.15-tools-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-buildinfo-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-cloud-tools-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-headers-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-image-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-image-unsigned-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-modules-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-modules-extra-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 linux-tools-5.15.0-1071-aws - 5.15.0-1071.77~20.04.1 No subscription required linux-buildinfo-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-buildinfo-5.15.0-124-generic-64k - 5.15.0-124.134~20.04.1 linux-buildinfo-5.15.0-124-generic-lpae - 5.15.0-124.134~20.04.1 linux-buildinfo-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-buildinfo-5.15.0-124-lowlatency-64k - 5.15.0-124.134~20.04.1 linux-cloud-tools-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-cloud-tools-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-headers-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-headers-5.15.0-124-generic-64k - 5.15.0-124.134~20.04.1 linux-headers-5.15.0-124-generic-lpae - 5.15.0-124.134~20.04.1 linux-headers-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-headers-5.15.0-124-lowlatency-64k - 5.15.0-124.134~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-124 - 5.15.0-124.134~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-124.134~20.04.1 linux-hwe-5.15-headers-5.15.0-124 - 5.15.0-124.134~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-124.134~20.04.1 linux-hwe-5.15-tools-5.15.0-124 - 5.15.0-124.134~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-124.134~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-124.134~20.04.1 linux-image-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-image-5.15.0-124-generic-64k - 5.15.0-124.134~20.04.1 linux-image-5.15.0-124-generic-lpae - 5.15.0-124.134~20.04.1 linux-image-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-image-5.15.0-124-lowlatency-64k - 5.15.0-124.134~20.04.1 linux-image-unsigned-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-image-unsigned-5.15.0-124-generic-64k - 5.15.0-124.134~20.04.1 linux-image-unsigned-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-image-unsigned-5.15.0-124-lowlatency-64k - 5.15.0-124.134~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-124 - 5.15.0-124.134~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-124.134~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-124 - 5.15.0-124.134~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-124 - 5.15.0-124.134~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-124.134~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-124.134~20.04.1 linux-modules-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-modules-5.15.0-124-generic-64k - 5.15.0-124.134~20.04.1 linux-modules-5.15.0-124-generic-lpae - 5.15.0-124.134~20.04.1 linux-modules-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-modules-5.15.0-124-lowlatency-64k - 5.15.0-124.134~20.04.1 linux-modules-extra-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-modules-iwlwifi-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-modules-iwlwifi-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-tools-5.15.0-124-generic - 5.15.0-124.134~20.04.1 linux-tools-5.15.0-124-generic-64k - 5.15.0-124.134~20.04.1 linux-tools-5.15.0-124-generic-lpae - 5.15.0-124.134~20.04.1 linux-tools-5.15.0-124-lowlatency - 5.15.0-124.134~20.04.1 linux-tools-5.15.0-124-lowlatency-64k - 5.15.0-124.134~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1054.61~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1054.61~20.04.1 linux-gkeop-5.15 - 5.15.0.1054.61~20.04.1 linux-gkeop-edge - 5.15.0.1054.61~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1054.61~20.04.1 linux-headers-gkeop-edge - 5.15.0.1054.61~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1054.61~20.04.1 linux-image-gkeop-edge - 5.15.0.1054.61~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1054.61~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1054.61~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1054.61~20.04.1 linux-tools-gkeop-edge - 5.15.0.1054.61~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1064.67~20.04.1 linux-headers-ibm-edge - 5.15.0.1064.67~20.04.1 linux-ibm - 5.15.0.1064.67~20.04.1 linux-ibm-edge - 5.15.0.1064.67~20.04.1 linux-image-ibm - 5.15.0.1064.67~20.04.1 linux-image-ibm-edge - 5.15.0.1064.67~20.04.1 linux-tools-ibm - 5.15.0.1064.67~20.04.1 linux-tools-ibm-edge - 5.15.0.1064.67~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1066.72~20.04.1 linux-headers-intel - 5.15.0.1066.72~20.04.1 linux-headers-intel-iotg - 5.15.0.1066.72~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1066.72~20.04.1 linux-image-intel - 5.15.0.1066.72~20.04.1 linux-image-intel-iotg - 5.15.0.1066.72~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1066.72~20.04.1 linux-intel - 5.15.0.1066.72~20.04.1 linux-intel-iotg - 5.15.0.1066.72~20.04.1 linux-intel-iotg-edge - 5.15.0.1066.72~20.04.1 linux-tools-intel - 5.15.0.1066.72~20.04.1 linux-tools-intel-iotg - 5.15.0.1066.72~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1066.72~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1069.75~20.04.1 linux-headers-oracle-edge - 5.15.0.1069.75~20.04.1 linux-image-oracle - 5.15.0.1069.75~20.04.1 linux-image-oracle-edge - 5.15.0.1069.75~20.04.1 linux-oracle - 5.15.0.1069.75~20.04.1 linux-oracle-edge - 5.15.0.1069.75~20.04.1 linux-tools-oracle - 5.15.0.1069.75~20.04.1 linux-tools-oracle-edge - 5.15.0.1069.75~20.04.1 No subscription required linux-gcp - 5.15.0.1070.78~20.04.1 linux-gcp-edge - 5.15.0.1070.78~20.04.1 linux-headers-gcp - 5.15.0.1070.78~20.04.1 linux-headers-gcp-edge - 5.15.0.1070.78~20.04.1 linux-image-gcp - 5.15.0.1070.78~20.04.1 linux-image-gcp-edge - 5.15.0.1070.78~20.04.1 linux-modules-extra-gcp - 5.15.0.1070.78~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1070.78~20.04.1 linux-tools-gcp - 5.15.0.1070.78~20.04.1 linux-tools-gcp-edge - 5.15.0.1070.78~20.04.1 No subscription required linux-aws - 5.15.0.1071.77~20.04.1 linux-aws-edge - 5.15.0.1071.77~20.04.1 linux-headers-aws - 5.15.0.1071.77~20.04.1 linux-headers-aws-edge - 5.15.0.1071.77~20.04.1 linux-image-aws - 5.15.0.1071.77~20.04.1 linux-image-aws-edge - 5.15.0.1071.77~20.04.1 linux-modules-extra-aws - 5.15.0.1071.77~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1071.77~20.04.1 linux-tools-aws - 5.15.0.1071.77~20.04.1 linux-tools-aws-edge - 5.15.0.1071.77~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-generic-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-headers-oem-20.04 - 5.15.0.124.134~20.04.1 linux-headers-oem-20.04b - 5.15.0.124.134~20.04.1 linux-headers-oem-20.04c - 5.15.0.124.134~20.04.1 linux-headers-oem-20.04d - 5.15.0.124.134~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-image-oem-20.04 - 5.15.0.124.134~20.04.1 linux-image-oem-20.04b - 5.15.0.124.134~20.04.1 linux-image-oem-20.04c - 5.15.0.124.134~20.04.1 linux-image-oem-20.04d - 5.15.0.124.134~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.124.134~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.124.134~20.04.1 linux-oem-20.04 - 5.15.0.124.134~20.04.1 linux-oem-20.04b - 5.15.0.124.134~20.04.1 linux-oem-20.04c - 5.15.0.124.134~20.04.1 linux-oem-20.04d - 5.15.0.124.134~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-tools-oem-20.04 - 5.15.0.124.134~20.04.1 linux-tools-oem-20.04b - 5.15.0.124.134~20.04.1 linux-tools-oem-20.04c - 5.15.0.124.134~20.04.1 linux-tools-oem-20.04d - 5.15.0.124.134~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.124.134~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.124.134~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.124.134~20.04.1 No subscription required High CVE-2024-27397 CVE-2024-38630 CVE-2024-45016 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Memory management; - Network traffic control; (CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960) Update Instructions: Run `sudo pro fix USN-7073-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1053-xilinx-zynqmp - 5.4.0-1053.57 linux-headers-5.4.0-1053-xilinx-zynqmp - 5.4.0-1053.57 linux-image-5.4.0-1053-xilinx-zynqmp - 5.4.0-1053.57 linux-modules-5.4.0-1053-xilinx-zynqmp - 5.4.0-1053.57 linux-tools-5.4.0-1053-xilinx-zynqmp - 5.4.0-1053.57 linux-xilinx-zynqmp-headers-5.4.0-1053 - 5.4.0-1053.57 linux-xilinx-zynqmp-tools-5.4.0-1053 - 5.4.0-1053.57 No subscription required linux-buildinfo-5.4.0-1081-ibm - 5.4.0-1081.86 linux-headers-5.4.0-1081-ibm - 5.4.0-1081.86 linux-ibm-cloud-tools-common - 5.4.0-1081.86 linux-ibm-headers-5.4.0-1081 - 5.4.0-1081.86 linux-ibm-source-5.4.0 - 5.4.0-1081.86 linux-ibm-tools-5.4.0-1081 - 5.4.0-1081.86 linux-ibm-tools-common - 5.4.0-1081.86 linux-image-5.4.0-1081-ibm - 5.4.0-1081.86 linux-image-unsigned-5.4.0-1081-ibm - 5.4.0-1081.86 linux-modules-5.4.0-1081-ibm - 5.4.0-1081.86 linux-modules-extra-5.4.0-1081-ibm - 5.4.0-1081.86 linux-tools-5.4.0-1081-ibm - 5.4.0-1081.86 No subscription required linux-bluefield-headers-5.4.0-1094 - 5.4.0-1094.101 linux-bluefield-tools-5.4.0-1094 - 5.4.0-1094.101 linux-buildinfo-5.4.0-1094-bluefield - 5.4.0-1094.101 linux-headers-5.4.0-1094-bluefield - 5.4.0-1094.101 linux-image-5.4.0-1094-bluefield - 5.4.0-1094.101 linux-image-unsigned-5.4.0-1094-bluefield - 5.4.0-1094.101 linux-modules-5.4.0-1094-bluefield - 5.4.0-1094.101 linux-tools-5.4.0-1094-bluefield - 5.4.0-1094.101 No subscription required linux-buildinfo-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-cloud-tools-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-gkeop-cloud-tools-5.4.0-1101 - 5.4.0-1101.105 linux-gkeop-headers-5.4.0-1101 - 5.4.0-1101.105 linux-gkeop-source-5.4.0 - 5.4.0-1101.105 linux-gkeop-tools-5.4.0-1101 - 5.4.0-1101.105 linux-headers-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-image-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-image-unsigned-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-modules-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-modules-extra-5.4.0-1101-gkeop - 5.4.0-1101.105 linux-tools-5.4.0-1101-gkeop - 5.4.0-1101.105 No subscription required linux-buildinfo-5.4.0-1118-raspi - 5.4.0-1118.130 linux-headers-5.4.0-1118-raspi - 5.4.0-1118.130 linux-image-5.4.0-1118-raspi - 5.4.0-1118.130 linux-modules-5.4.0-1118-raspi - 5.4.0-1118.130 linux-raspi-headers-5.4.0-1118 - 5.4.0-1118.130 linux-raspi-tools-5.4.0-1118 - 5.4.0-1118.130 linux-tools-5.4.0-1118-raspi - 5.4.0-1118.130 No subscription required linux-buildinfo-5.4.0-1122-kvm - 5.4.0-1122.130 linux-headers-5.4.0-1122-kvm - 5.4.0-1122.130 linux-image-5.4.0-1122-kvm - 5.4.0-1122.130 linux-image-unsigned-5.4.0-1122-kvm - 5.4.0-1122.130 linux-kvm-headers-5.4.0-1122 - 5.4.0-1122.130 linux-kvm-tools-5.4.0-1122 - 5.4.0-1122.130 linux-modules-5.4.0-1122-kvm - 5.4.0-1122.130 linux-tools-5.4.0-1122-kvm - 5.4.0-1122.130 No subscription required linux-buildinfo-5.4.0-1133-oracle - 5.4.0-1133.142 linux-headers-5.4.0-1133-oracle - 5.4.0-1133.142 linux-image-5.4.0-1133-oracle - 5.4.0-1133.142 linux-image-unsigned-5.4.0-1133-oracle - 5.4.0-1133.142 linux-modules-5.4.0-1133-oracle - 5.4.0-1133.142 linux-modules-extra-5.4.0-1133-oracle - 5.4.0-1133.142 linux-oracle-headers-5.4.0-1133 - 5.4.0-1133.142 linux-oracle-tools-5.4.0-1133 - 5.4.0-1133.142 linux-tools-5.4.0-1133-oracle - 5.4.0-1133.142 No subscription required linux-aws-cloud-tools-5.4.0-1134 - 5.4.0-1134.144 linux-aws-headers-5.4.0-1134 - 5.4.0-1134.144 linux-aws-tools-5.4.0-1134 - 5.4.0-1134.144 linux-buildinfo-5.4.0-1134-aws - 5.4.0-1134.144 linux-cloud-tools-5.4.0-1134-aws - 5.4.0-1134.144 linux-headers-5.4.0-1134-aws - 5.4.0-1134.144 linux-image-5.4.0-1134-aws - 5.4.0-1134.144 linux-image-unsigned-5.4.0-1134-aws - 5.4.0-1134.144 linux-modules-5.4.0-1134-aws - 5.4.0-1134.144 linux-modules-extra-5.4.0-1134-aws - 5.4.0-1134.144 linux-tools-5.4.0-1134-aws - 5.4.0-1134.144 No subscription required linux-buildinfo-5.4.0-1138-gcp - 5.4.0-1138.147 linux-gcp-headers-5.4.0-1138 - 5.4.0-1138.147 linux-gcp-tools-5.4.0-1138 - 5.4.0-1138.147 linux-headers-5.4.0-1138-gcp - 5.4.0-1138.147 linux-image-5.4.0-1138-gcp - 5.4.0-1138.147 linux-image-unsigned-5.4.0-1138-gcp - 5.4.0-1138.147 linux-modules-5.4.0-1138-gcp - 5.4.0-1138.147 linux-modules-extra-5.4.0-1138-gcp - 5.4.0-1138.147 linux-tools-5.4.0-1138-gcp - 5.4.0-1138.147 No subscription required linux-buildinfo-5.4.0-198-generic - 5.4.0-198.218 linux-buildinfo-5.4.0-198-generic-lpae - 5.4.0-198.218 linux-buildinfo-5.4.0-198-lowlatency - 5.4.0-198.218 linux-cloud-tools-5.4.0-198 - 5.4.0-198.218 linux-cloud-tools-5.4.0-198-generic - 5.4.0-198.218 linux-cloud-tools-5.4.0-198-lowlatency - 5.4.0-198.218 linux-cloud-tools-common - 5.4.0-198.218 linux-doc - 5.4.0-198.218 linux-headers-5.4.0-198 - 5.4.0-198.218 linux-headers-5.4.0-198-generic - 5.4.0-198.218 linux-headers-5.4.0-198-generic-lpae - 5.4.0-198.218 linux-headers-5.4.0-198-lowlatency - 5.4.0-198.218 linux-image-5.4.0-198-generic - 5.4.0-198.218 linux-image-5.4.0-198-generic-lpae - 5.4.0-198.218 linux-image-5.4.0-198-lowlatency - 5.4.0-198.218 linux-image-unsigned-5.4.0-198-generic - 5.4.0-198.218 linux-image-unsigned-5.4.0-198-lowlatency - 5.4.0-198.218 linux-libc-dev - 5.4.0-198.218 linux-modules-5.4.0-198-generic - 5.4.0-198.218 linux-modules-5.4.0-198-generic-lpae - 5.4.0-198.218 linux-modules-5.4.0-198-lowlatency - 5.4.0-198.218 linux-modules-extra-5.4.0-198-generic - 5.4.0-198.218 linux-source-5.4.0 - 5.4.0-198.218 linux-tools-5.4.0-198 - 5.4.0-198.218 linux-tools-5.4.0-198-generic - 5.4.0-198.218 linux-tools-5.4.0-198-generic-lpae - 5.4.0-198.218 linux-tools-5.4.0-198-lowlatency - 5.4.0-198.218 linux-tools-common - 5.4.0-198.218 linux-tools-host - 5.4.0-198.218 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1053.53 linux-image-xilinx-zynqmp - 5.4.0.1053.53 linux-tools-xilinx-zynqmp - 5.4.0.1053.53 linux-xilinx-zynqmp - 5.4.0.1053.53 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1081.110 linux-ibm-lts-20.04 - 5.4.0.1081.110 linux-image-ibm-lts-20.04 - 5.4.0.1081.110 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1081.110 linux-tools-ibm-lts-20.04 - 5.4.0.1081.110 No subscription required linux-bluefield - 5.4.0.1094.90 linux-headers-bluefield - 5.4.0.1094.90 linux-image-bluefield - 5.4.0.1094.90 linux-tools-bluefield - 5.4.0.1094.90 No subscription required linux-cloud-tools-gkeop - 5.4.0.1101.99 linux-cloud-tools-gkeop-5.4 - 5.4.0.1101.99 linux-gkeop - 5.4.0.1101.99 linux-gkeop-5.4 - 5.4.0.1101.99 linux-headers-gkeop - 5.4.0.1101.99 linux-headers-gkeop-5.4 - 5.4.0.1101.99 linux-image-gkeop - 5.4.0.1101.99 linux-image-gkeop-5.4 - 5.4.0.1101.99 linux-modules-extra-gkeop - 5.4.0.1101.99 linux-modules-extra-gkeop-5.4 - 5.4.0.1101.99 linux-tools-gkeop - 5.4.0.1101.99 linux-tools-gkeop-5.4 - 5.4.0.1101.99 No subscription required linux-headers-raspi - 5.4.0.1118.148 linux-headers-raspi-hwe-18.04 - 5.4.0.1118.148 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1118.148 linux-headers-raspi2 - 5.4.0.1118.148 linux-headers-raspi2-hwe-18.04 - 5.4.0.1118.148 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1118.148 linux-image-raspi - 5.4.0.1118.148 linux-image-raspi-hwe-18.04 - 5.4.0.1118.148 linux-image-raspi-hwe-18.04-edge - 5.4.0.1118.148 linux-image-raspi2 - 5.4.0.1118.148 linux-image-raspi2-hwe-18.04 - 5.4.0.1118.148 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1118.148 linux-raspi - 5.4.0.1118.148 linux-raspi-hwe-18.04 - 5.4.0.1118.148 linux-raspi-hwe-18.04-edge - 5.4.0.1118.148 linux-raspi2 - 5.4.0.1118.148 linux-raspi2-hwe-18.04 - 5.4.0.1118.148 linux-raspi2-hwe-18.04-edge - 5.4.0.1118.148 linux-tools-raspi - 5.4.0.1118.148 linux-tools-raspi-hwe-18.04 - 5.4.0.1118.148 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1118.148 linux-tools-raspi2 - 5.4.0.1118.148 linux-tools-raspi2-hwe-18.04 - 5.4.0.1118.148 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1118.148 No subscription required linux-headers-kvm - 5.4.0.1122.118 linux-image-kvm - 5.4.0.1122.118 linux-kvm - 5.4.0.1122.118 linux-tools-kvm - 5.4.0.1122.118 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1133.126 linux-image-oracle-lts-20.04 - 5.4.0.1133.126 linux-oracle-lts-20.04 - 5.4.0.1133.126 linux-tools-oracle-lts-20.04 - 5.4.0.1133.126 No subscription required linux-aws-lts-20.04 - 5.4.0.1134.131 linux-headers-aws-lts-20.04 - 5.4.0.1134.131 linux-image-aws-lts-20.04 - 5.4.0.1134.131 linux-modules-extra-aws-lts-20.04 - 5.4.0.1134.131 linux-tools-aws-lts-20.04 - 5.4.0.1134.131 No subscription required linux-gcp-lts-20.04 - 5.4.0.1138.140 linux-headers-gcp-lts-20.04 - 5.4.0.1138.140 linux-image-gcp-lts-20.04 - 5.4.0.1138.140 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1138.140 linux-tools-gcp-lts-20.04 - 5.4.0.1138.140 No subscription required linux-cloud-tools-generic - 5.4.0.198.196 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.198.196 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.198.196 linux-cloud-tools-lowlatency - 5.4.0.198.196 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.198.196 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.198.196 linux-cloud-tools-virtual - 5.4.0.198.196 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.198.196 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.198.196 linux-crashdump - 5.4.0.198.196 linux-generic - 5.4.0.198.196 linux-generic-hwe-18.04 - 5.4.0.198.196 linux-generic-hwe-18.04-edge - 5.4.0.198.196 linux-generic-lpae - 5.4.0.198.196 linux-generic-lpae-hwe-18.04 - 5.4.0.198.196 linux-generic-lpae-hwe-18.04-edge - 5.4.0.198.196 linux-headers-generic - 5.4.0.198.196 linux-headers-generic-hwe-18.04 - 5.4.0.198.196 linux-headers-generic-hwe-18.04-edge - 5.4.0.198.196 linux-headers-generic-lpae - 5.4.0.198.196 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.198.196 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.198.196 linux-headers-lowlatency - 5.4.0.198.196 linux-headers-lowlatency-hwe-18.04 - 5.4.0.198.196 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.198.196 linux-headers-oem - 5.4.0.198.196 linux-headers-oem-osp1 - 5.4.0.198.196 linux-headers-virtual - 5.4.0.198.196 linux-headers-virtual-hwe-18.04 - 5.4.0.198.196 linux-headers-virtual-hwe-18.04-edge - 5.4.0.198.196 linux-image-extra-virtual - 5.4.0.198.196 linux-image-extra-virtual-hwe-18.04 - 5.4.0.198.196 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.198.196 linux-image-generic - 5.4.0.198.196 linux-image-generic-hwe-18.04 - 5.4.0.198.196 linux-image-generic-hwe-18.04-edge - 5.4.0.198.196 linux-image-generic-lpae - 5.4.0.198.196 linux-image-generic-lpae-hwe-18.04 - 5.4.0.198.196 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.198.196 linux-image-lowlatency - 5.4.0.198.196 linux-image-lowlatency-hwe-18.04 - 5.4.0.198.196 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.198.196 linux-image-oem - 5.4.0.198.196 linux-image-oem-osp1 - 5.4.0.198.196 linux-image-virtual - 5.4.0.198.196 linux-image-virtual-hwe-18.04 - 5.4.0.198.196 linux-image-virtual-hwe-18.04-edge - 5.4.0.198.196 linux-lowlatency - 5.4.0.198.196 linux-lowlatency-hwe-18.04 - 5.4.0.198.196 linux-lowlatency-hwe-18.04-edge - 5.4.0.198.196 linux-oem - 5.4.0.198.196 linux-oem-osp1 - 5.4.0.198.196 linux-oem-osp1-tools-host - 5.4.0.198.196 linux-oem-tools-host - 5.4.0.198.196 linux-source - 5.4.0.198.196 linux-tools-generic - 5.4.0.198.196 linux-tools-generic-hwe-18.04 - 5.4.0.198.196 linux-tools-generic-hwe-18.04-edge - 5.4.0.198.196 linux-tools-generic-lpae - 5.4.0.198.196 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.198.196 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.198.196 linux-tools-lowlatency - 5.4.0.198.196 linux-tools-lowlatency-hwe-18.04 - 5.4.0.198.196 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.198.196 linux-tools-oem - 5.4.0.198.196 linux-tools-oem-osp1 - 5.4.0.198.196 linux-tools-virtual - 5.4.0.198.196 linux-tools-virtual-hwe-18.04 - 5.4.0.198.196 linux-tools-virtual-hwe-18.04-edge - 5.4.0.198.196 linux-virtual - 5.4.0.198.196 linux-virtual-hwe-18.04 - 5.4.0.198.196 linux-virtual-hwe-18.04-edge - 5.4.0.198.196 No subscription required High CVE-2024-26960 CVE-2024-27397 CVE-2024-38630 CVE-2024-45016 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Memory management; - Network traffic control; (CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960) Update Instructions: Run `sudo pro fix USN-7073-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1139 - 5.4.0-1139.146 linux-azure-headers-5.4.0-1139 - 5.4.0-1139.146 linux-azure-tools-5.4.0-1139 - 5.4.0-1139.146 linux-buildinfo-5.4.0-1139-azure - 5.4.0-1139.146 linux-cloud-tools-5.4.0-1139-azure - 5.4.0-1139.146 linux-headers-5.4.0-1139-azure - 5.4.0-1139.146 linux-image-5.4.0-1139-azure - 5.4.0-1139.146 linux-image-unsigned-5.4.0-1139-azure - 5.4.0-1139.146 linux-modules-5.4.0-1139-azure - 5.4.0-1139.146 linux-modules-extra-5.4.0-1139-azure - 5.4.0-1139.146 linux-tools-5.4.0-1139-azure - 5.4.0-1139.146 No subscription required linux-azure-lts-20.04 - 5.4.0.1139.133 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1139.133 linux-headers-azure-lts-20.04 - 5.4.0.1139.133 linux-image-azure-lts-20.04 - 5.4.0.1139.133 linux-modules-extra-azure-lts-20.04 - 5.4.0.1139.133 linux-tools-azure-lts-20.04 - 5.4.0.1139.133 No subscription required High CVE-2024-26960 CVE-2024-27397 CVE-2024-38630 CVE-2024-45016 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter (MANA) driver; - Watchdog drivers; - Netfilter; - Network traffic control; (CVE-2024-27397, CVE-2024-45016, CVE-2024-45001, CVE-2024-38630) Update Instructions: Run `sudo pro fix USN-7076-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1074 - 5.15.0-1074.83~20.04.1 linux-azure-5.15-headers-5.15.0-1074 - 5.15.0-1074.83~20.04.1 linux-azure-5.15-tools-5.15.0-1074 - 5.15.0-1074.83~20.04.1 linux-buildinfo-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-cloud-tools-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-headers-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-image-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-image-unsigned-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-modules-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-modules-extra-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-modules-involflt-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 linux-tools-5.15.0-1074-azure - 5.15.0-1074.83~20.04.1 No subscription required linux-azure - 5.15.0.1074.83~20.04.1 linux-azure-cvm - 5.15.0.1074.83~20.04.1 linux-azure-edge - 5.15.0.1074.83~20.04.1 linux-cloud-tools-azure - 5.15.0.1074.83~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1074.83~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1074.83~20.04.1 linux-headers-azure - 5.15.0.1074.83~20.04.1 linux-headers-azure-cvm - 5.15.0.1074.83~20.04.1 linux-headers-azure-edge - 5.15.0.1074.83~20.04.1 linux-image-azure - 5.15.0.1074.83~20.04.1 linux-image-azure-cvm - 5.15.0.1074.83~20.04.1 linux-image-azure-edge - 5.15.0.1074.83~20.04.1 linux-modules-extra-azure - 5.15.0.1074.83~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1074.83~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1074.83~20.04.1 linux-modules-involflt-azure - 5.15.0.1074.83~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1074.83~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1074.83~20.04.1 linux-tools-azure - 5.15.0.1074.83~20.04.1 linux-tools-azure-cvm - 5.15.0.1074.83~20.04.1 linux-tools-azure-edge - 5.15.0.1074.83~20.04.1 No subscription required High CVE-2024-27397 CVE-2024-38630 CVE-2024-45001 CVE-2024-45016 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter (MANA) driver; - Watchdog drivers; - Netfilter; - Network traffic control; (CVE-2024-45016, CVE-2024-38630, CVE-2024-45001, CVE-2024-27397) Update Instructions: Run `sudo pro fix USN-7076-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.15.0-1074-azure-fde - 5.15.0-1074.83~20.04.1.1 linux-image-unsigned-5.15.0-1074-azure-fde - 5.15.0-1074.83~20.04.1.1 No subscription required linux-azure-fde - 5.15.0.1074.83~20.04.1.51 linux-azure-fde-edge - 5.15.0.1074.83~20.04.1.51 linux-cloud-tools-azure-fde - 5.15.0.1074.83~20.04.1.51 linux-cloud-tools-azure-fde-edge - 5.15.0.1074.83~20.04.1.51 linux-headers-azure-fde - 5.15.0.1074.83~20.04.1.51 linux-headers-azure-fde-edge - 5.15.0.1074.83~20.04.1.51 linux-image-azure-fde - 5.15.0.1074.83~20.04.1.51 linux-image-azure-fde-edge - 5.15.0.1074.83~20.04.1.51 linux-modules-extra-azure-fde - 5.15.0.1074.83~20.04.1.51 linux-modules-extra-azure-fde-edge - 5.15.0.1074.83~20.04.1.51 linux-tools-azure-fde - 5.15.0.1074.83~20.04.1.51 linux-tools-azure-fde-edge - 5.15.0.1074.83~20.04.1.51 No subscription required High CVE-2024-27397 CVE-2024-38630 CVE-2024-45001 CVE-2024-45016 Ubuntu 20.04 LTS Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode (SMM) configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute arbitrary code within the processor's firmware layer. Update Instructions: Run `sudo pro fix USN-7077-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: amd64-microcode - 3.20191218.1ubuntu1.3 No subscription required Medium CVE-2023-31315 Ubuntu 20.04 LTS Atte Kettunen discovered that Firefox did not properly validate before inserting ranges into the selection node cache. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7078-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 131.0.3+build1-0ubuntu0.20.04.1 firefox-dev - 131.0.3+build1-0ubuntu0.20.04.1 firefox-geckodriver - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-af - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-an - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ar - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-as - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ast - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-az - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-be - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bg - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bn - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-br - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-bs - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ca - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cak - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cs - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-csb - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-cy - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-da - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-de - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-el - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-en - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eo - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-es - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-et - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-eu - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fa - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fi - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fr - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-fy - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ga - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gd - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gl - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gn - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-gu - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-he - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hi - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hr - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hu - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-hy - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ia - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-id - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-is - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-it - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ja - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ka - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kab - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kk - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-km - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-kn - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ko - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ku - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lg - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lt - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-lv - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mai - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mk - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ml - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mn - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-mr - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ms - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-my - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nb - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ne - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nl - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nn - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-nso - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-oc - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-or - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pa - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pl - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-pt - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ro - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ru - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-si - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sk - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sl - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sq - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sr - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sv - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-sw - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-szl - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ta - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-te - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tg - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-th - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-tr - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uk - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-ur - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-uz - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-vi - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-xh - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 131.0.3+build1-0ubuntu0.20.04.1 firefox-locale-zu - 131.0.3+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 131.0.3+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-9936 Ubuntu 20.04 LTS Toshifumi Sakaguchi discovered that Unbound incorrectly handled name compression for large RRsets, which could lead to excessive CPU usage. An attacker could potentially use this issue to cause a denial of service by sending specially crafted DNS responses. Update Instructions: Run `sudo pro fix USN-7080-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libunbound-dev - 1.9.4-2ubuntu1.9 libunbound8 - 1.9.4-2ubuntu1.9 python-unbound - 1.9.4-2ubuntu1.9 python3-unbound - 1.9.4-2ubuntu1.9 unbound - 1.9.4-2ubuntu1.9 unbound-anchor - 1.9.4-2ubuntu1.9 unbound-host - 1.9.4-2ubuntu1.9 No subscription required Medium CVE-2024-8508 Ubuntu 20.04 LTS It was discovered that the Go net/http module did not properly handle responses to requests with an "Expect: 100-continue" header under certain circumstances. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-24791) It was discovered that the Go parser module did not properly handle deeply nested literal values. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2024-34155) It was discovered that the Go encoding/gob module did not properly handle message decoding under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2024-34156) It was discovered that the Go build module did not properly handle certain build tag lines with deeply nested expressions. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2024-34158) Update Instructions: Run `sudo pro fix USN-7081-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.22 - 1.22.2-2~20.04.2 golang-1.22-doc - 1.22.2-2~20.04.2 golang-1.22-go - 1.22.2-2~20.04.2 golang-1.22-src - 1.22.2-2~20.04.2 No subscription required Medium CVE-2024-24791 CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 Ubuntu 20.04 LTS It was discovered that OpenJPEG incorrectly handled certain memory operations when using the command line "-ImgDir" in a directory with a large number of files, leading to an integer overflow vulnerability. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-29338) It was discovered that OpenJPEG incorrectly handled decompressing certain .j2k files in sycc420_to_rgb, leading to a heap-based buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code. (CVE-2021-3575) It was discovered that OpenJPEG incorrectly handled certain memory operations in the opj2_decompress program. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1122) Update Instructions: Run `sudo pro fix USN-7083-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenjp2-7 - 2.3.1-1ubuntu4.20.04.3 libopenjp2-7-dev - 2.3.1-1ubuntu4.20.04.3 libopenjp2-tools - 2.3.1-1ubuntu4.20.04.3 libopenjp3d-tools - 2.3.1-1ubuntu4.20.04.3 libopenjp3d7 - 2.3.1-1ubuntu4.20.04.3 libopenjpip-dec-server - 2.3.1-1ubuntu4.20.04.3 libopenjpip-server - 2.3.1-1ubuntu4.20.04.3 libopenjpip-viewer - 2.3.1-1ubuntu4.20.04.3 libopenjpip7 - 2.3.1-1ubuntu4.20.04.3 No subscription required Low CVE-2021-29338 CVE-2021-3575 CVE-2022-1122 Ubuntu 20.04 LTS It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-7084-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-urllib3 - 1.25.8-2ubuntu0.4 No subscription required Low CVE-2024-37891 Ubuntu 20.04 LTS USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-7084-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-pip-whl - 20.0.2-5ubuntu1.11 python3-pip - 20.0.2-5ubuntu1.11 No subscription required Low CVE-2024-37891 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7085-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.18 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.18 xnest - 2:1.20.13-1ubuntu1~20.04.18 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.18 xserver-common - 2:1.20.13-1ubuntu1~20.04.18 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.18 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.18 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.18 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.18 xvfb - 2:1.20.13-1ubuntu1~20.04.18 xwayland - 2:1.20.13-1ubuntu1~20.04.18 No subscription required Medium CVE-2024-9632 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-10458 CVE-2024-10459, CVE-2024-10460, CVE-2024-10461, CVE-2024-10462, CVE-2024-10463, CVE-2024-10464, CVE-2024-10465, CVE-2024-10466, CVE-2024-10467, CVE-2024-10468) Update Instructions: Run `sudo pro fix USN-7086-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 132.0+build1-0ubuntu0.20.04.1 firefox-dev - 132.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-nl - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-tg - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 132.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 132.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 132.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 CVE-2024-10468 Ubuntu 20.04 LTS It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7087-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.4 libarchive-tools - 3.4.0-2ubuntu1.4 libarchive13 - 3.4.0-2ubuntu1.4 No subscription required Medium CVE-2024-20696 Ubuntu 20.04 LTS Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36402) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - CPU frequency scaling framework; - Device frequency scaling framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - InfiniBand drivers; - Input Device core drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - EEPROM drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB subsystem; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - BPF subsystem; - Core kernel; - DMA mapping infrastructure; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Objagg library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - KCM (Kernel Connection Multiplexor) sockets driver; - MAC80211 subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Simplified Mandatory Access Control Kernel framework; - SoC audio core drivers; - USB sound devices; (CVE-2024-43894, CVE-2024-46737, CVE-2024-46828, CVE-2024-42244, CVE-2024-46723, CVE-2024-41073, CVE-2024-46756, CVE-2024-42288, CVE-2024-46840, CVE-2024-46771, CVE-2024-46757, CVE-2024-43860, CVE-2024-46747, CVE-2024-41017, CVE-2024-42246, CVE-2024-44988, CVE-2024-42281, CVE-2024-36484, CVE-2024-43856, CVE-2024-47668, CVE-2024-46759, CVE-2024-46744, CVE-2024-42289, CVE-2024-42131, CVE-2024-46679, CVE-2024-42304, CVE-2024-46818, CVE-2024-43858, CVE-2024-44960, CVE-2024-45028, CVE-2024-26885, CVE-2024-46676, CVE-2024-46780, CVE-2024-42310, CVE-2024-44987, CVE-2024-41090, CVE-2024-44954, CVE-2024-45026, CVE-2024-42285, CVE-2023-52614, CVE-2024-27051, CVE-2024-43880, CVE-2024-43839, CVE-2024-43884, CVE-2024-42311, CVE-2024-43893, CVE-2024-41072, CVE-2024-41091, CVE-2024-46758, CVE-2024-41022, CVE-2024-46745, CVE-2024-42305, CVE-2024-46673, CVE-2024-42284, CVE-2024-46844, CVE-2024-46677, CVE-2024-45025, CVE-2024-43861, CVE-2024-43914, CVE-2024-46783, CVE-2024-41012, CVE-2024-44999, CVE-2024-44946, CVE-2024-42276, CVE-2024-46740, CVE-2024-42295, CVE-2024-44947, CVE-2024-41059, CVE-2024-26669, CVE-2024-38602, CVE-2024-42306, CVE-2023-52918, CVE-2024-42297, CVE-2024-42229, CVE-2024-43853, CVE-2024-45006, CVE-2024-44998, CVE-2024-42283, CVE-2024-44952, CVE-2024-46761, CVE-2024-43841, CVE-2024-44944, CVE-2024-42313, CVE-2024-45008, CVE-2024-46714, CVE-2024-41065, CVE-2024-43883, CVE-2024-43867, CVE-2024-42286, CVE-2024-43879, CVE-2024-43846, CVE-2024-42280, CVE-2024-43854, CVE-2021-47212, CVE-2024-35848, CVE-2024-41020, CVE-2024-41068, CVE-2024-45021, CVE-2024-41098, CVE-2024-44965, CVE-2024-43890, CVE-2024-45003, CVE-2024-44969, CVE-2024-41011, CVE-2024-46738, CVE-2024-41071, CVE-2024-26800, CVE-2024-46721, CVE-2024-42292, CVE-2024-41081, CVE-2024-44948, CVE-2023-52531, CVE-2024-26891, CVE-2024-26641, CVE-2024-42287, CVE-2024-46722, CVE-2024-41042, CVE-2024-46675, CVE-2024-46743, CVE-2024-42259, CVE-2024-41015, CVE-2024-43908, CVE-2024-46719, CVE-2024-43871, CVE-2024-46739, CVE-2024-42301, CVE-2024-47659, CVE-2024-42271, CVE-2024-26668, CVE-2024-43835, CVE-2024-46829, CVE-2024-47667, CVE-2024-44995, CVE-2024-47669, CVE-2024-38611, CVE-2024-40929, CVE-2024-46815, CVE-2024-43830, CVE-2024-42309, CVE-2024-41063, CVE-2024-46782, CVE-2024-46777, CVE-2024-42265, CVE-2024-46781, CVE-2024-26607, CVE-2024-41064, CVE-2024-46685, CVE-2024-43882, CVE-2024-44935, CVE-2024-46800, CVE-2024-46822, CVE-2024-46755, CVE-2024-46817, CVE-2024-43829, CVE-2024-46798, CVE-2024-46689, CVE-2024-42290, CVE-2024-46750, CVE-2024-26640, CVE-2024-47663, CVE-2024-41070) Update Instructions: Run `sudo pro fix USN-7088-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1082-ibm - 5.4.0-1082.87 linux-headers-5.4.0-1082-ibm - 5.4.0-1082.87 linux-ibm-cloud-tools-common - 5.4.0-1082.87 linux-ibm-headers-5.4.0-1082 - 5.4.0-1082.87 linux-ibm-source-5.4.0 - 5.4.0-1082.87 linux-ibm-tools-5.4.0-1082 - 5.4.0-1082.87 linux-ibm-tools-common - 5.4.0-1082.87 linux-image-5.4.0-1082-ibm - 5.4.0-1082.87 linux-image-unsigned-5.4.0-1082-ibm - 5.4.0-1082.87 linux-modules-5.4.0-1082-ibm - 5.4.0-1082.87 linux-modules-extra-5.4.0-1082-ibm - 5.4.0-1082.87 linux-tools-5.4.0-1082-ibm - 5.4.0-1082.87 No subscription required linux-buildinfo-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-cloud-tools-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-gkeop-cloud-tools-5.4.0-1102 - 5.4.0-1102.106 linux-gkeop-headers-5.4.0-1102 - 5.4.0-1102.106 linux-gkeop-source-5.4.0 - 5.4.0-1102.106 linux-gkeop-tools-5.4.0-1102 - 5.4.0-1102.106 linux-headers-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-image-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-image-unsigned-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-modules-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-modules-extra-5.4.0-1102-gkeop - 5.4.0-1102.106 linux-tools-5.4.0-1102-gkeop - 5.4.0-1102.106 No subscription required linux-buildinfo-5.4.0-1139-gcp - 5.4.0-1139.148 linux-gcp-headers-5.4.0-1139 - 5.4.0-1139.148 linux-gcp-tools-5.4.0-1139 - 5.4.0-1139.148 linux-headers-5.4.0-1139-gcp - 5.4.0-1139.148 linux-image-5.4.0-1139-gcp - 5.4.0-1139.148 linux-image-unsigned-5.4.0-1139-gcp - 5.4.0-1139.148 linux-modules-5.4.0-1139-gcp - 5.4.0-1139.148 linux-modules-extra-5.4.0-1139-gcp - 5.4.0-1139.148 linux-tools-5.4.0-1139-gcp - 5.4.0-1139.148 No subscription required linux-buildinfo-5.4.0-200-generic - 5.4.0-200.220 linux-buildinfo-5.4.0-200-generic-lpae - 5.4.0-200.220 linux-buildinfo-5.4.0-200-lowlatency - 5.4.0-200.220 linux-cloud-tools-5.4.0-200 - 5.4.0-200.220 linux-cloud-tools-5.4.0-200-generic - 5.4.0-200.220 linux-cloud-tools-5.4.0-200-lowlatency - 5.4.0-200.220 linux-cloud-tools-common - 5.4.0-200.220 linux-doc - 5.4.0-200.220 linux-headers-5.4.0-200 - 5.4.0-200.220 linux-headers-5.4.0-200-generic - 5.4.0-200.220 linux-headers-5.4.0-200-generic-lpae - 5.4.0-200.220 linux-headers-5.4.0-200-lowlatency - 5.4.0-200.220 linux-image-5.4.0-200-generic - 5.4.0-200.220 linux-image-5.4.0-200-generic-lpae - 5.4.0-200.220 linux-image-5.4.0-200-lowlatency - 5.4.0-200.220 linux-image-unsigned-5.4.0-200-generic - 5.4.0-200.220 linux-image-unsigned-5.4.0-200-lowlatency - 5.4.0-200.220 linux-libc-dev - 5.4.0-200.220 linux-modules-5.4.0-200-generic - 5.4.0-200.220 linux-modules-5.4.0-200-generic-lpae - 5.4.0-200.220 linux-modules-5.4.0-200-lowlatency - 5.4.0-200.220 linux-modules-extra-5.4.0-200-generic - 5.4.0-200.220 linux-source-5.4.0 - 5.4.0-200.220 linux-tools-5.4.0-200 - 5.4.0-200.220 linux-tools-5.4.0-200-generic - 5.4.0-200.220 linux-tools-5.4.0-200-generic-lpae - 5.4.0-200.220 linux-tools-5.4.0-200-lowlatency - 5.4.0-200.220 linux-tools-common - 5.4.0-200.220 linux-tools-host - 5.4.0-200.220 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1082.111 linux-ibm-lts-20.04 - 5.4.0.1082.111 linux-image-ibm-lts-20.04 - 5.4.0.1082.111 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1082.111 linux-tools-ibm-lts-20.04 - 5.4.0.1082.111 No subscription required linux-cloud-tools-gkeop - 5.4.0.1102.100 linux-cloud-tools-gkeop-5.4 - 5.4.0.1102.100 linux-gkeop - 5.4.0.1102.100 linux-gkeop-5.4 - 5.4.0.1102.100 linux-headers-gkeop - 5.4.0.1102.100 linux-headers-gkeop-5.4 - 5.4.0.1102.100 linux-image-gkeop - 5.4.0.1102.100 linux-image-gkeop-5.4 - 5.4.0.1102.100 linux-modules-extra-gkeop - 5.4.0.1102.100 linux-modules-extra-gkeop-5.4 - 5.4.0.1102.100 linux-tools-gkeop - 5.4.0.1102.100 linux-tools-gkeop-5.4 - 5.4.0.1102.100 No subscription required linux-gcp-lts-20.04 - 5.4.0.1139.141 linux-headers-gcp-lts-20.04 - 5.4.0.1139.141 linux-image-gcp-lts-20.04 - 5.4.0.1139.141 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1139.141 linux-tools-gcp-lts-20.04 - 5.4.0.1139.141 No subscription required linux-cloud-tools-generic - 5.4.0.200.196 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.200.196 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.200.196 linux-cloud-tools-lowlatency - 5.4.0.200.196 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.200.196 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.200.196 linux-cloud-tools-virtual - 5.4.0.200.196 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.200.196 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.200.196 linux-crashdump - 5.4.0.200.196 linux-generic - 5.4.0.200.196 linux-generic-hwe-18.04 - 5.4.0.200.196 linux-generic-hwe-18.04-edge - 5.4.0.200.196 linux-generic-lpae - 5.4.0.200.196 linux-generic-lpae-hwe-18.04 - 5.4.0.200.196 linux-generic-lpae-hwe-18.04-edge - 5.4.0.200.196 linux-headers-generic - 5.4.0.200.196 linux-headers-generic-hwe-18.04 - 5.4.0.200.196 linux-headers-generic-hwe-18.04-edge - 5.4.0.200.196 linux-headers-generic-lpae - 5.4.0.200.196 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.200.196 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.200.196 linux-headers-lowlatency - 5.4.0.200.196 linux-headers-lowlatency-hwe-18.04 - 5.4.0.200.196 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.200.196 linux-headers-oem - 5.4.0.200.196 linux-headers-oem-osp1 - 5.4.0.200.196 linux-headers-virtual - 5.4.0.200.196 linux-headers-virtual-hwe-18.04 - 5.4.0.200.196 linux-headers-virtual-hwe-18.04-edge - 5.4.0.200.196 linux-image-extra-virtual - 5.4.0.200.196 linux-image-extra-virtual-hwe-18.04 - 5.4.0.200.196 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.200.196 linux-image-generic - 5.4.0.200.196 linux-image-generic-hwe-18.04 - 5.4.0.200.196 linux-image-generic-hwe-18.04-edge - 5.4.0.200.196 linux-image-generic-lpae - 5.4.0.200.196 linux-image-generic-lpae-hwe-18.04 - 5.4.0.200.196 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.200.196 linux-image-lowlatency - 5.4.0.200.196 linux-image-lowlatency-hwe-18.04 - 5.4.0.200.196 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.200.196 linux-image-oem - 5.4.0.200.196 linux-image-oem-osp1 - 5.4.0.200.196 linux-image-virtual - 5.4.0.200.196 linux-image-virtual-hwe-18.04 - 5.4.0.200.196 linux-image-virtual-hwe-18.04-edge - 5.4.0.200.196 linux-lowlatency - 5.4.0.200.196 linux-lowlatency-hwe-18.04 - 5.4.0.200.196 linux-lowlatency-hwe-18.04-edge - 5.4.0.200.196 linux-oem - 5.4.0.200.196 linux-oem-osp1 - 5.4.0.200.196 linux-oem-osp1-tools-host - 5.4.0.200.196 linux-oem-tools-host - 5.4.0.200.196 linux-source - 5.4.0.200.196 linux-tools-generic - 5.4.0.200.196 linux-tools-generic-hwe-18.04 - 5.4.0.200.196 linux-tools-generic-hwe-18.04-edge - 5.4.0.200.196 linux-tools-generic-lpae - 5.4.0.200.196 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.200.196 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.200.196 linux-tools-lowlatency - 5.4.0.200.196 linux-tools-lowlatency-hwe-18.04 - 5.4.0.200.196 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.200.196 linux-tools-oem - 5.4.0.200.196 linux-tools-oem-osp1 - 5.4.0.200.196 linux-tools-virtual - 5.4.0.200.196 linux-tools-virtual-hwe-18.04 - 5.4.0.200.196 linux-tools-virtual-hwe-18.04-edge - 5.4.0.200.196 linux-virtual - 5.4.0.200.196 linux-virtual-hwe-18.04 - 5.4.0.200.196 linux-virtual-hwe-18.04-edge - 5.4.0.200.196 No subscription required High CVE-2021-47212 CVE-2022-36402 CVE-2023-52531 CVE-2023-52614 CVE-2023-52918 CVE-2024-26607 CVE-2024-26640 CVE-2024-26641 CVE-2024-26668 CVE-2024-26669 CVE-2024-26800 CVE-2024-26885 CVE-2024-26891 CVE-2024-27051 CVE-2024-35848 CVE-2024-36484 CVE-2024-38602 CVE-2024-38611 CVE-2024-40929 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42131 CVE-2024-42229 CVE-2024-42244 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42271 CVE-2024-42276 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42297 CVE-2024-42301 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42313 CVE-2024-43829 CVE-2024-43830 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43867 CVE-2024-43871 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43890 CVE-2024-43893 CVE-2024-43894 CVE-2024-43908 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44960 CVE-2024-44965 CVE-2024-44969 CVE-2024-44987 CVE-2024-44988 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45008 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46747 CVE-2024-46750 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46798 CVE-2024-46800 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47663 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36402) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - CPU frequency scaling framework; - Device frequency scaling framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - EEPROM drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - BPF subsystem; - Core kernel; - DMA mapping infrastructure; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Objagg library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - KCM (Kernel Connection Multiplexor) sockets driver; - MAC80211 subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Simplified Mandatory Access Control Kernel framework; - SoC audio core drivers; - USB sound devices; (CVE-2024-46714, CVE-2024-42288, CVE-2024-42290, CVE-2024-44987, CVE-2024-41090, CVE-2024-42313, CVE-2024-46689, CVE-2024-46737, CVE-2024-44946, CVE-2024-44999, CVE-2024-44935, CVE-2024-38602, CVE-2024-43883, CVE-2024-26607, CVE-2024-41091, CVE-2024-45025, CVE-2024-42305, CVE-2024-26891, CVE-2024-41073, CVE-2024-44969, CVE-2024-26641, CVE-2024-46719, CVE-2024-40929, CVE-2024-46721, CVE-2024-46740, CVE-2024-41012, CVE-2024-42280, CVE-2024-46738, CVE-2024-46722, CVE-2024-42246, CVE-2024-41063, CVE-2024-41072, CVE-2024-41068, CVE-2024-43884, CVE-2024-46758, CVE-2024-43861, CVE-2024-42306, CVE-2024-42285, CVE-2024-41065, CVE-2024-46818, CVE-2024-43894, CVE-2024-44954, CVE-2024-42310, CVE-2024-46829, CVE-2023-52614, CVE-2024-47663, CVE-2024-42281, CVE-2024-42297, CVE-2024-46800, CVE-2024-44960, CVE-2024-44952, CVE-2024-46747, CVE-2024-42286, CVE-2024-41071, CVE-2024-43893, CVE-2023-52531, CVE-2024-43860, CVE-2024-46840, CVE-2024-41011, CVE-2024-43890, CVE-2024-45026, CVE-2024-42292, CVE-2024-27051, CVE-2024-41015, CVE-2024-47668, CVE-2024-46817, CVE-2024-43846, CVE-2024-44988, CVE-2024-44944, CVE-2024-43829, CVE-2024-45021, CVE-2024-43914, CVE-2024-43856, CVE-2024-46673, CVE-2024-46771, CVE-2024-41081, CVE-2024-43830, CVE-2024-43839, CVE-2024-43853, CVE-2024-47669, CVE-2024-42244, CVE-2021-47212, CVE-2024-46844, CVE-2024-44965, CVE-2024-41059, CVE-2024-46783, CVE-2024-42295, CVE-2024-35848, CVE-2024-41017, CVE-2024-47659, CVE-2024-42309, CVE-2024-26800, CVE-2024-41064, CVE-2024-43879, CVE-2024-46679, CVE-2024-43854, CVE-2024-41022, CVE-2024-43858, CVE-2024-46739, CVE-2024-46685, CVE-2024-42289, CVE-2024-44998, CVE-2024-46761, CVE-2024-46677, CVE-2024-42131, CVE-2024-46815, CVE-2024-46777, CVE-2024-43880, CVE-2024-42276, CVE-2024-42265, CVE-2024-46723, CVE-2024-42259, CVE-2024-45028, CVE-2024-42229, CVE-2024-42283, CVE-2024-44948, CVE-2024-44995, CVE-2024-46757, CVE-2024-46822, CVE-2024-45006, CVE-2024-46780, CVE-2024-26668, CVE-2024-42284, CVE-2024-46782, CVE-2024-46781, CVE-2024-43871, CVE-2024-42304, CVE-2024-42311, CVE-2024-45003, CVE-2024-46745, CVE-2024-41098, CVE-2024-46750, CVE-2024-47667, CVE-2024-41020, CVE-2024-26640, CVE-2024-41070, CVE-2024-42301, CVE-2024-43882, CVE-2024-45008, CVE-2024-26885, CVE-2024-42287, CVE-2024-46744, CVE-2024-43908, CVE-2024-46798, CVE-2023-52918, CVE-2024-36484, CVE-2024-43841, CVE-2024-41042, CVE-2024-38611, CVE-2024-43867, CVE-2024-26669, CVE-2024-42271, CVE-2024-46756, CVE-2024-44947, CVE-2024-43835, CVE-2024-46676, CVE-2024-46743, CVE-2024-46759, CVE-2024-46675, CVE-2024-46828, CVE-2024-46755) Update Instructions: Run `sudo pro fix USN-7088-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-image-5.4.0-1094-bluefield - 5.4.0-1094.101 No subscription required linux-bluefield-headers-5.4.0-1095 - 5.4.0-1095.102 linux-bluefield-tools-5.4.0-1095 - 5.4.0-1095.102 linux-buildinfo-5.4.0-1095-bluefield - 5.4.0-1095.102 linux-headers-5.4.0-1095-bluefield - 5.4.0-1095.102 linux-image-unsigned-5.4.0-1095-bluefield - 5.4.0-1095.102 linux-modules-5.4.0-1095-bluefield - 5.4.0-1095.102 linux-tools-5.4.0-1095-bluefield - 5.4.0-1095.102 No subscription required linux-image-5.4.0-1139-azure - 5.4.0-1139.146 No subscription required linux-azure-cloud-tools-5.4.0-1140 - 5.4.0-1140.147 linux-azure-headers-5.4.0-1140 - 5.4.0-1140.147 linux-azure-tools-5.4.0-1140 - 5.4.0-1140.147 linux-buildinfo-5.4.0-1140-azure - 5.4.0-1140.147 linux-cloud-tools-5.4.0-1140-azure - 5.4.0-1140.147 linux-headers-5.4.0-1140-azure - 5.4.0-1140.147 linux-image-unsigned-5.4.0-1140-azure - 5.4.0-1140.147 linux-modules-5.4.0-1140-azure - 5.4.0-1140.147 linux-modules-extra-5.4.0-1140-azure - 5.4.0-1140.147 linux-tools-5.4.0-1140-azure - 5.4.0-1140.147 No subscription required linux-bluefield - 5.4.0.1094.90 linux-headers-bluefield - 5.4.0.1094.90 linux-image-bluefield - 5.4.0.1094.90 linux-tools-bluefield - 5.4.0.1094.90 No subscription required linux-azure-lts-20.04 - 5.4.0.1139.133 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1139.133 linux-headers-azure-lts-20.04 - 5.4.0.1139.133 linux-image-azure-lts-20.04 - 5.4.0.1139.133 linux-modules-extra-azure-lts-20.04 - 5.4.0.1139.133 linux-tools-azure-lts-20.04 - 5.4.0.1139.133 No subscription required High CVE-2021-47212 CVE-2022-36402 CVE-2023-52531 CVE-2023-52614 CVE-2023-52918 CVE-2024-26607 CVE-2024-26640 CVE-2024-26641 CVE-2024-26668 CVE-2024-26669 CVE-2024-26800 CVE-2024-26885 CVE-2024-26891 CVE-2024-27051 CVE-2024-35848 CVE-2024-36484 CVE-2024-38602 CVE-2024-38611 CVE-2024-40929 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42131 CVE-2024-42229 CVE-2024-42244 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42271 CVE-2024-42276 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42297 CVE-2024-42301 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42313 CVE-2024-43829 CVE-2024-43830 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43867 CVE-2024-43871 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43890 CVE-2024-43893 CVE-2024-43894 CVE-2024-43908 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44960 CVE-2024-44965 CVE-2024-44969 CVE-2024-44987 CVE-2024-44988 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45008 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46747 CVE-2024-46750 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46798 CVE-2024-46800 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47663 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36402) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - CPU frequency scaling framework; - Device frequency scaling framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - EEPROM drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - BPF subsystem; - Core kernel; - DMA mapping infrastructure; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Objagg library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - KCM (Kernel Connection Multiplexor) sockets driver; - MAC80211 subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Simplified Mandatory Access Control Kernel framework; - SoC audio core drivers; - USB sound devices; (CVE-2024-35848, CVE-2024-43853, CVE-2024-41017, CVE-2024-26607, CVE-2024-43839, CVE-2024-41072, CVE-2024-46815, CVE-2023-52614, CVE-2024-46798, CVE-2024-46676, CVE-2024-43914, CVE-2024-43841, CVE-2024-41012, CVE-2024-27051, CVE-2024-46738, CVE-2024-47663, CVE-2024-46723, CVE-2024-46740, CVE-2024-42287, CVE-2024-46750, CVE-2024-43894, CVE-2023-52531, CVE-2024-47668, CVE-2024-47669, CVE-2024-46685, CVE-2024-41011, CVE-2024-41064, CVE-2024-42305, CVE-2024-41073, CVE-2024-46829, CVE-2024-43860, CVE-2024-46679, CVE-2024-44999, CVE-2024-46817, CVE-2024-26800, CVE-2024-46689, CVE-2024-43908, CVE-2024-46739, CVE-2024-43893, CVE-2024-46828, CVE-2024-46777, CVE-2024-46721, CVE-2024-36484, CVE-2024-46822, CVE-2024-46840, CVE-2024-43880, CVE-2024-46781, CVE-2024-46673, CVE-2024-26669, CVE-2024-41098, CVE-2024-46737, CVE-2024-43871, CVE-2024-42281, CVE-2024-42301, CVE-2024-44995, CVE-2024-43879, CVE-2024-26668, CVE-2024-44965, CVE-2024-41068, CVE-2024-41059, CVE-2024-42229, CVE-2024-44987, CVE-2024-46745, CVE-2024-26891, CVE-2024-46719, CVE-2024-42292, CVE-2024-44952, CVE-2024-46756, CVE-2024-45028, CVE-2024-42283, CVE-2024-45025, CVE-2024-46743, CVE-2024-43867, CVE-2024-46771, CVE-2024-41081, CVE-2024-42244, CVE-2024-42284, CVE-2024-43858, CVE-2024-44998, CVE-2024-46758, CVE-2024-46800, CVE-2024-45003, CVE-2024-44935, CVE-2024-38611, CVE-2024-46844, CVE-2024-44954, CVE-2024-42313, CVE-2024-46783, CVE-2024-42311, CVE-2024-46761, CVE-2024-41022, CVE-2024-43829, CVE-2024-43835, CVE-2024-43846, CVE-2024-46755, CVE-2024-47667, CVE-2024-42259, CVE-2024-41090, CVE-2024-42310, CVE-2024-42265, CVE-2024-42295, CVE-2024-46818, CVE-2024-46780, CVE-2024-44948, CVE-2024-44960, CVE-2024-44988, CVE-2024-46757, CVE-2024-45021, CVE-2024-46747, CVE-2024-43854, CVE-2024-42304, CVE-2021-47212, CVE-2024-42309, CVE-2024-44946, CVE-2024-46744, CVE-2024-42285, CVE-2024-46782, CVE-2024-43856, CVE-2024-41091, CVE-2024-42131, CVE-2024-43830, CVE-2024-42290, CVE-2024-45008, CVE-2024-42276, CVE-2024-47659, CVE-2024-40929, CVE-2024-46714, CVE-2023-52918, CVE-2024-44947, CVE-2024-42289, CVE-2024-42246, CVE-2024-41071, CVE-2024-43883, CVE-2024-46722, CVE-2024-38602, CVE-2024-43882, CVE-2024-42280, CVE-2024-46759, CVE-2024-42271, CVE-2024-44969, CVE-2024-44944, CVE-2024-46675, CVE-2024-41020, CVE-2024-41042, CVE-2024-42306, CVE-2024-46677, CVE-2024-42288, CVE-2024-41070, CVE-2024-45026, CVE-2024-41065, CVE-2024-26885, CVE-2024-42286, CVE-2024-41063, CVE-2024-43884, CVE-2024-42297, CVE-2024-43890, CVE-2024-43861, CVE-2024-45006, CVE-2024-26640, CVE-2024-26641, CVE-2024-41015) Update Instructions: Run `sudo pro fix USN-7088-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1054-xilinx-zynqmp - 5.4.0-1054.58 linux-headers-5.4.0-1054-xilinx-zynqmp - 5.4.0-1054.58 linux-image-5.4.0-1054-xilinx-zynqmp - 5.4.0-1054.58 linux-modules-5.4.0-1054-xilinx-zynqmp - 5.4.0-1054.58 linux-tools-5.4.0-1054-xilinx-zynqmp - 5.4.0-1054.58 linux-xilinx-zynqmp-headers-5.4.0-1054 - 5.4.0-1054.58 linux-xilinx-zynqmp-tools-5.4.0-1054 - 5.4.0-1054.58 No subscription required linux-buildinfo-5.4.0-1123-kvm - 5.4.0-1123.131 linux-headers-5.4.0-1123-kvm - 5.4.0-1123.131 linux-image-5.4.0-1123-kvm - 5.4.0-1123.131 linux-image-unsigned-5.4.0-1123-kvm - 5.4.0-1123.131 linux-kvm-headers-5.4.0-1123 - 5.4.0-1123.131 linux-kvm-tools-5.4.0-1123 - 5.4.0-1123.131 linux-modules-5.4.0-1123-kvm - 5.4.0-1123.131 linux-tools-5.4.0-1123-kvm - 5.4.0-1123.131 No subscription required linux-buildinfo-5.4.0-1134-oracle - 5.4.0-1134.143 linux-headers-5.4.0-1134-oracle - 5.4.0-1134.143 linux-image-5.4.0-1134-oracle - 5.4.0-1134.143 linux-image-unsigned-5.4.0-1134-oracle - 5.4.0-1134.143 linux-modules-5.4.0-1134-oracle - 5.4.0-1134.143 linux-modules-extra-5.4.0-1134-oracle - 5.4.0-1134.143 linux-oracle-headers-5.4.0-1134 - 5.4.0-1134.143 linux-oracle-tools-5.4.0-1134 - 5.4.0-1134.143 linux-tools-5.4.0-1134-oracle - 5.4.0-1134.143 No subscription required linux-aws-cloud-tools-5.4.0-1135 - 5.4.0-1135.145 linux-aws-headers-5.4.0-1135 - 5.4.0-1135.145 linux-aws-tools-5.4.0-1135 - 5.4.0-1135.145 linux-buildinfo-5.4.0-1135-aws - 5.4.0-1135.145 linux-cloud-tools-5.4.0-1135-aws - 5.4.0-1135.145 linux-headers-5.4.0-1135-aws - 5.4.0-1135.145 linux-image-5.4.0-1135-aws - 5.4.0-1135.145 linux-image-unsigned-5.4.0-1135-aws - 5.4.0-1135.145 linux-modules-5.4.0-1135-aws - 5.4.0-1135.145 linux-modules-extra-5.4.0-1135-aws - 5.4.0-1135.145 linux-tools-5.4.0-1135-aws - 5.4.0-1135.145 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1054.54 linux-image-xilinx-zynqmp - 5.4.0.1054.54 linux-tools-xilinx-zynqmp - 5.4.0.1054.54 linux-xilinx-zynqmp - 5.4.0.1054.54 No subscription required linux-headers-kvm - 5.4.0.1123.119 linux-image-kvm - 5.4.0.1123.119 linux-kvm - 5.4.0.1123.119 linux-tools-kvm - 5.4.0.1123.119 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1134.127 linux-image-oracle-lts-20.04 - 5.4.0.1134.127 linux-oracle-lts-20.04 - 5.4.0.1134.127 linux-tools-oracle-lts-20.04 - 5.4.0.1134.127 No subscription required linux-aws-lts-20.04 - 5.4.0.1135.132 linux-headers-aws-lts-20.04 - 5.4.0.1135.132 linux-image-aws-lts-20.04 - 5.4.0.1135.132 linux-modules-extra-aws-lts-20.04 - 5.4.0.1135.132 linux-tools-aws-lts-20.04 - 5.4.0.1135.132 No subscription required High CVE-2021-47212 CVE-2022-36402 CVE-2023-52531 CVE-2023-52614 CVE-2023-52918 CVE-2024-26607 CVE-2024-26640 CVE-2024-26641 CVE-2024-26668 CVE-2024-26669 CVE-2024-26800 CVE-2024-26885 CVE-2024-26891 CVE-2024-27051 CVE-2024-35848 CVE-2024-36484 CVE-2024-38602 CVE-2024-38611 CVE-2024-40929 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42131 CVE-2024-42229 CVE-2024-42244 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42271 CVE-2024-42276 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42297 CVE-2024-42301 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42313 CVE-2024-43829 CVE-2024-43830 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43867 CVE-2024-43871 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43890 CVE-2024-43893 CVE-2024-43894 CVE-2024-43908 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44960 CVE-2024-44965 CVE-2024-44969 CVE-2024-44987 CVE-2024-44988 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45008 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46747 CVE-2024-46750 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46798 CVE-2024-46800 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47663 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36402) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - CPU frequency scaling framework; - Device frequency scaling framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - EEPROM drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - USB Serial drivers; - USB Type-C Connector System Software Interface driver; - USB over IP driver; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - BPF subsystem; - Core kernel; - DMA mapping infrastructure; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Objagg library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - KCM (Kernel Connection Multiplexor) sockets driver; - MAC80211 subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Simplified Mandatory Access Control Kernel framework; - SoC audio core drivers; - USB sound devices; (CVE-2024-42289, CVE-2024-26640, CVE-2024-42246, CVE-2024-43914, CVE-2024-46744, CVE-2024-45026, CVE-2024-41071, CVE-2024-43893, CVE-2024-46689, CVE-2024-41073, CVE-2024-42292, CVE-2024-43884, CVE-2024-42301, CVE-2024-43856, CVE-2024-46756, CVE-2024-46759, CVE-2024-27051, CVE-2024-26668, CVE-2024-46840, CVE-2024-42306, CVE-2024-41042, CVE-2024-45006, CVE-2024-42309, CVE-2024-26891, CVE-2024-42283, CVE-2024-46782, CVE-2024-44948, CVE-2024-43839, CVE-2024-47667, CVE-2024-44965, CVE-2024-42284, CVE-2024-44987, CVE-2024-46777, CVE-2024-41017, CVE-2024-46722, CVE-2024-41015, CVE-2024-46817, CVE-2024-46740, CVE-2024-43894, CVE-2024-26800, CVE-2024-45003, CVE-2024-46822, CVE-2024-26641, CVE-2024-44960, CVE-2024-44935, CVE-2024-42229, CVE-2024-42285, CVE-2024-44988, CVE-2024-46829, CVE-2024-41012, CVE-2024-46750, CVE-2024-43835, CVE-2024-43883, CVE-2024-43882, CVE-2024-46844, CVE-2024-41011, CVE-2024-44999, CVE-2024-46757, CVE-2024-42131, CVE-2024-46714, CVE-2024-41081, CVE-2024-45021, CVE-2024-46747, CVE-2024-46673, CVE-2024-46737, CVE-2024-43841, CVE-2024-42304, CVE-2024-45008, CVE-2024-42259, CVE-2024-42276, CVE-2024-46685, CVE-2024-46743, CVE-2023-52614, CVE-2024-42313, CVE-2024-41090, CVE-2024-46677, CVE-2024-43861, CVE-2024-42288, CVE-2024-43890, CVE-2024-41063, CVE-2024-43860, CVE-2024-47669, CVE-2024-42305, CVE-2024-43879, CVE-2024-42281, CVE-2024-46798, CVE-2024-42280, CVE-2024-42297, CVE-2024-42310, CVE-2024-44947, CVE-2024-40929, CVE-2024-41068, CVE-2024-42244, CVE-2024-41059, CVE-2024-47659, CVE-2024-43858, CVE-2024-41020, CVE-2024-41064, CVE-2023-52531, CVE-2024-41022, CVE-2024-46723, CVE-2024-42311, CVE-2024-44969, CVE-2024-45025, CVE-2024-44946, CVE-2024-46755, CVE-2024-46815, CVE-2024-46761, CVE-2024-43867, CVE-2024-41070, CVE-2024-43880, CVE-2024-47663, CVE-2024-44944, CVE-2024-45028, CVE-2024-43908, CVE-2024-46783, CVE-2024-43853, CVE-2024-41091, CVE-2024-46719, CVE-2024-43871, CVE-2024-36484, CVE-2024-46771, CVE-2024-42265, CVE-2024-42286, CVE-2024-43854, CVE-2024-41072, CVE-2024-43830, CVE-2024-46721, CVE-2024-44995, CVE-2024-46828, CVE-2024-46780, CVE-2024-46739, CVE-2024-46676, CVE-2024-47668, CVE-2024-42287, CVE-2023-52918, CVE-2024-46745, CVE-2024-35848, CVE-2024-42290, CVE-2024-41065, CVE-2024-42271, CVE-2024-38611, CVE-2024-41098, CVE-2024-43846, CVE-2024-26885, CVE-2021-47212, CVE-2024-46781, CVE-2024-26607, CVE-2024-26669, CVE-2024-44954, CVE-2024-42295, CVE-2024-46818, CVE-2024-44952, CVE-2024-46738, CVE-2024-44998, CVE-2024-46675, CVE-2024-43829, CVE-2024-46758, CVE-2024-38602, CVE-2024-46800, CVE-2024-46679) Update Instructions: Run `sudo pro fix USN-7088-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1119-raspi - 5.4.0-1119.131 linux-headers-5.4.0-1119-raspi - 5.4.0-1119.131 linux-image-5.4.0-1119-raspi - 5.4.0-1119.131 linux-modules-5.4.0-1119-raspi - 5.4.0-1119.131 linux-raspi-headers-5.4.0-1119 - 5.4.0-1119.131 linux-raspi-tools-5.4.0-1119 - 5.4.0-1119.131 linux-tools-5.4.0-1119-raspi - 5.4.0-1119.131 No subscription required linux-headers-raspi - 5.4.0.1119.149 linux-headers-raspi-hwe-18.04 - 5.4.0.1119.149 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1119.149 linux-headers-raspi2 - 5.4.0.1119.149 linux-headers-raspi2-hwe-18.04 - 5.4.0.1119.149 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1119.149 linux-image-raspi - 5.4.0.1119.149 linux-image-raspi-hwe-18.04 - 5.4.0.1119.149 linux-image-raspi-hwe-18.04-edge - 5.4.0.1119.149 linux-image-raspi2 - 5.4.0.1119.149 linux-image-raspi2-hwe-18.04 - 5.4.0.1119.149 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1119.149 linux-raspi - 5.4.0.1119.149 linux-raspi-hwe-18.04 - 5.4.0.1119.149 linux-raspi-hwe-18.04-edge - 5.4.0.1119.149 linux-raspi2 - 5.4.0.1119.149 linux-raspi2-hwe-18.04 - 5.4.0.1119.149 linux-raspi2-hwe-18.04-edge - 5.4.0.1119.149 linux-tools-raspi - 5.4.0.1119.149 linux-tools-raspi-hwe-18.04 - 5.4.0.1119.149 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1119.149 linux-tools-raspi2 - 5.4.0.1119.149 linux-tools-raspi2-hwe-18.04 - 5.4.0.1119.149 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1119.149 No subscription required High CVE-2021-47212 CVE-2022-36402 CVE-2023-52531 CVE-2023-52614 CVE-2023-52918 CVE-2024-26607 CVE-2024-26640 CVE-2024-26641 CVE-2024-26668 CVE-2024-26669 CVE-2024-26800 CVE-2024-26885 CVE-2024-26891 CVE-2024-27051 CVE-2024-35848 CVE-2024-36484 CVE-2024-38602 CVE-2024-38611 CVE-2024-40929 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42131 CVE-2024-42229 CVE-2024-42244 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42271 CVE-2024-42276 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42297 CVE-2024-42301 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42313 CVE-2024-43829 CVE-2024-43830 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43867 CVE-2024-43871 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43890 CVE-2024-43893 CVE-2024-43894 CVE-2024-43908 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44960 CVE-2024-44965 CVE-2024-44969 CVE-2024-44987 CVE-2024-44988 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45008 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46747 CVE-2024-46750 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46798 CVE-2024-46800 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47663 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for CVE-2024-35176, CVE-2024-41123, CVE-2024-41946 and CVE-2024-49761 for ruby2.7 in Ubuntu 20.04 LTS. Original advisory details: It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-35176, CVE-2024-39908, CVE-2024-41123) It was discovered that Ruby incorrectly handled parsing of an XML document that has many entity expansions with SAX2 or pull parser API. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. (CVE-2024-41946) It was discovered that Ruby incorrectly handled parsing of an XML document that has many digits in a hex numeric character reference. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. (CVE-2024-49761) Update Instructions: Run `sudo pro fix USN-7091-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libruby2.7 - 2.7.0-5ubuntu1.15 ruby2.7 - 2.7.0-5ubuntu1.15 ruby2.7-dev - 2.7.0-5ubuntu1.15 ruby2.7-doc - 2.7.0-5ubuntu1.15 No subscription required Medium CVE-2024-35176 CVE-2024-41123 CVE-2024-41946 CVE-2024-49761 https://launchpad.net/bugs/2086615 Ubuntu 20.04 LTS It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7092-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmpg123-0 - 1.25.13-1ubuntu0.1 libmpg123-dev - 1.25.13-1ubuntu0.1 libout123-0 - 1.25.13-1ubuntu0.1 mpg123 - 1.25.13-1ubuntu0.1 No subscription required Medium CVE-2024-10573 Ubuntu 20.04 LTS USN-7092-1 fixed a vulnerability in mpg123. Bastien Roucariès discovered that the fix was incomplete on Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7092-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmpg123-0 - 1.25.13-1ubuntu0.2 libmpg123-dev - 1.25.13-1ubuntu0.2 libout123-0 - 1.25.13-1ubuntu0.2 mpg123 - 1.25.13-1ubuntu0.2 No subscription required Medium CVE-2024-10573 https://launchpad.net/bugs/2089680 Ubuntu 20.04 LTS It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-20382) It was discovered that QEMU incorrectly handled certain memory copy operations when loading ROM contents. If a user were tricked into running an untrusted kernel image, a remote attacker could possibly use this issue to run arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-13765) Aviv Sasson discovered that QEMU incorrectly handled Slirp networking. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-1983) It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service (application crash) or potential execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-7039) It was discovered that the SLiRP networking implementation of the QEMU emulator misuses snprintf return values. An attacker could use this to cause a denial of service (application crash) or potentially execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-8608) It was discovered that QEMU SLiRP networking incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-3592, CVE-2021-3594) It was discovered that QEMU had a DMA reentrancy issue, leading to a use-after-free vulnerability. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-3019) It was discovered that QEMU had a flaw in Virtio PCI Bindings, leading to a triggerable crash via vhost_net_stop. An attacker inside a guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-4693) It was discovered that QEMU incorrectly handled memory in virtio-sound, leading to a heap-based buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-7730) Update Instructions: Run `sudo pro fix USN-7094-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: qemu - 1:4.2-3ubuntu6.30 qemu-block-extra - 1:4.2-3ubuntu6.30 qemu-guest-agent - 1:4.2-3ubuntu6.30 qemu-kvm - 1:4.2-3ubuntu6.30 qemu-system - 1:4.2-3ubuntu6.30 qemu-system-arm - 1:4.2-3ubuntu6.30 qemu-system-common - 1:4.2-3ubuntu6.30 qemu-system-data - 1:4.2-3ubuntu6.30 qemu-system-gui - 1:4.2-3ubuntu6.30 qemu-system-mips - 1:4.2-3ubuntu6.30 qemu-system-misc - 1:4.2-3ubuntu6.30 qemu-system-ppc - 1:4.2-3ubuntu6.30 qemu-system-s390x - 1:4.2-3ubuntu6.30 qemu-system-sparc - 1:4.2-3ubuntu6.30 qemu-system-x86 - 1:4.2-3ubuntu6.30 qemu-system-x86-microvm - 1:4.2-3ubuntu6.30 qemu-system-x86-xen - 1:4.2-3ubuntu6.30 qemu-user - 1:4.2-3ubuntu6.30 qemu-user-binfmt - 1:4.2-3ubuntu6.30 qemu-user-static - 1:4.2-3ubuntu6.30 qemu-utils - 1:4.2-3ubuntu6.30 No subscription required Medium CVE-2019-20382 CVE-2020-13765 CVE-2020-1983 CVE-2020-7039 CVE-2020-8608 CVE-2021-3592 CVE-2021-3594 CVE-2023-3019 CVE-2024-4693 CVE-2024-7730 https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2084210 Ubuntu 20.04 LTS Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21208) It was discovered that the Hotspot component of OpenJDK 8 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2024-21210, CVE-2024-21235) It was discovered that the Serialization component of OpenJDK 8 did not properly handle deserialization under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21217) It was discovered that the Hotspot component of OpenJDK 8 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 8 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 8 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21140) Yakov Shafranovich discovered that the Concurrency component of OpenJDK 8 incorrectly performed header validation in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21144) Sergey Bylokhov discovered that OpenJDK 8 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21147) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21011) Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 8 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21068) Yakov Shafranovich discovered that OpenJDK 8 did not properly manage memory in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21085) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C2 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21094) Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 8 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 8 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20926) It was discovered that OpenJDK 8 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 8 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-7096-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-doc - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-jdk - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-jdk-headless - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-jre - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-jre-headless - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-jre-zero - 8u432-ga~us1-0ubuntu2~20.04 openjdk-8-source - 8u432-ga~us1-0ubuntu2~20.04 No subscription required Medium CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20926 CVE-2024-20945 CVE-2024-20952 CVE-2024-21011 CVE-2024-21068 CVE-2024-21085 CVE-2024-21094 CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21144 CVE-2024-21145 CVE-2024-21147 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 Ubuntu 20.04 LTS USN-7096-1 fixed vulnerabilities in OpenJDK 8. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21208) It was discovered that the Hotspot component of OpenJDK 8 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2024-21210, CVE-2024-21235) It was discovered that the Serialization component of OpenJDK 8 did not properly handle deserialization under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21217) It was discovered that the Hotspot component of OpenJDK 8 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 8 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 8 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21140) Yakov Shafranovich discovered that the Concurrency component of OpenJDK 8 incorrectly performed header validation in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21144) Sergey Bylokhov discovered that OpenJDK 8 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21147) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21011) Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 8 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21068) Yakov Shafranovich discovered that OpenJDK 8 did not properly manage memory in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21085) It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C2 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-21094) Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20918) It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20919) It was discovered that the Hotspot component of OpenJDK 8 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20921) Valentin Eudeline discovered that OpenJDK 8 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20926) It was discovered that OpenJDK 8 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20945) Hubert Kario discovered that the TLS implementation in OpenJDK 8 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2024-20952) Update Instructions: Run `sudo pro fix USN-7096-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-doc - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jdk - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jre - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jre-headless - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-jre-zero - 8u442-b06~us1-0ubuntu1~20.04 openjdk-8-source - 8u442-b06~us1-0ubuntu1~20.04 No subscription required None https://launchpad.net/bugs/2097400 Ubuntu 20.04 LTS Andy Boothe discovered that the Networking component of OpenJDK 11 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21208) It was discovered that the Hotspot component of OpenJDK 11 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2024-21210, CVE-2024-21235) It was discovered that the Serialization component of OpenJDK 11 did not properly handle deserialization under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21217) It was discovered that the Hotspot component of OpenJDK 11 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 11 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 11 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21140) Yakov Shafranovich discovered that the Concurrency component of OpenJDK 11 incorrectly performed header validation in the Pack200 archive format. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21144) Sergey Bylokhov discovered that OpenJDK 11 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21147) Update Instructions: Run `sudo pro fix USN-7097-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.25+9-1ubuntu1~20.04 openjdk-11-doc - 11.0.25+9-1ubuntu1~20.04 openjdk-11-jdk - 11.0.25+9-1ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.25+9-1ubuntu1~20.04 openjdk-11-jre - 11.0.25+9-1ubuntu1~20.04 openjdk-11-jre-headless - 11.0.25+9-1ubuntu1~20.04 openjdk-11-jre-zero - 11.0.25+9-1ubuntu1~20.04 openjdk-11-source - 11.0.25+9-1ubuntu1~20.04 No subscription required Medium CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21144 CVE-2024-21145 CVE-2024-21147 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 Ubuntu 20.04 LTS Andy Boothe discovered that the Networking component of OpenJDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21208) It was discovered that the Hotspot component of OpenJDK 17 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2024-21210, CVE-2024-21235) It was discovered that the Serialization component of OpenJDK 17 did not properly handle deserialization under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21217) It was discovered that the Hotspot component of OpenJDK 17 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21131) It was discovered that the Hotspot component of OpenJDK 17 could be made to run into an infinite loop. If an automated system were tricked into processing excessively large symbols, an attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21138) It was discovered that the Hotspot component of OpenJDK 17 did not properly perform range check elimination. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21140) Sergey Bylokhov discovered that OpenJDK 17 did not properly manage memory when handling 2D images. An attacker could possibly use this issue to obtain sensitive information. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21145) It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled memory when performing range check elimination under certain circumstances. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. This issue was only addressed in Ubuntu 18.04 LTS. (CVE-2024-21147) Update Instructions: Run `sudo pro fix USN-7098-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.13+11-2ubuntu1~20.04 openjdk-17-doc - 17.0.13+11-2ubuntu1~20.04 openjdk-17-jdk - 17.0.13+11-2ubuntu1~20.04 openjdk-17-jdk-headless - 17.0.13+11-2ubuntu1~20.04 openjdk-17-jre - 17.0.13+11-2ubuntu1~20.04 openjdk-17-jre-headless - 17.0.13+11-2ubuntu1~20.04 openjdk-17-jre-zero - 17.0.13+11-2ubuntu1~20.04 openjdk-17-source - 17.0.13+11-2ubuntu1~20.04 No subscription required Medium CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 Ubuntu 20.04 LTS Andy Boothe discovered that the Networking component of OpenJDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21208) It was discovered that the Hotspot component of OpenJDK 21 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2024-21210, CVE-2024-21235) It was discovered that the Serialization component of OpenJDK 21 did not properly handle deserialization under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21217) Update Instructions: Run `sudo pro fix USN-7099-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-demo - 21.0.5+11-1ubuntu1~20.04 openjdk-21-doc - 21.0.5+11-1ubuntu1~20.04 openjdk-21-jdk - 21.0.5+11-1ubuntu1~20.04 openjdk-21-jdk-headless - 21.0.5+11-1ubuntu1~20.04 openjdk-21-jre - 21.0.5+11-1ubuntu1~20.04 openjdk-21-jre-headless - 21.0.5+11-1ubuntu1~20.04 openjdk-21-jre-zero - 21.0.5+11-1ubuntu1~20.04 openjdk-21-source - 21.0.5+11-1ubuntu1~20.04 openjdk-21-testsupport - 21.0.5+11-1ubuntu1~20.04 No subscription required Medium CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 Ubuntu 20.04 LTS Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - Null block device driver; - Character device driver; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I3C subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - USB Type-C Connector System Software Interface driver; - USB over IP driver; - VHOST drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - Proc file system; - SMB network file system; - Core kernel; - DMA mapping infrastructure; - RCU subsystem; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Objagg library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - KCM (Kernel Connection Multiplexor) sockets driver; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Landlock security; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - SoC audio core drivers; - USB sound devices; (CVE-2024-43817, CVE-2024-42304, CVE-2024-46756, CVE-2024-42318, CVE-2024-41090, CVE-2024-41063, CVE-2024-44987, CVE-2024-46844, CVE-2024-46677, CVE-2024-44988, CVE-2024-42297, CVE-2024-26893, CVE-2024-46673, CVE-2024-26800, CVE-2024-42305, CVE-2024-46731, CVE-2024-41091, CVE-2024-46810, CVE-2024-41072, CVE-2022-48666, CVE-2024-38602, CVE-2024-46780, CVE-2024-46750, CVE-2024-43858, CVE-2024-41020, CVE-2024-46755, CVE-2024-46829, CVE-2024-41068, CVE-2024-45003, CVE-2024-42280, CVE-2024-42283, CVE-2024-43873, CVE-2024-46746, CVE-2024-44969, CVE-2024-46807, CVE-2024-41081, CVE-2024-44971, CVE-2024-26607, CVE-2024-43880, CVE-2024-42281, CVE-2024-42274, CVE-2024-43908, CVE-2024-42267, CVE-2024-47665, CVE-2024-45011, CVE-2024-46707, CVE-2024-42310, CVE-2024-42309, CVE-2024-44965, CVE-2024-46747, CVE-2024-42259, CVE-2024-46804, CVE-2024-46679, CVE-2024-45007, CVE-2024-45009, CVE-2024-46771, CVE-2024-46739, CVE-2024-41060, CVE-2024-46676, CVE-2024-46822, CVE-2024-42272, CVE-2024-41059, CVE-2024-43839, CVE-2024-46817, CVE-2024-47669, CVE-2024-44999, CVE-2024-42285, CVE-2024-44986, CVE-2024-43828, CVE-2024-43879, CVE-2024-44998, CVE-2024-46724, CVE-2024-41015, CVE-2024-45025, CVE-2024-43849, CVE-2024-46818, CVE-2024-43830, CVE-2024-46725, CVE-2024-43834, CVE-2024-42302, CVE-2024-36484, CVE-2024-43853, CVE-2024-46782, CVE-2024-46740, CVE-2024-46732, CVE-2024-43869, CVE-2024-42312, CVE-2024-42292, CVE-2024-43884, CVE-2024-44934, CVE-2024-44995, CVE-2024-43894, CVE-2024-46675, CVE-2024-43870, CVE-2024-44990, CVE-2024-42287, CVE-2024-41065, CVE-2024-42301, CVE-2024-42290, CVE-2024-46702, CVE-2024-46719, CVE-2024-46745, CVE-2024-46758, CVE-2024-46757, CVE-2024-44935, CVE-2024-42276, CVE-2024-43890, CVE-2023-52918, CVE-2024-41077, CVE-2024-43905, CVE-2024-38611, CVE-2024-42269, CVE-2024-42284, CVE-2024-41073, CVE-2024-46722, CVE-2024-41017, CVE-2024-47667, CVE-2024-45021, CVE-2024-43867, CVE-2024-41098, CVE-2024-43909, CVE-2024-46723, CVE-2024-45026, CVE-2024-42114, CVE-2024-44944, CVE-2024-43835, CVE-2024-44982, CVE-2024-43907, CVE-2024-46828, CVE-2024-43856, CVE-2024-46832, CVE-2024-44954, CVE-2024-43846, CVE-2024-41070, CVE-2024-43892, CVE-2024-44985, CVE-2024-42306, CVE-2024-43889, CVE-2024-44958, CVE-2024-46798, CVE-2024-44989, CVE-2024-42313, CVE-2024-46737, CVE-2024-42289, CVE-2024-43829, CVE-2024-46744, CVE-2023-52889, CVE-2024-46689, CVE-2024-47663, CVE-2024-46791, CVE-2024-43863, CVE-2024-43893, CVE-2024-43841, CVE-2024-46777, CVE-2024-46800, CVE-2024-45028, CVE-2024-44952, CVE-2024-43883, CVE-2024-44946, CVE-2024-43882, CVE-2024-44960, CVE-2024-38577, CVE-2024-46814, CVE-2024-42288, CVE-2024-44947, CVE-2024-41071, CVE-2024-41042, CVE-2024-41064, CVE-2024-42311, CVE-2024-42270, CVE-2024-43861, CVE-2024-46752, CVE-2024-42296, CVE-2024-41022, CVE-2024-42246, CVE-2024-43871, CVE-2024-42265, CVE-2024-43854, CVE-2024-41019, CVE-2024-46815, CVE-2024-46743, CVE-2024-42126, CVE-2024-26661, CVE-2024-41012, CVE-2024-46761, CVE-2024-45008, CVE-2024-46805, CVE-2024-45006, CVE-2024-42295, CVE-2024-46783, CVE-2024-42286, CVE-2024-46714, CVE-2024-42299, CVE-2024-46781, CVE-2024-43914, CVE-2024-44966, CVE-2024-44974, CVE-2024-45018, CVE-2024-46840, CVE-2024-46819, CVE-2024-40915, CVE-2024-46759, CVE-2024-43860, CVE-2024-47668, CVE-2024-39472, CVE-2024-47660, CVE-2024-47659, CVE-2024-46795, CVE-2024-43875, CVE-2024-46738, CVE-2024-42271, CVE-2024-26669, CVE-2024-44983, CVE-2024-41078, CVE-2024-46685, CVE-2024-46713, CVE-2024-46721, CVE-2024-46763, CVE-2024-41011, CVE-2024-43902, CVE-2024-42277, CVE-2024-44948) Update Instructions: Run `sudo pro fix USN-7100-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-cloud-tools-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-gkeop-5.15-cloud-tools-5.15.0-1055 - 5.15.0-1055.62~20.04.1 linux-gkeop-5.15-headers-5.15.0-1055 - 5.15.0-1055.62~20.04.1 linux-gkeop-5.15-tools-5.15.0-1055 - 5.15.0-1055.62~20.04.1 linux-headers-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-image-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-image-unsigned-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-modules-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-modules-extra-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 linux-tools-5.15.0-1055-gkeop - 5.15.0-1055.62~20.04.1 No subscription required linux-buildinfo-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 linux-headers-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 linux-ibm-5.15-headers-5.15.0-1065 - 5.15.0-1065.68~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1065.68~20.04.1 linux-ibm-5.15-tools-5.15.0-1065 - 5.15.0-1065.68~20.04.1 linux-image-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 linux-image-unsigned-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 linux-modules-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 linux-modules-extra-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 linux-tools-5.15.0-1065-ibm - 5.15.0-1065.68~20.04.1 No subscription required linux-buildinfo-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 linux-headers-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 linux-image-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 linux-image-unsigned-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 linux-modules-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 linux-modules-extra-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 linux-oracle-5.15-headers-5.15.0-1070 - 5.15.0-1070.76~20.04.1 linux-oracle-5.15-tools-5.15.0-1070 - 5.15.0-1070.76~20.04.1 linux-tools-5.15.0-1070-oracle - 5.15.0-1070.76~20.04.1 No subscription required linux-buildinfo-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-gcp-5.15-headers-5.15.0-1071 - 5.15.0-1071.79~20.04.1 linux-gcp-5.15-tools-5.15.0-1071 - 5.15.0-1071.79~20.04.1 linux-headers-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-image-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-image-unsigned-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-modules-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-modules-extra-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-modules-iwlwifi-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 linux-tools-5.15.0-1071-gcp - 5.15.0-1071.79~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-aws-5.15-headers-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-aws-5.15-tools-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-buildinfo-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-cloud-tools-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-headers-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-image-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-image-unsigned-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-modules-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-modules-extra-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 linux-tools-5.15.0-1072-aws - 5.15.0-1072.78~20.04.1 No subscription required linux-buildinfo-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-buildinfo-5.15.0-125-generic-64k - 5.15.0-125.135~20.04.1 linux-buildinfo-5.15.0-125-generic-lpae - 5.15.0-125.135~20.04.1 linux-buildinfo-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-buildinfo-5.15.0-125-lowlatency-64k - 5.15.0-125.135~20.04.1 linux-cloud-tools-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-cloud-tools-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-headers-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-headers-5.15.0-125-generic-64k - 5.15.0-125.135~20.04.1 linux-headers-5.15.0-125-generic-lpae - 5.15.0-125.135~20.04.1 linux-headers-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-headers-5.15.0-125-lowlatency-64k - 5.15.0-125.135~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-125 - 5.15.0-125.135~20.04.1 linux-hwe-5.15-cloud-tools-common - 5.15.0-125.135~20.04.1 linux-hwe-5.15-headers-5.15.0-125 - 5.15.0-125.135~20.04.1 linux-hwe-5.15-source-5.15.0 - 5.15.0-125.135~20.04.1 linux-hwe-5.15-tools-5.15.0-125 - 5.15.0-125.135~20.04.1 linux-hwe-5.15-tools-common - 5.15.0-125.135~20.04.1 linux-hwe-5.15-tools-host - 5.15.0-125.135~20.04.1 linux-image-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-image-5.15.0-125-generic-64k - 5.15.0-125.135~20.04.1 linux-image-5.15.0-125-generic-lpae - 5.15.0-125.135~20.04.1 linux-image-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-image-5.15.0-125-lowlatency-64k - 5.15.0-125.135~20.04.1 linux-image-unsigned-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-image-unsigned-5.15.0-125-generic-64k - 5.15.0-125.135~20.04.1 linux-image-unsigned-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-image-unsigned-5.15.0-125-lowlatency-64k - 5.15.0-125.135~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-125 - 5.15.0-125.135~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-common - 5.15.0-125.135~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-125 - 5.15.0-125.135~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-125 - 5.15.0-125.135~20.04.1 linux-lowlatency-hwe-5.15-tools-common - 5.15.0-125.135~20.04.1 linux-lowlatency-hwe-5.15-tools-host - 5.15.0-125.135~20.04.1 linux-modules-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-modules-5.15.0-125-generic-64k - 5.15.0-125.135~20.04.1 linux-modules-5.15.0-125-generic-lpae - 5.15.0-125.135~20.04.1 linux-modules-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-modules-5.15.0-125-lowlatency-64k - 5.15.0-125.135~20.04.1 linux-modules-extra-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-modules-iwlwifi-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-modules-iwlwifi-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-tools-5.15.0-125-generic - 5.15.0-125.135~20.04.1 linux-tools-5.15.0-125-generic-64k - 5.15.0-125.135~20.04.1 linux-tools-5.15.0-125-generic-lpae - 5.15.0-125.135~20.04.1 linux-tools-5.15.0-125-lowlatency - 5.15.0-125.135~20.04.1 linux-tools-5.15.0-125-lowlatency-64k - 5.15.0-125.135~20.04.1 No subscription required linux-cloud-tools-gkeop-5.15 - 5.15.0.1055.62~20.04.1 linux-cloud-tools-gkeop-edge - 5.15.0.1055.62~20.04.1 linux-gkeop-5.15 - 5.15.0.1055.62~20.04.1 linux-gkeop-edge - 5.15.0.1055.62~20.04.1 linux-headers-gkeop-5.15 - 5.15.0.1055.62~20.04.1 linux-headers-gkeop-edge - 5.15.0.1055.62~20.04.1 linux-image-gkeop-5.15 - 5.15.0.1055.62~20.04.1 linux-image-gkeop-edge - 5.15.0.1055.62~20.04.1 linux-modules-extra-gkeop-5.15 - 5.15.0.1055.62~20.04.1 linux-modules-extra-gkeop-edge - 5.15.0.1055.62~20.04.1 linux-tools-gkeop-5.15 - 5.15.0.1055.62~20.04.1 linux-tools-gkeop-edge - 5.15.0.1055.62~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1065.68~20.04.1 linux-headers-ibm-edge - 5.15.0.1065.68~20.04.1 linux-ibm - 5.15.0.1065.68~20.04.1 linux-ibm-edge - 5.15.0.1065.68~20.04.1 linux-image-ibm - 5.15.0.1065.68~20.04.1 linux-image-ibm-edge - 5.15.0.1065.68~20.04.1 linux-tools-ibm - 5.15.0.1065.68~20.04.1 linux-tools-ibm-edge - 5.15.0.1065.68~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1070.76~20.04.1 linux-headers-oracle-edge - 5.15.0.1070.76~20.04.1 linux-image-oracle - 5.15.0.1070.76~20.04.1 linux-image-oracle-edge - 5.15.0.1070.76~20.04.1 linux-oracle - 5.15.0.1070.76~20.04.1 linux-oracle-edge - 5.15.0.1070.76~20.04.1 linux-tools-oracle - 5.15.0.1070.76~20.04.1 linux-tools-oracle-edge - 5.15.0.1070.76~20.04.1 No subscription required linux-gcp - 5.15.0.1071.79~20.04.1 linux-gcp-edge - 5.15.0.1071.79~20.04.1 linux-headers-gcp - 5.15.0.1071.79~20.04.1 linux-headers-gcp-edge - 5.15.0.1071.79~20.04.1 linux-image-gcp - 5.15.0.1071.79~20.04.1 linux-image-gcp-edge - 5.15.0.1071.79~20.04.1 linux-modules-extra-gcp - 5.15.0.1071.79~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1071.79~20.04.1 linux-tools-gcp - 5.15.0.1071.79~20.04.1 linux-tools-gcp-edge - 5.15.0.1071.79~20.04.1 No subscription required linux-aws - 5.15.0.1072.78~20.04.1 linux-aws-edge - 5.15.0.1072.78~20.04.1 linux-headers-aws - 5.15.0.1072.78~20.04.1 linux-headers-aws-edge - 5.15.0.1072.78~20.04.1 linux-image-aws - 5.15.0.1072.78~20.04.1 linux-image-aws-edge - 5.15.0.1072.78~20.04.1 linux-modules-extra-aws - 5.15.0.1072.78~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1072.78~20.04.1 linux-tools-aws - 5.15.0.1072.78~20.04.1 linux-tools-aws-edge - 5.15.0.1072.78~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-generic-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-headers-oem-20.04 - 5.15.0.125.135~20.04.1 linux-headers-oem-20.04b - 5.15.0.125.135~20.04.1 linux-headers-oem-20.04c - 5.15.0.125.135~20.04.1 linux-headers-oem-20.04d - 5.15.0.125.135~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-image-oem-20.04 - 5.15.0.125.135~20.04.1 linux-image-oem-20.04b - 5.15.0.125.135~20.04.1 linux-image-oem-20.04c - 5.15.0.125.135~20.04.1 linux-image-oem-20.04d - 5.15.0.125.135~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.125.135~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.125.135~20.04.1 linux-oem-20.04 - 5.15.0.125.135~20.04.1 linux-oem-20.04b - 5.15.0.125.135~20.04.1 linux-oem-20.04c - 5.15.0.125.135~20.04.1 linux-oem-20.04d - 5.15.0.125.135~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-tools-oem-20.04 - 5.15.0.125.135~20.04.1 linux-tools-oem-20.04b - 5.15.0.125.135~20.04.1 linux-tools-oem-20.04c - 5.15.0.125.135~20.04.1 linux-tools-oem-20.04d - 5.15.0.125.135~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.125.135~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.125.135~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.125.135~20.04.1 No subscription required High CVE-2022-48666 CVE-2023-52889 CVE-2023-52918 CVE-2024-25744 CVE-2024-26607 CVE-2024-26661 CVE-2024-26669 CVE-2024-26800 CVE-2024-26893 CVE-2024-36484 CVE-2024-38577 CVE-2024-38602 CVE-2024-38611 CVE-2024-39472 CVE-2024-40915 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41019 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41060 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41077 CVE-2024-41078 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42114 CVE-2024-42126 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42267 CVE-2024-42269 CVE-2024-42270 CVE-2024-42271 CVE-2024-42272 CVE-2024-42274 CVE-2024-42276 CVE-2024-42277 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42296 CVE-2024-42297 CVE-2024-42299 CVE-2024-42301 CVE-2024-42302 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313 CVE-2024-42318 CVE-2024-43817 CVE-2024-43828 CVE-2024-43829 CVE-2024-43830 CVE-2024-43834 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43849 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863 CVE-2024-43867 CVE-2024-43869 CVE-2024-43870 CVE-2024-43871 CVE-2024-43873 CVE-2024-43875 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43889 CVE-2024-43890 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894 CVE-2024-43902 CVE-2024-43905 CVE-2024-43907 CVE-2024-43908 CVE-2024-43909 CVE-2024-43914 CVE-2024-44934 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44958 CVE-2024-44960 CVE-2024-44965 CVE-2024-44966 CVE-2024-44969 CVE-2024-44971 CVE-2024-44974 CVE-2024-44982 CVE-2024-44983 CVE-2024-44985 CVE-2024-44986 CVE-2024-44987 CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45007 CVE-2024-45008 CVE-2024-45009 CVE-2024-45011 CVE-2024-45018 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46702 CVE-2024-46707 CVE-2024-46713 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46731 CVE-2024-46732 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46746 CVE-2024-46747 CVE-2024-46750 CVE-2024-46752 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46763 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46791 CVE-2024-46795 CVE-2024-46798 CVE-2024-46800 CVE-2024-46804 CVE-2024-46805 CVE-2024-46807 CVE-2024-46810 CVE-2024-46814 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46819 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46832 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47660 CVE-2024-47663 CVE-2024-47665 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS It was discovered that Pydantic incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause a denial of service via a crafted email string. Update Instructions: Run `sudo pro fix USN-7101-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-pydantic - 1.2-1ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-3772 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.40 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-40.html https://www.oracle.com/security-alerts/cpuoct2024.html Update Instructions: Run `sudo pro fix USN-7102-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.40-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.40-0ubuntu0.20.04.1 mysql-client - 8.0.40-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.40-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.40-0ubuntu0.20.04.1 mysql-router - 8.0.40-0ubuntu0.20.04.1 mysql-server - 8.0.40-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.40-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.40-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.40-0ubuntu0.20.04.1 mysql-testsuite - 8.0.40-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.40-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-21193 CVE-2024-21194 CVE-2024-21196 CVE-2024-21197 CVE-2024-21198 CVE-2024-21199 CVE-2024-21201 CVE-2024-21212 CVE-2024-21213 CVE-2024-21219 CVE-2024-21230 CVE-2024-21231 CVE-2024-21236 CVE-2024-21237 CVE-2024-21239 CVE-2024-21241 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956) It was discovered that Ghostscript incorrectly handled parsing certain PDF files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2024-46952) It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-46954) Update Instructions: Run `sudo pro fix USN-7103-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.14 ghostscript-doc - 9.50~dfsg-5ubuntu4.14 ghostscript-x - 9.50~dfsg-5ubuntu4.14 libgs-dev - 9.50~dfsg-5ubuntu4.14 libgs9 - 9.50~dfsg-5ubuntu4.14 libgs9-common - 9.50~dfsg-5ubuntu4.14 No subscription required Medium CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46955 CVE-2024-46956 Ubuntu 20.04 LTS It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. (CVE-2023-28708) It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-41080) It was discovered that Tomcat incorrectly recycled certain objects, which could lead to information leaking from one request to the next. An attacker could potentially use this issue to leak sensitive information. (CVE-2023-42795) It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling. (CVE-2023-45648) It was discovered that Tomcat incorrectly handled socket cleanup, which could lead to websocket connections staying open. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-23672) Update Instructions: Run `sudo pro fix USN-7106-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtomcat9-embed-java - 9.0.31-1ubuntu0.8 libtomcat9-java - 9.0.31-1ubuntu0.8 tomcat9 - 9.0.31-1ubuntu0.8 tomcat9-admin - 9.0.31-1ubuntu0.8 tomcat9-common - 9.0.31-1ubuntu0.8 tomcat9-docs - 9.0.31-1ubuntu0.8 tomcat9-examples - 9.0.31-1ubuntu0.8 tomcat9-user - 9.0.31-1ubuntu0.8 No subscription required Medium CVE-2023-28708 CVE-2023-41080 CVE-2023-42795 CVE-2023-45648 CVE-2024-23672 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. (CVE-2023-46445) Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH did not properly handle the user authentication request message. An attacker could possibly use this issue to control the remote end of an SSH client session via packet injection/removal and shell emulation. (CVE-2023-46446) Update Instructions: Run `sudo pro fix USN-7108-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-asyncssh-doc - 1.12.2-1ubuntu0.2 python3-asyncssh - 1.12.2-1ubuntu0.2 No subscription required Medium CVE-2023-46445 CVE-2023-46446 Ubuntu 20.04 LTS Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-41723) Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2022-41724) Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2022-41725) Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. (CVE-2023-24531) Jakob Ackermann discovered that Go incorrectly handled multipart forms. An attacker could possibly use this issue to consume an excessive amount of resources, resulting in a denial of service. (CVE-2023-24536) Juho Nurminen discovered that Go incorrectly handled certain special characters in directory or file paths. An attacker could possibly use this issue to inject code into the resulting binaries. (CVE-2023-29402) Vincent Dehors discovered that Go incorrectly handled permission bits. An attacker could possibly use this issue to read or write files with elevated privileges. (CVE-2023-29403) Juho Nurminen discovered that Go incorrectly handled certain compiler directives. An attacker could possibly use this issue to execute arbitrary code. (CVE-2023-29404) Juho Nurminen discovered that Go incorrectly handled certain crafted arguments. An attacker could possibly use this issue to execute arbitrary code at build time. (CVE-2023-29405) Bartek Nowotarski discovered that Go incorrectly validated the contents of host headers. A remote attacker could possibly use this issue to inject additional headers or entire requests. (CVE-2023-29406) Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross-site scripting attack. (CVE-2023-39318, CVE-2023-39319) It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time. (CVE-2023-39323) It was discovered that Go did not limit the number of simultaneously executing handler goroutines in the net/http module. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2023-39325) Bartek Nowotarski was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2023-45288) Bartek Nowotarski discovered that the Go net/http module did not properly validate the total size of the parsed form when parsing a multipart form. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2023-45290) John Howard discovered that the Go crypto/x509 module did not properly handle a certificate chain which contains a certificate with an unknown public key algorithm. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2024-24783) Juho Nurminen discovered that the Go net/mail module did not properly handle comments within display names in the ParseAddressList function. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2024-24784) It was discovered that the Go html/template module did not validate errors returned from MarshalJSON methods. An attacker could possibly use this issue to inject arbitrary code into the Go template. (CVE-2024-24785) Yufan You discovered that the Go archive/zip module did not properly handle certain types of invalid zip files differs from the behavior of most zip implementations. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2024-24789) Enze Wang and Jianjun Chen discovered that the Go net/netip module did not work as expected for IPv4-mapped IPv6 addresses in various Is methods. An attacker could possibly use this issue to cause a panic resulting into a denial of service. (CVE-2024-24790) Geoff Franks discovered that the Go net/http module did not properly handle responses to requests with an "Expect: 100-continue" header under certain circumstances. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-24791) It was discovered that the Go parser module did not properly handle deeply nested literal values. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2024-34155) Md Sakib Anwar discovered that the Go encoding/gob module did not properly handle message decoding under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2024-34156) It was discovered that the Go build module did not properly handle certain build tag lines with deeply nested expressions. An attacker could possibly use this issue to cause a panic resulting in a denial of service. (CVE-2024-34158) Update Instructions: Run `sudo pro fix USN-7109-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-1.18 - 1.18.1-1ubuntu1~20.04.3 golang-1.18-doc - 1.18.1-1ubuntu1~20.04.3 golang-1.18-go - 1.18.1-1ubuntu1~20.04.3 golang-1.18-src - 1.18.1-1ubuntu1~20.04.3 No subscription required Medium CVE-2022-41723 CVE-2022-41724 CVE-2022-41725 CVE-2023-24531 CVE-2023-24536 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 CVE-2023-29406 CVE-2023-39318 CVE-2023-39319 CVE-2023-39323 CVE-2023-39325 CVE-2023-45288 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2024-24789 CVE-2024-24790 CVE-2024-24791 CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 Ubuntu 20.04 LTS It was discovered that the GD Graphics Library did not perform proper bounds checking while handling BMP and WebP files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service (application crash). Update Instructions: Run `sudo pro fix USN-7112-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libgd-dev - 2.2.5-5.2ubuntu2.4 libgd-tools - 2.2.5-5.2ubuntu2.4 libgd3 - 2.2.5-5.2ubuntu2.4 No subscription required Low CVE-2021-40812 Ubuntu 20.04 LTS It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior. Update Instructions: Run `sudo pro fix USN-7114-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.8 libglib2.0-bin - 2.64.6-1~ubuntu20.04.8 libglib2.0-data - 2.64.6-1~ubuntu20.04.8 libglib2.0-dev - 2.64.6-1~ubuntu20.04.8 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.8 libglib2.0-doc - 2.64.6-1~ubuntu20.04.8 libglib2.0-tests - 2.64.6-1~ubuntu20.04.8 No subscription required Medium CVE-2024-52533 Ubuntu 20.04 LTS It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-49768) Dylan Jay discovered that Waitress could be lead to write to an unexisting socket after closing the remote connection. An attacker could use this issue to increase resource utilization leading to a denial of service. (CVE-2024-49769) Update Instructions: Run `sudo pro fix USN-7115-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-waitress-doc - 1.4.1-1ubuntu0.2 python3-waitress - 1.4.1-1ubuntu0.2 No subscription required Medium CVE-2024-49768 CVE-2024-49769 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated. Update Instructions: Run `sudo pro fix USN-7116-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.13 libpython3.8 - 3.8.10-0ubuntu1~20.04.13 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.13 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.13 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.13 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.13 python3.8 - 3.8.10-0ubuntu1~20.04.13 python3.8-dev - 3.8.10-0ubuntu1~20.04.13 python3.8-doc - 3.8.10-0ubuntu1~20.04.13 python3.8-examples - 3.8.10-0ubuntu1~20.04.13 python3.8-full - 3.8.10-0ubuntu1~20.04.13 python3.8-minimal - 3.8.10-0ubuntu1~20.04.13 python3.8-venv - 3.8.10-0ubuntu1~20.04.13 No subscription required Medium CVE-2024-9287 Ubuntu 20.04 LTS Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-11003) Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands. (CVE-2024-10224) Qualys discovered that needrestart incorrectly used the PYTHONPATH environment variable to spawn a new Python interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48990) Qualys discovered that needrestart incorrectly checked the path to the Python interpreter. A local attacker could possibly use this issue to win a race condition and execute arbitrary code as root. (CVE-2024-48991) Qualys discovered that needrestart incorrectly used the RUBYLIB environment variable to spawn a new Ruby interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48992) Update Instructions: Run `sudo pro fix USN-7117-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmodule-scandeps-perl - 1.27-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro needrestart - 3.4-6ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2024-10224 CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 Ubuntu 20.04 LTS USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-11003) Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands. (CVE-2024-10224) Qualys discovered that needrestart incorrectly used the PYTHONPATH environment variable to spawn a new Python interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48990) Qualys discovered that needrestart incorrectly checked the path to the Python interpreter. A local attacker could possibly use this issue to win a race condition and execute arbitrary code as root. (CVE-2024-48991) Qualys discovered that needrestart incorrectly used the RUBYLIB environment variable to spawn a new Ruby interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48992) Update Instructions: Run `sudo pro fix USN-7117-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: needrestart - 3.4-6ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro None https://launchpad.net/bugs/2089193 Ubuntu 20.04 LTS USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem for LXC containers. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-11003) Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands. (CVE-2024-10224) Qualys discovered that needrestart incorrectly used the PYTHONPATH environment variable to spawn a new Python interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48990) Qualys discovered that needrestart incorrectly checked the path to the Python interpreter. A local attacker could possibly use this issue to win a race condition and execute arbitrary code as root. (CVE-2024-48991) Qualys discovered that needrestart incorrectly used the RUBYLIB environment variable to spawn a new Ruby interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48992) Update Instructions: Run `sudo pro fix USN-7117-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: needrestart - 3.4-6ubuntu0.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro None https://launchpad.net/bugs/2091096 Ubuntu 20.04 LTS It was discovered that ZBar did not properly handle certain QR codes. If a user or automated system using ZBar were tricked into opening a specially crafted file, an attacker could possibly use this to obtain sensitive information. (CVE-2023-40889) It was discovered that ZBar did not properly handle certain QR codes. If a user or automated system using ZBar were tricked into opening a specially crafted file, an attacker could possibly use this to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-40890) Update Instructions: Run `sudo pro fix USN-7118-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbarcode-zbar-perl - 0.23-1.3ubuntu0.1~esm1 libzbar-dev - 0.23-1.3ubuntu0.1~esm1 libzbar0 - 0.23-1.3ubuntu0.1~esm1 libzbargtk-dev - 0.23-1.3ubuntu0.1~esm1 libzbargtk0 - 0.23-1.3ubuntu0.1~esm1 libzbarqt-dev - 0.23-1.3ubuntu0.1~esm1 libzbarqt0 - 0.23-1.3ubuntu0.1~esm1 python3-zbar - 0.23-1.3ubuntu0.1~esm1 zbar-tools - 0.23-1.3ubuntu0.1~esm1 zbarcam-gtk - 0.23-1.3ubuntu0.1~esm1 zbarcam-qt - 0.23-1.3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-40889 CVE-2023-40890 Ubuntu 20.04 LTS Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36402) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - CPU frequency scaling framework; - Device frequency scaling framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - Modular ISDN driver; - LED subsystem; - Multiple devices driver; - Media drivers; - EEPROM drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - USB Serial drivers; - USB Type-C Connector System Software Interface driver; - USB over IP driver; - Watchdog drivers; - BTRFS file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - NILFS2 file system; - Netfilter; - BPF subsystem; - Core kernel; - DMA mapping infrastructure; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Objagg library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - KCM (Kernel Connection Multiplexor) sockets driver; - MAC80211 subsystem; - RxRPC session sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Integrity Measurement Architecture(IMA) framework; - Simplified Mandatory Access Control Kernel framework; - SoC audio core drivers; - USB sound devices; (CVE-2024-46750, CVE-2024-43853, CVE-2024-46722, CVE-2024-42311, CVE-2024-46679, CVE-2023-52918, CVE-2024-42309, CVE-2024-42160, CVE-2024-26668, CVE-2024-42271, CVE-2024-40929, CVE-2024-46747, CVE-2024-41064, CVE-2024-43839, CVE-2024-46757, CVE-2024-41059, CVE-2024-42301, CVE-2024-46737, CVE-2024-42297, CVE-2024-41015, CVE-2024-43854, CVE-2024-42289, CVE-2024-41017, CVE-2024-26787, CVE-2024-47667, CVE-2024-46675, CVE-2024-42246, CVE-2024-46723, CVE-2024-46817, CVE-2024-43841, CVE-2024-26800, CVE-2024-41098, CVE-2022-48863, CVE-2023-52531, CVE-2024-42265, CVE-2024-46828, CVE-2024-41020, CVE-2024-42305, CVE-2024-46755, CVE-2024-46744, CVE-2024-43871, CVE-2024-43884, CVE-2024-41042, CVE-2024-43914, CVE-2024-43856, CVE-2024-27397, CVE-2024-26607, CVE-2024-42228, CVE-2024-41091, CVE-2024-26677, CVE-2024-38611, CVE-2024-43867, CVE-2024-46829, CVE-2021-47188, CVE-2024-46756, CVE-2024-45025, CVE-2024-42313, CVE-2024-44947, CVE-2024-26669, CVE-2024-47668, CVE-2024-44987, CVE-2024-42295, CVE-2024-42281, CVE-2024-43880, CVE-2024-46777, CVE-2024-46780, CVE-2024-42285, CVE-2024-26891, CVE-2024-46714, CVE-2024-44999, CVE-2024-41068, CVE-2024-44944, CVE-2024-43882, CVE-2024-27051, CVE-2024-41072, CVE-2024-46783, CVE-2024-46781, CVE-2024-26885, CVE-2024-46844, CVE-2024-47669, CVE-2024-45008, CVE-2024-46758, CVE-2024-44954, CVE-2024-45021, CVE-2024-42304, CVE-2024-41081, CVE-2024-46798, CVE-2024-43890, CVE-2024-46840, CVE-2024-44960, CVE-2024-41012, CVE-2022-48791, CVE-2024-43908, CVE-2024-46721, CVE-2024-43829, CVE-2024-41073, CVE-2024-42306, CVE-2024-46745, CVE-2024-43858, CVE-2024-47663, CVE-2024-46782, CVE-2024-42244, CVE-2024-41090, CVE-2024-38602, CVE-2024-45003, CVE-2024-35848, CVE-2024-43883, CVE-2024-46677, CVE-2024-42280, CVE-2024-43846, CVE-2024-47659, CVE-2024-44965, CVE-2024-43893, CVE-2024-26960, CVE-2024-46676, CVE-2024-45016, CVE-2024-46689, CVE-2024-44998, CVE-2024-44995, CVE-2024-41022, CVE-2024-45026, CVE-2024-46739, CVE-2024-43830, CVE-2024-42286, CVE-2024-26640, CVE-2024-27012, CVE-2024-45006, CVE-2024-42276, CVE-2024-46818, CVE-2024-39494, CVE-2024-43860, CVE-2024-41070, CVE-2023-52614, CVE-2024-42283, CVE-2024-44969, CVE-2024-42229, CVE-2024-46740, CVE-2024-44948, CVE-2024-46822, CVE-2024-46738, CVE-2024-36484, CVE-2024-41065, CVE-2024-46685, CVE-2024-44935, CVE-2024-46759, CVE-2024-42292, CVE-2024-43879, CVE-2024-42287, CVE-2024-42288, CVE-2024-41063, CVE-2024-41011, CVE-2024-44946, CVE-2024-42290, CVE-2024-38570, CVE-2024-42310, CVE-2024-46743, CVE-2024-43861, CVE-2024-42131, CVE-2021-47212, CVE-2024-46719, CVE-2024-46815, CVE-2024-26641, CVE-2024-43894, CVE-2024-44988, CVE-2024-42259, CVE-2024-46771, CVE-2024-46673, CVE-2024-45028, CVE-2024-46761, CVE-2024-41071, CVE-2024-38630, CVE-2024-43835, CVE-2024-46800, CVE-2024-42284) Update Instructions: Run `sudo pro fix USN-7119-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1044-iot - 5.4.0-1044.45 linux-headers-5.4.0-1044-iot - 5.4.0-1044.45 linux-image-5.4.0-1044-iot - 5.4.0-1044.45 linux-image-unsigned-5.4.0-1044-iot - 5.4.0-1044.45 linux-iot-headers-5.4.0-1044 - 5.4.0-1044.45 linux-iot-tools-5.4.0-1044 - 5.4.0-1044.45 linux-modules-5.4.0-1044-iot - 5.4.0-1044.45 linux-tools-5.4.0-1044-iot - 5.4.0-1044.45 No subscription required linux-headers-iot - 5.4.0.1044.42 linux-image-iot - 5.4.0.1044.42 linux-iot - 5.4.0.1044.42 linux-tools-iot - 5.4.0.1044.42 No subscription required High CVE-2021-47188 CVE-2021-47212 CVE-2022-36402 CVE-2022-48791 CVE-2022-48863 CVE-2023-52531 CVE-2023-52614 CVE-2023-52918 CVE-2024-26607 CVE-2024-26640 CVE-2024-26641 CVE-2024-26668 CVE-2024-26669 CVE-2024-26677 CVE-2024-26787 CVE-2024-26800 CVE-2024-26885 CVE-2024-26891 CVE-2024-26960 CVE-2024-27012 CVE-2024-27051 CVE-2024-27397 CVE-2024-35848 CVE-2024-36484 CVE-2024-38570 CVE-2024-38602 CVE-2024-38611 CVE-2024-38630 CVE-2024-39494 CVE-2024-40929 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42131 CVE-2024-42160 CVE-2024-42228 CVE-2024-42229 CVE-2024-42244 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42271 CVE-2024-42276 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42297 CVE-2024-42301 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42313 CVE-2024-43829 CVE-2024-43830 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43867 CVE-2024-43871 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43890 CVE-2024-43893 CVE-2024-43894 CVE-2024-43908 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44960 CVE-2024-44965 CVE-2024-44969 CVE-2024-44987 CVE-2024-44988 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45008 CVE-2024-45016 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46747 CVE-2024-46750 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46798 CVE-2024-46800 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47663 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7125-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rapidjson-dev - 1.1.0+dfsg2-5ubuntu1+esm1 rapidjson-doc - 1.1.0+dfsg2-5ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-38517 Ubuntu 20.04 LTS It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. (CVE-2024-52530) It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-52531) It was discovered that libsoup could enter an infinite loop when reading certain websocket data. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-52532) Update Instructions: Run `sudo pro fix USN-7126-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-soup-2.4 - 2.70.0-1ubuntu0.1 libsoup-gnome2.4-1 - 2.70.0-1ubuntu0.1 libsoup-gnome2.4-dev - 2.70.0-1ubuntu0.1 libsoup2.4-1 - 2.70.0-1ubuntu0.1 libsoup2.4-dev - 2.70.0-1ubuntu0.1 libsoup2.4-doc - 2.70.0-1ubuntu0.1 libsoup2.4-tests - 2.70.0-1ubuntu0.1 No subscription required Medium CVE-2024-52530 CVE-2024-52531 CVE-2024-52532 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when closing a buffer, leading to use-after-free. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7131-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.29 vim-athena - 2:8.1.2269-1ubuntu5.29 vim-common - 2:8.1.2269-1ubuntu5.29 vim-doc - 2:8.1.2269-1ubuntu5.29 vim-gtk - 2:8.1.2269-1ubuntu5.29 vim-gtk3 - 2:8.1.2269-1ubuntu5.29 vim-gui-common - 2:8.1.2269-1ubuntu5.29 vim-nox - 2:8.1.2269-1ubuntu5.29 vim-runtime - 2:8.1.2269-1ubuntu5.29 vim-tiny - 2:8.1.2269-1ubuntu5.29 xxd - 2:8.1.2269-1ubuntu5.29 No subscription required Low CVE-2024-47814 Ubuntu 20.04 LTS It was discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform forbidden reads and modifications. (CVE-2024-10976) Jacob Champion discovered that PostgreSQL clients used untrusted server error messages. An attacker that is able to intercept network communications could possibly use this issue to inject error messages that could be interpreted as valid query results. (CVE-2024-10977) Tom Lane discovered that PostgreSQL incorrectly handled certain privilege assignments. A remote attacker could possibly use this issue to view or change different rows from those intended. (CVE-2024-10978) Coby Abrams discovered that PostgreSQL incorrectly handled environment variables. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-10979) Update Instructions: Run `sudo pro fix USN-7132-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.22-0ubuntu0.20.04.1 libecpg-dev - 12.22-0ubuntu0.20.04.1 libecpg6 - 12.22-0ubuntu0.20.04.1 libpgtypes3 - 12.22-0ubuntu0.20.04.1 libpq-dev - 12.22-0ubuntu0.20.04.1 libpq5 - 12.22-0ubuntu0.20.04.1 postgresql-12 - 12.22-0ubuntu0.20.04.1 postgresql-client-12 - 12.22-0ubuntu0.20.04.1 postgresql-doc-12 - 12.22-0ubuntu0.20.04.1 postgresql-plperl-12 - 12.22-0ubuntu0.20.04.1 postgresql-plpython3-12 - 12.22-0ubuntu0.20.04.1 postgresql-pltcl-12 - 12.22-0ubuntu0.20.04.1 postgresql-server-dev-12 - 12.22-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-10976 CVE-2024-10977 CVE-2024-10978 CVE-2024-10979 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-11692, CVE-2024-11694, CVE-2024-11695, CVE-2024-11696, CVE-2024-11697, CVE-2024-11699, CVE-2024-11701, CVE-2024-11704, CVE-2024-11705, CVE-2024-11706, CVE-2024-11708) Update Instructions: Run `sudo pro fix USN-7134-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 133.0+build2-0ubuntu0.20.04.1 firefox-dev - 133.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 133.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 133.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 133.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-11692 CVE-2024-11694 CVE-2024-11695 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699 CVE-2024-11701 CVE-2024-11704 CVE-2024-11705 CVE-2024-11706 CVE-2024-11708 Ubuntu 20.04 LTS jiangniao discovered that Django incorrectly handled the API to strip tags. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. (CVE-2024-53907) Seokchan Yoon discovered that Django incorrectly handled HasKey lookups when using Oracle. A remote attacker could possibly use this issue to inject arbitrary SQL code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-53908) Update Instructions: Run `sudo pro fix USN-7136-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.26 python3-django - 2:2.2.12-1ubuntu0.26 No subscription required Medium CVE-2024-53907 CVE-2024-53908 Ubuntu 20.04 LTS It was discovered that recutils incorrectly handled memory when parsing comments with the recparser utility. An attacker could possibly use this issue to cause a denial of service or run arbitrary commands. (CVE-2021-46019, CVE-2021-46021, CVE-2021-46022) It was discovered that recutils incorrectly handled memory when parsing CSV files. An attacker could possibly use this issue to cause a denial of service or run arbitrary commands. (CVE-2019-11637, CVE-2019-11638, CVE-2019-11639, CVE-2019-11640) It was discovered that recutils incorrectly handled memory when parsing maliciously crafted recfiles. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-6455, CVE-2019-6456, CVE-2019-6457, CVE-2019-6458, CVE-2019-6459, CVE-2019-6460) Update Instructions: Run `sudo pro fix USN-7137-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librec-dev - 1.8-1ubuntu0.20.04.1~esm1 librec1 - 1.8-1ubuntu0.20.04.1~esm1 recutils - 1.8-1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-11637 CVE-2019-11638 CVE-2019-11639 CVE-2019-11640 CVE-2019-6455 CVE-2019-6456 CVE-2019-6457 CVE-2019-6458 CVE-2019-6459 CVE-2019-6460 CVE-2021-46019 CVE-2021-46021 CVE-2021-46022 Ubuntu 20.04 LTS It was discovered that Tinyproxy did not properly manage memory under certain circumstances. An attacker could possibly use this issue to leak left-over heap data if custom error page templates containing special non-standard variables are used. Update Instructions: Run `sudo pro fix USN-7140-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tinyproxy - 1.10.0-4ubuntu0.1 tinyproxy-bin - 1.10.0-4ubuntu0.1 No subscription required Medium CVE-2022-40468 Ubuntu 20.04 LTS It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. (CVE-2023-2794, CVE-2023-4233, CVE-2023-4234) Update Instructions: Run `sudo pro fix USN-7141-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ofono - 1.31-2ubuntu1+esm1 ofono-dev - 1.31-2ubuntu1+esm1 ofono-scripts - 1.31-2ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-2794 CVE-2023-4233 CVE-2023-4234 Ubuntu 20.04 LTS Christian Rellmann discovered that RabbitMQ Server did not properly sanitize user input when adding a new user via the management UI. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. (CVE-2021-32718) Fahimhusain Raydurg discovered that RabbitMQ Server did not properly sanitize user input when using the federation management plugin. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. (CVE-2021-32719) Update Instructions: Run `sudo pro fix USN-7143-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.8.3-0ubuntu0.2 No subscription required Low CVE-2021-32718 CVE-2021-32719 Ubuntu 20.04 LTS Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - Null block device driver; - Character device driver; - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I3C subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - QCOM SoC drivers; - Direct Digital Synthesis drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - Userspace I/O drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - USB Type-C Connector System Software Interface driver; - USB over IP driver; - Virtio Host (VHOST) subsystem; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - F2FS file system; - JFS file system; - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - Proc file system; - SMB network file system; - Bitmap API; - Objagg library; - Perf events; - Virtio network driver; - KCM (Kernel Connection Multiplexor) sockets driver; - Network traffic control; - Control group (cgroup); - DMA mapping infrastructure; - Locking primitives; - Padata parallel execution mechanism; - RCU subsystem; - Scheduler infrastructure; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Wireless networking; - AppArmor security module; - Landlock security; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - SoC audio core drivers; - USB sound devices; (CVE-2024-42280, CVE-2024-46759, CVE-2024-42286, CVE-2024-41042, CVE-2024-42276, CVE-2024-46732, CVE-2024-43902, CVE-2024-47665, CVE-2024-46675, CVE-2024-43873, CVE-2024-46761, CVE-2024-42281, CVE-2024-46795, CVE-2024-43869, CVE-2024-39472, CVE-2024-46800, CVE-2024-44998, CVE-2024-46746, CVE-2024-46747, CVE-2024-41011, CVE-2024-43871, CVE-2024-46737, CVE-2024-42318, CVE-2024-46731, CVE-2024-41022, CVE-2024-42285, CVE-2024-46752, CVE-2024-46818, CVE-2024-44935, CVE-2024-44946, CVE-2024-44944, CVE-2024-41015, CVE-2024-42312, CVE-2024-46676, CVE-2024-43834, CVE-2024-44966, CVE-2024-46743, CVE-2024-45026, CVE-2024-46805, CVE-2024-26607, CVE-2024-46771, CVE-2024-43905, CVE-2024-43884, CVE-2024-41070, CVE-2024-43829, CVE-2024-46725, CVE-2024-45028, CVE-2024-42287, CVE-2024-42313, CVE-2024-42277, CVE-2024-42290, CVE-2024-44934, CVE-2024-46829, CVE-2024-46707, CVE-2024-46677, CVE-2024-42311, CVE-2024-46814, CVE-2024-46815, CVE-2024-46755, CVE-2024-41065, CVE-2024-43889, CVE-2024-46780, CVE-2024-43860, CVE-2024-46777, CVE-2024-46719, CVE-2024-45009, CVE-2024-42302, CVE-2024-42304, CVE-2024-41063, CVE-2024-47659, CVE-2024-46822, CVE-2024-46756, CVE-2024-42283, CVE-2024-46757, CVE-2024-43909, CVE-2024-45011, CVE-2024-46739, CVE-2024-46750, CVE-2024-46782, CVE-2024-44986, CVE-2024-44983, CVE-2024-45021, CVE-2024-44987, CVE-2024-41090, CVE-2024-42288, CVE-2024-44969, CVE-2024-42272, CVE-2024-43893, CVE-2024-42259, CVE-2024-46781, CVE-2024-43907, CVE-2024-42265, CVE-2024-43839, CVE-2024-47663, CVE-2024-46798, CVE-2024-43817, CVE-2024-42295, CVE-2024-46840, CVE-2024-45008, CVE-2024-43849, CVE-2024-46744, CVE-2024-43879, CVE-2024-43841, CVE-2024-42299, CVE-2024-46783, CVE-2024-36484, CVE-2024-47660, CVE-2024-42310, CVE-2024-44990, CVE-2024-42270, CVE-2024-43894, CVE-2024-41071, CVE-2024-40915, CVE-2024-46810, CVE-2024-44954, CVE-2024-42246, CVE-2023-52889, CVE-2024-43892, CVE-2024-43890, CVE-2024-42284, CVE-2023-52918, CVE-2024-47669, CVE-2024-41078, CVE-2024-41073, CVE-2024-26800, CVE-2024-41091, CVE-2024-46828, CVE-2022-48666, CVE-2024-41060, CVE-2024-42114, CVE-2024-46807, CVE-2024-26669, CVE-2024-44965, CVE-2024-46758, CVE-2024-44947, CVE-2024-43875, CVE-2024-42126, CVE-2024-46685, CVE-2024-43883, CVE-2024-46722, CVE-2024-41064, CVE-2024-43882, CVE-2024-46679, CVE-2024-46740, CVE-2024-45025, CVE-2024-46721, CVE-2024-38611, CVE-2024-46844, CVE-2024-45007, CVE-2024-44960, CVE-2024-42306, CVE-2024-44971, CVE-2024-43835, CVE-2024-42305, CVE-2024-43846, CVE-2024-42289, CVE-2024-46689, CVE-2024-46724, CVE-2024-43853, CVE-2024-44974, CVE-2024-43828, CVE-2024-43914, CVE-2024-44958, CVE-2024-46673, CVE-2024-46723, CVE-2024-41081, CVE-2024-46738, CVE-2024-42296, CVE-2024-45006, CVE-2024-46714, CVE-2024-43880, CVE-2024-42271, CVE-2024-44985, CVE-2024-41072, CVE-2024-43867, CVE-2024-43858, CVE-2024-26893, CVE-2024-41059, CVE-2024-38577, CVE-2024-46817, CVE-2024-46702, CVE-2024-41019, CVE-2024-44999, CVE-2024-43908, CVE-2024-42292, CVE-2024-43856, CVE-2024-45018, CVE-2024-41068, CVE-2024-43870, CVE-2024-45003, CVE-2024-42297, CVE-2024-47668, CVE-2024-43830, CVE-2024-26661, CVE-2024-41017, CVE-2024-42309, CVE-2024-43861, CVE-2024-46791, CVE-2024-44989, CVE-2024-46745, CVE-2024-42269, CVE-2024-43863, CVE-2024-43854, CVE-2024-44995, CVE-2024-46804, CVE-2024-44948, CVE-2024-46819, CVE-2024-41098, CVE-2024-44982, CVE-2024-46763, CVE-2024-46832, CVE-2024-41077, CVE-2024-42274, CVE-2024-47667, CVE-2024-41012, CVE-2024-41020, CVE-2024-42301, CVE-2024-42267, CVE-2024-46713, CVE-2024-38602, CVE-2024-44988) Update Instructions: Run `sudo pro fix USN-7144-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-cloud-tools-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-headers-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-image-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-image-unsigned-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1067.73~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1067 - 5.15.0-1067.73~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1067.73~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1067.73~20.04.1 linux-modules-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-modules-extra-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-modules-iwlwifi-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 linux-tools-5.15.0-1067-intel-iotg - 5.15.0-1067.73~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1067.73~20.04.1 linux-headers-intel - 5.15.0.1067.73~20.04.1 linux-headers-intel-iotg - 5.15.0.1067.73~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1067.73~20.04.1 linux-image-intel - 5.15.0.1067.73~20.04.1 linux-image-intel-iotg - 5.15.0.1067.73~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1067.73~20.04.1 linux-intel - 5.15.0.1067.73~20.04.1 linux-intel-iotg - 5.15.0.1067.73~20.04.1 linux-intel-iotg-edge - 5.15.0.1067.73~20.04.1 linux-tools-intel - 5.15.0.1067.73~20.04.1 linux-tools-intel-iotg - 5.15.0.1067.73~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1067.73~20.04.1 No subscription required High CVE-2022-48666 CVE-2023-52889 CVE-2023-52918 CVE-2024-25744 CVE-2024-26607 CVE-2024-26661 CVE-2024-26669 CVE-2024-26800 CVE-2024-26893 CVE-2024-36484 CVE-2024-38577 CVE-2024-38602 CVE-2024-38611 CVE-2024-39472 CVE-2024-40915 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41019 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41060 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41077 CVE-2024-41078 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42114 CVE-2024-42126 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42267 CVE-2024-42269 CVE-2024-42270 CVE-2024-42271 CVE-2024-42272 CVE-2024-42274 CVE-2024-42276 CVE-2024-42277 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42296 CVE-2024-42297 CVE-2024-42299 CVE-2024-42301 CVE-2024-42302 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313 CVE-2024-42318 CVE-2024-43817 CVE-2024-43828 CVE-2024-43829 CVE-2024-43830 CVE-2024-43834 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43849 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863 CVE-2024-43867 CVE-2024-43869 CVE-2024-43870 CVE-2024-43871 CVE-2024-43873 CVE-2024-43875 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43889 CVE-2024-43890 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894 CVE-2024-43902 CVE-2024-43905 CVE-2024-43907 CVE-2024-43908 CVE-2024-43909 CVE-2024-43914 CVE-2024-44934 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44958 CVE-2024-44960 CVE-2024-44965 CVE-2024-44966 CVE-2024-44969 CVE-2024-44971 CVE-2024-44974 CVE-2024-44982 CVE-2024-44983 CVE-2024-44985 CVE-2024-44986 CVE-2024-44987 CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45007 CVE-2024-45008 CVE-2024-45009 CVE-2024-45011 CVE-2024-45018 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46702 CVE-2024-46707 CVE-2024-46713 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46731 CVE-2024-46732 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46746 CVE-2024-46747 CVE-2024-46750 CVE-2024-46752 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46763 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46791 CVE-2024-46795 CVE-2024-46798 CVE-2024-46800 CVE-2024-46804 CVE-2024-46805 CVE-2024-46807 CVE-2024-46810 CVE-2024-46814 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46819 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46832 CVE-2024-46840 CVE-2024-46844 CVE-2024-47659 CVE-2024-47660 CVE-2024-47663 CVE-2024-47665 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 Ubuntu 20.04 LTS It was discovered that Expat did not properly handle its internal state when attempting to resume an unstarted parser. An attacker could use this issue to cause a denial of service (application crash). Update Instructions: Run `sudo pro fix USN-7145-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: expat - 2.2.9-1ubuntu0.8 libexpat1 - 2.2.9-1ubuntu0.8 libexpat1-dev - 2.2.9-1ubuntu0.8 No subscription required Medium CVE-2024-50602 Ubuntu 20.04 LTS Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel(R) Xeon(R) processors did not properly restrict access to the memory controller when using Intel(R) SGX. This may allow a local privileged attacker to further escalate their privileges. (CVE-2024-21820, CVE-2024-23918) It was discovered that some 4th and 5th Generation Intel(R) Xeon(R) Processors did not properly implement finite state machines (FSMs) in hardware logic. THis may allow a local privileged attacker to cause a denial of service (system crash). (CVE-2024-21853) It was discovered that some Intel(R) Processors did not properly restrict access to the Running Average Power Limit (RAPL) interface. This may allow a local privileged attacker to obtain sensitive information. (CVE-2024-23984) It was discovered that some Intel(R) Processors did not properly implement finite state machines (FSMs) in hardware logic. This may allow a local privileged attacker to cause a denial of service (system crash). (CVE-2024-24968) Update Instructions: Run `sudo pro fix USN-7149-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20241112.0ubuntu0.20.04.1 No subscription required Medium CVE-2024-21820 CVE-2024-21853 CVE-2024-23918 CVE-2024-23984 CVE-2024-24968 Ubuntu 20.04 LTS It was discovered that Tornado incorrectly handled a certain redirect. A remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having the user access a specially crafted URL. This issue was only addressed in Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Ubuntu 16.04 LTS was previously addressed in USN-6159-1. (CVE-2023-28370) It was discovered that Tornado inefficiently handled requests when parsing cookies. An attacker could possibly use this issue to increase resource utilization leading to a denial of service. (CVE-2024-52804) Update Instructions: Run `sudo pro fix USN-7150-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-tornado-doc - 6.0.3+really5.1.1-3ubuntu0.1~esm1 python3-tornado - 6.0.3+really5.1.1-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-28370 CVE-2024-52804 Ubuntu 20.04 LTS It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. (CVE-2023-4232, CVE-2023-4235) Update Instructions: Run `sudo pro fix USN-7151-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ofono - 1.31-2ubuntu1+esm2 ofono-dev - 1.31-2ubuntu1+esm2 ofono-scripts - 1.31-2ubuntu1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-4232 CVE-2023-4235 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2024-11233) It was discovered that PHP incorrectly handled certain HTTP requests. An attacker could possibly use this issue to performing arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. (CVE-2024-11234) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2024-11236, CVE-2024-8932) It was discovered that PHP incorrectly handled certain MySQL requests. An attacker could possibly use this issue to cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. (CVE-2024-8929) Update Instructions: Run `sudo pro fix USN-7157-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.28 libphp7.4-embed - 7.4.3-4ubuntu2.28 php7.4 - 7.4.3-4ubuntu2.28 php7.4-bcmath - 7.4.3-4ubuntu2.28 php7.4-bz2 - 7.4.3-4ubuntu2.28 php7.4-cgi - 7.4.3-4ubuntu2.28 php7.4-cli - 7.4.3-4ubuntu2.28 php7.4-common - 7.4.3-4ubuntu2.28 php7.4-curl - 7.4.3-4ubuntu2.28 php7.4-dba - 7.4.3-4ubuntu2.28 php7.4-dev - 7.4.3-4ubuntu2.28 php7.4-enchant - 7.4.3-4ubuntu2.28 php7.4-fpm - 7.4.3-4ubuntu2.28 php7.4-gd - 7.4.3-4ubuntu2.28 php7.4-gmp - 7.4.3-4ubuntu2.28 php7.4-imap - 7.4.3-4ubuntu2.28 php7.4-interbase - 7.4.3-4ubuntu2.28 php7.4-intl - 7.4.3-4ubuntu2.28 php7.4-json - 7.4.3-4ubuntu2.28 php7.4-ldap - 7.4.3-4ubuntu2.28 php7.4-mbstring - 7.4.3-4ubuntu2.28 php7.4-mysql - 7.4.3-4ubuntu2.28 php7.4-odbc - 7.4.3-4ubuntu2.28 php7.4-opcache - 7.4.3-4ubuntu2.28 php7.4-pgsql - 7.4.3-4ubuntu2.28 php7.4-phpdbg - 7.4.3-4ubuntu2.28 php7.4-pspell - 7.4.3-4ubuntu2.28 php7.4-readline - 7.4.3-4ubuntu2.28 php7.4-snmp - 7.4.3-4ubuntu2.28 php7.4-soap - 7.4.3-4ubuntu2.28 php7.4-sqlite3 - 7.4.3-4ubuntu2.28 php7.4-sybase - 7.4.3-4ubuntu2.28 php7.4-tidy - 7.4.3-4ubuntu2.28 php7.4-xml - 7.4.3-4ubuntu2.28 php7.4-xmlrpc - 7.4.3-4ubuntu2.28 php7.4-xsl - 7.4.3-4ubuntu2.28 php7.4-zip - 7.4.3-4ubuntu2.28 No subscription required Medium CVE-2024-11233 CVE-2024-11234 CVE-2024-11236 CVE-2024-8929 CVE-2024-8932 Ubuntu 20.04 LTS USN-7157-1 fixed vulnerabilities in PHP. The patch for CVE-2024-8932 caused a regression in php7.4. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2024-11233) It was discovered that PHP incorrectly handled certain HTTP requests. An attacker could possibly use this issue to performing arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. (CVE-2024-11234) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2024-11236, CVE-2024-8932) It was discovered that PHP incorrectly handled certain MySQL requests. An attacker could possibly use this issue to cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. (CVE-2024-8929) Update Instructions: Run `sudo pro fix USN-7157-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.28 libphp7.4-embed - 7.4.3-4ubuntu2.28 php7.4 - 7.4.3-4ubuntu2.28 php7.4-bcmath - 7.4.3-4ubuntu2.28 php7.4-bz2 - 7.4.3-4ubuntu2.28 php7.4-cgi - 7.4.3-4ubuntu2.28 php7.4-cli - 7.4.3-4ubuntu2.28 php7.4-common - 7.4.3-4ubuntu2.28 php7.4-curl - 7.4.3-4ubuntu2.28 php7.4-dba - 7.4.3-4ubuntu2.28 php7.4-dev - 7.4.3-4ubuntu2.28 php7.4-enchant - 7.4.3-4ubuntu2.28 php7.4-fpm - 7.4.3-4ubuntu2.28 php7.4-gd - 7.4.3-4ubuntu2.28 php7.4-gmp - 7.4.3-4ubuntu2.28 php7.4-imap - 7.4.3-4ubuntu2.28 php7.4-interbase - 7.4.3-4ubuntu2.28 php7.4-intl - 7.4.3-4ubuntu2.28 php7.4-json - 7.4.3-4ubuntu2.28 php7.4-ldap - 7.4.3-4ubuntu2.28 php7.4-mbstring - 7.4.3-4ubuntu2.28 php7.4-mysql - 7.4.3-4ubuntu2.28 php7.4-odbc - 7.4.3-4ubuntu2.28 php7.4-opcache - 7.4.3-4ubuntu2.28 php7.4-pgsql - 7.4.3-4ubuntu2.28 php7.4-phpdbg - 7.4.3-4ubuntu2.28 php7.4-pspell - 7.4.3-4ubuntu2.28 php7.4-readline - 7.4.3-4ubuntu2.28 php7.4-snmp - 7.4.3-4ubuntu2.28 php7.4-soap - 7.4.3-4ubuntu2.28 php7.4-sqlite3 - 7.4.3-4ubuntu2.28 php7.4-sybase - 7.4.3-4ubuntu2.28 php7.4-tidy - 7.4.3-4ubuntu2.28 php7.4-xml - 7.4.3-4ubuntu2.28 php7.4-xmlrpc - 7.4.3-4ubuntu2.28 php7.4-xsl - 7.4.3-4ubuntu2.28 php7.4-zip - 7.4.3-4ubuntu2.28 No subscription required Medium CVE-2024-8932 Ubuntu 20.04 LTS It was discovered that Smarty incorrectly handled query parameters in requests. An attacker could possibly use this issue to inject arbitrary Javascript code, resulting in denial of service or potential execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2018-25047, CVE-2023-28447) It was discovered that Smarty did not properly sanitize user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. (CVE-2024-35226) Update Instructions: Run `sudo pro fix USN-7158-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: smarty3 - 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1 No subscription required High CVE-2018-25047 CVE-2023-28447 CVE-2024-35226 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU drivers; - InfiniBand drivers; - Network drivers; - S/390 drivers; - TTY drivers; - BTRFS file system; - EROFS file system; - F2FS file system; - File systems infrastructure; - BPF subsystem; - Socket messages infrastructure; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - SELinux security module; (CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538, CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724, CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488, CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943, CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639, CVE-2024-42240, CVE-2024-44942, CVE-2021-47076) Update Instructions: Run `sudo pro fix USN-7159-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1055-xilinx-zynqmp - 5.4.0-1055.59 linux-headers-5.4.0-1055-xilinx-zynqmp - 5.4.0-1055.59 linux-image-5.4.0-1055-xilinx-zynqmp - 5.4.0-1055.59 linux-modules-5.4.0-1055-xilinx-zynqmp - 5.4.0-1055.59 linux-tools-5.4.0-1055-xilinx-zynqmp - 5.4.0-1055.59 linux-xilinx-zynqmp-headers-5.4.0-1055 - 5.4.0-1055.59 linux-xilinx-zynqmp-tools-5.4.0-1055 - 5.4.0-1055.59 No subscription required linux-buildinfo-5.4.0-1083-ibm - 5.4.0-1083.88 linux-headers-5.4.0-1083-ibm - 5.4.0-1083.88 linux-ibm-cloud-tools-common - 5.4.0-1083.88 linux-ibm-headers-5.4.0-1083 - 5.4.0-1083.88 linux-ibm-source-5.4.0 - 5.4.0-1083.88 linux-ibm-tools-5.4.0-1083 - 5.4.0-1083.88 linux-ibm-tools-common - 5.4.0-1083.88 linux-image-5.4.0-1083-ibm - 5.4.0-1083.88 linux-image-unsigned-5.4.0-1083-ibm - 5.4.0-1083.88 linux-modules-5.4.0-1083-ibm - 5.4.0-1083.88 linux-modules-extra-5.4.0-1083-ibm - 5.4.0-1083.88 linux-tools-5.4.0-1083-ibm - 5.4.0-1083.88 No subscription required linux-buildinfo-5.4.0-1120-raspi - 5.4.0-1120.132 linux-headers-5.4.0-1120-raspi - 5.4.0-1120.132 linux-image-5.4.0-1120-raspi - 5.4.0-1120.132 linux-modules-5.4.0-1120-raspi - 5.4.0-1120.132 linux-raspi-headers-5.4.0-1120 - 5.4.0-1120.132 linux-raspi-tools-5.4.0-1120 - 5.4.0-1120.132 linux-tools-5.4.0-1120-raspi - 5.4.0-1120.132 No subscription required linux-buildinfo-5.4.0-1124-kvm - 5.4.0-1124.132 linux-headers-5.4.0-1124-kvm - 5.4.0-1124.132 linux-image-5.4.0-1124-kvm - 5.4.0-1124.132 linux-image-unsigned-5.4.0-1124-kvm - 5.4.0-1124.132 linux-kvm-headers-5.4.0-1124 - 5.4.0-1124.132 linux-kvm-tools-5.4.0-1124 - 5.4.0-1124.132 linux-modules-5.4.0-1124-kvm - 5.4.0-1124.132 linux-tools-5.4.0-1124-kvm - 5.4.0-1124.132 No subscription required linux-buildinfo-5.4.0-1140-gcp - 5.4.0-1140.149 linux-gcp-headers-5.4.0-1140 - 5.4.0-1140.149 linux-gcp-tools-5.4.0-1140 - 5.4.0-1140.149 linux-headers-5.4.0-1140-gcp - 5.4.0-1140.149 linux-image-5.4.0-1140-gcp - 5.4.0-1140.149 linux-image-unsigned-5.4.0-1140-gcp - 5.4.0-1140.149 linux-modules-5.4.0-1140-gcp - 5.4.0-1140.149 linux-modules-extra-5.4.0-1140-gcp - 5.4.0-1140.149 linux-tools-5.4.0-1140-gcp - 5.4.0-1140.149 No subscription required linux-buildinfo-5.4.0-202-generic - 5.4.0-202.222 linux-buildinfo-5.4.0-202-generic-lpae - 5.4.0-202.222 linux-buildinfo-5.4.0-202-lowlatency - 5.4.0-202.222 linux-cloud-tools-5.4.0-202 - 5.4.0-202.222 linux-cloud-tools-5.4.0-202-generic - 5.4.0-202.222 linux-cloud-tools-5.4.0-202-lowlatency - 5.4.0-202.222 linux-cloud-tools-common - 5.4.0-202.222 linux-doc - 5.4.0-202.222 linux-headers-5.4.0-202 - 5.4.0-202.222 linux-headers-5.4.0-202-generic - 5.4.0-202.222 linux-headers-5.4.0-202-generic-lpae - 5.4.0-202.222 linux-headers-5.4.0-202-lowlatency - 5.4.0-202.222 linux-image-5.4.0-202-generic - 5.4.0-202.222 linux-image-5.4.0-202-generic-lpae - 5.4.0-202.222 linux-image-5.4.0-202-lowlatency - 5.4.0-202.222 linux-image-unsigned-5.4.0-202-generic - 5.4.0-202.222 linux-image-unsigned-5.4.0-202-lowlatency - 5.4.0-202.222 linux-libc-dev - 5.4.0-202.222 linux-modules-5.4.0-202-generic - 5.4.0-202.222 linux-modules-5.4.0-202-generic-lpae - 5.4.0-202.222 linux-modules-5.4.0-202-lowlatency - 5.4.0-202.222 linux-modules-extra-5.4.0-202-generic - 5.4.0-202.222 linux-source-5.4.0 - 5.4.0-202.222 linux-tools-5.4.0-202 - 5.4.0-202.222 linux-tools-5.4.0-202-generic - 5.4.0-202.222 linux-tools-5.4.0-202-generic-lpae - 5.4.0-202.222 linux-tools-5.4.0-202-lowlatency - 5.4.0-202.222 linux-tools-common - 5.4.0-202.222 linux-tools-host - 5.4.0-202.222 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1055.55 linux-image-xilinx-zynqmp - 5.4.0.1055.55 linux-tools-xilinx-zynqmp - 5.4.0.1055.55 linux-xilinx-zynqmp - 5.4.0.1055.55 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1083.112 linux-ibm-lts-20.04 - 5.4.0.1083.112 linux-image-ibm-lts-20.04 - 5.4.0.1083.112 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1083.112 linux-tools-ibm-lts-20.04 - 5.4.0.1083.112 No subscription required linux-headers-raspi - 5.4.0.1120.150 linux-headers-raspi-hwe-18.04 - 5.4.0.1120.150 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1120.150 linux-headers-raspi2 - 5.4.0.1120.150 linux-headers-raspi2-hwe-18.04 - 5.4.0.1120.150 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1120.150 linux-image-raspi - 5.4.0.1120.150 linux-image-raspi-hwe-18.04 - 5.4.0.1120.150 linux-image-raspi-hwe-18.04-edge - 5.4.0.1120.150 linux-image-raspi2 - 5.4.0.1120.150 linux-image-raspi2-hwe-18.04 - 5.4.0.1120.150 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1120.150 linux-raspi - 5.4.0.1120.150 linux-raspi-hwe-18.04 - 5.4.0.1120.150 linux-raspi-hwe-18.04-edge - 5.4.0.1120.150 linux-raspi2 - 5.4.0.1120.150 linux-raspi2-hwe-18.04 - 5.4.0.1120.150 linux-raspi2-hwe-18.04-edge - 5.4.0.1120.150 linux-tools-raspi - 5.4.0.1120.150 linux-tools-raspi-hwe-18.04 - 5.4.0.1120.150 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1120.150 linux-tools-raspi2 - 5.4.0.1120.150 linux-tools-raspi2-hwe-18.04 - 5.4.0.1120.150 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1120.150 No subscription required linux-headers-kvm - 5.4.0.1124.120 linux-image-kvm - 5.4.0.1124.120 linux-kvm - 5.4.0.1124.120 linux-tools-kvm - 5.4.0.1124.120 No subscription required linux-gcp-lts-20.04 - 5.4.0.1140.142 linux-headers-gcp-lts-20.04 - 5.4.0.1140.142 linux-image-gcp-lts-20.04 - 5.4.0.1140.142 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1140.142 linux-tools-gcp-lts-20.04 - 5.4.0.1140.142 No subscription required linux-cloud-tools-generic - 5.4.0.202.198 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.202.198 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.202.198 linux-cloud-tools-lowlatency - 5.4.0.202.198 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.202.198 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.202.198 linux-cloud-tools-virtual - 5.4.0.202.198 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.202.198 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.202.198 linux-crashdump - 5.4.0.202.198 linux-generic - 5.4.0.202.198 linux-generic-hwe-18.04 - 5.4.0.202.198 linux-generic-hwe-18.04-edge - 5.4.0.202.198 linux-generic-lpae - 5.4.0.202.198 linux-generic-lpae-hwe-18.04 - 5.4.0.202.198 linux-generic-lpae-hwe-18.04-edge - 5.4.0.202.198 linux-headers-generic - 5.4.0.202.198 linux-headers-generic-hwe-18.04 - 5.4.0.202.198 linux-headers-generic-hwe-18.04-edge - 5.4.0.202.198 linux-headers-generic-lpae - 5.4.0.202.198 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.202.198 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.202.198 linux-headers-lowlatency - 5.4.0.202.198 linux-headers-lowlatency-hwe-18.04 - 5.4.0.202.198 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.202.198 linux-headers-oem - 5.4.0.202.198 linux-headers-oem-osp1 - 5.4.0.202.198 linux-headers-virtual - 5.4.0.202.198 linux-headers-virtual-hwe-18.04 - 5.4.0.202.198 linux-headers-virtual-hwe-18.04-edge - 5.4.0.202.198 linux-image-extra-virtual - 5.4.0.202.198 linux-image-extra-virtual-hwe-18.04 - 5.4.0.202.198 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.202.198 linux-image-generic - 5.4.0.202.198 linux-image-generic-hwe-18.04 - 5.4.0.202.198 linux-image-generic-hwe-18.04-edge - 5.4.0.202.198 linux-image-generic-lpae - 5.4.0.202.198 linux-image-generic-lpae-hwe-18.04 - 5.4.0.202.198 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.202.198 linux-image-lowlatency - 5.4.0.202.198 linux-image-lowlatency-hwe-18.04 - 5.4.0.202.198 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.202.198 linux-image-oem - 5.4.0.202.198 linux-image-oem-osp1 - 5.4.0.202.198 linux-image-virtual - 5.4.0.202.198 linux-image-virtual-hwe-18.04 - 5.4.0.202.198 linux-image-virtual-hwe-18.04-edge - 5.4.0.202.198 linux-lowlatency - 5.4.0.202.198 linux-lowlatency-hwe-18.04 - 5.4.0.202.198 linux-lowlatency-hwe-18.04-edge - 5.4.0.202.198 linux-oem - 5.4.0.202.198 linux-oem-osp1 - 5.4.0.202.198 linux-oem-osp1-tools-host - 5.4.0.202.198 linux-oem-tools-host - 5.4.0.202.198 linux-source - 5.4.0.202.198 linux-tools-generic - 5.4.0.202.198 linux-tools-generic-hwe-18.04 - 5.4.0.202.198 linux-tools-generic-hwe-18.04-edge - 5.4.0.202.198 linux-tools-generic-lpae - 5.4.0.202.198 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.202.198 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.202.198 linux-tools-lowlatency - 5.4.0.202.198 linux-tools-lowlatency-hwe-18.04 - 5.4.0.202.198 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.202.198 linux-tools-oem - 5.4.0.202.198 linux-tools-oem-osp1 - 5.4.0.202.198 linux-tools-virtual - 5.4.0.202.198 linux-tools-virtual-hwe-18.04 - 5.4.0.202.198 linux-tools-virtual-hwe-18.04-edge - 5.4.0.202.198 linux-virtual - 5.4.0.202.198 linux-virtual-hwe-18.04 - 5.4.0.202.198 linux-virtual-hwe-18.04-edge - 5.4.0.202.198 No subscription required Medium CVE-2021-47076 CVE-2021-47501 CVE-2022-48733 CVE-2022-48938 CVE-2022-48943 CVE-2023-52488 CVE-2023-52497 CVE-2023-52498 CVE-2023-52639 CVE-2024-26947 CVE-2024-35904 CVE-2024-35951 CVE-2024-36938 CVE-2024-36953 CVE-2024-36968 CVE-2024-38538 CVE-2024-42068 CVE-2024-42077 CVE-2024-42156 CVE-2024-42240 CVE-2024-44940 CVE-2024-44942 CVE-2024-46724 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU drivers; - InfiniBand drivers; - Network drivers; - S/390 drivers; - TTY drivers; - BTRFS file system; - EROFS file system; - F2FS file system; - File systems infrastructure; - BPF subsystem; - Socket messages infrastructure; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - SELinux security module; (CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538, CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724, CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488, CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943, CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639, CVE-2024-42240, CVE-2024-44942, CVE-2021-47076) Update Instructions: Run `sudo pro fix USN-7159-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-5.4.0-1136 - 5.4.0-1136.146 linux-aws-headers-5.4.0-1136 - 5.4.0-1136.146 linux-aws-tools-5.4.0-1136 - 5.4.0-1136.146 linux-buildinfo-5.4.0-1136-aws - 5.4.0-1136.146 linux-cloud-tools-5.4.0-1136-aws - 5.4.0-1136.146 linux-headers-5.4.0-1136-aws - 5.4.0-1136.146 linux-image-5.4.0-1136-aws - 5.4.0-1136.146 linux-image-unsigned-5.4.0-1136-aws - 5.4.0-1136.146 linux-modules-5.4.0-1136-aws - 5.4.0-1136.146 linux-modules-extra-5.4.0-1136-aws - 5.4.0-1136.146 linux-tools-5.4.0-1136-aws - 5.4.0-1136.146 No subscription required linux-aws-lts-20.04 - 5.4.0.1136.133 linux-headers-aws-lts-20.04 - 5.4.0.1136.133 linux-image-aws-lts-20.04 - 5.4.0.1136.133 linux-modules-extra-aws-lts-20.04 - 5.4.0.1136.133 linux-tools-aws-lts-20.04 - 5.4.0.1136.133 No subscription required Medium CVE-2021-47076 CVE-2021-47501 CVE-2022-48733 CVE-2022-48938 CVE-2022-48943 CVE-2023-52488 CVE-2023-52497 CVE-2023-52498 CVE-2023-52639 CVE-2024-26947 CVE-2024-35904 CVE-2024-35951 CVE-2024-36938 CVE-2024-36953 CVE-2024-36968 CVE-2024-38538 CVE-2024-42068 CVE-2024-42077 CVE-2024-42156 CVE-2024-42240 CVE-2024-44940 CVE-2024-44942 CVE-2024-46724 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU drivers; - InfiniBand drivers; - Network drivers; - S/390 drivers; - TTY drivers; - BTRFS file system; - EROFS file system; - F2FS file system; - File systems infrastructure; - BPF subsystem; - Socket messages infrastructure; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - SELinux security module; (CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538, CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724, CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488, CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943, CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639, CVE-2024-42240, CVE-2024-44942, CVE-2021-47076) Update Instructions: Run `sudo pro fix USN-7159-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1096 - 5.4.0-1096.103 linux-bluefield-tools-5.4.0-1096 - 5.4.0-1096.103 linux-buildinfo-5.4.0-1096-bluefield - 5.4.0-1096.103 linux-headers-5.4.0-1096-bluefield - 5.4.0-1096.103 linux-image-5.4.0-1096-bluefield - 5.4.0-1096.103 linux-image-unsigned-5.4.0-1096-bluefield - 5.4.0-1096.103 linux-modules-5.4.0-1096-bluefield - 5.4.0-1096.103 linux-tools-5.4.0-1096-bluefield - 5.4.0-1096.103 No subscription required linux-buildinfo-5.4.0-1135-oracle - 5.4.0-1135.144 linux-headers-5.4.0-1135-oracle - 5.4.0-1135.144 linux-image-5.4.0-1135-oracle - 5.4.0-1135.144 linux-image-unsigned-5.4.0-1135-oracle - 5.4.0-1135.144 linux-modules-5.4.0-1135-oracle - 5.4.0-1135.144 linux-modules-extra-5.4.0-1135-oracle - 5.4.0-1135.144 linux-oracle-headers-5.4.0-1135 - 5.4.0-1135.144 linux-oracle-tools-5.4.0-1135 - 5.4.0-1135.144 linux-tools-5.4.0-1135-oracle - 5.4.0-1135.144 No subscription required linux-bluefield - 5.4.0.1096.92 linux-headers-bluefield - 5.4.0.1096.92 linux-image-bluefield - 5.4.0.1096.92 linux-tools-bluefield - 5.4.0.1096.92 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1135.128 linux-image-oracle-lts-20.04 - 5.4.0.1135.128 linux-oracle-lts-20.04 - 5.4.0.1135.128 linux-tools-oracle-lts-20.04 - 5.4.0.1135.128 No subscription required Medium CVE-2021-47076 CVE-2021-47501 CVE-2022-48733 CVE-2022-48938 CVE-2022-48943 CVE-2023-52488 CVE-2023-52497 CVE-2023-52498 CVE-2023-52639 CVE-2024-26947 CVE-2024-35904 CVE-2024-35951 CVE-2024-36938 CVE-2024-36953 CVE-2024-36968 CVE-2024-38538 CVE-2024-42068 CVE-2024-42077 CVE-2024-42156 CVE-2024-42240 CVE-2024-44940 CVE-2024-44942 CVE-2024-46724 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU drivers; - InfiniBand drivers; - Network drivers; - S/390 drivers; - TTY drivers; - BTRFS file system; - EROFS file system; - F2FS file system; - File systems infrastructure; - BPF subsystem; - Socket messages infrastructure; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - SELinux security module; (CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538, CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724, CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488, CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943, CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639, CVE-2024-42240, CVE-2024-44942, CVE-2021-47076) Update Instructions: Run `sudo pro fix USN-7159-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1045-iot - 5.4.0-1045.46 linux-headers-5.4.0-1045-iot - 5.4.0-1045.46 linux-image-5.4.0-1045-iot - 5.4.0-1045.46 linux-image-unsigned-5.4.0-1045-iot - 5.4.0-1045.46 linux-iot-headers-5.4.0-1045 - 5.4.0-1045.46 linux-iot-tools-5.4.0-1045 - 5.4.0-1045.46 linux-modules-5.4.0-1045-iot - 5.4.0-1045.46 linux-tools-5.4.0-1045-iot - 5.4.0-1045.46 No subscription required linux-headers-iot - 5.4.0.1045.43 linux-image-iot - 5.4.0.1045.43 linux-iot - 5.4.0.1045.43 linux-tools-iot - 5.4.0.1045.43 No subscription required Medium CVE-2021-47076 CVE-2021-47501 CVE-2022-48733 CVE-2022-48938 CVE-2022-48943 CVE-2023-52488 CVE-2023-52497 CVE-2023-52498 CVE-2023-52639 CVE-2024-26947 CVE-2024-35904 CVE-2024-35951 CVE-2024-36938 CVE-2024-36953 CVE-2024-36968 CVE-2024-38538 CVE-2024-42068 CVE-2024-42077 CVE-2024-42156 CVE-2024-42240 CVE-2024-44940 CVE-2024-44942 CVE-2024-46724 Ubuntu 20.04 LTS It was discovered Mpmath incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Mpmath to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7160-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-mpmath-doc - 1.1.0-2ubuntu0.1~esm1 python3-mpmath - 1.1.0-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-29063 Ubuntu 20.04 LTS USN-7161-1 fixed CVE-2024-29018 in Ubuntu 24.04 LTS. This update fixes it for source package docker.io in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and source package docker.io-app for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. USN-7161-1 fixed CVE-2024-41110 in Ubuntu 24.10, Ubuntu 24.04 LTS, and Ubuntu 18.04 LTS. This update fixes it for source package docker.io-app in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could possibly use this issue to exfiltrate data by encoding information in DNS queries to controlled nameservers. This issue was only addressed for the source package docker.io-app in Ubuntu 24.04 LTS. (CVE-2024-29018) Cory Snider discovered that Docker did not properly handle authorization plugin request processing. An attacker could possibly use this issue to bypass authorization controls by forwarding API requests without their full body, leading to unauthorized actions. This issue was only addressed for the source package docker.io-app in Ubuntu 24.10 and Ubuntu 24.04 LTS, and the source package docker.io in Ubuntu 18.04 LTS. (CVE-2024-41110) Update Instructions: Run `sudo pro fix USN-7161-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: docker-doc - 26.1.3-0ubuntu1~20.04.1+esm1 docker.io - 26.1.3-0ubuntu1~20.04.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2024-29018 CVE-2024-41110 Ubuntu 20.04 LTS USN-7161-1 and USN-7161-2 fixed CVE-2024-41110 for source package docker.io in Ubuntu 18.04 LTS and for source package docker.io-app in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. This update fixes it for source package docker.io in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. These updates only address the docker library and not the docker.io application itself, which was already patched in the previous USNs (USN-7161-1 and USN-7161-2). Original advisory details: Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could possibly use this issue to exfiltrate data by encoding information in DNS queries to controlled nameservers. This issue was only addressed for the source package docker.io-app in Ubuntu 24.04 LTS. (CVE-2024-29018) Cory Snider discovered that Docker did not properly handle authorization plugin request processing. An attacker could possibly use this issue to bypass authorization controls by forwarding API requests without their full body, leading to unauthorized actions. This issue was only addressed for the source package docker.io-app in Ubuntu 24.10 and Ubuntu 24.04 LTS, and the source package docker.io in Ubuntu 18.04 LTS. (CVE-2024-41110) Update Instructions: Run `sudo pro fix USN-7161-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-docker-dev - 20.10.21-0ubuntu1~20.04.6+esm1 golang-github-docker-docker-dev - 20.10.21-0ubuntu1~20.04.6+esm1 vim-syntax-docker - 20.10.21-0ubuntu1~20.04.6+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2024-41110 Ubuntu 20.04 LTS Harry Sintonen discovered that curl incorrectly handled credentials from .netrc files when following HTTP redirects. In certain configurations, the password for the first host could be leaked to the followed-to host, contrary to expectations. Update Instructions: Run `sudo pro fix USN-7162-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: curl - 7.68.0-1ubuntu2.25 libcurl3-gnutls - 7.68.0-1ubuntu2.25 libcurl3-nss - 7.68.0-1ubuntu2.25 libcurl4 - 7.68.0-1ubuntu2.25 libcurl4-doc - 7.68.0-1ubuntu2.25 libcurl4-gnutls-dev - 7.68.0-1ubuntu2.25 libcurl4-nss-dev - 7.68.0-1ubuntu2.25 libcurl4-openssl-dev - 7.68.0-1ubuntu2.25 No subscription required Low CVE-2024-11053 Ubuntu 20.04 LTS It was discovered that the Spring Framework incorrectly handled web requests via data binding. An attacker could possibly use this issue to achieve remote code execution and obtain sensitive information. Update Instructions: Run `sudo pro fix USN-7165-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libspring-aop-java - 4.3.22-4ubuntu0.1~esm1 libspring-beans-java - 4.3.22-4ubuntu0.1~esm1 libspring-context-java - 4.3.22-4ubuntu0.1~esm1 libspring-context-support-java - 4.3.22-4ubuntu0.1~esm1 libspring-core-java - 4.3.22-4ubuntu0.1~esm1 libspring-expression-java - 4.3.22-4ubuntu0.1~esm1 libspring-instrument-java - 4.3.22-4ubuntu0.1~esm1 libspring-jdbc-java - 4.3.22-4ubuntu0.1~esm1 libspring-jms-java - 4.3.22-4ubuntu0.1~esm1 libspring-messaging-java - 4.3.22-4ubuntu0.1~esm1 libspring-orm-java - 4.3.22-4ubuntu0.1~esm1 libspring-oxm-java - 4.3.22-4ubuntu0.1~esm1 libspring-test-java - 4.3.22-4ubuntu0.1~esm1 libspring-transaction-java - 4.3.22-4ubuntu0.1~esm1 libspring-web-java - 4.3.22-4ubuntu0.1~esm1 libspring-web-portlet-java - 4.3.22-4ubuntu0.1~esm1 libspring-web-servlet-java - 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-22965 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - Clock framework and drivers; - Buffer Sharing and Synchronization framework; - EFI core; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Input Device core drivers; - Mailbox framework; - Media drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - NTB driver; - Virtio pmem driver; - PCI subsystem; - x86 platform drivers; - S/390 drivers; - SCSI subsystem; - SPI subsystem; - Thermal drivers; - USB Device Class drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - 9P distributed file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Network file system (NFS) superblock; - Bluetooth subsystem; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Kernel thread helper (kthread); - Padata parallel execution mechanism; - Arbitrary resource management; - Static call mechanism; - Tracing infrastructure; - Memory management; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - SELinux security module; - Simplified Mandatory Access Control Kernel framework; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2024-49944, CVE-2024-49907, CVE-2024-50062, CVE-2024-36893, CVE-2024-49985, CVE-2024-49903, CVE-2024-49886, CVE-2024-50180, CVE-2024-47757, CVE-2024-49938, CVE-2024-49902, CVE-2024-47709, CVE-2024-49884, CVE-2024-49967, CVE-2024-49977, CVE-2024-47734, CVE-2024-49954, CVE-2024-49963, CVE-2024-47747, CVE-2024-50008, CVE-2024-47696, CVE-2024-50038, CVE-2024-46695, CVE-2024-47705, CVE-2024-49957, CVE-2024-38538, CVE-2024-50019, CVE-2024-38544, CVE-2024-50003, CVE-2024-50095, CVE-2024-50000, CVE-2024-49981, CVE-2024-49863, CVE-2024-47710, CVE-2024-49983, CVE-2024-26947, CVE-2024-46852, CVE-2024-49871, CVE-2024-49936, CVE-2024-47720, CVE-2024-49881, CVE-2024-47672, CVE-2024-50040, CVE-2024-49997, CVE-2024-50044, CVE-2023-52532, CVE-2024-47740, CVE-2024-44942, CVE-2024-49948, CVE-2023-52621, CVE-2024-49959, CVE-2024-47718, CVE-2024-50188, CVE-2024-47699, CVE-2024-47756, CVE-2024-47723, CVE-2024-46849, CVE-2024-50035, CVE-2024-50189, CVE-2024-47684, CVE-2024-49900, CVE-2024-50024, CVE-2024-49851, CVE-2024-49860, CVE-2024-49924, CVE-2024-49946, CVE-2024-44940, CVE-2023-52904, CVE-2024-47679, CVE-2024-47748, CVE-2023-52917, CVE-2024-47735, CVE-2024-46858, CVE-2024-35904, CVE-2024-47673, CVE-2024-49878, CVE-2024-47739, CVE-2024-49973, CVE-2024-49935, CVE-2024-49875, CVE-2024-49896, CVE-2024-47690, CVE-2024-50007, CVE-2024-49933, CVE-2024-49958, CVE-2024-49913, CVE-2024-49883, CVE-2024-47742, CVE-2024-41016, CVE-2024-50002, CVE-2024-49969, CVE-2024-46853, CVE-2024-50031, CVE-2024-47698, CVE-2024-47749, CVE-2024-50059, CVE-2024-49966, CVE-2024-50093, CVE-2024-27072, CVE-2024-50186, CVE-2024-49895, CVE-2024-38632, CVE-2024-49995, CVE-2024-38545, CVE-2024-38667, CVE-2024-36968, CVE-2024-49952, CVE-2024-50001, CVE-2024-47697, CVE-2024-50045, CVE-2024-49856, CVE-2024-49852, CVE-2024-47712, CVE-2023-52639, CVE-2024-49975, CVE-2024-42158, CVE-2024-49962, CVE-2024-50181, CVE-2024-42156, CVE-2024-46855, CVE-2024-47693, CVE-2024-47670, CVE-2024-47706, CVE-2024-50184, CVE-2024-49965, CVE-2024-39463, CVE-2024-50191, CVE-2024-49866, CVE-2024-49890, CVE-2024-49877, CVE-2024-49879, CVE-2024-49927, CVE-2024-50039, CVE-2024-46859, CVE-2024-47674, CVE-2024-50096, CVE-2024-50013, CVE-2024-46854, CVE-2024-49868, CVE-2024-49882, CVE-2024-47671, CVE-2024-50179, CVE-2024-44931, CVE-2024-50046, CVE-2024-50006, CVE-2024-49892, CVE-2024-49949, CVE-2024-42079, CVE-2024-46865, CVE-2024-47692, CVE-2024-47713, CVE-2024-47701, CVE-2024-49889, CVE-2024-49894, CVE-2024-50015, CVE-2024-49858, CVE-2024-49955, CVE-2024-49867, CVE-2024-35951, CVE-2024-50033, CVE-2024-49982, CVE-2024-47695, CVE-2024-50049, CVE-2024-49930, CVE-2024-50041, CVE-2024-47737, CVE-2024-47685) Update Instructions: Run `sudo pro fix USN-7166-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 linux-headers-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 linux-ibm-5.15-headers-5.15.0-1066 - 5.15.0-1066.69~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1066.69~20.04.1 linux-ibm-5.15-tools-5.15.0-1066 - 5.15.0-1066.69~20.04.1 linux-image-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 linux-image-unsigned-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 linux-modules-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 linux-modules-extra-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 linux-tools-5.15.0-1066-ibm - 5.15.0-1066.69~20.04.1 No subscription required linux-buildinfo-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 linux-headers-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 linux-image-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 linux-image-unsigned-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 linux-modules-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 linux-modules-extra-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 linux-oracle-5.15-headers-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-oracle-5.15-tools-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-tools-5.15.0-1071-oracle - 5.15.0-1071.77~20.04.1 No subscription required linux-buildinfo-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-gcp-5.15-headers-5.15.0-1072 - 5.15.0-1072.80~20.04.1 linux-gcp-5.15-tools-5.15.0-1072 - 5.15.0-1072.80~20.04.1 linux-headers-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-image-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-image-unsigned-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-modules-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-modules-extra-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-modules-iwlwifi-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 linux-tools-5.15.0-1072-gcp - 5.15.0-1072.80~20.04.1 No subscription required linux-buildinfo-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-buildinfo-5.15.0-127-lowlatency-64k - 5.15.0-127.137~20.04.1 linux-cloud-tools-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-headers-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-headers-5.15.0-127-lowlatency-64k - 5.15.0-127.137~20.04.1 linux-image-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-image-5.15.0-127-lowlatency-64k - 5.15.0-127.137~20.04.1 linux-image-unsigned-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-image-unsigned-5.15.0-127-lowlatency-64k - 5.15.0-127.137~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-127 - 5.15.0-127.137~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-127 - 5.15.0-127.137~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-127 - 5.15.0-127.137~20.04.1 linux-modules-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-modules-5.15.0-127-lowlatency-64k - 5.15.0-127.137~20.04.1 linux-modules-iwlwifi-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-tools-5.15.0-127-lowlatency - 5.15.0-127.137~20.04.1 linux-tools-5.15.0-127-lowlatency-64k - 5.15.0-127.137~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1066.69~20.04.1 linux-headers-ibm-edge - 5.15.0.1066.69~20.04.1 linux-ibm - 5.15.0.1066.69~20.04.1 linux-ibm-edge - 5.15.0.1066.69~20.04.1 linux-image-ibm - 5.15.0.1066.69~20.04.1 linux-image-ibm-edge - 5.15.0.1066.69~20.04.1 linux-tools-ibm - 5.15.0.1066.69~20.04.1 linux-tools-ibm-edge - 5.15.0.1066.69~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1071.77~20.04.1 linux-headers-oracle-edge - 5.15.0.1071.77~20.04.1 linux-image-oracle - 5.15.0.1071.77~20.04.1 linux-image-oracle-edge - 5.15.0.1071.77~20.04.1 linux-oracle - 5.15.0.1071.77~20.04.1 linux-oracle-edge - 5.15.0.1071.77~20.04.1 linux-tools-oracle - 5.15.0.1071.77~20.04.1 linux-tools-oracle-edge - 5.15.0.1071.77~20.04.1 No subscription required linux-gcp - 5.15.0.1072.80~20.04.1 linux-gcp-edge - 5.15.0.1072.80~20.04.1 linux-headers-gcp - 5.15.0.1072.80~20.04.1 linux-headers-gcp-edge - 5.15.0.1072.80~20.04.1 linux-image-gcp - 5.15.0.1072.80~20.04.1 linux-image-gcp-edge - 5.15.0.1072.80~20.04.1 linux-modules-extra-gcp - 5.15.0.1072.80~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1072.80~20.04.1 linux-tools-gcp - 5.15.0.1072.80~20.04.1 linux-tools-gcp-edge - 5.15.0.1072.80~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.127.137~20.04.1 No subscription required High CVE-2023-52532 CVE-2023-52621 CVE-2023-52639 CVE-2023-52904 CVE-2024-26947 CVE-2024-27072 CVE-2024-35904 CVE-2024-35951 CVE-2024-36893 CVE-2024-36968 CVE-2024-38538 CVE-2024-38544 CVE-2024-38545 CVE-2024-38632 CVE-2024-38667 CVE-2024-39463 CVE-2024-41016 CVE-2024-42079 CVE-2024-42156 CVE-2024-42158 CVE-2024-44931 CVE-2024-44940 CVE-2024-44942 CVE-2024-46695 CVE-2024-46849 CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855 CVE-2024-46858 CVE-2024-46859 CVE-2024-46865 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47690 CVE-2024-47692 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47705 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47718 CVE-2024-47720 CVE-2024-47723 CVE-2024-47734 CVE-2024-47735 CVE-2024-47737 CVE-2024-47739 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47748 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49852 CVE-2024-49856 CVE-2024-49858 CVE-2024-49860 CVE-2024-49863 CVE-2024-49866 CVE-2024-49867 CVE-2024-49868 CVE-2024-49871 CVE-2024-49875 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49881 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49886 CVE-2024-49889 CVE-2024-49890 CVE-2024-49892 CVE-2024-49894 CVE-2024-49895 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49907 CVE-2024-49913 CVE-2024-49924 CVE-2024-49927 CVE-2024-49930 CVE-2024-49933 CVE-2024-49935 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49946 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49954 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49969 CVE-2024-49973 CVE-2024-49975 CVE-2024-49977 CVE-2024-49981 CVE-2024-49982 CVE-2024-49983 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002 CVE-2024-50003 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50013 CVE-2024-50015 CVE-2024-50019 CVE-2024-50024 CVE-2024-50031 CVE-2024-50033 CVE-2024-50035 CVE-2024-50038 CVE-2024-50039 CVE-2024-50040 CVE-2024-50041 CVE-2024-50044 CVE-2024-50045 CVE-2024-50046 CVE-2024-50049 CVE-2024-50059 CVE-2024-50062 CVE-2024-50093 CVE-2024-50095 CVE-2024-50096 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50186 CVE-2024-50188 CVE-2024-50189 CVE-2024-50191 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - Clock framework and drivers; - Buffer Sharing and Synchronization framework; - EFI core; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Input Device core drivers; - Mailbox framework; - Media drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - NTB driver; - Virtio pmem driver; - PCI subsystem; - x86 platform drivers; - S/390 drivers; - SCSI subsystem; - SPI subsystem; - Thermal drivers; - USB Device Class drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - 9P distributed file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Network file system (NFS) superblock; - Bluetooth subsystem; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Kernel thread helper (kthread); - Padata parallel execution mechanism; - Arbitrary resource management; - Static call mechanism; - Tracing infrastructure; - Memory management; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - SELinux security module; - Simplified Mandatory Access Control Kernel framework; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2024-49944, CVE-2024-49907, CVE-2024-50062, CVE-2024-36893, CVE-2024-49985, CVE-2024-49903, CVE-2024-49886, CVE-2024-50180, CVE-2024-47757, CVE-2024-49938, CVE-2024-49902, CVE-2024-47709, CVE-2024-49884, CVE-2024-49967, CVE-2024-49977, CVE-2024-47734, CVE-2024-49954, CVE-2024-49963, CVE-2024-47747, CVE-2024-50008, CVE-2024-47696, CVE-2024-50038, CVE-2024-46695, CVE-2024-47705, CVE-2024-49957, CVE-2024-38538, CVE-2024-50019, CVE-2024-38544, CVE-2024-50003, CVE-2024-50095, CVE-2024-50000, CVE-2024-49981, CVE-2024-49863, CVE-2024-47710, CVE-2024-49983, CVE-2024-26947, CVE-2024-46852, CVE-2024-49871, CVE-2024-49936, CVE-2024-47720, CVE-2024-49881, CVE-2024-47672, CVE-2024-50040, CVE-2024-49997, CVE-2024-50044, CVE-2023-52532, CVE-2024-47740, CVE-2024-44942, CVE-2024-49948, CVE-2023-52621, CVE-2024-49959, CVE-2024-47718, CVE-2024-50188, CVE-2024-47699, CVE-2024-47756, CVE-2024-47723, CVE-2024-46849, CVE-2024-50035, CVE-2024-50189, CVE-2024-47684, CVE-2024-49900, CVE-2024-50024, CVE-2024-49851, CVE-2024-49860, CVE-2024-49924, CVE-2024-49946, CVE-2024-44940, CVE-2023-52904, CVE-2024-47679, CVE-2024-47748, CVE-2023-52917, CVE-2024-47735, CVE-2024-46858, CVE-2024-35904, CVE-2024-47673, CVE-2024-49878, CVE-2024-47739, CVE-2024-49973, CVE-2024-49935, CVE-2024-49875, CVE-2024-49896, CVE-2024-47690, CVE-2024-50007, CVE-2024-49933, CVE-2024-49958, CVE-2024-49913, CVE-2024-49883, CVE-2024-47742, CVE-2024-41016, CVE-2024-50002, CVE-2024-49969, CVE-2024-46853, CVE-2024-50031, CVE-2024-47698, CVE-2024-47749, CVE-2024-50059, CVE-2024-49966, CVE-2024-50093, CVE-2024-27072, CVE-2024-50186, CVE-2024-49895, CVE-2024-38632, CVE-2024-49995, CVE-2024-38545, CVE-2024-38667, CVE-2024-36968, CVE-2024-49952, CVE-2024-50001, CVE-2024-47697, CVE-2024-50045, CVE-2024-49856, CVE-2024-49852, CVE-2024-47712, CVE-2023-52639, CVE-2024-49975, CVE-2024-42158, CVE-2024-49962, CVE-2024-50181, CVE-2024-42156, CVE-2024-46855, CVE-2024-47693, CVE-2024-47670, CVE-2024-47706, CVE-2024-50184, CVE-2024-49965, CVE-2024-39463, CVE-2024-50191, CVE-2024-49866, CVE-2024-49890, CVE-2024-49877, CVE-2024-49879, CVE-2024-49927, CVE-2024-50039, CVE-2024-46859, CVE-2024-47674, CVE-2024-50096, CVE-2024-50013, CVE-2024-46854, CVE-2024-49868, CVE-2024-49882, CVE-2024-47671, CVE-2024-50179, CVE-2024-44931, CVE-2024-50046, CVE-2024-50006, CVE-2024-49892, CVE-2024-49949, CVE-2024-42079, CVE-2024-46865, CVE-2024-47692, CVE-2024-47713, CVE-2024-47701, CVE-2024-49889, CVE-2024-49894, CVE-2024-50015, CVE-2024-49858, CVE-2024-49955, CVE-2024-49867, CVE-2024-35951, CVE-2024-50033, CVE-2024-49982, CVE-2024-47695, CVE-2024-50049, CVE-2024-49930, CVE-2024-50041, CVE-2024-47737, CVE-2024-47685) Update Instructions: Run `sudo pro fix USN-7166-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1073 - 5.15.0-1073.79~20.04.1 linux-aws-5.15-headers-5.15.0-1073 - 5.15.0-1073.79~20.04.1 linux-aws-5.15-tools-5.15.0-1073 - 5.15.0-1073.79~20.04.1 linux-buildinfo-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-cloud-tools-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-headers-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-image-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-image-unsigned-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-modules-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-modules-extra-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 linux-tools-5.15.0-1073-aws - 5.15.0-1073.79~20.04.1 No subscription required linux-aws - 5.15.0.1073.79~20.04.1 linux-aws-edge - 5.15.0.1073.79~20.04.1 linux-headers-aws - 5.15.0.1073.79~20.04.1 linux-headers-aws-edge - 5.15.0.1073.79~20.04.1 linux-image-aws - 5.15.0.1073.79~20.04.1 linux-image-aws-edge - 5.15.0.1073.79~20.04.1 linux-modules-extra-aws - 5.15.0.1073.79~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1073.79~20.04.1 linux-tools-aws - 5.15.0.1073.79~20.04.1 linux-tools-aws-edge - 5.15.0.1073.79~20.04.1 No subscription required High CVE-2023-52532 CVE-2023-52621 CVE-2023-52639 CVE-2023-52904 CVE-2024-26947 CVE-2024-27072 CVE-2024-35904 CVE-2024-35951 CVE-2024-36893 CVE-2024-36968 CVE-2024-38538 CVE-2024-38544 CVE-2024-38545 CVE-2024-38632 CVE-2024-38667 CVE-2024-39463 CVE-2024-41016 CVE-2024-42079 CVE-2024-42156 CVE-2024-42158 CVE-2024-44931 CVE-2024-44940 CVE-2024-44942 CVE-2024-46695 CVE-2024-46849 CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855 CVE-2024-46858 CVE-2024-46859 CVE-2024-46865 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47690 CVE-2024-47692 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47705 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47718 CVE-2024-47720 CVE-2024-47723 CVE-2024-47734 CVE-2024-47735 CVE-2024-47737 CVE-2024-47739 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47748 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49852 CVE-2024-49856 CVE-2024-49858 CVE-2024-49860 CVE-2024-49863 CVE-2024-49866 CVE-2024-49867 CVE-2024-49868 CVE-2024-49871 CVE-2024-49875 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49881 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49886 CVE-2024-49889 CVE-2024-49890 CVE-2024-49892 CVE-2024-49894 CVE-2024-49895 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49907 CVE-2024-49913 CVE-2024-49924 CVE-2024-49927 CVE-2024-49930 CVE-2024-49933 CVE-2024-49935 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49946 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49954 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49969 CVE-2024-49973 CVE-2024-49975 CVE-2024-49977 CVE-2024-49981 CVE-2024-49982 CVE-2024-49983 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002 CVE-2024-50003 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50013 CVE-2024-50015 CVE-2024-50019 CVE-2024-50024 CVE-2024-50031 CVE-2024-50033 CVE-2024-50035 CVE-2024-50038 CVE-2024-50039 CVE-2024-50040 CVE-2024-50041 CVE-2024-50044 CVE-2024-50045 CVE-2024-50046 CVE-2024-50049 CVE-2024-50059 CVE-2024-50062 CVE-2024-50093 CVE-2024-50095 CVE-2024-50096 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50186 CVE-2024-50188 CVE-2024-50189 CVE-2024-50191 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - Clock framework and drivers; - Buffer Sharing and Synchronization framework; - EFI core; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Input Device core drivers; - Mailbox framework; - Media drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - NTB driver; - Virtio pmem driver; - PCI subsystem; - x86 platform drivers; - S/390 drivers; - SCSI subsystem; - SPI subsystem; - Thermal drivers; - USB Device Class drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - 9P distributed file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Network file system (NFS) superblock; - Bluetooth subsystem; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Kernel thread helper (kthread); - Padata parallel execution mechanism; - Arbitrary resource management; - Static call mechanism; - Tracing infrastructure; - Memory management; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - SELinux security module; - Simplified Mandatory Access Control Kernel framework; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2024-49944, CVE-2024-49907, CVE-2024-50062, CVE-2024-36893, CVE-2024-49985, CVE-2024-49903, CVE-2024-49886, CVE-2024-50180, CVE-2024-47757, CVE-2024-49938, CVE-2024-49902, CVE-2024-47709, CVE-2024-49884, CVE-2024-49967, CVE-2024-49977, CVE-2024-47734, CVE-2024-49954, CVE-2024-49963, CVE-2024-47747, CVE-2024-50008, CVE-2024-47696, CVE-2024-50038, CVE-2024-46695, CVE-2024-47705, CVE-2024-49957, CVE-2024-38538, CVE-2024-50019, CVE-2024-38544, CVE-2024-50003, CVE-2024-50095, CVE-2024-50000, CVE-2024-49981, CVE-2024-49863, CVE-2024-47710, CVE-2024-49983, CVE-2024-26947, CVE-2024-46852, CVE-2024-49871, CVE-2024-49936, CVE-2024-47720, CVE-2024-49881, CVE-2024-47672, CVE-2024-50040, CVE-2024-49997, CVE-2024-50044, CVE-2023-52532, CVE-2024-47740, CVE-2024-44942, CVE-2024-49948, CVE-2023-52621, CVE-2024-49959, CVE-2024-47718, CVE-2024-50188, CVE-2024-47699, CVE-2024-47756, CVE-2024-47723, CVE-2024-46849, CVE-2024-50035, CVE-2024-50189, CVE-2024-47684, CVE-2024-49900, CVE-2024-50024, CVE-2024-49851, CVE-2024-49860, CVE-2024-49924, CVE-2024-49946, CVE-2024-44940, CVE-2023-52904, CVE-2024-47679, CVE-2024-47748, CVE-2023-52917, CVE-2024-47735, CVE-2024-46858, CVE-2024-35904, CVE-2024-47673, CVE-2024-49878, CVE-2024-47739, CVE-2024-49973, CVE-2024-49935, CVE-2024-49875, CVE-2024-49896, CVE-2024-47690, CVE-2024-50007, CVE-2024-49933, CVE-2024-49958, CVE-2024-49913, CVE-2024-49883, CVE-2024-47742, CVE-2024-41016, CVE-2024-50002, CVE-2024-49969, CVE-2024-46853, CVE-2024-50031, CVE-2024-47698, CVE-2024-47749, CVE-2024-50059, CVE-2024-49966, CVE-2024-50093, CVE-2024-27072, CVE-2024-50186, CVE-2024-49895, CVE-2024-38632, CVE-2024-49995, CVE-2024-38545, CVE-2024-38667, CVE-2024-36968, CVE-2024-49952, CVE-2024-50001, CVE-2024-47697, CVE-2024-50045, CVE-2024-49856, CVE-2024-49852, CVE-2024-47712, CVE-2023-52639, CVE-2024-49975, CVE-2024-42158, CVE-2024-49962, CVE-2024-50181, CVE-2024-42156, CVE-2024-46855, CVE-2024-47693, CVE-2024-47670, CVE-2024-47706, CVE-2024-50184, CVE-2024-49965, CVE-2024-39463, CVE-2024-50191, CVE-2024-49866, CVE-2024-49890, CVE-2024-49877, CVE-2024-49879, CVE-2024-49927, CVE-2024-50039, CVE-2024-46859, CVE-2024-47674, CVE-2024-50096, CVE-2024-50013, CVE-2024-46854, CVE-2024-49868, CVE-2024-49882, CVE-2024-47671, CVE-2024-50179, CVE-2024-44931, CVE-2024-50046, CVE-2024-50006, CVE-2024-49892, CVE-2024-49949, CVE-2024-42079, CVE-2024-46865, CVE-2024-47692, CVE-2024-47713, CVE-2024-47701, CVE-2024-49889, CVE-2024-49894, CVE-2024-50015, CVE-2024-49858, CVE-2024-49955, CVE-2024-49867, CVE-2024-35951, CVE-2024-50033, CVE-2024-49982, CVE-2024-47695, CVE-2024-50049, CVE-2024-49930, CVE-2024-50041, CVE-2024-47737, CVE-2024-47685) Update Instructions: Run `sudo pro fix USN-7166-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-buildinfo-5.15.0-127-generic-64k - 5.15.0-127.137~20.04.1 linux-buildinfo-5.15.0-127-generic-lpae - 5.15.0-127.137~20.04.1 linux-cloud-tools-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-headers-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-headers-5.15.0-127-generic-64k - 5.15.0-127.137~20.04.1 linux-headers-5.15.0-127-generic-lpae - 5.15.0-127.137~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-127 - 5.15.0-127.137~20.04.1 linux-hwe-5.15-headers-5.15.0-127 - 5.15.0-127.137~20.04.1 linux-hwe-5.15-tools-5.15.0-127 - 5.15.0-127.137~20.04.1 linux-image-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-image-5.15.0-127-generic-64k - 5.15.0-127.137~20.04.1 linux-image-5.15.0-127-generic-lpae - 5.15.0-127.137~20.04.1 linux-image-unsigned-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-image-unsigned-5.15.0-127-generic-64k - 5.15.0-127.137~20.04.1 linux-modules-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-modules-5.15.0-127-generic-64k - 5.15.0-127.137~20.04.1 linux-modules-5.15.0-127-generic-lpae - 5.15.0-127.137~20.04.1 linux-modules-extra-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-modules-iwlwifi-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-tools-5.15.0-127-generic - 5.15.0-127.137~20.04.1 linux-tools-5.15.0-127-generic-64k - 5.15.0-127.137~20.04.1 linux-tools-5.15.0-127-generic-lpae - 5.15.0-127.137~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-generic-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-headers-oem-20.04 - 5.15.0.127.137~20.04.1 linux-headers-oem-20.04b - 5.15.0.127.137~20.04.1 linux-headers-oem-20.04c - 5.15.0.127.137~20.04.1 linux-headers-oem-20.04d - 5.15.0.127.137~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-image-oem-20.04 - 5.15.0.127.137~20.04.1 linux-image-oem-20.04b - 5.15.0.127.137~20.04.1 linux-image-oem-20.04c - 5.15.0.127.137~20.04.1 linux-image-oem-20.04d - 5.15.0.127.137~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.127.137~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.127.137~20.04.1 linux-oem-20.04 - 5.15.0.127.137~20.04.1 linux-oem-20.04b - 5.15.0.127.137~20.04.1 linux-oem-20.04c - 5.15.0.127.137~20.04.1 linux-oem-20.04d - 5.15.0.127.137~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-tools-oem-20.04 - 5.15.0.127.137~20.04.1 linux-tools-oem-20.04b - 5.15.0.127.137~20.04.1 linux-tools-oem-20.04c - 5.15.0.127.137~20.04.1 linux-tools-oem-20.04d - 5.15.0.127.137~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.127.137~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.127.137~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.127.137~20.04.1 No subscription required High CVE-2023-52532 CVE-2023-52621 CVE-2023-52639 CVE-2023-52904 CVE-2024-26947 CVE-2024-27072 CVE-2024-35904 CVE-2024-35951 CVE-2024-36893 CVE-2024-36968 CVE-2024-38538 CVE-2024-38544 CVE-2024-38545 CVE-2024-38632 CVE-2024-38667 CVE-2024-39463 CVE-2024-41016 CVE-2024-42079 CVE-2024-42156 CVE-2024-42158 CVE-2024-44931 CVE-2024-44940 CVE-2024-44942 CVE-2024-46695 CVE-2024-46849 CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855 CVE-2024-46858 CVE-2024-46859 CVE-2024-46865 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47690 CVE-2024-47692 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47705 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47718 CVE-2024-47720 CVE-2024-47723 CVE-2024-47734 CVE-2024-47735 CVE-2024-47737 CVE-2024-47739 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47748 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49852 CVE-2024-49856 CVE-2024-49858 CVE-2024-49860 CVE-2024-49863 CVE-2024-49866 CVE-2024-49867 CVE-2024-49868 CVE-2024-49871 CVE-2024-49875 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49881 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49886 CVE-2024-49889 CVE-2024-49890 CVE-2024-49892 CVE-2024-49894 CVE-2024-49895 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49907 CVE-2024-49913 CVE-2024-49924 CVE-2024-49927 CVE-2024-49930 CVE-2024-49933 CVE-2024-49935 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49946 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49954 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49969 CVE-2024-49973 CVE-2024-49975 CVE-2024-49977 CVE-2024-49981 CVE-2024-49982 CVE-2024-49983 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002 CVE-2024-50003 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50013 CVE-2024-50015 CVE-2024-50019 CVE-2024-50024 CVE-2024-50031 CVE-2024-50033 CVE-2024-50035 CVE-2024-50038 CVE-2024-50039 CVE-2024-50040 CVE-2024-50041 CVE-2024-50044 CVE-2024-50045 CVE-2024-50046 CVE-2024-50049 CVE-2024-50059 CVE-2024-50062 CVE-2024-50093 CVE-2024-50095 CVE-2024-50096 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50186 CVE-2024-50188 CVE-2024-50189 CVE-2024-50191 Ubuntu 20.04 LTS It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use these issues to cause a denial of service, or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7168-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: editorconfig - 0.12.1-1.1+deb11u1build0.20.04.1 editorconfig-doc - 0.12.1-1.1+deb11u1build0.20.04.1 libeditorconfig-dev - 0.12.1-1.1+deb11u1build0.20.04.1 libeditorconfig0 - 0.12.1-1.1+deb11u1build0.20.04.1 No subscription required Medium CVE-2023-0341 CVE-2024-53849 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI subsystem; - Ext4 file system; - Bluetooth subsystem; - Memory management; - Amateur Radio drivers; - Network traffic control; - Sun RPC protocol; - VMware vSockets driver; (CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967, CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101, CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966, CVE-2024-35967, CVE-2024-53057, CVE-2024-38597) Update Instructions: Run `sudo pro fix USN-7173-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1121-raspi - 5.4.0-1121.133 linux-headers-5.4.0-1121-raspi - 5.4.0-1121.133 linux-image-5.4.0-1121-raspi - 5.4.0-1121.133 linux-modules-5.4.0-1121-raspi - 5.4.0-1121.133 linux-raspi-headers-5.4.0-1121 - 5.4.0-1121.133 linux-raspi-tools-5.4.0-1121 - 5.4.0-1121.133 linux-tools-5.4.0-1121-raspi - 5.4.0-1121.133 No subscription required linux-buildinfo-5.4.0-1125-kvm - 5.4.0-1125.133 linux-headers-5.4.0-1125-kvm - 5.4.0-1125.133 linux-image-5.4.0-1125-kvm - 5.4.0-1125.133 linux-image-unsigned-5.4.0-1125-kvm - 5.4.0-1125.133 linux-kvm-headers-5.4.0-1125 - 5.4.0-1125.133 linux-kvm-tools-5.4.0-1125 - 5.4.0-1125.133 linux-modules-5.4.0-1125-kvm - 5.4.0-1125.133 linux-tools-5.4.0-1125-kvm - 5.4.0-1125.133 No subscription required linux-buildinfo-5.4.0-1141-gcp - 5.4.0-1141.150 linux-gcp-headers-5.4.0-1141 - 5.4.0-1141.150 linux-gcp-tools-5.4.0-1141 - 5.4.0-1141.150 linux-headers-5.4.0-1141-gcp - 5.4.0-1141.150 linux-image-5.4.0-1141-gcp - 5.4.0-1141.150 linux-image-unsigned-5.4.0-1141-gcp - 5.4.0-1141.150 linux-modules-5.4.0-1141-gcp - 5.4.0-1141.150 linux-modules-extra-5.4.0-1141-gcp - 5.4.0-1141.150 linux-tools-5.4.0-1141-gcp - 5.4.0-1141.150 No subscription required linux-buildinfo-5.4.0-204-generic - 5.4.0-204.224 linux-buildinfo-5.4.0-204-generic-lpae - 5.4.0-204.224 linux-buildinfo-5.4.0-204-lowlatency - 5.4.0-204.224 linux-cloud-tools-5.4.0-204 - 5.4.0-204.224 linux-cloud-tools-5.4.0-204-generic - 5.4.0-204.224 linux-cloud-tools-5.4.0-204-lowlatency - 5.4.0-204.224 linux-cloud-tools-common - 5.4.0-204.224 linux-doc - 5.4.0-204.224 linux-headers-5.4.0-204 - 5.4.0-204.224 linux-headers-5.4.0-204-generic - 5.4.0-204.224 linux-headers-5.4.0-204-generic-lpae - 5.4.0-204.224 linux-headers-5.4.0-204-lowlatency - 5.4.0-204.224 linux-image-5.4.0-204-generic - 5.4.0-204.224 linux-image-5.4.0-204-generic-lpae - 5.4.0-204.224 linux-image-5.4.0-204-lowlatency - 5.4.0-204.224 linux-image-unsigned-5.4.0-204-generic - 5.4.0-204.224 linux-image-unsigned-5.4.0-204-lowlatency - 5.4.0-204.224 linux-libc-dev - 5.4.0-204.224 linux-modules-5.4.0-204-generic - 5.4.0-204.224 linux-modules-5.4.0-204-generic-lpae - 5.4.0-204.224 linux-modules-5.4.0-204-lowlatency - 5.4.0-204.224 linux-modules-extra-5.4.0-204-generic - 5.4.0-204.224 linux-source-5.4.0 - 5.4.0-204.224 linux-tools-5.4.0-204 - 5.4.0-204.224 linux-tools-5.4.0-204-generic - 5.4.0-204.224 linux-tools-5.4.0-204-generic-lpae - 5.4.0-204.224 linux-tools-5.4.0-204-lowlatency - 5.4.0-204.224 linux-tools-common - 5.4.0-204.224 linux-tools-host - 5.4.0-204.224 No subscription required linux-headers-raspi - 5.4.0.1121.151 linux-headers-raspi-hwe-18.04 - 5.4.0.1121.151 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1121.151 linux-headers-raspi2 - 5.4.0.1121.151 linux-headers-raspi2-hwe-18.04 - 5.4.0.1121.151 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1121.151 linux-image-raspi - 5.4.0.1121.151 linux-image-raspi-hwe-18.04 - 5.4.0.1121.151 linux-image-raspi-hwe-18.04-edge - 5.4.0.1121.151 linux-image-raspi2 - 5.4.0.1121.151 linux-image-raspi2-hwe-18.04 - 5.4.0.1121.151 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1121.151 linux-raspi - 5.4.0.1121.151 linux-raspi-hwe-18.04 - 5.4.0.1121.151 linux-raspi-hwe-18.04-edge - 5.4.0.1121.151 linux-raspi2 - 5.4.0.1121.151 linux-raspi2-hwe-18.04 - 5.4.0.1121.151 linux-raspi2-hwe-18.04-edge - 5.4.0.1121.151 linux-tools-raspi - 5.4.0.1121.151 linux-tools-raspi-hwe-18.04 - 5.4.0.1121.151 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1121.151 linux-tools-raspi2 - 5.4.0.1121.151 linux-tools-raspi2-hwe-18.04 - 5.4.0.1121.151 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1121.151 No subscription required linux-headers-kvm - 5.4.0.1125.121 linux-image-kvm - 5.4.0.1125.121 linux-kvm - 5.4.0.1125.121 linux-tools-kvm - 5.4.0.1125.121 No subscription required linux-gcp-lts-20.04 - 5.4.0.1141.143 linux-headers-gcp-lts-20.04 - 5.4.0.1141.143 linux-image-gcp-lts-20.04 - 5.4.0.1141.143 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1141.143 linux-tools-gcp-lts-20.04 - 5.4.0.1141.143 No subscription required linux-cloud-tools-generic - 5.4.0.204.200 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.204.200 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.204.200 linux-cloud-tools-lowlatency - 5.4.0.204.200 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.204.200 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.204.200 linux-cloud-tools-virtual - 5.4.0.204.200 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.204.200 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.204.200 linux-crashdump - 5.4.0.204.200 linux-generic - 5.4.0.204.200 linux-generic-hwe-18.04 - 5.4.0.204.200 linux-generic-hwe-18.04-edge - 5.4.0.204.200 linux-generic-lpae - 5.4.0.204.200 linux-generic-lpae-hwe-18.04 - 5.4.0.204.200 linux-generic-lpae-hwe-18.04-edge - 5.4.0.204.200 linux-headers-generic - 5.4.0.204.200 linux-headers-generic-hwe-18.04 - 5.4.0.204.200 linux-headers-generic-hwe-18.04-edge - 5.4.0.204.200 linux-headers-generic-lpae - 5.4.0.204.200 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.204.200 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.204.200 linux-headers-lowlatency - 5.4.0.204.200 linux-headers-lowlatency-hwe-18.04 - 5.4.0.204.200 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.204.200 linux-headers-oem - 5.4.0.204.200 linux-headers-oem-osp1 - 5.4.0.204.200 linux-headers-virtual - 5.4.0.204.200 linux-headers-virtual-hwe-18.04 - 5.4.0.204.200 linux-headers-virtual-hwe-18.04-edge - 5.4.0.204.200 linux-image-extra-virtual - 5.4.0.204.200 linux-image-extra-virtual-hwe-18.04 - 5.4.0.204.200 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.204.200 linux-image-generic - 5.4.0.204.200 linux-image-generic-hwe-18.04 - 5.4.0.204.200 linux-image-generic-hwe-18.04-edge - 5.4.0.204.200 linux-image-generic-lpae - 5.4.0.204.200 linux-image-generic-lpae-hwe-18.04 - 5.4.0.204.200 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.204.200 linux-image-lowlatency - 5.4.0.204.200 linux-image-lowlatency-hwe-18.04 - 5.4.0.204.200 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.204.200 linux-image-oem - 5.4.0.204.200 linux-image-oem-osp1 - 5.4.0.204.200 linux-image-virtual - 5.4.0.204.200 linux-image-virtual-hwe-18.04 - 5.4.0.204.200 linux-image-virtual-hwe-18.04-edge - 5.4.0.204.200 linux-lowlatency - 5.4.0.204.200 linux-lowlatency-hwe-18.04 - 5.4.0.204.200 linux-lowlatency-hwe-18.04-edge - 5.4.0.204.200 linux-oem - 5.4.0.204.200 linux-oem-osp1 - 5.4.0.204.200 linux-oem-osp1-tools-host - 5.4.0.204.200 linux-oem-tools-host - 5.4.0.204.200 linux-source - 5.4.0.204.200 linux-tools-generic - 5.4.0.204.200 linux-tools-generic-hwe-18.04 - 5.4.0.204.200 linux-tools-generic-hwe-18.04-edge - 5.4.0.204.200 linux-tools-generic-lpae - 5.4.0.204.200 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.204.200 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.204.200 linux-tools-lowlatency - 5.4.0.204.200 linux-tools-lowlatency-hwe-18.04 - 5.4.0.204.200 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.204.200 linux-tools-oem - 5.4.0.204.200 linux-tools-oem-osp1 - 5.4.0.204.200 linux-tools-virtual - 5.4.0.204.200 linux-tools-virtual-hwe-18.04 - 5.4.0.204.200 linux-tools-virtual-hwe-18.04-edge - 5.4.0.204.200 linux-virtual - 5.4.0.204.200 linux-virtual-hwe-18.04 - 5.4.0.204.200 linux-virtual-hwe-18.04-edge - 5.4.0.204.200 No subscription required High CVE-2021-47001 CVE-2021-47101 CVE-2022-38096 CVE-2023-52821 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-36952 CVE-2024-38553 CVE-2024-38597 CVE-2024-40910 CVE-2024-43892 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI subsystem; - Ext4 file system; - Bluetooth subsystem; - Memory management; - Amateur Radio drivers; - Network traffic control; - Sun RPC protocol; - VMware vSockets driver; (CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967, CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101, CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966, CVE-2024-35967, CVE-2024-53057, CVE-2024-38597) Update Instructions: Run `sudo pro fix USN-7173-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1056-xilinx-zynqmp - 5.4.0-1056.60 linux-headers-5.4.0-1056-xilinx-zynqmp - 5.4.0-1056.60 linux-image-5.4.0-1056-xilinx-zynqmp - 5.4.0-1056.60 linux-modules-5.4.0-1056-xilinx-zynqmp - 5.4.0-1056.60 linux-tools-5.4.0-1056-xilinx-zynqmp - 5.4.0-1056.60 linux-xilinx-zynqmp-headers-5.4.0-1056 - 5.4.0-1056.60 linux-xilinx-zynqmp-tools-5.4.0-1056 - 5.4.0-1056.60 No subscription required linux-buildinfo-5.4.0-1084-ibm - 5.4.0-1084.89 linux-headers-5.4.0-1084-ibm - 5.4.0-1084.89 linux-ibm-cloud-tools-common - 5.4.0-1084.89 linux-ibm-headers-5.4.0-1084 - 5.4.0-1084.89 linux-ibm-source-5.4.0 - 5.4.0-1084.89 linux-ibm-tools-5.4.0-1084 - 5.4.0-1084.89 linux-ibm-tools-common - 5.4.0-1084.89 linux-image-5.4.0-1084-ibm - 5.4.0-1084.89 linux-image-unsigned-5.4.0-1084-ibm - 5.4.0-1084.89 linux-modules-5.4.0-1084-ibm - 5.4.0-1084.89 linux-modules-extra-5.4.0-1084-ibm - 5.4.0-1084.89 linux-tools-5.4.0-1084-ibm - 5.4.0-1084.89 No subscription required linux-bluefield-headers-5.4.0-1097 - 5.4.0-1097.104 linux-bluefield-tools-5.4.0-1097 - 5.4.0-1097.104 linux-buildinfo-5.4.0-1097-bluefield - 5.4.0-1097.104 linux-headers-5.4.0-1097-bluefield - 5.4.0-1097.104 linux-image-5.4.0-1097-bluefield - 5.4.0-1097.104 linux-image-unsigned-5.4.0-1097-bluefield - 5.4.0-1097.104 linux-modules-5.4.0-1097-bluefield - 5.4.0-1097.104 linux-tools-5.4.0-1097-bluefield - 5.4.0-1097.104 No subscription required linux-buildinfo-5.4.0-1136-oracle - 5.4.0-1136.145 linux-headers-5.4.0-1136-oracle - 5.4.0-1136.145 linux-image-5.4.0-1136-oracle - 5.4.0-1136.145 linux-image-unsigned-5.4.0-1136-oracle - 5.4.0-1136.145 linux-modules-5.4.0-1136-oracle - 5.4.0-1136.145 linux-modules-extra-5.4.0-1136-oracle - 5.4.0-1136.145 linux-oracle-headers-5.4.0-1136 - 5.4.0-1136.145 linux-oracle-tools-5.4.0-1136 - 5.4.0-1136.145 linux-tools-5.4.0-1136-oracle - 5.4.0-1136.145 No subscription required linux-aws-cloud-tools-5.4.0-1137 - 5.4.0-1137.147 linux-aws-headers-5.4.0-1137 - 5.4.0-1137.147 linux-aws-tools-5.4.0-1137 - 5.4.0-1137.147 linux-buildinfo-5.4.0-1137-aws - 5.4.0-1137.147 linux-cloud-tools-5.4.0-1137-aws - 5.4.0-1137.147 linux-headers-5.4.0-1137-aws - 5.4.0-1137.147 linux-image-5.4.0-1137-aws - 5.4.0-1137.147 linux-image-unsigned-5.4.0-1137-aws - 5.4.0-1137.147 linux-modules-5.4.0-1137-aws - 5.4.0-1137.147 linux-modules-extra-5.4.0-1137-aws - 5.4.0-1137.147 linux-tools-5.4.0-1137-aws - 5.4.0-1137.147 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1056.56 linux-image-xilinx-zynqmp - 5.4.0.1056.56 linux-tools-xilinx-zynqmp - 5.4.0.1056.56 linux-xilinx-zynqmp - 5.4.0.1056.56 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1084.113 linux-ibm-lts-20.04 - 5.4.0.1084.113 linux-image-ibm-lts-20.04 - 5.4.0.1084.113 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1084.113 linux-tools-ibm-lts-20.04 - 5.4.0.1084.113 No subscription required linux-bluefield - 5.4.0.1097.93 linux-headers-bluefield - 5.4.0.1097.93 linux-image-bluefield - 5.4.0.1097.93 linux-tools-bluefield - 5.4.0.1097.93 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1136.129 linux-image-oracle-lts-20.04 - 5.4.0.1136.129 linux-oracle-lts-20.04 - 5.4.0.1136.129 linux-tools-oracle-lts-20.04 - 5.4.0.1136.129 No subscription required linux-aws-lts-20.04 - 5.4.0.1137.134 linux-headers-aws-lts-20.04 - 5.4.0.1137.134 linux-image-aws-lts-20.04 - 5.4.0.1137.134 linux-modules-extra-aws-lts-20.04 - 5.4.0.1137.134 linux-tools-aws-lts-20.04 - 5.4.0.1137.134 No subscription required High CVE-2021-47001 CVE-2021-47101 CVE-2022-38096 CVE-2023-52821 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-36952 CVE-2024-38553 CVE-2024-38597 CVE-2024-40910 CVE-2024-43892 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS Antonio Morales discovered that GStreamer incorrectly handled allocating memory for certain buffers. An attacker could use this issue to cause GStreamer to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7174-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gstreamer-1.0 - 1.16.3-0ubuntu1.2 gstreamer1.0-doc - 1.16.3-0ubuntu1.2 gstreamer1.0-tools - 1.16.3-0ubuntu1.2 libgstreamer1.0-0 - 1.16.3-0ubuntu1.2 libgstreamer1.0-dev - 1.16.3-0ubuntu1.2 No subscription required Medium CVE-2024-47606 Ubuntu 20.04 LTS Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7175-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gst-plugins-base-1.0 - 1.16.3-0ubuntu1.4 gstreamer1.0-alsa - 1.16.3-0ubuntu1.4 gstreamer1.0-gl - 1.16.3-0ubuntu1.4 gstreamer1.0-plugins-base - 1.16.3-0ubuntu1.4 gstreamer1.0-plugins-base-apps - 1.16.3-0ubuntu1.4 gstreamer1.0-plugins-base-doc - 1.16.3-0ubuntu1.4 gstreamer1.0-x - 1.16.3-0ubuntu1.4 libgstreamer-gl1.0-0 - 1.16.3-0ubuntu1.4 libgstreamer-plugins-base1.0-0 - 1.16.3-0ubuntu1.4 libgstreamer-plugins-base1.0-dev - 1.16.3-0ubuntu1.4 No subscription required Medium CVE-2024-47538 CVE-2024-47541 CVE-2024-47542 CVE-2024-47600 CVE-2024-47607 CVE-2024-47615 CVE-2024-47835 Ubuntu 20.04 LTS Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7176-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gstreamer1.0-gtk3 - 1.16.3-0ubuntu1.3 gstreamer1.0-plugins-good - 1.16.3-0ubuntu1.3 gstreamer1.0-plugins-good-doc - 1.16.3-0ubuntu1.3 gstreamer1.0-pulseaudio - 1.16.3-0ubuntu1.3 gstreamer1.0-qt5 - 1.16.3-0ubuntu1.3 libgstreamer-plugins-good1.0-0 - 1.16.3-0ubuntu1.3 libgstreamer-plugins-good1.0-dev - 1.16.3-0ubuntu1.3 No subscription required Medium CVE-2024-47537 CVE-2024-47539 CVE-2024-47540 CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601 CVE-2024-47602 CVE-2024-47603 CVE-2024-47606 CVE-2024-47613 CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 CVE-2024-47777 CVE-2024-47778 CVE-2024-47834 Ubuntu 20.04 LTS Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Media drivers; - Network drivers; - SMB network file system; - Bluetooth subsystem; - Amateur Radio drivers; - Network traffic control; - VMware vSockets driver; (CVE-2024-43904, CVE-2024-35963, CVE-2024-35967, CVE-2024-40973, CVE-2024-26822, CVE-2024-35965, CVE-2024-40910, CVE-2024-38553, CVE-2024-53057, CVE-2024-50264, CVE-2024-35966) Update Instructions: Run `sudo pro fix USN-7179-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 linux-headers-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 linux-ibm-5.15-headers-5.15.0-1067 - 5.15.0-1067.70~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1067.70~20.04.1 linux-ibm-5.15-tools-5.15.0-1067 - 5.15.0-1067.70~20.04.1 linux-image-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 linux-image-unsigned-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 linux-modules-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 linux-modules-extra-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 linux-tools-5.15.0-1067-ibm - 5.15.0-1067.70~20.04.1 No subscription required linux-buildinfo-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 linux-headers-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 linux-image-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 linux-image-unsigned-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 linux-modules-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 linux-modules-extra-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 linux-oracle-5.15-headers-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-oracle-5.15-tools-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-tools-5.15.0-1072-oracle - 5.15.0-1072.78~20.04.1 No subscription required linux-buildinfo-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-buildinfo-5.15.0-128-lowlatency-64k - 5.15.0-128.138~20.04.1 linux-cloud-tools-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-headers-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-headers-5.15.0-128-lowlatency-64k - 5.15.0-128.138~20.04.1 linux-image-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-image-5.15.0-128-lowlatency-64k - 5.15.0-128.138~20.04.1 linux-image-unsigned-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-image-unsigned-5.15.0-128-lowlatency-64k - 5.15.0-128.138~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-128 - 5.15.0-128.138~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-128 - 5.15.0-128.138~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-128 - 5.15.0-128.138~20.04.1 linux-modules-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-modules-5.15.0-128-lowlatency-64k - 5.15.0-128.138~20.04.1 linux-modules-iwlwifi-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-tools-5.15.0-128-lowlatency - 5.15.0-128.138~20.04.1 linux-tools-5.15.0-128-lowlatency-64k - 5.15.0-128.138~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1067.70~20.04.1 linux-headers-ibm-edge - 5.15.0.1067.70~20.04.1 linux-ibm - 5.15.0.1067.70~20.04.1 linux-ibm-edge - 5.15.0.1067.70~20.04.1 linux-image-ibm - 5.15.0.1067.70~20.04.1 linux-image-ibm-edge - 5.15.0.1067.70~20.04.1 linux-tools-ibm - 5.15.0.1067.70~20.04.1 linux-tools-ibm-edge - 5.15.0.1067.70~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1072.78~20.04.1 linux-headers-oracle-edge - 5.15.0.1072.78~20.04.1 linux-image-oracle - 5.15.0.1072.78~20.04.1 linux-image-oracle-edge - 5.15.0.1072.78~20.04.1 linux-oracle - 5.15.0.1072.78~20.04.1 linux-oracle-edge - 5.15.0.1072.78~20.04.1 linux-tools-oracle - 5.15.0.1072.78~20.04.1 linux-tools-oracle-edge - 5.15.0.1072.78~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.128.138~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.128.138~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.128.138~20.04.1 No subscription required High CVE-2020-12351 CVE-2020-12352 CVE-2020-24490 CVE-2024-26822 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-38553 CVE-2024-40910 CVE-2024-40973 CVE-2024-43904 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Media drivers; - Network drivers; - SMB network file system; - Bluetooth subsystem; - Amateur Radio drivers; - Network traffic control; - VMware vSockets driver; (CVE-2024-35963, CVE-2024-38553, CVE-2024-35965, CVE-2024-26822, CVE-2024-35966, CVE-2024-53057, CVE-2024-43904, CVE-2024-50264, CVE-2024-40973, CVE-2024-40910, CVE-2024-35967) Update Instructions: Run `sudo pro fix USN-7179-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-gcp-5.15-headers-5.15.0-1074 - 5.15.0-1074.83~20.04.1 linux-gcp-5.15-tools-5.15.0-1074 - 5.15.0-1074.83~20.04.1 linux-headers-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-image-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-image-unsigned-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-modules-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-modules-extra-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-modules-iwlwifi-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 linux-tools-5.15.0-1074-gcp - 5.15.0-1074.83~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1075 - 5.15.0-1075.82~20.04.1 linux-aws-5.15-headers-5.15.0-1075 - 5.15.0-1075.82~20.04.1 linux-aws-5.15-tools-5.15.0-1075 - 5.15.0-1075.82~20.04.1 linux-buildinfo-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-cloud-tools-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-headers-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-image-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-image-unsigned-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-modules-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-modules-extra-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 linux-tools-5.15.0-1075-aws - 5.15.0-1075.82~20.04.1 No subscription required linux-buildinfo-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-buildinfo-5.15.0-130-generic-64k - 5.15.0-130.140~20.04.1 linux-buildinfo-5.15.0-130-generic-lpae - 5.15.0-130.140~20.04.1 linux-cloud-tools-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-headers-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-headers-5.15.0-130-generic-64k - 5.15.0-130.140~20.04.1 linux-headers-5.15.0-130-generic-lpae - 5.15.0-130.140~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-130 - 5.15.0-130.140~20.04.1 linux-hwe-5.15-headers-5.15.0-130 - 5.15.0-130.140~20.04.1 linux-hwe-5.15-tools-5.15.0-130 - 5.15.0-130.140~20.04.1 linux-image-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-image-5.15.0-130-generic-64k - 5.15.0-130.140~20.04.1 linux-image-5.15.0-130-generic-lpae - 5.15.0-130.140~20.04.1 linux-image-unsigned-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-image-unsigned-5.15.0-130-generic-64k - 5.15.0-130.140~20.04.1 linux-modules-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-modules-5.15.0-130-generic-64k - 5.15.0-130.140~20.04.1 linux-modules-5.15.0-130-generic-lpae - 5.15.0-130.140~20.04.1 linux-modules-extra-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-modules-iwlwifi-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-tools-5.15.0-130-generic - 5.15.0-130.140~20.04.1 linux-tools-5.15.0-130-generic-64k - 5.15.0-130.140~20.04.1 linux-tools-5.15.0-130-generic-lpae - 5.15.0-130.140~20.04.1 No subscription required linux-gcp - 5.15.0.1074.83~20.04.1 linux-gcp-edge - 5.15.0.1074.83~20.04.1 linux-headers-gcp - 5.15.0.1074.83~20.04.1 linux-headers-gcp-edge - 5.15.0.1074.83~20.04.1 linux-image-gcp - 5.15.0.1074.83~20.04.1 linux-image-gcp-edge - 5.15.0.1074.83~20.04.1 linux-modules-extra-gcp - 5.15.0.1074.83~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1074.83~20.04.1 linux-tools-gcp - 5.15.0.1074.83~20.04.1 linux-tools-gcp-edge - 5.15.0.1074.83~20.04.1 No subscription required linux-aws - 5.15.0.1075.82~20.04.1 linux-aws-edge - 5.15.0.1075.82~20.04.1 linux-headers-aws - 5.15.0.1075.82~20.04.1 linux-headers-aws-edge - 5.15.0.1075.82~20.04.1 linux-image-aws - 5.15.0.1075.82~20.04.1 linux-image-aws-edge - 5.15.0.1075.82~20.04.1 linux-modules-extra-aws - 5.15.0.1075.82~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1075.82~20.04.1 linux-tools-aws - 5.15.0.1075.82~20.04.1 linux-tools-aws-edge - 5.15.0.1075.82~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-generic-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-headers-oem-20.04 - 5.15.0.130.140~20.04.1 linux-headers-oem-20.04b - 5.15.0.130.140~20.04.1 linux-headers-oem-20.04c - 5.15.0.130.140~20.04.1 linux-headers-oem-20.04d - 5.15.0.130.140~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-image-oem-20.04 - 5.15.0.130.140~20.04.1 linux-image-oem-20.04b - 5.15.0.130.140~20.04.1 linux-image-oem-20.04c - 5.15.0.130.140~20.04.1 linux-image-oem-20.04d - 5.15.0.130.140~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.130.140~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.130.140~20.04.1 linux-oem-20.04 - 5.15.0.130.140~20.04.1 linux-oem-20.04b - 5.15.0.130.140~20.04.1 linux-oem-20.04c - 5.15.0.130.140~20.04.1 linux-oem-20.04d - 5.15.0.130.140~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-tools-oem-20.04 - 5.15.0.130.140~20.04.1 linux-tools-oem-20.04b - 5.15.0.130.140~20.04.1 linux-tools-oem-20.04c - 5.15.0.130.140~20.04.1 linux-tools-oem-20.04d - 5.15.0.130.140~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.130.140~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.130.140~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.130.140~20.04.1 No subscription required High CVE-2020-12351 CVE-2020-12352 CVE-2020-24490 CVE-2024-26822 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-38553 CVE-2024-40910 CVE-2024-40973 CVE-2024-43904 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2022-48560) It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity (XXE) injection, resulting in a denial of service or information disclosure. (CVE-2022-48565) It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information. (CVE-2022-48566) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-24329) It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake. (CVE-2023-40217) Update Instructions: Run `sudo pro fix USN-7180-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.7 libpython2.7 - 2.7.18-1~20.04.7 libpython2.7-dev - 2.7.18-1~20.04.7 libpython2.7-minimal - 2.7.18-1~20.04.7 libpython2.7-stdlib - 2.7.18-1~20.04.7 libpython2.7-testsuite - 2.7.18-1~20.04.7 python2.7 - 2.7.18-1~20.04.7 python2.7-dev - 2.7.18-1~20.04.7 python2.7-doc - 2.7.18-1~20.04.7 python2.7-examples - 2.7.18-1~20.04.7 python2.7-minimal - 2.7.18-1~20.04.7 No subscription required Medium CVE-2022-48560 CVE-2022-48565 CVE-2022-48566 CVE-2023-24329 CVE-2023-40217 Ubuntu 20.04 LTS Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - Clock framework and drivers; - Buffer Sharing and Synchronization framework; - EFI core; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Input Device core drivers; - Mailbox framework; - Media drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - NTB driver; - Virtio pmem driver; - PCI subsystem; - x86 platform drivers; - S/390 drivers; - SCSI subsystem; - SPI subsystem; - Thermal drivers; - USB Device Class drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - 9P distributed file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network file system (NFS) superblock; - Bluetooth subsystem; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Kernel thread helper (kthread); - Padata parallel execution mechanism; - Arbitrary resource management; - Static call mechanism; - Tracing infrastructure; - Memory management; - Amateur Radio drivers; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - VMware vSockets driver; - SELinux security module; - Simplified Mandatory Access Control Kernel framework; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2024-47720, CVE-2023-52904, CVE-2024-49907, CVE-2024-50049, CVE-2024-38667, CVE-2024-47747, CVE-2024-50180, CVE-2024-47756, CVE-2024-50015, CVE-2024-49983, CVE-2024-49981, CVE-2024-38538, CVE-2024-47735, CVE-2024-50019, CVE-2024-49955, CVE-2024-38545, CVE-2024-49902, CVE-2024-46849, CVE-2024-49863, CVE-2024-49944, CVE-2024-50189, CVE-2024-49927, CVE-2024-50033, CVE-2024-50045, CVE-2024-49977, CVE-2024-35965, CVE-2024-42158, CVE-2024-49913, CVE-2024-50038, CVE-2024-49883, CVE-2024-38553, CVE-2024-49868, CVE-2024-50264, CVE-2024-46855, CVE-2024-50188, CVE-2024-49952, CVE-2024-47718, CVE-2024-50095, CVE-2024-49936, CVE-2024-47734, CVE-2024-47713, CVE-2024-47723, CVE-2024-49886, CVE-2024-50044, CVE-2024-49985, CVE-2024-49973, CVE-2024-49895, CVE-2024-47693, CVE-2024-46858, CVE-2024-50003, CVE-2024-39463, CVE-2024-46852, CVE-2024-49867, CVE-2024-49967, CVE-2024-47706, CVE-2024-35904, CVE-2024-47698, CVE-2024-47701, CVE-2024-36893, CVE-2024-50031, CVE-2024-47699, CVE-2024-47674, CVE-2024-49871, CVE-2024-42156, CVE-2024-50179, CVE-2024-49995, CVE-2024-49938, CVE-2024-47692, CVE-2024-49975, CVE-2024-47710, CVE-2024-49860, CVE-2024-36968, CVE-2024-53057, CVE-2024-50186, CVE-2024-47695, CVE-2024-40973, CVE-2024-35966, CVE-2024-46865, CVE-2024-47697, CVE-2024-47757, CVE-2023-52639, CVE-2024-47709, CVE-2024-47672, CVE-2024-50040, CVE-2024-49890, CVE-2024-49933, CVE-2024-38544, CVE-2024-49858, CVE-2024-42079, CVE-2024-46853, CVE-2024-50006, CVE-2024-47670, CVE-2024-49896, CVE-2024-50013, CVE-2024-49924, CVE-2024-50093, CVE-2024-49884, CVE-2024-49935, CVE-2024-50184, CVE-2024-27072, CVE-2024-46695, CVE-2024-49997, CVE-2024-49903, CVE-2024-50001, CVE-2024-49969, CVE-2024-49851, CVE-2024-44940, CVE-2024-46859, CVE-2024-44942, CVE-2024-49958, CVE-2024-49930, CVE-2024-49949, CVE-2024-49881, CVE-2024-47690, CVE-2024-49882, CVE-2024-49875, CVE-2024-49959, CVE-2024-46854, CVE-2024-35963, CVE-2024-40910, CVE-2024-49965, CVE-2024-50035, CVE-2024-49957, CVE-2024-50059, CVE-2024-49894, CVE-2024-47685, CVE-2024-50181, CVE-2024-50024, CVE-2024-50062, CVE-2024-43904, CVE-2024-49946, CVE-2024-41016, CVE-2023-52621, CVE-2024-26822, CVE-2024-49877, CVE-2024-35967, CVE-2024-47742, CVE-2024-47739, CVE-2024-26947, CVE-2024-47748, CVE-2024-47737, CVE-2024-44931, CVE-2024-49900, CVE-2024-50041, CVE-2024-50046, CVE-2024-50002, CVE-2024-49852, CVE-2024-50039, CVE-2024-47679, CVE-2024-47749, CVE-2024-49982, CVE-2024-49878, CVE-2024-47712, CVE-2024-47740, CVE-2024-49962, CVE-2024-50096, CVE-2024-49948, CVE-2024-50000, CVE-2024-47671, CVE-2024-49892, CVE-2024-47673, CVE-2024-35951, CVE-2023-52917, CVE-2024-49889, CVE-2024-49954, CVE-2024-38632, CVE-2024-47696, CVE-2024-50007, CVE-2024-47705, CVE-2024-50008, CVE-2024-49966, CVE-2024-49856, CVE-2023-52532, CVE-2024-49866, CVE-2024-47684, CVE-2024-49963, CVE-2024-50191, CVE-2024-49879) Update Instructions: Run `sudo pro fix USN-7186-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-cloud-tools-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-headers-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-image-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-image-unsigned-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1071.77~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1071 - 5.15.0-1071.77~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1071.77~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1071.77~20.04.1 linux-modules-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-modules-extra-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-modules-iwlwifi-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 linux-tools-5.15.0-1071-intel-iotg - 5.15.0-1071.77~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1071.77~20.04.1 linux-headers-intel - 5.15.0.1071.77~20.04.1 linux-headers-intel-iotg - 5.15.0.1071.77~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1071.77~20.04.1 linux-image-intel - 5.15.0.1071.77~20.04.1 linux-image-intel-iotg - 5.15.0.1071.77~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1071.77~20.04.1 linux-intel - 5.15.0.1071.77~20.04.1 linux-intel-iotg - 5.15.0.1071.77~20.04.1 linux-intel-iotg-edge - 5.15.0.1071.77~20.04.1 linux-tools-intel - 5.15.0.1071.77~20.04.1 linux-tools-intel-iotg - 5.15.0.1071.77~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1071.77~20.04.1 No subscription required High CVE-2020-12351 CVE-2020-12352 CVE-2020-24490 CVE-2023-52532 CVE-2023-52621 CVE-2023-52639 CVE-2023-52904 CVE-2024-26822 CVE-2024-26947 CVE-2024-27072 CVE-2024-35904 CVE-2024-35951 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-36893 CVE-2024-36968 CVE-2024-38538 CVE-2024-38544 CVE-2024-38545 CVE-2024-38553 CVE-2024-38632 CVE-2024-38667 CVE-2024-39463 CVE-2024-40910 CVE-2024-40973 CVE-2024-41016 CVE-2024-42079 CVE-2024-42156 CVE-2024-42158 CVE-2024-43904 CVE-2024-44931 CVE-2024-44940 CVE-2024-44942 CVE-2024-46695 CVE-2024-46849 CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855 CVE-2024-46858 CVE-2024-46859 CVE-2024-46865 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47690 CVE-2024-47692 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47705 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47718 CVE-2024-47720 CVE-2024-47723 CVE-2024-47734 CVE-2024-47735 CVE-2024-47737 CVE-2024-47739 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47748 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49852 CVE-2024-49856 CVE-2024-49858 CVE-2024-49860 CVE-2024-49863 CVE-2024-49866 CVE-2024-49867 CVE-2024-49868 CVE-2024-49871 CVE-2024-49875 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49881 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49886 CVE-2024-49889 CVE-2024-49890 CVE-2024-49892 CVE-2024-49894 CVE-2024-49895 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49907 CVE-2024-49913 CVE-2024-49924 CVE-2024-49927 CVE-2024-49930 CVE-2024-49933 CVE-2024-49935 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49946 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49954 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49969 CVE-2024-49973 CVE-2024-49975 CVE-2024-49977 CVE-2024-49981 CVE-2024-49982 CVE-2024-49983 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002 CVE-2024-50003 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50013 CVE-2024-50015 CVE-2024-50019 CVE-2024-50024 CVE-2024-50031 CVE-2024-50033 CVE-2024-50035 CVE-2024-50038 CVE-2024-50039 CVE-2024-50040 CVE-2024-50041 CVE-2024-50044 CVE-2024-50045 CVE-2024-50046 CVE-2024-50049 CVE-2024-50059 CVE-2024-50062 CVE-2024-50093 CVE-2024-50095 CVE-2024-50096 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50186 CVE-2024-50188 CVE-2024-50189 CVE-2024-50191 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS It was discovered that FFmpeg incorrectly handled certain input, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service by crashing the application. Update Instructions: Run `sudo pro fix USN-7188-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm7 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm7 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm7 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm7 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm7 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm7 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm7 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm7 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm7 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm7 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm7 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm7 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm7 libavformat58 - 7:4.2.7-0ubuntu0.1+esm7 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm7 libavresample4 - 7:4.2.7-0ubuntu0.1+esm7 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm7 libavutil56 - 7:4.2.7-0ubuntu0.1+esm7 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm7 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm7 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm7 libswresample3 - 7:4.2.7-0ubuntu0.1+esm7 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm7 libswscale5 - 7:4.2.7-0ubuntu0.1+esm7 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-36617 Ubuntu 20.04 LTS It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-20308) It was discovered that HTMLDOC incorrectly handled memory in pspdf_export, which could lead to a double-free. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-23158) It was discovered that HTMLDOC incorrectly handled memory when loading a JPEG image, which could lead to a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. (CVE-2021-23191, CVE-2021-26948) It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to a stack buffer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-23206, CVE-2021-40985, CVE-2021-43579) It was discovered that HTMLDOC incorrectly handled memory in pdpdf_prepare_page and render_table_row, which could lead to a heap buffer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-26252, CVE-2021-26259) It was discovered that HTMLDOC incorrectly handled memory in parse_paragraph, which could lead to a heap buffer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-34119) It was discovered that HTMLDOC incorrectly handled memory in parse_tree. An attacker could potentially use this issue to leak sensitive information. (CVE-2021-34121) Update Instructions: Run `sudo pro fix USN-7189-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: htmldoc - 1.9.7-1ubuntu0.3+esm1 htmldoc-common - 1.9.7-1ubuntu0.3+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-20308 CVE-2021-23158 CVE-2021-23191 CVE-2021-23206 CVE-2021-26252 CVE-2021-26259 CVE-2021-26948 CVE-2021-34119 CVE-2021-34121 CVE-2021-40985 CVE-2021-43579 Ubuntu 20.04 LTS It was discovered that Tinyproxy did not properly manage memory during the parsing of HTTP connection headers. An attacker could use this issue to cause a DoS or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7190-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tinyproxy - 1.10.0-4ubuntu0.2 tinyproxy-bin - 1.10.0-4ubuntu0.2 No subscription required Medium CVE-2023-49606 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2025-0237, CVE-2025-0239, CVE-2025-0240, CVE-2025-0242, CVE-2025-0243, CVE-2025-0247) Irvan Kurniawan discovered that Firefox incorrectly handled memory when breaking lines in text, leading to a use-after-free vulnerability. An attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2025-0238) Nils Bars discovered that Firefox incorrectly handled memory when using JavaScript Text Segmentation. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-0241) Update Instructions: Run `sudo pro fix USN-7191-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 134.0+build1-0ubuntu0.20.04.1 firefox-dev - 134.0+build1-0ubuntu0.20.04.1 firefox-geckodriver - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-af - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-an - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ar - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-as - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ast - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-az - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-be - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-bg - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-bn - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-br - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-bs - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ca - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-cak - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-cs - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-csb - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-cy - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-da - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-de - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-el - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-en - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-eo - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-es - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-et - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-eu - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-fa - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-fi - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-fr - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-fy - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ga - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-gd - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-gl - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-gn - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-gu - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-he - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-hi - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-hr - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-hsb - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-hu - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-hy - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ia - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-id - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-is - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-it - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ja - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ka - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-kab - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-kk - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-km - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-kn - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ko - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ku - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-lg - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-lt - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-lv - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-mai - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-mk - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ml - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-mn - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-mr - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ms - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-my - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-nb - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ne - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-nl - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-nn - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-nso - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-oc - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-or - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-pa - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-pl - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-pt - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ro - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ru - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-si - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-sk - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-sl - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-sq - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-sr - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-sv - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-sw - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-szl - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ta - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-te - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-tg - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-th - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-tr - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-uk - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-ur - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-uz - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-vi - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-xh - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hans - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-zh-hant - 134.0+build1-0ubuntu0.20.04.1 firefox-locale-zu - 134.0+build1-0ubuntu0.20.04.1 firefox-mozsymbols - 134.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243 CVE-2025-0247 Ubuntu 20.04 LTS Masato Kinugawa discovered that Thunderbird did not properly validate the CSP policy in the Web Compatibility extension. An attacker could potentially exploit this issue to perform a cross-site scripting attack. Update Instructions: Run `sudo pro fix USN-7193-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: thunderbird - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-dev - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-gnome-support - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-af - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ar - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ast - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-be - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bg - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-bn-bd - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-br - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ca - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cak - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cs - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-cy - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-da - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-de - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-dsb - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-el - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-gb - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-en-us - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-ar - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-es-es - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-et - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-eu - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fa - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fi - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fr - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-fy-nl - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ga-ie - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gd - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-gl - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-he - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hr - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hsb - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hu - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-hy - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-id - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-is - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-it - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ja - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ka - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kab - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-kk - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ko - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lt - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-lv - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-mk - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ms - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nb-no - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nl - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-nn-no - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pa-in - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pl - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-br - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-pt-pt - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-rm - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ro - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ru - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-si - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sk - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sl - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sq - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sr - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-sv-se - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-ta-lk - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-th - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-tr - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uk - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-uz - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-vi - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-cn - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hans - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-hant - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-locale-zh-tw - 1:115.18.0+build1-0ubuntu0.20.04.1 thunderbird-mozsymbols - 1:115.18.0+build1-0ubuntu0.20.04.1 xul-ext-calendar-timezones - 1:115.18.0+build1-0ubuntu0.20.04.1 xul-ext-gdata-provider - 1:115.18.0+build1-0ubuntu0.20.04.1 xul-ext-lightning - 1:115.18.0+build1-0ubuntu0.20.04.1 No subscription required Medium CVE-2024-11694 Ubuntu 20.04 LTS Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6610) Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - ACPI drivers; - Android drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Null block device driver; - TPM device driver; - Character device driver; - Clock framework and drivers; - Buffer Sharing and Synchronization framework; - ARM SCMI message protocol; - EFI core; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - I3C subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - LED subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - Near Field Communication (NFC) drivers; - NTB driver; - Virtio pmem driver; - NVME drivers; - Device tree and open firmware driver; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - Thermal drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - Userspace I/O drivers; - USB Device Class drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - USB Type-C Port Controller Manager driver; - USB Type-C Connector System Software Interface driver; - USB over IP driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - 9P distributed file system; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - Proc file system; - SMB network file system; - Bitmap API; - Network file system (NFS) superblock; - Objagg library; - Perf events; - Virtio network driver; - Bluetooth subsystem; - KCM (Kernel Connection Multiplexor) sockets driver; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Control group (cgroup); - DMA mapping infrastructure; - Kernel thread helper (kthread); - Locking primitives; - Padata parallel execution mechanism; - RCU subsystem; - Arbitrary resource management; - Scheduler infrastructure; - Static call mechanism; - Tracing infrastructure; - Radix Tree data structure library; - Kernel userspace event delivery library; - Memory management; - Amateur Radio drivers; - Ethernet bridge; - CAN network layer; - Networking core; - Ethtool driver; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Netlink; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - AppArmor security module; - Landlock security; - SELinux security module; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - SoC audio core drivers; - USB sound devices; (CVE-2024-41091, CVE-2024-46800, CVE-2024-49924, CVE-2024-47659, CVE-2024-42295, CVE-2024-42284, CVE-2024-38577, CVE-2024-49902, CVE-2024-45011, CVE-2024-47673, CVE-2024-38538, CVE-2024-45008, CVE-2024-47667, CVE-2024-46832, CVE-2024-43879, CVE-2024-41059, CVE-2024-43853, CVE-2024-44940, CVE-2024-44947, CVE-2024-43828, CVE-2024-41090, CVE-2024-44944, CVE-2024-43834, CVE-2024-46777, CVE-2024-46689, CVE-2024-35965, CVE-2024-42276, CVE-2024-50264, CVE-2024-44965, CVE-2024-49977, CVE-2024-42079, CVE-2024-46744, CVE-2024-42299, CVE-2024-43909, CVE-2024-41098, CVE-2024-46731, CVE-2024-44946, CVE-2024-50024, CVE-2024-49858, CVE-2024-49892, CVE-2024-44989, CVE-2024-47663, CVE-2024-49983, CVE-2024-42286, CVE-2024-42310, CVE-2024-44974, CVE-2024-43892, CVE-2024-46840, CVE-2024-47695, CVE-2024-46780, CVE-2024-46757, CVE-2024-46707, CVE-2024-49894, CVE-2024-50007, CVE-2024-47705, CVE-2024-49890, CVE-2024-46815, CVE-2024-36968, CVE-2024-40915, CVE-2024-44995, CVE-2024-49871, CVE-2024-42265, CVE-2024-42283, CVE-2024-50000, CVE-2024-42309, CVE-2024-47748, CVE-2024-35967, CVE-2023-52904, CVE-2024-46745, CVE-2024-41016, CVE-2024-49868, CVE-2024-41011, CVE-2024-50186, CVE-2024-50033, CVE-2024-38545, CVE-2024-42267, CVE-2024-46852, CVE-2024-44987, CVE-2024-46783, CVE-2024-47671, CVE-2024-46721, CVE-2024-46853, CVE-2024-43914, CVE-2024-43907, CVE-2024-47734, CVE-2024-36484, CVE-2024-46781, CVE-2024-47693, CVE-2024-46791, CVE-2024-49913, CVE-2024-49900, CVE-2024-50191, CVE-2024-43860, CVE-2024-45018, CVE-2024-46854, CVE-2024-42246, CVE-2024-42156, CVE-2024-47660, CVE-2024-49878, CVE-2024-44982, CVE-2024-43867, CVE-2024-49938, CVE-2024-47737, CVE-2024-46743, CVE-2024-42292, CVE-2024-50181, CVE-2024-41020, CVE-2024-43863, CVE-2024-46817, CVE-2024-42281, CVE-2023-52621, CVE-2024-47749, CVE-2024-46804, CVE-2024-47747, CVE-2024-50045, CVE-2024-41065, CVE-2023-52434, CVE-2024-50095, CVE-2024-45025, CVE-2024-50179, CVE-2024-49946, CVE-2024-46782, CVE-2024-43839, CVE-2024-43904, CVE-2024-44958, CVE-2024-44934, CVE-2024-45006, CVE-2024-49969, CVE-2024-44986, CVE-2024-46752, CVE-2024-35966, CVE-2024-39463, CVE-2024-49883, CVE-2024-46805, CVE-2024-44935, CVE-2023-52532, CVE-2024-41071, CVE-2024-46807, CVE-2024-43846, CVE-2024-50015, CVE-2024-26661, CVE-2024-43841, CVE-2024-46819, CVE-2024-44931, CVE-2024-53057, CVE-2024-49982, CVE-2023-52757, CVE-2024-47735, CVE-2024-49866, CVE-2024-46763, CVE-2024-45021, CVE-2024-46814, CVE-2024-46673, CVE-2024-43873, CVE-2024-49997, CVE-2024-38602, CVE-2024-46795, CVE-2024-26822, CVE-2024-47670, CVE-2024-46755, CVE-2024-43902, CVE-2024-46859, CVE-2024-43883, CVE-2024-49966, CVE-2024-42305, CVE-2024-49959, CVE-2024-42280, CVE-2024-49965, CVE-2024-47674, CVE-2024-46723, CVE-2024-50031, CVE-2024-50184, CVE-2024-36893, CVE-2024-43875, CVE-2023-52918, CVE-2024-49867, CVE-2024-49981, CVE-2024-43861, CVE-2024-49895, CVE-2024-26669, CVE-2024-38544, CVE-2024-49973, CVE-2024-41015, CVE-2024-42296, CVE-2024-46722, CVE-2024-42158, CVE-2024-49881, CVE-2024-27072, CVE-2024-47739, CVE-2024-46828, CVE-2024-46724, CVE-2024-44999, CVE-2024-44971, CVE-2024-40973, CVE-2023-52572, CVE-2024-47709, CVE-2024-47742, CVE-2024-46818, CVE-2024-50035, CVE-2024-50188, CVE-2024-47679, CVE-2024-38667, CVE-2024-41078, CVE-2024-46844, CVE-2024-47672, CVE-2024-42306, CVE-2024-46758, CVE-2024-43869, CVE-2024-50062, CVE-2024-49875, CVE-2024-41017, CVE-2024-41077, CVE-2024-50038, CVE-2024-50013, CVE-2024-46746, CVE-2024-49962, CVE-2024-50049, CVE-2023-52751, CVE-2024-47684, CVE-2024-47701, CVE-2024-41070, CVE-2024-44942, CVE-2024-35904, CVE-2024-26607, CVE-2024-50019, CVE-2024-46714, CVE-2024-46738, CVE-2024-42312, CVE-2024-44948, CVE-2024-43890, CVE-2024-43893, CVE-2024-26800, CVE-2024-35963, CVE-2024-49884, CVE-2024-49930, CVE-2024-46829, CVE-2024-50046, CVE-2024-49985, CVE-2024-41022, CVE-2024-43894, CVE-2024-43830, CVE-2024-45009, CVE-2024-35951, CVE-2024-49889, CVE-2024-42301, CVE-2024-38632, CVE-2024-42114, CVE-2024-42290, CVE-2024-43858, CVE-2024-50002, CVE-2024-41060, CVE-2024-47696, CVE-2024-43870, CVE-2024-49948, CVE-2024-46759, CVE-2024-26947, CVE-2024-46713, CVE-2024-47740, CVE-2024-44960, CVE-2024-46756, CVE-2024-46737, CVE-2024-41068, CVE-2024-46677, CVE-2024-41063, CVE-2024-41019, CVE-2023-52917, CVE-2024-38611, CVE-2024-49852, CVE-2024-49863, CVE-2024-46739, CVE-2024-43908, CVE-2024-47697, CVE-2024-46810, CVE-2024-41072, CVE-2024-42302, CVE-2024-50003, CVE-2024-45026, CVE-2024-45028, CVE-2024-42259, CVE-2022-48666, CVE-2024-49995, CVE-2024-50093, CVE-2024-46865, CVE-2024-49886, CVE-2024-43889, CVE-2024-42285, CVE-2024-50006, CVE-2024-42271, CVE-2024-42274, CVE-2024-49957, CVE-2024-42289, CVE-2024-46719, CVE-2024-46858, CVE-2024-49958, CVE-2024-50041, CVE-2024-46675, CVE-2024-41064, CVE-2024-39472, CVE-2024-42287, CVE-2024-46822, CVE-2024-49877, CVE-2024-43849, CVE-2024-50040, CVE-2024-49879, CVE-2024-46798, CVE-2024-46855, CVE-2024-49944, CVE-2024-46676, CVE-2024-26893, CVE-2024-43835, CVE-2024-47665, CVE-2024-47669, CVE-2024-43882, CVE-2024-46740, CVE-2024-49851, CVE-2024-46849, CVE-2024-42311, CVE-2024-44985, CVE-2024-47757, CVE-2024-50001, CVE-2024-46750, CVE-2024-47706, CVE-2024-50039, CVE-2024-46702, CVE-2024-46725, CVE-2024-43817, CVE-2024-49907, CVE-2024-46695, CVE-2024-38553, CVE-2024-42272, CVE-2024-49882, CVE-2024-42269, CVE-2024-44954, CVE-2024-42318, CVE-2024-42297, CVE-2024-49975, CVE-2024-44988, CVE-2024-49963, CVE-2024-47692, CVE-2024-41042, CVE-2024-41081, CVE-2024-43854, CVE-2024-46771, CVE-2024-46732, CVE-2024-47712, CVE-2024-47699, CVE-2024-49927, CVE-2024-49860, CVE-2024-45003, CVE-2024-49954, CVE-2024-42304, CVE-2024-49933, CVE-2024-42277, CVE-2024-49955, CVE-2024-47710, CVE-2024-43905, CVE-2024-49903, CVE-2024-43856, CVE-2024-50180, CVE-2024-44966, CVE-2024-46685, CVE-2024-49935, CVE-2024-44990, CVE-2023-52889, CVE-2024-49896, CVE-2024-44969, CVE-2024-50189, CVE-2024-50008, CVE-2024-47720, CVE-2024-42313, CVE-2024-44983, CVE-2024-49949, CVE-2024-46761, CVE-2024-47690, CVE-2024-50059, CVE-2024-41073, CVE-2024-47723, CVE-2024-46747, CVE-2024-49952, CVE-2024-50096, CVE-2024-42288, CVE-2024-43871, CVE-2024-42126, CVE-2024-44998, CVE-2024-47685, CVE-2024-46679, CVE-2024-43884, CVE-2024-47668, CVE-2024-49936, CVE-2024-43829, CVE-2024-47756, CVE-2024-43880, CVE-2024-45007, CVE-2024-40910, CVE-2024-50044, CVE-2023-52639, CVE-2024-47698, CVE-2024-41012, CVE-2024-49856, CVE-2024-47713, CVE-2024-47718, CVE-2024-49967) Update Instructions: Run `sudo pro fix USN-7194-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1078 - 5.15.0-1078.87~20.04.1 linux-azure-5.15-headers-5.15.0-1078 - 5.15.0-1078.87~20.04.1 linux-azure-5.15-tools-5.15.0-1078 - 5.15.0-1078.87~20.04.1 linux-buildinfo-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-cloud-tools-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-headers-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-image-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-image-unsigned-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-modules-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-modules-extra-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-modules-involflt-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 linux-tools-5.15.0-1078-azure - 5.15.0-1078.87~20.04.1 No subscription required linux-azure - 5.15.0.1078.87~20.04.1 linux-azure-cvm - 5.15.0.1078.87~20.04.1 linux-azure-edge - 5.15.0.1078.87~20.04.1 linux-cloud-tools-azure - 5.15.0.1078.87~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1078.87~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1078.87~20.04.1 linux-headers-azure - 5.15.0.1078.87~20.04.1 linux-headers-azure-cvm - 5.15.0.1078.87~20.04.1 linux-headers-azure-edge - 5.15.0.1078.87~20.04.1 linux-image-azure - 5.15.0.1078.87~20.04.1 linux-image-azure-cvm - 5.15.0.1078.87~20.04.1 linux-image-azure-edge - 5.15.0.1078.87~20.04.1 linux-modules-extra-azure - 5.15.0.1078.87~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1078.87~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1078.87~20.04.1 linux-modules-involflt-azure - 5.15.0.1078.87~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1078.87~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1078.87~20.04.1 linux-tools-azure - 5.15.0.1078.87~20.04.1 linux-tools-azure-cvm - 5.15.0.1078.87~20.04.1 linux-tools-azure-edge - 5.15.0.1078.87~20.04.1 No subscription required High CVE-2020-12351 CVE-2020-12352 CVE-2020-24490 CVE-2022-48666 CVE-2023-52434 CVE-2023-52532 CVE-2023-52572 CVE-2023-52621 CVE-2023-52639 CVE-2023-52751 CVE-2023-52757 CVE-2023-52889 CVE-2023-52904 CVE-2023-52918 CVE-2023-6610 CVE-2024-25744 CVE-2024-26607 CVE-2024-26661 CVE-2024-26669 CVE-2024-26800 CVE-2024-26822 CVE-2024-26893 CVE-2024-26947 CVE-2024-27072 CVE-2024-35904 CVE-2024-35951 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-36484 CVE-2024-36893 CVE-2024-36968 CVE-2024-38538 CVE-2024-38544 CVE-2024-38545 CVE-2024-38553 CVE-2024-38577 CVE-2024-38602 CVE-2024-38611 CVE-2024-38632 CVE-2024-38667 CVE-2024-39463 CVE-2024-39472 CVE-2024-40910 CVE-2024-40915 CVE-2024-40973 CVE-2024-41011 CVE-2024-41012 CVE-2024-41015 CVE-2024-41016 CVE-2024-41017 CVE-2024-41019 CVE-2024-41020 CVE-2024-41022 CVE-2024-41042 CVE-2024-41059 CVE-2024-41060 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41073 CVE-2024-41077 CVE-2024-41078 CVE-2024-41081 CVE-2024-41090 CVE-2024-41091 CVE-2024-41098 CVE-2024-42079 CVE-2024-42114 CVE-2024-42126 CVE-2024-42156 CVE-2024-42158 CVE-2024-42246 CVE-2024-42259 CVE-2024-42265 CVE-2024-42267 CVE-2024-42269 CVE-2024-42271 CVE-2024-42272 CVE-2024-42274 CVE-2024-42276 CVE-2024-42277 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295 CVE-2024-42296 CVE-2024-42297 CVE-2024-42299 CVE-2024-42301 CVE-2024-42302 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313 CVE-2024-42318 CVE-2024-43817 CVE-2024-43828 CVE-2024-43829 CVE-2024-43830 CVE-2024-43834 CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846 CVE-2024-43849 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863 CVE-2024-43867 CVE-2024-43869 CVE-2024-43870 CVE-2024-43871 CVE-2024-43873 CVE-2024-43875 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884 CVE-2024-43889 CVE-2024-43890 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894 CVE-2024-43902 CVE-2024-43904 CVE-2024-43905 CVE-2024-43907 CVE-2024-43908 CVE-2024-43909 CVE-2024-43914 CVE-2024-44931 CVE-2024-44934 CVE-2024-44935 CVE-2024-44940 CVE-2024-44942 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948 CVE-2024-44954 CVE-2024-44958 CVE-2024-44960 CVE-2024-44965 CVE-2024-44966 CVE-2024-44969 CVE-2024-44971 CVE-2024-44974 CVE-2024-44982 CVE-2024-44983 CVE-2024-44985 CVE-2024-44986 CVE-2024-44987 CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006 CVE-2024-45007 CVE-2024-45008 CVE-2024-45009 CVE-2024-45011 CVE-2024-45018 CVE-2024-45021 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028 CVE-2024-46673 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46689 CVE-2024-46695 CVE-2024-46702 CVE-2024-46707 CVE-2024-46713 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46731 CVE-2024-46732 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46746 CVE-2024-46747 CVE-2024-46750 CVE-2024-46752 CVE-2024-46755 CVE-2024-46759 CVE-2024-46761 CVE-2024-46763 CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782 CVE-2024-46783 CVE-2024-46791 CVE-2024-46795 CVE-2024-46798 CVE-2024-46800 CVE-2024-46804 CVE-2024-46805 CVE-2024-46807 CVE-2024-46810 CVE-2024-46814 CVE-2024-46815 CVE-2024-46817 CVE-2024-46818 CVE-2024-46819 CVE-2024-46822 CVE-2024-46828 CVE-2024-46829 CVE-2024-46832 CVE-2024-46840 CVE-2024-46844 CVE-2024-46849 CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855 CVE-2024-46858 CVE-2024-46859 CVE-2024-46865 CVE-2024-47659 CVE-2024-47660 CVE-2024-47663 CVE-2024-47665 CVE-2024-47667 CVE-2024-47668 CVE-2024-47669 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47690 CVE-2024-47692 CVE-2024-47693 CVE-2024-47695 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47705 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47718 CVE-2024-47720 CVE-2024-47723 CVE-2024-47734 CVE-2024-47735 CVE-2024-47737 CVE-2024-47739 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47748 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49852 CVE-2024-49856 CVE-2024-49858 CVE-2024-49860 CVE-2024-49863 CVE-2024-49866 CVE-2024-49867 CVE-2024-49868 CVE-2024-49871 CVE-2024-49875 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49881 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49886 CVE-2024-49889 CVE-2024-49890 CVE-2024-49892 CVE-2024-49894 CVE-2024-49895 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49907 CVE-2024-49913 CVE-2024-49924 CVE-2024-49927 CVE-2024-49930 CVE-2024-49933 CVE-2024-49935 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49946 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49954 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49969 CVE-2024-49973 CVE-2024-49975 CVE-2024-49977 CVE-2024-49981 CVE-2024-49982 CVE-2024-49983 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002 CVE-2024-50003 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50013 CVE-2024-50015 CVE-2024-50019 CVE-2024-50024 CVE-2024-50031 CVE-2024-50033 CVE-2024-50035 CVE-2024-50038 CVE-2024-50039 CVE-2024-50040 CVE-2024-50041 CVE-2024-50044 CVE-2024-50045 CVE-2024-50046 CVE-2024-50049 CVE-2024-50059 CVE-2024-50062 CVE-2024-50093 CVE-2024-50095 CVE-2024-50096 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50186 CVE-2024-50188 CVE-2024-50189 CVE-2024-50191 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU drivers; - InfiniBand drivers; - Network drivers; - S/390 drivers; - SCSI subsystem; - TTY drivers; - BTRFS file system; - Ext4 file system; - EROFS file system; - F2FS file system; - File systems infrastructure; - BPF subsystem; - Socket messages infrastructure; - Bluetooth subsystem; - Memory management; - Amateur Radio drivers; - Ethernet bridge; - Networking core; - IPv4 networking; - Network traffic control; - Sun RPC protocol; - VMware vSockets driver; - SELinux security module; (CVE-2024-42240, CVE-2024-36938, CVE-2024-35967, CVE-2024-36953, CVE-2022-48938, CVE-2024-38553, CVE-2024-35904, CVE-2024-35965, CVE-2024-26947, CVE-2024-36968, CVE-2024-43892, CVE-2024-38597, CVE-2023-52498, CVE-2021-47501, CVE-2024-44942, CVE-2024-42077, CVE-2024-53057, CVE-2024-46724, CVE-2024-35963, CVE-2022-48943, CVE-2024-42068, CVE-2024-42156, CVE-2022-48733, CVE-2023-52639, CVE-2021-47101, CVE-2023-52821, CVE-2024-44940, CVE-2024-36952, CVE-2021-47001, CVE-2024-38538, CVE-2024-40910, CVE-2021-47076, CVE-2024-35966, CVE-2024-50264, CVE-2024-35951, CVE-2023-52488, CVE-2023-52497, CVE-2024-49967) Update Instructions: Run `sudo pro fix USN-7195-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1142 - 5.4.0-1142.149 linux-azure-headers-5.4.0-1142 - 5.4.0-1142.149 linux-azure-tools-5.4.0-1142 - 5.4.0-1142.149 linux-buildinfo-5.4.0-1142-azure - 5.4.0-1142.149 linux-cloud-tools-5.4.0-1142-azure - 5.4.0-1142.149 linux-headers-5.4.0-1142-azure - 5.4.0-1142.149 linux-image-5.4.0-1142-azure - 5.4.0-1142.149 linux-image-unsigned-5.4.0-1142-azure - 5.4.0-1142.149 linux-modules-5.4.0-1142-azure - 5.4.0-1142.149 linux-modules-extra-5.4.0-1142-azure - 5.4.0-1142.149 linux-tools-5.4.0-1142-azure - 5.4.0-1142.149 No subscription required linux-azure-lts-20.04 - 5.4.0.1142.136 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1142.136 linux-headers-azure-lts-20.04 - 5.4.0.1142.136 linux-image-azure-lts-20.04 - 5.4.0.1142.136 linux-modules-extra-azure-lts-20.04 - 5.4.0.1142.136 linux-tools-azure-lts-20.04 - 5.4.0.1142.136 No subscription required High CVE-2021-47001 CVE-2021-47076 CVE-2021-47101 CVE-2021-47501 CVE-2022-38096 CVE-2022-48733 CVE-2022-48938 CVE-2022-48943 CVE-2023-52488 CVE-2023-52497 CVE-2023-52498 CVE-2023-52639 CVE-2023-52821 CVE-2024-26947 CVE-2024-35904 CVE-2024-35951 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-36938 CVE-2024-36952 CVE-2024-36953 CVE-2024-36968 CVE-2024-38538 CVE-2024-38553 CVE-2024-38597 CVE-2024-40910 CVE-2024-42068 CVE-2024-42077 CVE-2024-42156 CVE-2024-42240 CVE-2024-43892 CVE-2024-44940 CVE-2024-44942 CVE-2024-46724 CVE-2024-50264 CVE-2024-53057 Ubuntu 20.04 LTS Guido Vranken discovered that Go Networking handled input to the Parse functions inefficiently. An attacker could possibly use this issue to cause denial of service. This update addresses the issue in the golang-golang-x-net and golang-golang-x-net-dev packages, as well as the library vendored within adsys and juju-core. Update Instructions: Run `sudo pro fix USN-7197-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: adsys - 0.9.2~20.04.2ubuntu0.1 adsys-windows - 0.9.2~20.04.2ubuntu0.1 No subscription required golang-go.net-dev - 1:0.0+git20190811.74dc4d7+dfsg-1ubuntu0.1~esm1 golang-golang-x-net-dev - 1:0.0+git20190811.74dc4d7+dfsg-1ubuntu0.1~esm1 No subscription required Medium CVE-2024-45338 Ubuntu 20.04 LTS Paolo Giai discovered a series of stack-based overflow vulnerabilities in the blit and gray_render_cubic functions of a custom fork of the rlottie library. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-31315, CVE-2021-31321) Paolo Giai discovered a series of type confusion vulnerabilities in the VDasher constructor and the LOTCompLayerItem::LOTCompLayerItem function of a custom fork of the rlottie library. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-31317, CVE-2021-31318) Paolo Giai discovered an integer overflow vulnerability in the LOTGradient::populate function of a custom fork of the rlottie library. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-31319) Paolo Giai discovered a series of heap buffer overflow vulnerabilities in the VGradientCache::generateGradientColorTable and LOTGradient::populate functions of a custom fork of the rlottie library. An attacker could possibly use this issue to achieve remote code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-31320, CVE-2021-31322) Update Instructions: Run `sudo pro fix USN-7198-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: librlottie-dev - 0~git20200305.a717479+dfsg-1ubuntu0.1~esm1 librlottie0-1 - 0~git20200305.a717479+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-31315 CVE-2021-31317 CVE-2021-31318 CVE-2021-31319 CVE-2021-31320 CVE-2021-31321 CVE-2021-31322 Ubuntu 20.04 LTS It was discovered that Expat, contained within the xmltok library, incorrectly handled malformed XML data. If a user or application were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2019-15903) It was discovered that Expat, contained within the xmltok library, incorrectly handled XML data containing a large number of colons, which could lead to excessive resource consumption. If a user or application were tricked into opening a crafted XML file, an attacker could possibly use this issue to cause a denial of service. (CVE-2018-20843) It was discovered that Expat, contained within the xmltok library, incorrectly handled certain input, which could lead to an integer overflow. If a user or application were tricked into opening a crafted XML file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827) Update Instructions: Run `sudo pro fix USN-7199-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxmltok1 - 1.2-4ubuntu0.20.04.1~esm4 libxmltok1-dev - 1.2-4ubuntu0.20.04.1~esm4 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2015-1283 CVE-2016-0718 CVE-2016-4472 CVE-2018-20843 CVE-2019-15903 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 Ubuntu 20.04 LTS Kevin Backhouse discovered that HPLIP incorrectly handled certain MDNS responses. A remote attacker could use this issue to cause HPLIP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7202-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hpijs-ppds - 3.20.3+dfsg0-2ubuntu0.1 hplip - 3.20.3+dfsg0-2ubuntu0.1 hplip-data - 3.20.3+dfsg0-2ubuntu0.1 hplip-doc - 3.20.3+dfsg0-2ubuntu0.1 hplip-gui - 3.20.3+dfsg0-2ubuntu0.1 libhpmud-dev - 3.20.3+dfsg0-2ubuntu0.1 libhpmud0 - 3.20.3+dfsg0-2ubuntu0.1 libsane-hpaio - 3.20.3+dfsg0-2ubuntu0.1 printer-driver-hpcups - 3.20.3+dfsg0-2ubuntu0.1 printer-driver-hpijs - 3.20.3+dfsg0-2ubuntu0.1 printer-driver-postscript-hp - 3.20.3+dfsg0-2ubuntu0.1 No subscription required Medium CVE-2020-6923 Ubuntu 20.04 LTS Wei Hao discovered that PowerDNS Authoritative Server incorrectly handled memory when accessing certain files. An attacker could possibly use this issue to achieve arbitrary code execution. (CVE-2018-1046) It was discovered that PowerDNS Authoritative Server and PowerDNS Recursor incorrectly handled memory when receiving certain remote input. An attacker could possibly use this issue to cause denial of service. (CVE-2018-10851) Kees Monshouwer discovered that PowerDNS Authoritative Server and PowerDNS Recursor incorrectly handled request validation after having cached malformed input. An attacker could possibly use this issue to cause denial of service. (CVE-2018-14626) Toshifumi Sakaguchi discovered that PowerDNS Recursor incorrectly handled requests after having cached malformed input. An attacker could possibly use this issue to cause denial of service. (CVE-2018-14644) Nathaniel Ferguson discovered that PowerDNS Authoritative Server incorrectly handled memory when receiving certain remote input. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-17482) Nicolas Dehaine and Dmitry Shabanov discovered that PowerDNS Authoritative Server and PowerDNS Recursor incorrectly handled IXFR requests in certain circumstances. An attacker could possibly use this issue to cause denial of service. (CVE-2022-27227) Update Instructions: Run `sudo pro fix USN-7203-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pdns-backend-bind - 4.2.1-1ubuntu0.1~esm1 pdns-backend-geoip - 4.2.1-1ubuntu0.1~esm1 pdns-backend-ldap - 4.2.1-1ubuntu0.1~esm1 pdns-backend-lua - 4.2.1-1ubuntu0.1~esm1 pdns-backend-mydns - 4.2.1-1ubuntu0.1~esm1 pdns-backend-mysql - 4.2.1-1ubuntu0.1~esm1 pdns-backend-odbc - 4.2.1-1ubuntu0.1~esm1 pdns-backend-pgsql - 4.2.1-1ubuntu0.1~esm1 pdns-backend-pipe - 4.2.1-1ubuntu0.1~esm1 pdns-backend-remote - 4.2.1-1ubuntu0.1~esm1 pdns-backend-sqlite3 - 4.2.1-1ubuntu0.1~esm1 pdns-backend-tinydns - 4.2.1-1ubuntu0.1~esm1 pdns-ixfrdist - 4.2.1-1ubuntu0.1~esm1 pdns-recursor - 4.2.1-1ubuntu0.1~esm1 pdns-server - 4.2.1-1ubuntu0.1~esm1 pdns-tools - 4.2.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-1046 CVE-2018-10851 CVE-2018-14626 CVE-2018-14644 CVE-2020-17482 CVE-2022-27227 Ubuntu 20.04 LTS Jeriko One discovered that NeoMutt incorrectly handled certain IMAP and POP3 responses. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in a denial of service, or the execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362) Jeriko One discovered that NeoMutt incorrectly handled certain NNTP-related operations. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in denial of service, or the execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-14360, CVE-2018-14361, CVE-2018-14363) It was discovered that NeoMutt incorrectly processed additional data when communicating with mail servers. An attacker could possibly use this issue to access senstive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14954, CVE-2020-28896) It was discovered that Neomutt incorrectly handled the IMAP QRSync setting. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32055) Tavis Ormandy discovered that NeoMutt incorrectly parsed uuencoded text past the length of the string. An attacker could possibly use this issue to enable the execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1328) It was discovered that NeoMutt did not properly encrypt email headers. An attacker could possibly use this issue to receive emails that were not intended for them and access sensitive information. This vulnerability was only fixed in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-49393, CVE-2024-49394) Update Instructions: Run `sudo pro fix USN-7204-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: neomutt - 20191207+dfsg.1-1.1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-14349 CVE-2018-14350 CVE-2018-14351 CVE-2018-14352 CVE-2018-14353 CVE-2018-14354 CVE-2018-14355 CVE-2018-14356 CVE-2018-14357 CVE-2018-14358 CVE-2018-14359 CVE-2018-14360 CVE-2018-14361 CVE-2018-14362 CVE-2018-14363 CVE-2020-14954 CVE-2020-28896 CVE-2021-32055 CVE-2022-1328 CVE-2024-49393 CVE-2024-49394 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain IPv6 strings. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-7205-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.27 python3-django - 2:2.2.12-1ubuntu0.27 No subscription required Medium CVE-2024-56374 Ubuntu 20.04 LTS Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. (CVE-2024-12084) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with uninitialized memory. An attacker could exploit this issue to leak sensitive information. (CVE-2024-12085) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync incorrectly handled file checksums. A malicious server could use this to expose arbitrary client files. (CVE-2024-12086) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync mishandled symlinks for some settings. An attacker could exploit this to write files outside the intended directory. (CVE-2024-12087) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync failed to verify symbolic link destinations for some settings. An attacker could exploit this for path traversal attacks. (CVE-2024-12088) Aleksei Gorban discovered a race condition in rsync's handling of symbolic links. An attacker could use this to access sensitive information or escalate privileges. (CVE-2024-12747) Update Instructions: Run `sudo pro fix USN-7206-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.8 No subscription required High CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087 CVE-2024-12088 CVE-2024-12747 Ubuntu 20.04 LTS USN-7206-1 fixed vulnerabilities in rsync. The update introduced a regression in rsync. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. (CVE-2024-12084) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with uninitialized memory. An attacker could exploit this issue to leak sensitive information. (CVE-2024-12085) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync incorrectly handled file checksums. A malicious server could use this to expose arbitrary client files. (CVE-2024-12086) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync mishandled symlinks for some settings. An attacker could exploit this to write files outside the intended directory. (CVE-2024-12087) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync failed to verify symbolic link destinations for some settings. An attacker could exploit this for path traversal attacks. (CVE-2024-12088) Aleksei Gorban discovered a race condition in rsync's handling of symbolic links. An attacker could use this to access sensitive information or escalate privileges. (CVE-2024-12747) Update Instructions: Run `sudo pro fix USN-7206-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.1.3-8ubuntu0.9 No subscription required None https://launchpad.net/bugs/2095004 Ubuntu 20.04 LTS USN-7207-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain URLs when asking for credentials. An attacker could possibly use this issue to mislead the user into typing passwords for trusted sites that would then be sent to untrusted sites instead. (CVE-2024-50349) It was discovered that git incorrectly handled line endings when using credential helpers. (CVE-2024-52006) Update Instructions: Run `sudo pro fix USN-7207-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git - 1:2.25.1-1ubuntu3.14 git-all - 1:2.25.1-1ubuntu3.14 git-cvs - 1:2.25.1-1ubuntu3.14 git-daemon-run - 1:2.25.1-1ubuntu3.14 git-daemon-sysvinit - 1:2.25.1-1ubuntu3.14 git-doc - 1:2.25.1-1ubuntu3.14 git-el - 1:2.25.1-1ubuntu3.14 git-email - 1:2.25.1-1ubuntu3.14 git-gui - 1:2.25.1-1ubuntu3.14 git-man - 1:2.25.1-1ubuntu3.14 git-mediawiki - 1:2.25.1-1ubuntu3.14 git-svn - 1:2.25.1-1ubuntu3.14 gitk - 1:2.25.1-1ubuntu3.14 gitweb - 1:2.25.1-1ubuntu3.14 No subscription required Medium CVE-2024-50349 CVE-2024-52006 Ubuntu 20.04 LTS Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this to generate and execute arbitrary bytecode. Update Instructions: Run `sudo pro fix USN-7208-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libbcel-java - 6.4.1-1ubuntu0.1~esm1 libbcel-java-doc - 6.4.1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-42920 Ubuntu 20.04 LTS Jacob Boerema discovered that the GIMP DDS Plugin incorrectly processed DDS files due to a memory issue. An attacker could exploit this through a specifically crafted DDS file to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7209-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gimp-dds - 3.0.1-1+deb10u1build0.20.04.1 No subscription required Medium CVE-2023-44441 Ubuntu 20.04 LTS Mike Salvatore discovered that Audacity incorrectly handled default permissions of temporary files created by the application. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-7211-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: audacity - 2.3.3-1ubuntu0.1~esm1 audacity-data - 2.3.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-11867 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-45061) It was discovered that Python incorrectly handled certain crafted ZIP files. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2024-0450) Update Instructions: Run `sudo pro fix USN-7212-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.7+esm4 libpython2.7 - 2.7.18-1~20.04.7+esm4 libpython2.7-dev - 2.7.18-1~20.04.7+esm4 libpython2.7-minimal - 2.7.18-1~20.04.7+esm4 libpython2.7-stdlib - 2.7.18-1~20.04.7+esm4 libpython2.7-testsuite - 2.7.18-1~20.04.7+esm4 python2.7 - 2.7.18-1~20.04.7+esm4 python2.7-dev - 2.7.18-1~20.04.7+esm4 python2.7-doc - 2.7.18-1~20.04.7+esm4 python2.7-examples - 2.7.18-1~20.04.7+esm4 python2.7-minimal - 2.7.18-1~20.04.7+esm4 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-9674 CVE-2022-45061 CVE-2024-0450 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause denial of service or obtain sensitive information. Update Instructions: Run `sudo pro fix USN-7213-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.5 libpoppler-cpp-dev - 0.86.1-0ubuntu1.5 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.5 libpoppler-dev - 0.86.1-0ubuntu1.5 libpoppler-glib-dev - 0.86.1-0ubuntu1.5 libpoppler-glib-doc - 0.86.1-0ubuntu1.5 libpoppler-glib8 - 0.86.1-0ubuntu1.5 libpoppler-private-dev - 0.86.1-0ubuntu1.5 libpoppler-qt5-1 - 0.86.1-0ubuntu1.5 libpoppler-qt5-dev - 0.86.1-0ubuntu1.5 libpoppler97 - 0.86.1-0ubuntu1.5 poppler-utils - 0.86.1-0ubuntu1.5 No subscription required Medium CVE-2024-56378 Ubuntu 20.04 LTS It was discovered that the PoDoFo library could dereference a NULL pointer when getting the number of pages in a PDF. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2018-11255) It was discovered that PoDoFo library incorrectly handled memory when computing an encryption key, which could lead to a buffer overflow. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service. (CVE-2018-12983) It was discovered that the PoDoFo library incorrectly handled memory allocation. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2018-20797) It was discovered that the PoDoFo library did not properly validate memcpy arguments. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-5308) It was discovered that the PoDoFo library incorrectly handled memory in the GetNextToken function, which could lead to a buffer overflow. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-5886) It was discovered that the PoDoFo library could enter an infinite loop, which could lead to a stack overflow. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2018-8002, CVE-2020-18971, CVE-2021-30471, CVE-2021-30470) It was discovered that the PoDoFo library incorrectly handled memory allocation due to nInitialSize not being validated. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-10723) Update Instructions: Run `sudo pro fix USN-7217-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpodofo-dev - 0.9.6+dfsg-5ubuntu0.1~esm1 libpodofo-utils - 0.9.6+dfsg-5ubuntu0.1~esm1 libpodofo0.9.6 - 0.9.6+dfsg-5ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2017-5886 CVE-2018-11255 CVE-2018-12983 CVE-2018-20797 CVE-2018-5308 CVE-2018-8002 CVE-2019-10723 CVE-2020-18971 CVE-2021-30470 CVE-2021-30471 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. Update Instructions: Run `sudo pro fix USN-7218-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.14 libpython3.8 - 3.8.10-0ubuntu1~20.04.14 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.14 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.14 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.14 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.14 python3.8 - 3.8.10-0ubuntu1~20.04.14 python3.8-dev - 3.8.10-0ubuntu1~20.04.14 python3.8-doc - 3.8.10-0ubuntu1~20.04.14 python3.8-examples - 3.8.10-0ubuntu1~20.04.14 python3.8-full - 3.8.10-0ubuntu1~20.04.14 python3.8-minimal - 3.8.10-0ubuntu1~20.04.14 python3.8-venv - 3.8.10-0ubuntu1~20.04.14 No subscription required Medium CVE-2024-11168 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when closing buffers with the visual mode active. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7220-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.30 vim-athena - 2:8.1.2269-1ubuntu5.30 vim-common - 2:8.1.2269-1ubuntu5.30 vim-doc - 2:8.1.2269-1ubuntu5.30 vim-gtk - 2:8.1.2269-1ubuntu5.30 vim-gtk3 - 2:8.1.2269-1ubuntu5.30 vim-gui-common - 2:8.1.2269-1ubuntu5.30 vim-nox - 2:8.1.2269-1ubuntu5.30 vim-runtime - 2:8.1.2269-1ubuntu5.30 vim-tiny - 2:8.1.2269-1ubuntu5.30 xxd - 2:8.1.2269-1ubuntu5.30 No subscription required Medium CVE-2025-22134 Ubuntu 20.04 LTS Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7222-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bluetooth - 5.53-0ubuntu3.9 bluez - 5.53-0ubuntu3.9 bluez-cups - 5.53-0ubuntu3.9 bluez-hcidump - 5.53-0ubuntu3.9 bluez-obexd - 5.53-0ubuntu3.9 bluez-tests - 5.53-0ubuntu3.9 libbluetooth-dev - 5.53-0ubuntu3.9 libbluetooth3 - 5.53-0ubuntu3.9 No subscription required Medium CVE-2023-50229 CVE-2023-50230 Ubuntu 20.04 LTS Frank Zeng discovered that OpenJPEG incorrectly handled memory when using the decompression utility. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-56826, CVE-2024-56827) Update Instructions: Run `sudo pro fix USN-7223-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libopenjp2-7 - 2.3.1-1ubuntu4.20.04.4 libopenjp2-7-dev - 2.3.1-1ubuntu4.20.04.4 libopenjp2-tools - 2.3.1-1ubuntu4.20.04.4 libopenjp3d-tools - 2.3.1-1ubuntu4.20.04.4 libopenjp3d7 - 2.3.1-1ubuntu4.20.04.4 libopenjpip-dec-server - 2.3.1-1ubuntu4.20.04.4 libopenjpip-server - 2.3.1-1ubuntu4.20.04.4 libopenjpip-viewer - 2.3.1-1ubuntu4.20.04.4 libopenjpip7 - 2.3.1-1ubuntu4.20.04.4 No subscription required Medium CVE-2024-56826 CVE-2024-56827 Ubuntu 20.04 LTS It was discovered that non-authentication-related HTTP requests could be interpreted in an authentication context by a Cyrus IMAP Server when multiple requests arrived over the same connection. An unauthenticated attacker could possibly use this issue to perform a privilege escalation attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-18928) Matthew Horsfall discovered that Cyrus IMAP Server utilized a poor string hashing algorithm that could be abused to control where data was being stored. An attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-33582) Damian Poddebniak discovered that Cyrus IMAP Server could interpret specially crafted commands to exploit a memory issue. An authenticated attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-34055) Update Instructions: Run `sudo pro fix USN-7224-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cyrus-admin - 3.0.13-5ubuntu0.1~esm1 cyrus-caldav - 3.0.13-5ubuntu0.1~esm1 cyrus-clients - 3.0.13-5ubuntu0.1~esm1 cyrus-common - 3.0.13-5ubuntu0.1~esm1 cyrus-dev - 3.0.13-5ubuntu0.1~esm1 cyrus-doc - 3.0.13-5ubuntu0.1~esm1 cyrus-imapd - 3.0.13-5ubuntu0.1~esm1 cyrus-murder - 3.0.13-5ubuntu0.1~esm1 cyrus-nntpd - 3.0.13-5ubuntu0.1~esm1 cyrus-pop3d - 3.0.13-5ubuntu0.1~esm1 cyrus-replication - 3.0.13-5ubuntu0.1~esm1 libcyrus-imap-perl - 3.0.13-5ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2019-18928 CVE-2021-33582 CVE-2024-34055 Ubuntu 20.04 LTS It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0137, CVE-2022-24191, CVE-2022-34033, CVE-2022-34035) It was discovered that HTMLDOC incorrectly handled memory in the gif_get_code function, which could lead to a segmentation fault. If a user or application were tricked into opening a crafted GIF file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0534) It was discovered that HTMLDOC did not perform proper bounds checks on image dimensions when loading JPEG images, which could lead to a buffer overflow. If a user or application were tricked into opening a crafted JPEG image, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27114) It was discovered that HTMLDOC incorrectly handled memory in the pdf_write_names function, which could lead to a heap buffer overflow. If a user or application were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or leak sensitive information. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-28085) It was discovered that HTMLDOC could be made to write out of bounds when attempting to strip whitespace. An attacker could use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-45508) It was discovered that HTMLDOC incorrectly handled memory in the parse_pre function, which could lead to a heap buffer overflow. If a user or application were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-46478) Update Instructions: Run `sudo pro fix USN-7225-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: htmldoc - 1.9.7-1ubuntu0.3+esm2 htmldoc-common - 1.9.7-1ubuntu0.3+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-0137 CVE-2022-0534 CVE-2022-24191 CVE-2022-27114 CVE-2022-28085 CVE-2022-34033 CVE-2022-34035 CVE-2024-45508 CVE-2024-46478 Ubuntu 20.04 LTS It was discovered that Cacti did not properly sanitize the 'poller_id' parameter in the "remote_agent.php" file. A remote attacker could possibly use this issue to achieve remote code execution. Update Instructions: Run `sudo pro fix USN-7226-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cacti - 1.2.10+ds1-1ubuntu1.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-46169 Ubuntu 20.04 LTS It was discovered that PCL incorrectly handled certain malformed files. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly exploit this to cause a denial of service. Update Instructions: Run `sudo pro fix USN-7227-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpcl-apps1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-common1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-dev - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-doc - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-features1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-filters1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-io1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-kdtree1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-keypoints1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-ml1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-octree1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-outofcore1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-people1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-recognition1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-registration1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-sample-consensus1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-search1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-segmentation1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-stereo1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-surface1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-tracking1.10 - 1.10.0+dfsg-5ubuntu1+esm2 libpcl-visualization1.10 - 1.10.0+dfsg-5ubuntu1+esm2 pcl-tools - 1.10.0+dfsg-5ubuntu1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-53432 Ubuntu 20.04 LTS Thomas Rinsma discovered that LibreOffice incorrectly handled paths when processing embedded font files. If a user or automated system were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this issue to create arbitrary files ending with ".ttf". (CVE-2024-12425) Thomas Rinsma discovered that LibreOffice incorrectly handled certain environment variables and INI file values. If a user or automated system were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this issue to exfiltrate sensitive information. (CVE-2024-12426) Update Instructions: Run `sudo pro fix USN-7228-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.13 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.13 No subscription required gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.13 libjuh-java - 1:6.4.7-0ubuntu0.20.04.13 libjurt-java - 1:6.4.7-0ubuntu0.20.04.13 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.13 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.13 libreoffice - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.13 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.13 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.13 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.13 libridl-java - 1:6.4.7-0ubuntu0.20.04.13 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.13 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.13 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.13 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.13 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.13 libunoil-java - 1:6.4.7-0ubuntu0.20.04.13 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.13 python3-access2base - 1:6.4.7-0ubuntu0.20.04.13 python3-uno - 1:6.4.7-0ubuntu0.20.04.13 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.13 ure - 1:6.4.7-0ubuntu0.20.04.13 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.13 No subscription required Medium CVE-2024-12425 CVE-2024-12426 Ubuntu 20.04 LTS Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2024-44070) It was discovered that FRR re-validated all routes in certain instances when the internal socket's buffer size overflowed. A remote attacker could possibly use this issue to impact the performance of FRR, resulting in a denial of service. (CVE-2024-55553) Update Instructions: Run `sudo pro fix USN-7230-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: frr - 7.2.1-1ubuntu0.2+esm3 frr-doc - 7.2.1-1ubuntu0.2+esm3 frr-pythontools - 7.2.1-1ubuntu0.2+esm3 frr-rpki-rtrlib - 7.2.1-1ubuntu0.2+esm3 frr-snmp - 7.2.1-1ubuntu0.2+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-44070 CVE-2024-55553 Ubuntu 20.04 LTS It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-27783) It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789) It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. An attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-4256, CVE-2023-43279) Update Instructions: Run `sudo pro fix USN-7231-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: tcpreplay - 4.3.2-1ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-27783 CVE-2023-27784 CVE-2023-27785 CVE-2023-27786 CVE-2023-27787 CVE-2023-27788 CVE-2023-27789 CVE-2023-4256 CVE-2023-43279 Ubuntu 20.04 LTS Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53141, CVE-2024-53103, CVE-2024-40967, CVE-2024-53164) Update Instructions: Run `sudo pro fix USN-7234-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1085-ibm - 5.4.0-1085.90 linux-headers-5.4.0-1085-ibm - 5.4.0-1085.90 linux-ibm-cloud-tools-common - 5.4.0-1085.90 linux-ibm-headers-5.4.0-1085 - 5.4.0-1085.90 linux-ibm-source-5.4.0 - 5.4.0-1085.90 linux-ibm-tools-5.4.0-1085 - 5.4.0-1085.90 linux-ibm-tools-common - 5.4.0-1085.90 linux-image-5.4.0-1085-ibm - 5.4.0-1085.90 linux-image-unsigned-5.4.0-1085-ibm - 5.4.0-1085.90 linux-modules-5.4.0-1085-ibm - 5.4.0-1085.90 linux-modules-extra-5.4.0-1085-ibm - 5.4.0-1085.90 linux-tools-5.4.0-1085-ibm - 5.4.0-1085.90 No subscription required linux-bluefield-headers-5.4.0-1098 - 5.4.0-1098.105 linux-bluefield-tools-5.4.0-1098 - 5.4.0-1098.105 linux-buildinfo-5.4.0-1098-bluefield - 5.4.0-1098.105 linux-headers-5.4.0-1098-bluefield - 5.4.0-1098.105 linux-image-5.4.0-1098-bluefield - 5.4.0-1098.105 linux-image-unsigned-5.4.0-1098-bluefield - 5.4.0-1098.105 linux-modules-5.4.0-1098-bluefield - 5.4.0-1098.105 linux-tools-5.4.0-1098-bluefield - 5.4.0-1098.105 No subscription required linux-buildinfo-5.4.0-1122-raspi - 5.4.0-1122.134 linux-headers-5.4.0-1122-raspi - 5.4.0-1122.134 linux-image-5.4.0-1122-raspi - 5.4.0-1122.134 linux-modules-5.4.0-1122-raspi - 5.4.0-1122.134 linux-raspi-headers-5.4.0-1122 - 5.4.0-1122.134 linux-raspi-tools-5.4.0-1122 - 5.4.0-1122.134 linux-tools-5.4.0-1122-raspi - 5.4.0-1122.134 No subscription required linux-buildinfo-5.4.0-1126-kvm - 5.4.0-1126.134 linux-headers-5.4.0-1126-kvm - 5.4.0-1126.134 linux-image-5.4.0-1126-kvm - 5.4.0-1126.134 linux-image-unsigned-5.4.0-1126-kvm - 5.4.0-1126.134 linux-kvm-headers-5.4.0-1126 - 5.4.0-1126.134 linux-kvm-tools-5.4.0-1126 - 5.4.0-1126.134 linux-modules-5.4.0-1126-kvm - 5.4.0-1126.134 linux-tools-5.4.0-1126-kvm - 5.4.0-1126.134 No subscription required linux-buildinfo-5.4.0-1137-oracle - 5.4.0-1137.146 linux-headers-5.4.0-1137-oracle - 5.4.0-1137.146 linux-image-5.4.0-1137-oracle - 5.4.0-1137.146 linux-image-unsigned-5.4.0-1137-oracle - 5.4.0-1137.146 linux-modules-5.4.0-1137-oracle - 5.4.0-1137.146 linux-modules-extra-5.4.0-1137-oracle - 5.4.0-1137.146 linux-oracle-headers-5.4.0-1137 - 5.4.0-1137.146 linux-oracle-tools-5.4.0-1137 - 5.4.0-1137.146 linux-tools-5.4.0-1137-oracle - 5.4.0-1137.146 No subscription required linux-buildinfo-5.4.0-1142-gcp - 5.4.0-1142.151 linux-gcp-headers-5.4.0-1142 - 5.4.0-1142.151 linux-gcp-tools-5.4.0-1142 - 5.4.0-1142.151 linux-headers-5.4.0-1142-gcp - 5.4.0-1142.151 linux-image-5.4.0-1142-gcp - 5.4.0-1142.151 linux-image-unsigned-5.4.0-1142-gcp - 5.4.0-1142.151 linux-modules-5.4.0-1142-gcp - 5.4.0-1142.151 linux-modules-extra-5.4.0-1142-gcp - 5.4.0-1142.151 linux-tools-5.4.0-1142-gcp - 5.4.0-1142.151 No subscription required linux-buildinfo-5.4.0-205-generic - 5.4.0-205.225 linux-buildinfo-5.4.0-205-generic-lpae - 5.4.0-205.225 linux-buildinfo-5.4.0-205-lowlatency - 5.4.0-205.225 linux-cloud-tools-5.4.0-205 - 5.4.0-205.225 linux-cloud-tools-5.4.0-205-generic - 5.4.0-205.225 linux-cloud-tools-5.4.0-205-lowlatency - 5.4.0-205.225 linux-cloud-tools-common - 5.4.0-205.225 linux-doc - 5.4.0-205.225 linux-headers-5.4.0-205 - 5.4.0-205.225 linux-headers-5.4.0-205-generic - 5.4.0-205.225 linux-headers-5.4.0-205-generic-lpae - 5.4.0-205.225 linux-headers-5.4.0-205-lowlatency - 5.4.0-205.225 linux-image-5.4.0-205-generic - 5.4.0-205.225 linux-image-5.4.0-205-generic-lpae - 5.4.0-205.225 linux-image-5.4.0-205-lowlatency - 5.4.0-205.225 linux-image-unsigned-5.4.0-205-generic - 5.4.0-205.225 linux-image-unsigned-5.4.0-205-lowlatency - 5.4.0-205.225 linux-libc-dev - 5.4.0-205.225 linux-modules-5.4.0-205-generic - 5.4.0-205.225 linux-modules-5.4.0-205-generic-lpae - 5.4.0-205.225 linux-modules-5.4.0-205-lowlatency - 5.4.0-205.225 linux-modules-extra-5.4.0-205-generic - 5.4.0-205.225 linux-source-5.4.0 - 5.4.0-205.225 linux-tools-5.4.0-205 - 5.4.0-205.225 linux-tools-5.4.0-205-generic - 5.4.0-205.225 linux-tools-5.4.0-205-generic-lpae - 5.4.0-205.225 linux-tools-5.4.0-205-lowlatency - 5.4.0-205.225 linux-tools-common - 5.4.0-205.225 linux-tools-host - 5.4.0-205.225 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1085.114 linux-ibm-lts-20.04 - 5.4.0.1085.114 linux-image-ibm-lts-20.04 - 5.4.0.1085.114 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1085.114 linux-tools-ibm-lts-20.04 - 5.4.0.1085.114 No subscription required linux-bluefield - 5.4.0.1098.94 linux-headers-bluefield - 5.4.0.1098.94 linux-image-bluefield - 5.4.0.1098.94 linux-tools-bluefield - 5.4.0.1098.94 No subscription required linux-headers-raspi - 5.4.0.1122.152 linux-headers-raspi-hwe-18.04 - 5.4.0.1122.152 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1122.152 linux-headers-raspi2 - 5.4.0.1122.152 linux-headers-raspi2-hwe-18.04 - 5.4.0.1122.152 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1122.152 linux-image-raspi - 5.4.0.1122.152 linux-image-raspi-hwe-18.04 - 5.4.0.1122.152 linux-image-raspi-hwe-18.04-edge - 5.4.0.1122.152 linux-image-raspi2 - 5.4.0.1122.152 linux-image-raspi2-hwe-18.04 - 5.4.0.1122.152 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1122.152 linux-raspi - 5.4.0.1122.152 linux-raspi-hwe-18.04 - 5.4.0.1122.152 linux-raspi-hwe-18.04-edge - 5.4.0.1122.152 linux-raspi2 - 5.4.0.1122.152 linux-raspi2-hwe-18.04 - 5.4.0.1122.152 linux-raspi2-hwe-18.04-edge - 5.4.0.1122.152 linux-tools-raspi - 5.4.0.1122.152 linux-tools-raspi-hwe-18.04 - 5.4.0.1122.152 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1122.152 linux-tools-raspi2 - 5.4.0.1122.152 linux-tools-raspi2-hwe-18.04 - 5.4.0.1122.152 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1122.152 No subscription required linux-headers-kvm - 5.4.0.1126.122 linux-image-kvm - 5.4.0.1126.122 linux-kvm - 5.4.0.1126.122 linux-tools-kvm - 5.4.0.1126.122 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1137.130 linux-image-oracle-lts-20.04 - 5.4.0.1137.130 linux-oracle-lts-20.04 - 5.4.0.1137.130 linux-tools-oracle-lts-20.04 - 5.4.0.1137.130 No subscription required linux-gcp-lts-20.04 - 5.4.0.1142.144 linux-headers-gcp-lts-20.04 - 5.4.0.1142.144 linux-image-gcp-lts-20.04 - 5.4.0.1142.144 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1142.144 linux-tools-gcp-lts-20.04 - 5.4.0.1142.144 No subscription required linux-cloud-tools-generic - 5.4.0.205.201 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.205.201 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.205.201 linux-cloud-tools-lowlatency - 5.4.0.205.201 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.205.201 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.205.201 linux-cloud-tools-virtual - 5.4.0.205.201 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.205.201 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.205.201 linux-crashdump - 5.4.0.205.201 linux-generic - 5.4.0.205.201 linux-generic-hwe-18.04 - 5.4.0.205.201 linux-generic-hwe-18.04-edge - 5.4.0.205.201 linux-generic-lpae - 5.4.0.205.201 linux-generic-lpae-hwe-18.04 - 5.4.0.205.201 linux-generic-lpae-hwe-18.04-edge - 5.4.0.205.201 linux-headers-generic - 5.4.0.205.201 linux-headers-generic-hwe-18.04 - 5.4.0.205.201 linux-headers-generic-hwe-18.04-edge - 5.4.0.205.201 linux-headers-generic-lpae - 5.4.0.205.201 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.205.201 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.205.201 linux-headers-lowlatency - 5.4.0.205.201 linux-headers-lowlatency-hwe-18.04 - 5.4.0.205.201 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.205.201 linux-headers-oem - 5.4.0.205.201 linux-headers-oem-osp1 - 5.4.0.205.201 linux-headers-virtual - 5.4.0.205.201 linux-headers-virtual-hwe-18.04 - 5.4.0.205.201 linux-headers-virtual-hwe-18.04-edge - 5.4.0.205.201 linux-image-extra-virtual - 5.4.0.205.201 linux-image-extra-virtual-hwe-18.04 - 5.4.0.205.201 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.205.201 linux-image-generic - 5.4.0.205.201 linux-image-generic-hwe-18.04 - 5.4.0.205.201 linux-image-generic-hwe-18.04-edge - 5.4.0.205.201 linux-image-generic-lpae - 5.4.0.205.201 linux-image-generic-lpae-hwe-18.04 - 5.4.0.205.201 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.205.201 linux-image-lowlatency - 5.4.0.205.201 linux-image-lowlatency-hwe-18.04 - 5.4.0.205.201 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.205.201 linux-image-oem - 5.4.0.205.201 linux-image-oem-osp1 - 5.4.0.205.201 linux-image-virtual - 5.4.0.205.201 linux-image-virtual-hwe-18.04 - 5.4.0.205.201 linux-image-virtual-hwe-18.04-edge - 5.4.0.205.201 linux-lowlatency - 5.4.0.205.201 linux-lowlatency-hwe-18.04 - 5.4.0.205.201 linux-lowlatency-hwe-18.04-edge - 5.4.0.205.201 linux-oem - 5.4.0.205.201 linux-oem-osp1 - 5.4.0.205.201 linux-oem-osp1-tools-host - 5.4.0.205.201 linux-oem-tools-host - 5.4.0.205.201 linux-source - 5.4.0.205.201 linux-tools-generic - 5.4.0.205.201 linux-tools-generic-hwe-18.04 - 5.4.0.205.201 linux-tools-generic-hwe-18.04-edge - 5.4.0.205.201 linux-tools-generic-lpae - 5.4.0.205.201 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.205.201 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.205.201 linux-tools-lowlatency - 5.4.0.205.201 linux-tools-lowlatency-hwe-18.04 - 5.4.0.205.201 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.205.201 linux-tools-oem - 5.4.0.205.201 linux-tools-oem-osp1 - 5.4.0.205.201 linux-tools-virtual - 5.4.0.205.201 linux-tools-virtual-hwe-18.04 - 5.4.0.205.201 linux-tools-virtual-hwe-18.04-edge - 5.4.0.205.201 linux-virtual - 5.4.0.205.201 linux-virtual-hwe-18.04 - 5.4.0.205.201 linux-virtual-hwe-18.04-edge - 5.4.0.205.201 No subscription required High CVE-2023-21400 CVE-2024-40967 CVE-2024-53103 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53141, CVE-2024-53103, CVE-2024-40967, CVE-2024-53164) Update Instructions: Run `sudo pro fix USN-7234-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1143 - 5.4.0-1143.150 linux-azure-headers-5.4.0-1143 - 5.4.0-1143.150 linux-azure-tools-5.4.0-1143 - 5.4.0-1143.150 linux-buildinfo-5.4.0-1143-azure - 5.4.0-1143.150 linux-cloud-tools-5.4.0-1143-azure - 5.4.0-1143.150 linux-headers-5.4.0-1143-azure - 5.4.0-1143.150 linux-image-5.4.0-1143-azure - 5.4.0-1143.150 linux-image-unsigned-5.4.0-1143-azure - 5.4.0-1143.150 linux-modules-5.4.0-1143-azure - 5.4.0-1143.150 linux-modules-extra-5.4.0-1143-azure - 5.4.0-1143.150 linux-tools-5.4.0-1143-azure - 5.4.0-1143.150 No subscription required linux-azure-lts-20.04 - 5.4.0.1143.137 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1143.137 linux-headers-azure-lts-20.04 - 5.4.0.1143.137 linux-image-azure-lts-20.04 - 5.4.0.1143.137 linux-modules-extra-azure-lts-20.04 - 5.4.0.1143.137 linux-tools-azure-lts-20.04 - 5.4.0.1143.137 No subscription required High CVE-2023-21400 CVE-2024-40967 CVE-2024-53103 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53141, CVE-2024-53103, CVE-2024-40967, CVE-2024-53164) Update Instructions: Run `sudo pro fix USN-7234-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-5.4.0-1139 - 5.4.0-1139.149 linux-aws-headers-5.4.0-1139 - 5.4.0-1139.149 linux-aws-tools-5.4.0-1139 - 5.4.0-1139.149 linux-buildinfo-5.4.0-1139-aws - 5.4.0-1139.149 linux-cloud-tools-5.4.0-1139-aws - 5.4.0-1139.149 linux-headers-5.4.0-1139-aws - 5.4.0-1139.149 linux-image-5.4.0-1139-aws - 5.4.0-1139.149 linux-image-unsigned-5.4.0-1139-aws - 5.4.0-1139.149 linux-modules-5.4.0-1139-aws - 5.4.0-1139.149 linux-modules-extra-5.4.0-1139-aws - 5.4.0-1139.149 linux-tools-5.4.0-1139-aws - 5.4.0-1139.149 No subscription required linux-aws-lts-20.04 - 5.4.0.1139.136 linux-headers-aws-lts-20.04 - 5.4.0.1139.136 linux-image-aws-lts-20.04 - 5.4.0.1139.136 linux-modules-extra-aws-lts-20.04 - 5.4.0.1139.136 linux-tools-aws-lts-20.04 - 5.4.0.1139.136 No subscription required High CVE-2023-21400 CVE-2024-40967 CVE-2024-53103 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53164, CVE-2024-53103, CVE-2024-53141) Update Instructions: Run `sudo pro fix USN-7235-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 linux-headers-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 linux-ibm-5.15-headers-5.15.0-1069 - 5.15.0-1069.72~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1069.72~20.04.1 linux-ibm-5.15-tools-5.15.0-1069 - 5.15.0-1069.72~20.04.1 linux-image-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 linux-image-unsigned-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 linux-modules-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 linux-modules-extra-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 linux-tools-5.15.0-1069-ibm - 5.15.0-1069.72~20.04.1 No subscription required linux-buildinfo-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-cloud-tools-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-headers-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-image-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-image-unsigned-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1072.78~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1072 - 5.15.0-1072.78~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1072.78~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1072.78~20.04.1 linux-modules-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-modules-extra-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-modules-iwlwifi-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 linux-tools-5.15.0-1072-intel-iotg - 5.15.0-1072.78~20.04.1 No subscription required linux-buildinfo-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 linux-headers-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 linux-image-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 linux-image-unsigned-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 linux-modules-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 linux-modules-extra-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 linux-oracle-5.15-headers-5.15.0-1074 - 5.15.0-1074.80~20.04.1 linux-oracle-5.15-tools-5.15.0-1074 - 5.15.0-1074.80~20.04.1 linux-tools-5.15.0-1074-oracle - 5.15.0-1074.80~20.04.1 No subscription required linux-buildinfo-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-gcp-5.15-headers-5.15.0-1075 - 5.15.0-1075.84~20.04.1 linux-gcp-5.15-tools-5.15.0-1075 - 5.15.0-1075.84~20.04.1 linux-headers-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-image-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-image-unsigned-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-modules-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-modules-extra-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-modules-iwlwifi-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 linux-tools-5.15.0-1075-gcp - 5.15.0-1075.84~20.04.1 No subscription required linux-buildinfo-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-buildinfo-5.15.0-131-generic-64k - 5.15.0-131.141~20.04.1 linux-buildinfo-5.15.0-131-generic-lpae - 5.15.0-131.141~20.04.1 linux-buildinfo-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-buildinfo-5.15.0-131-lowlatency-64k - 5.15.0-131.141~20.04.1 linux-cloud-tools-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-cloud-tools-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-headers-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-headers-5.15.0-131-generic-64k - 5.15.0-131.141~20.04.1 linux-headers-5.15.0-131-generic-lpae - 5.15.0-131.141~20.04.1 linux-headers-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-headers-5.15.0-131-lowlatency-64k - 5.15.0-131.141~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-131 - 5.15.0-131.141~20.04.1 linux-hwe-5.15-headers-5.15.0-131 - 5.15.0-131.141~20.04.1 linux-hwe-5.15-tools-5.15.0-131 - 5.15.0-131.141~20.04.1 linux-image-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-image-5.15.0-131-generic-64k - 5.15.0-131.141~20.04.1 linux-image-5.15.0-131-generic-lpae - 5.15.0-131.141~20.04.1 linux-image-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-image-5.15.0-131-lowlatency-64k - 5.15.0-131.141~20.04.1 linux-image-unsigned-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-image-unsigned-5.15.0-131-generic-64k - 5.15.0-131.141~20.04.1 linux-image-unsigned-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-image-unsigned-5.15.0-131-lowlatency-64k - 5.15.0-131.141~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-131 - 5.15.0-131.141~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-131 - 5.15.0-131.141~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-131 - 5.15.0-131.141~20.04.1 linux-modules-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-modules-5.15.0-131-generic-64k - 5.15.0-131.141~20.04.1 linux-modules-5.15.0-131-generic-lpae - 5.15.0-131.141~20.04.1 linux-modules-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-modules-5.15.0-131-lowlatency-64k - 5.15.0-131.141~20.04.1 linux-modules-extra-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-modules-iwlwifi-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-modules-iwlwifi-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-tools-5.15.0-131-generic - 5.15.0-131.141~20.04.1 linux-tools-5.15.0-131-generic-64k - 5.15.0-131.141~20.04.1 linux-tools-5.15.0-131-generic-lpae - 5.15.0-131.141~20.04.1 linux-tools-5.15.0-131-lowlatency - 5.15.0-131.141~20.04.1 linux-tools-5.15.0-131-lowlatency-64k - 5.15.0-131.141~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1069.72~20.04.1 linux-headers-ibm-edge - 5.15.0.1069.72~20.04.1 linux-ibm - 5.15.0.1069.72~20.04.1 linux-ibm-edge - 5.15.0.1069.72~20.04.1 linux-image-ibm - 5.15.0.1069.72~20.04.1 linux-image-ibm-edge - 5.15.0.1069.72~20.04.1 linux-tools-ibm - 5.15.0.1069.72~20.04.1 linux-tools-ibm-edge - 5.15.0.1069.72~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1072.78~20.04.1 linux-headers-intel - 5.15.0.1072.78~20.04.1 linux-headers-intel-iotg - 5.15.0.1072.78~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1072.78~20.04.1 linux-image-intel - 5.15.0.1072.78~20.04.1 linux-image-intel-iotg - 5.15.0.1072.78~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1072.78~20.04.1 linux-intel - 5.15.0.1072.78~20.04.1 linux-intel-iotg - 5.15.0.1072.78~20.04.1 linux-intel-iotg-edge - 5.15.0.1072.78~20.04.1 linux-tools-intel - 5.15.0.1072.78~20.04.1 linux-tools-intel-iotg - 5.15.0.1072.78~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1072.78~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1074.80~20.04.1 linux-headers-oracle-edge - 5.15.0.1074.80~20.04.1 linux-image-oracle - 5.15.0.1074.80~20.04.1 linux-image-oracle-edge - 5.15.0.1074.80~20.04.1 linux-oracle - 5.15.0.1074.80~20.04.1 linux-oracle-edge - 5.15.0.1074.80~20.04.1 linux-tools-oracle - 5.15.0.1074.80~20.04.1 linux-tools-oracle-edge - 5.15.0.1074.80~20.04.1 No subscription required linux-gcp - 5.15.0.1075.84~20.04.1 linux-gcp-edge - 5.15.0.1075.84~20.04.1 linux-headers-gcp - 5.15.0.1075.84~20.04.1 linux-headers-gcp-edge - 5.15.0.1075.84~20.04.1 linux-image-gcp - 5.15.0.1075.84~20.04.1 linux-image-gcp-edge - 5.15.0.1075.84~20.04.1 linux-modules-extra-gcp - 5.15.0.1075.84~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1075.84~20.04.1 linux-tools-gcp - 5.15.0.1075.84~20.04.1 linux-tools-gcp-edge - 5.15.0.1075.84~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-generic-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-headers-oem-20.04 - 5.15.0.131.141~20.04.1 linux-headers-oem-20.04b - 5.15.0.131.141~20.04.1 linux-headers-oem-20.04c - 5.15.0.131.141~20.04.1 linux-headers-oem-20.04d - 5.15.0.131.141~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-image-oem-20.04 - 5.15.0.131.141~20.04.1 linux-image-oem-20.04b - 5.15.0.131.141~20.04.1 linux-image-oem-20.04c - 5.15.0.131.141~20.04.1 linux-image-oem-20.04d - 5.15.0.131.141~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.131.141~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.131.141~20.04.1 linux-oem-20.04 - 5.15.0.131.141~20.04.1 linux-oem-20.04b - 5.15.0.131.141~20.04.1 linux-oem-20.04c - 5.15.0.131.141~20.04.1 linux-oem-20.04d - 5.15.0.131.141~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-tools-oem-20.04 - 5.15.0.131.141~20.04.1 linux-tools-oem-20.04b - 5.15.0.131.141~20.04.1 linux-tools-oem-20.04c - 5.15.0.131.141~20.04.1 linux-tools-oem-20.04d - 5.15.0.131.141~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.131.141~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.131.141~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.131.141~20.04.1 No subscription required High CVE-2024-53103 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53164, CVE-2024-53103, CVE-2024-53141) Update Instructions: Run `sudo pro fix USN-7235-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1079 - 5.15.0-1079.88~20.04.1 linux-azure-5.15-headers-5.15.0-1079 - 5.15.0-1079.88~20.04.1 linux-azure-5.15-tools-5.15.0-1079 - 5.15.0-1079.88~20.04.1 linux-buildinfo-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-cloud-tools-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-headers-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-image-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-image-unsigned-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-modules-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-modules-extra-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-modules-involflt-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 linux-tools-5.15.0-1079-azure - 5.15.0-1079.88~20.04.1 No subscription required linux-azure - 5.15.0.1079.88~20.04.1 linux-azure-cvm - 5.15.0.1079.88~20.04.1 linux-azure-edge - 5.15.0.1079.88~20.04.1 linux-cloud-tools-azure - 5.15.0.1079.88~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1079.88~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1079.88~20.04.1 linux-headers-azure - 5.15.0.1079.88~20.04.1 linux-headers-azure-cvm - 5.15.0.1079.88~20.04.1 linux-headers-azure-edge - 5.15.0.1079.88~20.04.1 linux-image-azure - 5.15.0.1079.88~20.04.1 linux-image-azure-cvm - 5.15.0.1079.88~20.04.1 linux-image-azure-edge - 5.15.0.1079.88~20.04.1 linux-modules-extra-azure - 5.15.0.1079.88~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1079.88~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1079.88~20.04.1 linux-modules-involflt-azure - 5.15.0.1079.88~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1079.88~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1079.88~20.04.1 linux-tools-azure - 5.15.0.1079.88~20.04.1 linux-tools-azure-cvm - 5.15.0.1079.88~20.04.1 linux-tools-azure-edge - 5.15.0.1079.88~20.04.1 No subscription required High CVE-2024-53103 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53164, CVE-2024-53103, CVE-2024-53141) Update Instructions: Run `sudo pro fix USN-7235-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1077 - 5.15.0-1077.84~20.04.1 linux-aws-5.15-headers-5.15.0-1077 - 5.15.0-1077.84~20.04.1 linux-aws-5.15-tools-5.15.0-1077 - 5.15.0-1077.84~20.04.1 linux-buildinfo-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-cloud-tools-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-headers-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-image-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-image-unsigned-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-modules-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-modules-extra-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 linux-tools-5.15.0-1077-aws - 5.15.0-1077.84~20.04.1 No subscription required linux-aws - 5.15.0.1077.84~20.04.1 linux-aws-edge - 5.15.0.1077.84~20.04.1 linux-headers-aws - 5.15.0.1077.84~20.04.1 linux-headers-aws-edge - 5.15.0.1077.84~20.04.1 linux-image-aws - 5.15.0.1077.84~20.04.1 linux-image-aws-edge - 5.15.0.1077.84~20.04.1 linux-modules-extra-aws - 5.15.0.1077.84~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1077.84~20.04.1 linux-tools-aws - 5.15.0.1077.84~20.04.1 linux-tools-aws-edge - 5.15.0.1077.84~20.04.1 No subscription required High CVE-2024-53103 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-49043) It was discovered that the libxml2 xmllint tool incorrectly handled certain memory operations. If a user or automated system were tricked into running xmllint on a specially crafted xml file, a remote attacker could cause xmllint to crash, resulting in a denial of service. (CVE-2024-34459) Update Instructions: Run `sudo pro fix USN-7240-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.8 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.8 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.8 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.8 python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.8 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.8 No subscription required Medium CVE-2022-49043 CVE-2024-34459 Ubuntu 20.04 LTS Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial of service. (CVE-2024-11187) Jean-François Billaud discovered that the Bind DNS-over-HTTPS implementation incorrectly handled a heavy query load. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2024-12705) Update Instructions: Run `sudo pro fix USN-7241-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: bind9 - 1:9.18.30-0ubuntu0.20.04.2 bind9-dnsutils - 1:9.18.30-0ubuntu0.20.04.2 bind9-doc - 1:9.18.30-0ubuntu0.20.04.2 bind9-host - 1:9.18.30-0ubuntu0.20.04.2 bind9-libs - 1:9.18.30-0ubuntu0.20.04.2 bind9-utils - 1:9.18.30-0ubuntu0.20.04.2 bind9utils - 1:9.18.30-0ubuntu0.20.04.2 dnsutils - 1:9.18.30-0ubuntu0.20.04.2 No subscription required Medium CVE-2024-11187 CVE-2024-12705 Ubuntu 20.04 LTS It was discovered that VLC incorrectly handled memory when reading an MMS stream. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7243-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvlc-bin - 3.0.9.2-1ubuntu0.1~esm3 libvlc-dev - 3.0.9.2-1ubuntu0.1~esm3 libvlc5 - 3.0.9.2-1ubuntu0.1~esm3 libvlccore-dev - 3.0.9.2-1ubuntu0.1~esm3 libvlccore9 - 3.0.9.2-1ubuntu0.1~esm3 vlc - 3.0.9.2-1ubuntu0.1~esm3 vlc-bin - 3.0.9.2-1ubuntu0.1~esm3 vlc-data - 3.0.9.2-1ubuntu0.1~esm3 vlc-l10n - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-access-extra - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-base - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-fluidsynth - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-jack - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-notify - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-qt - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-samba - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-skins2 - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-svg - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-video-output - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-video-splitter - 3.0.9.2-1ubuntu0.1~esm3 vlc-plugin-visualization - 3.0.9.2-1ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-46461 Ubuntu 20.04 LTS It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-56201) It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-56326) Update Instructions: Run `sudo pro fix USN-7244-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2 - 2.10.1-2ubuntu0.4 python-jinja2-doc - 2.10.1-2ubuntu0.4 python3-jinja2 - 2.10.1-2ubuntu0.4 No subscription required Medium CVE-2024-56201 CVE-2024-56326 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.41 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-41.html https://www.oracle.com/security-alerts/cpujan2025.html Update Instructions: Run `sudo pro fix USN-7245-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.41-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.41-0ubuntu0.20.04.1 mysql-client - 8.0.41-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.41-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.41-0ubuntu0.20.04.1 mysql-router - 8.0.41-0ubuntu0.20.04.1 mysql-server - 8.0.41-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.41-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.41-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.41-0ubuntu0.20.04.1 mysql-testsuite - 8.0.41-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.41-0ubuntu0.20.04.1 No subscription required Medium CVE-2025-21490 CVE-2025-21491 CVE-2025-21497 CVE-2025-21500 CVE-2025-21501 CVE-2025-21503 CVE-2025-21505 CVE-2025-21518 CVE-2025-21519 CVE-2025-21522 CVE-2025-21523 CVE-2025-21529 CVE-2025-21540 CVE-2025-21546 CVE-2025-21555 CVE-2025-21559 Ubuntu 20.04 LTS It was discovered that jQuery incorrectly handled parsing untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7246-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libjs-jquery - 3.3.1~dfsg-3ubuntu0.1 No subscription required High CVE-2020-11022 CVE-2020-11023 Ubuntu 20.04 LTS It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18836) It was discovered that Netdata incorrectly handled parsing HTTP headers, which could lead to a HTTP header injection. An attacker could possibly use this issue to cause a denial of service or leak sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18837) It was discovered that Netdata incorrectly handled parsing URLs, which could lead to a log injection. An attacker could possibly use this issue to consume system resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-18838) It was discovered Netdata improperly authenticated API keys. An attacker could possibly use this issue to leak sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-22497) It was discovered Fluent Bit, vendored in Netdata, incorrectly handled parsing HTTP payloads. An attacker could possibly use this issue to disrupt logging. This issue only affected Ubuntu 24.10. (CVE-2024-23722) It was discovered that WebAssembly Micro Runtime, vendored in Netdata, incorrectly handled memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.10. (CVE-2024-34250, CVE-2024-34251) Update Instructions: Run `sudo pro fix USN-7250-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netdata - 1.19.0-3ubuntu1+esm1 netdata-apache2 - 1.19.0-3ubuntu1+esm1 netdata-core - 1.19.0-3ubuntu1+esm1 netdata-plugins-bash - 1.19.0-3ubuntu1+esm1 netdata-plugins-nodejs - 1.19.0-3ubuntu1+esm1 netdata-plugins-python - 1.19.0-3ubuntu1+esm1 netdata-web - 1.19.0-3ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2018-18836 CVE-2018-18837 CVE-2018-18838 CVE-2023-22497 CVE-2024-23722 CVE-2024-34250 CVE-2024-34251 Ubuntu 20.04 LTS It was discovered that HarfBuzz incorrectly handled shaping certain fonts. A remote attacker could possibly use this issue to cause HarfBuzz to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7251-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-harfbuzz-0.0 - 2.6.4-1ubuntu4.3 libharfbuzz-bin - 2.6.4-1ubuntu4.3 libharfbuzz-dev - 2.6.4-1ubuntu4.3 libharfbuzz-doc - 2.6.4-1ubuntu4.3 libharfbuzz-gobject0 - 2.6.4-1ubuntu4.3 libharfbuzz-icu0 - 2.6.4-1ubuntu4.3 libharfbuzz0b - 2.6.4-1ubuntu4.3 No subscription required Low CVE-2023-25193 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 11 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. Update Instructions: Run `sudo pro fix USN-7252-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.26+4-1ubuntu1~20.04 openjdk-11-doc - 11.0.26+4-1ubuntu1~20.04 openjdk-11-jdk - 11.0.26+4-1ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.26+4-1ubuntu1~20.04 openjdk-11-jre - 11.0.26+4-1ubuntu1~20.04 openjdk-11-jre-headless - 11.0.26+4-1ubuntu1~20.04 openjdk-11-jre-zero - 11.0.26+4-1ubuntu1~20.04 openjdk-11-source - 11.0.26+4-1ubuntu1~20.04 No subscription required Medium CVE-2025-21502 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 17 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. Update Instructions: Run `sudo pro fix USN-7253-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.14+7-1~20.04 openjdk-17-doc - 17.0.14+7-1~20.04 openjdk-17-jdk - 17.0.14+7-1~20.04 openjdk-17-jdk-headless - 17.0.14+7-1~20.04 openjdk-17-jre - 17.0.14+7-1~20.04 openjdk-17-jre-headless - 17.0.14+7-1~20.04 openjdk-17-jre-zero - 17.0.14+7-1~20.04 openjdk-17-source - 17.0.14+7-1~20.04 No subscription required Medium CVE-2025-21502 Ubuntu 20.04 LTS It was discovered that the Hotspot component of OpenJDK 21 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. Update Instructions: Run `sudo pro fix USN-7254-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-demo - 21.0.6+7-1~20.04.1 openjdk-21-doc - 21.0.6+7-1~20.04.1 openjdk-21-jdk - 21.0.6+7-1~20.04.1 openjdk-21-jdk-headless - 21.0.6+7-1~20.04.1 openjdk-21-jre - 21.0.6+7-1~20.04.1 openjdk-21-jre-headless - 21.0.6+7-1~20.04.1 openjdk-21-jre-zero - 21.0.6+7-1~20.04.1 openjdk-21-source - 21.0.6+7-1~20.04.1 openjdk-21-testsupport - 21.0.6+7-1~20.04.1 No subscription required Medium CVE-2025-21502 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7256-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libruby2.7 - 2.7.0-5ubuntu1.16 ruby2.7 - 2.7.0-5ubuntu1.16 ruby2.7-dev - 2.7.0-5ubuntu1.16 ruby2.7-doc - 2.7.0-5ubuntu1.16 No subscription required Medium CVE-2024-39908 CVE-2024-43398 Ubuntu 20.04 LTS USN-7256-1 fixed vulnerabilities in Ruby. The update introduced a minor regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7256-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libruby2.7 - 2.7.0-5ubuntu1.17 ruby2.7 - 2.7.0-5ubuntu1.17 ruby2.7-dev - 2.7.0-5ubuntu1.17 ruby2.7-doc - 2.7.0-5ubuntu1.17 No subscription required None https://launchpad.net/bugs/2097527 Ubuntu 20.04 LTS Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypass authentication, and access network devices and services. This update introduces support for the Message-Authenticator attribute in non-EAP authentication methods for communications between Kerberos and a RADIUS server. Update Instructions: Run `sudo pro fix USN-7257-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-admin-server - 1.17-6ubuntu4.8 krb5-doc - 1.17-6ubuntu4.8 krb5-gss-samples - 1.17-6ubuntu4.8 krb5-k5tls - 1.17-6ubuntu4.8 krb5-kdc - 1.17-6ubuntu4.8 krb5-kdc-ldap - 1.17-6ubuntu4.8 krb5-kpropd - 1.17-6ubuntu4.8 krb5-locales - 1.17-6ubuntu4.8 krb5-multidev - 1.17-6ubuntu4.8 krb5-otp - 1.17-6ubuntu4.8 krb5-pkinit - 1.17-6ubuntu4.8 krb5-user - 1.17-6ubuntu4.8 libgssapi-krb5-2 - 1.17-6ubuntu4.8 libgssrpc4 - 1.17-6ubuntu4.8 libk5crypto3 - 1.17-6ubuntu4.8 libkadm5clnt-mit11 - 1.17-6ubuntu4.8 libkadm5srv-mit11 - 1.17-6ubuntu4.8 libkdb5-9 - 1.17-6ubuntu4.8 libkrad-dev - 1.17-6ubuntu4.8 libkrad0 - 1.17-6ubuntu4.8 libkrb5-3 - 1.17-6ubuntu4.8 libkrb5-dev - 1.17-6ubuntu4.8 libkrb5support0 - 1.17-6ubuntu4.8 No subscription required Medium CVE-2024-3596 Ubuntu 20.04 LTS Kevin Backhouse discovered that CKEditor did not properly sanitize HTML content. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24728) It was discovered that CKEditor did not properly handle the creation of editor instances in the Iframe Dialog and Media Embed packages. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-28439) It was discovered that CKEditor did not properly handle parsing HTML content. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. (CVE-2024-24815, CVE-2024-24816) It was discovered that CKEditor did not properly sanitize version notifications. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-43411) Update Instructions: Run `sudo pro fix USN-7258-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ckeditor - 4.12.1+dfsg-1ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24728 CVE-2023-28439 CVE-2024-24815 CVE-2024-24816 CVE-2024-43411 Ubuntu 20.04 LTS It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7259-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glibc-doc - 2.31-0ubuntu9.17 glibc-source - 2.31-0ubuntu9.17 libc-bin - 2.31-0ubuntu9.17 libc-dev-bin - 2.31-0ubuntu9.17 libc6 - 2.31-0ubuntu9.17 libc6-amd64 - 2.31-0ubuntu9.17 libc6-armel - 2.31-0ubuntu9.17 libc6-dev - 2.31-0ubuntu9.17 libc6-dev-amd64 - 2.31-0ubuntu9.17 libc6-dev-armel - 2.31-0ubuntu9.17 libc6-dev-i386 - 2.31-0ubuntu9.17 libc6-dev-s390 - 2.31-0ubuntu9.17 libc6-dev-x32 - 2.31-0ubuntu9.17 libc6-i386 - 2.31-0ubuntu9.17 libc6-lse - 2.31-0ubuntu9.17 libc6-pic - 2.31-0ubuntu9.17 libc6-prof - 2.31-0ubuntu9.17 libc6-s390 - 2.31-0ubuntu9.17 libc6-x32 - 2.31-0ubuntu9.17 locales - 2.31-0ubuntu9.17 locales-all - 2.31-0ubuntu9.17 nscd - 2.31-0ubuntu9.17 No subscription required Medium CVE-2025-0395 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-7261-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.31 vim-athena - 2:8.1.2269-1ubuntu5.31 vim-common - 2:8.1.2269-1ubuntu5.31 vim-doc - 2:8.1.2269-1ubuntu5.31 vim-gtk - 2:8.1.2269-1ubuntu5.31 vim-gtk3 - 2:8.1.2269-1ubuntu5.31 vim-gui-common - 2:8.1.2269-1ubuntu5.31 vim-nox - 2:8.1.2269-1ubuntu5.31 vim-runtime - 2:8.1.2269-1ubuntu5.31 vim-tiny - 2:8.1.2269-1ubuntu5.31 xxd - 2:8.1.2269-1ubuntu5.31 No subscription required Medium CVE-2025-24014 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2025-1011, CVE-2025-1013, CVE-2025-1014, CVE-2025-1016, CVE-2025-1017, CVE-2025-1018, CVE-2025-1019, CVE-2025-1020) Ivan Fratric discovered that Firefox did not properly handle XSLT data, leading to a use-after-free vulnerability. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-1009) Atte Kettunen discovered that Firefox did not properly manage memory in the Custom Highlight API, leading to a use-after-free vulnerability. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-1010) Nils Bars discovered that Firefox did not properly manage memory during concurrent delazification, leading to a use-after-free vulnerability. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-1012) Update Instructions: Run `sudo pro fix USN-7263-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 135.0+build2-0ubuntu0.20.04.1 firefox-dev - 135.0+build2-0ubuntu0.20.04.1 firefox-geckodriver - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-af - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-an - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ar - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-as - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ast - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-az - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-be - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-bg - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-bn - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-br - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-bs - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ca - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-cak - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-cs - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-csb - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-cy - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-da - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-de - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-el - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-en - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-eo - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-es - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-et - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-eu - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-fa - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-fi - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-fr - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-fy - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ga - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-gd - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-gl - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-gn - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-gu - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-he - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-hi - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-hr - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-hsb - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-hu - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-hy - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ia - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-id - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-is - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-it - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ja - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ka - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-kab - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-kk - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-km - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-kn - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ko - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ku - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-lg - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-lt - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-lv - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-mai - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-mk - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ml - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-mn - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-mr - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ms - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-my - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-nb - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ne - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-nl - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-nn - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-nso - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-oc - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-or - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-pa - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-pl - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-pt - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ro - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ru - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-si - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-sk - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-sl - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-sq - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-sr - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-sv - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-sw - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-szl - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ta - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-te - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-tg - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-th - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-tr - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-uk - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-ur - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-uz - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-vi - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-xh - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hans - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-zh-hant - 135.0+build2-0ubuntu0.20.04.1 firefox-locale-zu - 135.0+build2-0ubuntu0.20.04.1 firefox-mozsymbols - 135.0+build2-0ubuntu0.20.04.1 No subscription required Medium CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016 CVE-2025-1017 CVE-2025-1018 CVE-2025-1019 CVE-2025-1020 Ubuntu 20.04 LTS Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2017-0691) It was discovered that Platinum Upnp SDK, vendored in digiKam, was vulnerable to a path traversal attack. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-19858) It was discovered that LibRaw, vendored in digiKam, did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22628) It was discovered that LibRaw, vendored in digiKam, did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-35530, CVE-2020-35531, CVE-2020-35532, CVE-2020-35533) It was discovered that LibRaw, vendored in digiKam, did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32142) It was discovered that LibRaw, vendored in digiKam, did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-1729) Update Instructions: Run `sudo pro fix USN-7266-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: digikam - 4:6.4.0+dfsg-3ubuntu0.1~esm1 digikam-data - 4:6.4.0+dfsg-3ubuntu0.1~esm1 digikam-private-libs - 4:6.4.0+dfsg-3ubuntu0.1~esm1 showfoto - 4:6.4.0+dfsg-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2017-0691 CVE-2020-19858 CVE-2020-22628 CVE-2020-35530 CVE-2020-35531 CVE-2020-35532 CVE-2020-35533 CVE-2021-32142 CVE-2023-1729 Ubuntu 20.04 LTS Ke Sun, Paul Grosen and Alyssa Milburn discovered that some Intel® Processors did not properly implement Finite State Machines (FSMs) in Hardware Logic. A local privileged attacker could use this issue to cause a denial of service. (CVE-2024-31068) It was discovered that some Intel® Processors with Intel® SGX did not properly restrict access to the EDECCSSA user leaf function. A local authenticated attacker could use this issue to cause a denial of service. (CVE-2024-36293) Ke Sun, Alyssa Milburn, Benoit Morgan, and Erik Bjorge discovered that the UEFI firmware for some Intel® processors did not properly restrict access. An authenticated local attacker could use this issue to cause a denial of service. (CVE-2024-39279) Update Instructions: Run `sudo pro fix USN-7269-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20250211.0ubuntu0.20.04.1 No subscription required Medium CVE-2024-31068 CVE-2024-36293 CVE-2024-39279 Ubuntu 20.04 LTS It was discovered that the OpenSSH client incorrectly handled the non-default VerifyHostKeyDNS option. If that option were enabled, an attacker could possibly impersonate a server by completely bypassing the server identity check. (CVE-2025-26465) It was discovered that OpenSSH incorrectly handled the transport-level ping facility. A remote attacker could possibly use this issue to cause OpenSSH clients and servers to consume resources, leading to a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-26466) Update Instructions: Run `sudo pro fix USN-7270-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.12 openssh-server - 1:8.2p1-4ubuntu0.12 openssh-sftp-server - 1:8.2p1-4ubuntu0.12 openssh-tests - 1:8.2p1-4ubuntu0.12 ssh - 1:8.2p1-4ubuntu0.12 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.12 No subscription required Medium CVE-2025-26465 CVE-2025-26466 Ubuntu 20.04 LTS It was discovered that virtualenv incorrectly handled paths when activating virtual environments. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7271-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-virtualenv - 20.0.17-1ubuntu0.4+esm1 virtualenv - 20.0.17-1ubuntu0.4+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-53899 Ubuntu 20.04 LTS Soner Sayakci discovered that Symfony incorrectly handled cookie storage in the web cache. An attacker could possibly use this issue to obtain sensitive information and access unauthorized resources. (CVE-2022-24894) Marco Squarcina discovered that Symfony incorrectly handled the storage of user session information. An attacker could possibly use this issue to perform a cross-site request forgery (CSRF) attack. (CVE-2022-24895) Pierre Rudloff discovered that Symfony incorrectly checked HTML input. An attacker could possibly use this issue to perform cross site scripting. (CVE-2023-46734) Vladimir Dusheyko discovered that Symfony incorrectly sanitized special input with a PHP directive in URL query strings. An attacker could possibly use this issue to expose sensitive information or cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-50340) Oleg Andreyev, Antoine Makdessi, and Moritz Rauch discovered that Symfony incorrectly handled user authentication. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. This issue was only addressed in Ubuntu 24.04 LTS. (CVE-2024-50341, CVE-2024-51996) Linus Karlsson and Chris Smith discovered that Symfony returned internal host information during host resolution. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 24.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-50342) It was discovered that Symfony incorrectly parsed user input through regular expressions. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-50343) Sam Mush discovered that Symfony incorrectly parsed URIs with special characters. An attacker could possibly use this issue to perform phishing attacks. (CVE-2024-50345) Update Instructions: Run `sudo pro fix USN-7272-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-symfony - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-amazon-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-asset - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-browser-kit - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-cache - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-config - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-console - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-css-selector - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-debug - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-debug-bundle - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-dependency-injection - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-doctrine-bridge - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-dom-crawler - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-dotenv - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-event-dispatcher - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-expression-language - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-filesystem - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-finder - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-form - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-framework-bundle - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-google-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-http-client - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-http-foundation - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-http-kernel - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-inflector - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-intl - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-ldap - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-lock - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-mailchimp-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-mailgun-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-messenger - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-mime - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-monolog-bridge - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-options-resolver - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-phpunit-bridge - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-postmark-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-process - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-property-access - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-property-info - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-proxy-manager-bridge - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-routing - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-security - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-security-bundle - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-security-core - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-security-csrf - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-security-guard - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-security-http - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-sendgrid-mailer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-serializer - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-stopwatch - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-templating - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-translation - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-twig-bridge - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-twig-bundle - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-validator - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-var-dumper - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-var-exporter - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-web-link - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-web-profiler-bundle - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-web-server-bundle - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-workflow - 4.3.8+dfsg-1ubuntu1+esm2 php-symfony-yaml - 4.3.8+dfsg-1ubuntu1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24894 CVE-2022-24895 CVE-2023-46734 CVE-2024-50340 CVE-2024-50341 CVE-2024-50342 CVE-2024-50343 CVE-2024-50345 CVE-2024-51996 Ubuntu 20.04 LTS It was discovered that libsndfile incorrectly handled memory when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2021-4156) It was discovered that libsndfile incorrectly handled certain malformed OggVorbis files. An attacker could possibly use this issue to cause libsndfile to crash, resulting in a denial of service. (CVE-2024-50612) Update Instructions: Run `sudo pro fix USN-7273-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsndfile1 - 1.0.28-7ubuntu0.3 libsndfile1-dev - 1.0.28-7ubuntu0.3 sndfile-programs - 1.0.28-7ubuntu0.3 No subscription required Low CVE-2021-4156 CVE-2024-50612 Ubuntu 20.04 LTS It was discovered that Atril incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2019-1010006) Andy Nguyen discovered that Atril incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS. (CVE-2019-11459) Febin Mon Saji discovered that Atril incorrectly handled certain compressed files. A remote attacker could possibly use this issue to cause a denial of service or to execute arbitrary code. (CVE-2023-51698) Update Instructions: Run `sudo pro fix USN-7274-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: atril - 1.24.0-1ubuntu0.2 atril-common - 1.24.0-1ubuntu0.2 gir1.2-atril - 1.24.0-1ubuntu0.2 gir1.2-atrildocument-1.5.0 - 1.24.0-1ubuntu0.2 gir1.2-atrilview-1.5.0 - 1.24.0-1ubuntu0.2 libatrildocument-dev - 1.24.0-1ubuntu0.2 libatrildocument3 - 1.24.0-1ubuntu0.2 libatrilview-dev - 1.24.0-1ubuntu0.2 libatrilview3 - 1.24.0-1ubuntu0.2 No subscription required High CVE-2019-1010006 CVE-2019-11459 CVE-2023-51698 Ubuntu 20.04 LTS Bing Shi discovered that Libtasn1 inefficiently handled certificates. An attacker could possibly use this issue to increase resource utilization leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7275-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtasn1-6 - 4.16.0-2ubuntu0.1 libtasn1-6-dev - 4.16.0-2ubuntu0.1 libtasn1-bin - 4.16.0-2ubuntu0.1 libtasn1-doc - 4.16.0-2ubuntu0.1 No subscription required Medium CVE-2024-12133 Ubuntu 20.04 LTS George Pantelakis and Alicja Kario discovered that OpenSSL had a timing side-channel when performing ECDSA signature computations. A remote attacker could possibly use this issue to recover private data. (CVE-2024-13176) It was discovered that OpenSSL incorrectly handled certain memory operations when using low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial. When being used in this uncommon fashion, a remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-9143) Update Instructions: Run `sudo pro fix USN-7278-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libssl-dev - 1.1.1f-1ubuntu2.24 libssl-doc - 1.1.1f-1ubuntu2.24 libssl1.1 - 1.1.1f-1ubuntu2.24 openssl - 1.1.1f-1ubuntu2.24 No subscription required Low CVE-2024-13176 CVE-2024-9143 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled parsing domain names that included square brackets. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. Update Instructions: Run `sudo pro fix USN-7280-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.15 libpython3.8 - 3.8.10-0ubuntu1~20.04.15 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.15 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.15 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.15 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.15 python3.8 - 3.8.10-0ubuntu1~20.04.15 python3.8-dev - 3.8.10-0ubuntu1~20.04.15 python3.8-doc - 3.8.10-0ubuntu1~20.04.15 python3.8-examples - 3.8.10-0ubuntu1~20.04.15 python3.8-full - 3.8.10-0ubuntu1~20.04.15 python3.8-minimal - 3.8.10-0ubuntu1~20.04.15 python3.8-venv - 3.8.10-0ubuntu1~20.04.15 No subscription required Medium CVE-2025-0938 Ubuntu 20.04 LTS USN-7280-1 fixed a vulnerability in Python. This update provides the corresponding updates for some additional Python packages in Ubuntu releases. Original advisory details: It was discovered that Python incorrectly handled parsing domain names that included square brackets. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. Update Instructions: Run `sudo pro fix USN-7280-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.7+esm7 libpython2.7 - 2.7.18-1~20.04.7+esm7 libpython2.7-dev - 2.7.18-1~20.04.7+esm7 libpython2.7-minimal - 2.7.18-1~20.04.7+esm7 libpython2.7-stdlib - 2.7.18-1~20.04.7+esm7 libpython2.7-testsuite - 2.7.18-1~20.04.7+esm7 python2.7 - 2.7.18-1~20.04.7+esm7 python2.7-dev - 2.7.18-1~20.04.7+esm7 python2.7-doc - 2.7.18-1~20.04.7+esm7 python2.7-examples - 2.7.18-1~20.04.7+esm7 python2.7-minimal - 2.7.18-1~20.04.7+esm7 Available with Ubuntu Pro: https://ubuntu.com/pro idle-python3.9 - 3.9.5-3ubuntu0~20.04.1+esm4 libpython3.9 - 3.9.5-3ubuntu0~20.04.1+esm4 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm4 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm4 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1+esm4 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9 - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9-doc - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9-examples - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9-full - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm4 python3.9-venv - 3.9.5-3ubuntu0~20.04.1+esm4 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-0938 Ubuntu 20.04 LTS Bing Shi discovered that GnuTLS incorrectly handled decoding certain DER-encoded certificates. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7281-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gnutls-bin - 3.6.13-2ubuntu1.12 gnutls-doc - 3.6.13-2ubuntu1.12 guile-gnutls - 3.6.13-2ubuntu1.12 libgnutls-dane0 - 3.6.13-2ubuntu1.12 libgnutls-openssl27 - 3.6.13-2ubuntu1.12 libgnutls28-dev - 3.6.13-2ubuntu1.12 libgnutls30 - 3.6.13-2ubuntu1.12 libgnutlsxx28 - 3.6.13-2ubuntu1.12 No subscription required Medium CVE-2024-12243 Ubuntu 20.04 LTS Jonathan Leitschuh discovered that Netty did not correctly handle file permissions when writing temporary files. An attacker could possibly use this issue to leak sensitive information. (CVE-2022-24823) It was discovered that Netty did not correctly handle limiting the number of fields when decoding a HTTP request. An attacker could possibly use issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29025) Update Instructions: Run `sudo pro fix USN-7284-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnetty-java - 1:4.1.45-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-24823 CVE-2024-29025 Ubuntu 20.04 LTS It was discovered that nginx incorrectly handled when multiple server blocks are configured to share the same IP address and port. An attacker could use this issue to use session resumption to bypass client certificate authentication requirements on these servers. This issue only affected Ubuntu 24.10. A buffer overflow and a null pointer deref was fixed in nginx rtmp module (#LP 1977718). This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Update Instructions: Run `sudo pro fix USN-7285-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnginx-mod-http-auth-pam - 1.18.0-0ubuntu1.7 libnginx-mod-http-cache-purge - 1.18.0-0ubuntu1.7 libnginx-mod-http-dav-ext - 1.18.0-0ubuntu1.7 libnginx-mod-http-echo - 1.18.0-0ubuntu1.7 libnginx-mod-http-fancyindex - 1.18.0-0ubuntu1.7 libnginx-mod-http-geoip - 1.18.0-0ubuntu1.7 libnginx-mod-http-geoip2 - 1.18.0-0ubuntu1.7 libnginx-mod-http-headers-more-filter - 1.18.0-0ubuntu1.7 libnginx-mod-http-image-filter - 1.18.0-0ubuntu1.7 libnginx-mod-http-lua - 1.18.0-0ubuntu1.7 libnginx-mod-http-ndk - 1.18.0-0ubuntu1.7 libnginx-mod-http-perl - 1.18.0-0ubuntu1.7 libnginx-mod-http-subs-filter - 1.18.0-0ubuntu1.7 libnginx-mod-http-uploadprogress - 1.18.0-0ubuntu1.7 libnginx-mod-http-upstream-fair - 1.18.0-0ubuntu1.7 libnginx-mod-http-xslt-filter - 1.18.0-0ubuntu1.7 libnginx-mod-mail - 1.18.0-0ubuntu1.7 libnginx-mod-nchan - 1.18.0-0ubuntu1.7 libnginx-mod-rtmp - 1.18.0-0ubuntu1.7 libnginx-mod-stream - 1.18.0-0ubuntu1.7 nginx - 1.18.0-0ubuntu1.7 nginx-common - 1.18.0-0ubuntu1.7 nginx-core - 1.18.0-0ubuntu1.7 nginx-doc - 1.18.0-0ubuntu1.7 nginx-extras - 1.18.0-0ubuntu1.7 nginx-full - 1.18.0-0ubuntu1.7 nginx-light - 1.18.0-0ubuntu1.7 No subscription required Medium CVE-2025-23419 https://launchpad.net/bugs/1977718 Ubuntu 20.04 LTS Tianjia Zhang discovered the libcap2 PAM module pam_cap incorrectly handled parsing group names in the configuration file. This could result in certain users being granted capabilities, contrary to expectations. Update Instructions: Run `sudo pro fix USN-7287-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libcap-dev - 1:2.32-1ubuntu0.2 libcap2 - 1:2.32-1ubuntu0.2 libcap2-bin - 1:2.32-1ubuntu0.2 libpam-cap - 1:2.32-1ubuntu0.2 No subscription required Medium CVE-2025-1390 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - Network drivers; - STMicroelectronics network drivers; - Parport drivers; - Pin controllers subsystem; - Direct Digital Synthesis drivers; - TCM subsystem; - TTY drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - BTRFS file system; - File systems infrastructure; - Network file system (NFS) client; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - User-space API (UAPI); - io_uring subsystem; - BPF subsystem; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Networking core; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - XFRM subsystem; - Key management; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - KVM core; (CVE-2024-50151, CVE-2024-50195, CVE-2024-50117, CVE-2024-53104, CVE-2024-50171, CVE-2024-53059, CVE-2024-50160, CVE-2024-50163, CVE-2024-50103, CVE-2024-50245, CVE-2024-50282, CVE-2024-50233, CVE-2024-50218, CVE-2024-50201, CVE-2024-53058, CVE-2024-50115, CVE-2024-53101, CVE-2024-50268, CVE-2024-50127, CVE-2024-50182, CVE-2024-50148, CVE-2024-50295, CVE-2024-53061, CVE-2024-50232, CVE-2024-50010, CVE-2024-50273, CVE-2024-50267, CVE-2024-50198, CVE-2024-53097, CVE-2024-50150, CVE-2024-50278, CVE-2024-50301, CVE-2024-50290, CVE-2024-50185, CVE-2024-50036, CVE-2024-50296, CVE-2024-50082, CVE-2024-50058, CVE-2024-53063, CVE-2024-50192, CVE-2024-50208, CVE-2024-53052, CVE-2024-50162, CVE-2024-50247, CVE-2024-50302, CVE-2024-50153, CVE-2024-50143, CVE-2024-41080, CVE-2024-50287, CVE-2024-39497, CVE-2024-50156, CVE-2024-42252, CVE-2024-53055, CVE-2024-50265, CVE-2024-50230, CVE-2024-50269, CVE-2024-50167, CVE-2024-50237, CVE-2024-50168, CVE-2023-52913, CVE-2024-35887, CVE-2024-50299, CVE-2024-53088, CVE-2024-50209, CVE-2024-50234, CVE-2024-50131, CVE-2024-50141, CVE-2024-40965, CVE-2024-41066, CVE-2024-50251, CVE-2024-50292, CVE-2024-50194, CVE-2024-50085, CVE-2024-50154, CVE-2024-50202, CVE-2024-50074, CVE-2024-50199, CVE-2024-50110, CVE-2024-26718, CVE-2024-50205, CVE-2024-53042, CVE-2024-50279, CVE-2024-50101, CVE-2024-50116, CVE-2024-50236, CVE-2024-50083, CVE-2024-50262, CVE-2024-40953, CVE-2024-50142, CVE-2024-50128, CVE-2024-50099, CVE-2024-50086, CVE-2024-42291, CVE-2024-50257, CVE-2024-50229, CVE-2024-50134, CVE-2024-50244, CVE-2024-50249, CVE-2024-50193, CVE-2024-50072, CVE-2024-50259, CVE-2024-50196, CVE-2024-53066) Update Instructions: Run `sudo pro fix USN-7288-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-buildinfo-5.15.0-133-lowlatency-64k - 5.15.0-133.143~20.04.1 linux-cloud-tools-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-headers-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-headers-5.15.0-133-lowlatency-64k - 5.15.0-133.143~20.04.1 linux-image-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-image-5.15.0-133-lowlatency-64k - 5.15.0-133.143~20.04.1 linux-image-unsigned-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-image-unsigned-5.15.0-133-lowlatency-64k - 5.15.0-133.143~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-133 - 5.15.0-133.143~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-133 - 5.15.0-133.143~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-133 - 5.15.0-133.143~20.04.1 linux-modules-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-modules-5.15.0-133-lowlatency-64k - 5.15.0-133.143~20.04.1 linux-modules-iwlwifi-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-tools-5.15.0-133-lowlatency - 5.15.0-133.143~20.04.1 linux-tools-5.15.0-133-lowlatency-64k - 5.15.0-133.143~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.133.143~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.133.143~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.133.143~20.04.1 No subscription required High CVE-2023-52913 CVE-2024-26718 CVE-2024-35887 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-50010 CVE-2024-50036 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53097 CVE-2024-53101 CVE-2024-53104 CVE-2025-0927 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - Network drivers; - STMicroelectronics network drivers; - Parport drivers; - Pin controllers subsystem; - Direct Digital Synthesis drivers; - TCM subsystem; - TTY drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - BTRFS file system; - File systems infrastructure; - Network file system (NFS) client; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - User-space API (UAPI); - io_uring subsystem; - BPF subsystem; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Networking core; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - XFRM subsystem; - Key management; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - KVM core; (CVE-2024-50269, CVE-2024-50208, CVE-2024-53101, CVE-2024-50257, CVE-2024-50110, CVE-2024-39497, CVE-2024-50116, CVE-2024-50153, CVE-2024-50143, CVE-2023-52913, CVE-2024-53042, CVE-2024-41066, CVE-2024-42252, CVE-2024-50247, CVE-2024-50131, CVE-2024-50182, CVE-2024-50279, CVE-2024-50209, CVE-2024-50163, CVE-2024-50265, CVE-2024-50010, CVE-2024-50171, CVE-2024-50295, CVE-2024-53088, CVE-2024-50142, CVE-2024-50058, CVE-2024-50195, CVE-2024-50232, CVE-2024-50141, CVE-2024-50117, CVE-2024-50229, CVE-2024-53061, CVE-2024-50074, CVE-2024-50282, CVE-2024-50296, CVE-2024-50218, CVE-2024-50259, CVE-2024-26718, CVE-2024-50134, CVE-2024-50150, CVE-2024-50301, CVE-2024-40953, CVE-2024-42291, CVE-2024-50086, CVE-2024-50198, CVE-2024-50194, CVE-2024-50168, CVE-2024-50196, CVE-2024-50262, CVE-2024-50290, CVE-2024-50036, CVE-2024-50156, CVE-2024-53066, CVE-2024-50245, CVE-2024-50278, CVE-2024-50127, CVE-2024-53055, CVE-2024-50287, CVE-2024-53052, CVE-2024-35887, CVE-2024-50199, CVE-2024-50205, CVE-2024-50273, CVE-2024-50185, CVE-2024-50201, CVE-2024-50072, CVE-2024-50234, CVE-2024-50101, CVE-2024-50103, CVE-2024-50302, CVE-2024-50251, CVE-2024-53104, CVE-2024-50083, CVE-2024-50292, CVE-2024-50236, CVE-2024-50230, CVE-2024-50085, CVE-2024-50162, CVE-2024-50193, CVE-2024-50267, CVE-2024-50192, CVE-2024-50148, CVE-2024-50167, CVE-2024-50249, CVE-2024-50268, CVE-2024-53058, CVE-2024-41080, CVE-2024-50233, CVE-2024-53097, CVE-2024-50244, CVE-2024-50160, CVE-2024-50299, CVE-2024-50115, CVE-2024-53059, CVE-2024-50099, CVE-2024-50154, CVE-2024-53063, CVE-2024-50237, CVE-2024-50128, CVE-2024-40965, CVE-2024-50151, CVE-2024-50082, CVE-2024-50202) Update Instructions: Run `sudo pro fix USN-7289-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 linux-headers-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 linux-image-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 linux-image-unsigned-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 linux-modules-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 linux-modules-extra-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 linux-oracle-5.15-headers-5.15.0-1075 - 5.15.0-1075.81~20.04.1 linux-oracle-5.15-tools-5.15.0-1075 - 5.15.0-1075.81~20.04.1 linux-tools-5.15.0-1075-oracle - 5.15.0-1075.81~20.04.1 No subscription required linux-azure-5.15-cloud-tools-5.15.0-1081 - 5.15.0-1081.90~20.04.1 linux-azure-5.15-headers-5.15.0-1081 - 5.15.0-1081.90~20.04.1 linux-azure-5.15-tools-5.15.0-1081 - 5.15.0-1081.90~20.04.1 linux-buildinfo-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-cloud-tools-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-headers-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-image-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-image-unsigned-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-modules-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-modules-extra-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-modules-involflt-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 linux-tools-5.15.0-1081-azure - 5.15.0-1081.90~20.04.1 No subscription required linux-image-5.15.0-1081-azure-fde - 5.15.0-1081.90~20.04.1.1 linux-image-unsigned-5.15.0-1081-azure-fde - 5.15.0-1081.90~20.04.1.1 No subscription required linux-headers-oracle - 5.15.0.1075.81~20.04.1 linux-headers-oracle-edge - 5.15.0.1075.81~20.04.1 linux-image-oracle - 5.15.0.1075.81~20.04.1 linux-image-oracle-edge - 5.15.0.1075.81~20.04.1 linux-oracle - 5.15.0.1075.81~20.04.1 linux-oracle-edge - 5.15.0.1075.81~20.04.1 linux-tools-oracle - 5.15.0.1075.81~20.04.1 linux-tools-oracle-edge - 5.15.0.1075.81~20.04.1 No subscription required linux-azure - 5.15.0.1081.90~20.04.1 linux-azure-cvm - 5.15.0.1081.90~20.04.1 linux-azure-edge - 5.15.0.1081.90~20.04.1 linux-cloud-tools-azure - 5.15.0.1081.90~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1081.90~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1081.90~20.04.1 linux-headers-azure - 5.15.0.1081.90~20.04.1 linux-headers-azure-cvm - 5.15.0.1081.90~20.04.1 linux-headers-azure-edge - 5.15.0.1081.90~20.04.1 linux-image-azure - 5.15.0.1081.90~20.04.1 linux-image-azure-cvm - 5.15.0.1081.90~20.04.1 linux-image-azure-edge - 5.15.0.1081.90~20.04.1 linux-modules-extra-azure - 5.15.0.1081.90~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1081.90~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1081.90~20.04.1 linux-modules-involflt-azure - 5.15.0.1081.90~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1081.90~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1081.90~20.04.1 linux-tools-azure - 5.15.0.1081.90~20.04.1 linux-tools-azure-cvm - 5.15.0.1081.90~20.04.1 linux-tools-azure-edge - 5.15.0.1081.90~20.04.1 No subscription required linux-azure-fde - 5.15.0.1081.90~20.04.1.57 linux-azure-fde-edge - 5.15.0.1081.90~20.04.1.57 linux-cloud-tools-azure-fde - 5.15.0.1081.90~20.04.1.57 linux-cloud-tools-azure-fde-edge - 5.15.0.1081.90~20.04.1.57 linux-headers-azure-fde - 5.15.0.1081.90~20.04.1.57 linux-headers-azure-fde-edge - 5.15.0.1081.90~20.04.1.57 linux-image-azure-fde - 5.15.0.1081.90~20.04.1.57 linux-image-azure-fde-edge - 5.15.0.1081.90~20.04.1.57 linux-modules-extra-azure-fde - 5.15.0.1081.90~20.04.1.57 linux-modules-extra-azure-fde-edge - 5.15.0.1081.90~20.04.1.57 linux-tools-azure-fde - 5.15.0.1081.90~20.04.1.57 linux-tools-azure-fde-edge - 5.15.0.1081.90~20.04.1.57 No subscription required High CVE-2023-52913 CVE-2024-26718 CVE-2024-35887 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-50010 CVE-2024-50036 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53097 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - Network drivers; - STMicroelectronics network drivers; - Parport drivers; - Pin controllers subsystem; - Direct Digital Synthesis drivers; - TCM subsystem; - TTY drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - BTRFS file system; - File systems infrastructure; - Network file system (NFS) client; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - User-space API (UAPI); - io_uring subsystem; - BPF subsystem; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Networking core; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - XFRM subsystem; - Key management; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - KVM core; (CVE-2024-50082, CVE-2024-50134, CVE-2024-50142, CVE-2023-52913, CVE-2024-50205, CVE-2024-50127, CVE-2024-50208, CVE-2024-50143, CVE-2024-50163, CVE-2024-53059, CVE-2024-50282, CVE-2024-50279, CVE-2024-50296, CVE-2024-50295, CVE-2024-50010, CVE-2024-53088, CVE-2024-50128, CVE-2024-50290, CVE-2024-50099, CVE-2024-50234, CVE-2024-50154, CVE-2024-53052, CVE-2024-50116, CVE-2024-50168, CVE-2024-50086, CVE-2024-50267, CVE-2024-50156, CVE-2024-50110, CVE-2024-50103, CVE-2024-50192, CVE-2024-40953, CVE-2024-50085, CVE-2024-50247, CVE-2024-50257, CVE-2024-50237, CVE-2024-50185, CVE-2024-50198, CVE-2024-50229, CVE-2024-50171, CVE-2024-50259, CVE-2024-50209, CVE-2024-50233, CVE-2024-35887, CVE-2024-50251, CVE-2024-50141, CVE-2024-53061, CVE-2024-50232, CVE-2024-50167, CVE-2024-50201, CVE-2024-50193, CVE-2024-50269, CVE-2024-39497, CVE-2024-50036, CVE-2024-50299, CVE-2024-50072, CVE-2024-53101, CVE-2024-50262, CVE-2024-50194, CVE-2024-50202, CVE-2024-50101, CVE-2024-50151, CVE-2024-41080, CVE-2024-42291, CVE-2024-50245, CVE-2024-50278, CVE-2024-50195, CVE-2024-50265, CVE-2024-50074, CVE-2024-53063, CVE-2024-50131, CVE-2024-53058, CVE-2024-50160, CVE-2024-50287, CVE-2024-40965, CVE-2024-50273, CVE-2024-50268, CVE-2024-50302, CVE-2024-50218, CVE-2024-50199, CVE-2024-50196, CVE-2024-50083, CVE-2024-50244, CVE-2024-50117, CVE-2024-50058, CVE-2024-53055, CVE-2024-50182, CVE-2024-53097, CVE-2024-50236, CVE-2024-50162, CVE-2024-50301, CVE-2024-50249, CVE-2024-50292, CVE-2024-50150, CVE-2024-50153, CVE-2024-50115, CVE-2024-26718, CVE-2024-53104, CVE-2024-42252, CVE-2024-53066, CVE-2024-50148, CVE-2024-53042, CVE-2024-50230, CVE-2024-41066) Update Instructions: Run `sudo pro fix USN-7289-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-cloud-tools-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-headers-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-image-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-image-unsigned-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-intel-iotg-5.15-cloud-tools-5.15.0-1073 - 5.15.0-1073.79~20.04.2 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1073.79~20.04.2 linux-intel-iotg-5.15-headers-5.15.0-1073 - 5.15.0-1073.79~20.04.2 linux-intel-iotg-5.15-tools-5.15.0-1073 - 5.15.0-1073.79~20.04.2 linux-intel-iotg-5.15-tools-common - 5.15.0-1073.79~20.04.2 linux-intel-iotg-5.15-tools-host - 5.15.0-1073.79~20.04.2 linux-modules-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-modules-extra-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-modules-iwlwifi-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 linux-tools-5.15.0-1073-intel-iotg - 5.15.0-1073.79~20.04.2 No subscription required linux-cloud-tools-intel - 5.15.0.1073.79~20.04.2 linux-headers-intel - 5.15.0.1073.79~20.04.2 linux-headers-intel-iotg - 5.15.0.1073.79~20.04.2 linux-headers-intel-iotg-edge - 5.15.0.1073.79~20.04.2 linux-image-intel - 5.15.0.1073.79~20.04.2 linux-image-intel-iotg - 5.15.0.1073.79~20.04.2 linux-image-intel-iotg-edge - 5.15.0.1073.79~20.04.2 linux-intel - 5.15.0.1073.79~20.04.2 linux-intel-iotg - 5.15.0.1073.79~20.04.2 linux-intel-iotg-edge - 5.15.0.1073.79~20.04.2 linux-tools-intel - 5.15.0.1073.79~20.04.2 linux-tools-intel-iotg - 5.15.0.1073.79~20.04.2 linux-tools-intel-iotg-edge - 5.15.0.1073.79~20.04.2 No subscription required High CVE-2023-52913 CVE-2024-26718 CVE-2024-35887 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-50010 CVE-2024-50036 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53097 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS It was discovered that Rails did not correctly handle parsing block formats in email service layers. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-47889) It was discovered that Rails did not correctly handle parsing block quotes in rich text content. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-47888) It was discovered that Rails did not correctly handle parsing HTTP token authentication headers. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-47887) It was discovered that Rails did not correctly handle parsing query parameters in web requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-41128) Update Instructions: Run `sudo pro fix USN-7290-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rails - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-actioncable - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-actionmailer - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-actionpack - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-actionview - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-activejob - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-activemodel - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-activerecord - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-activestorage - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-activesupport - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-rails - 2:5.2.3+dfsg-3ubuntu0.1~esm1 ruby-railties - 2:5.2.3+dfsg-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-41128 CVE-2024-47887 CVE-2024-47888 CVE-2024-47889 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - Network drivers; - STMicroelectronics network drivers; - Parport drivers; - Pin controllers subsystem; - Direct Digital Synthesis drivers; - TCM subsystem; - TTY drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - BTRFS file system; - File systems infrastructure; - Network file system (NFS) client; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - User-space API (UAPI); - io_uring subsystem; - BPF subsystem; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Networking core; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - XFRM subsystem; - Key management; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - KVM core; (CVE-2024-50083, CVE-2024-50134, CVE-2024-53063, CVE-2024-50131, CVE-2024-53104, CVE-2024-50182, CVE-2024-50279, CVE-2024-50185, CVE-2024-42252, CVE-2024-50247, CVE-2024-50128, CVE-2024-53088, CVE-2024-50082, CVE-2024-50160, CVE-2024-50103, CVE-2024-50259, CVE-2024-35887, CVE-2024-50251, CVE-2024-50150, CVE-2024-53066, CVE-2024-50262, CVE-2024-41066, CVE-2024-50086, CVE-2024-42291, CVE-2024-53061, CVE-2024-50245, CVE-2024-41080, CVE-2024-50244, CVE-2024-50198, CVE-2024-50282, CVE-2024-50074, CVE-2024-50195, CVE-2024-50010, CVE-2024-50202, CVE-2024-50295, CVE-2024-50162, CVE-2024-50273, CVE-2024-50233, CVE-2024-50302, CVE-2024-50201, CVE-2024-50278, CVE-2024-50036, CVE-2024-50296, CVE-2024-53058, CVE-2024-50116, CVE-2024-50163, CVE-2024-50292, CVE-2024-53097, CVE-2024-50196, CVE-2024-50058, CVE-2024-53042, CVE-2024-53059, CVE-2024-50110, CVE-2024-50151, CVE-2024-26718, CVE-2024-50099, CVE-2024-50115, CVE-2024-50171, CVE-2024-50237, CVE-2024-50154, CVE-2024-50199, CVE-2024-50192, CVE-2024-50167, CVE-2024-50127, CVE-2024-50142, CVE-2024-50229, CVE-2024-50269, CVE-2024-53055, CVE-2024-40965, CVE-2024-50265, CVE-2024-50143, CVE-2024-40953, CVE-2024-50117, CVE-2024-50156, CVE-2024-50193, CVE-2024-50072, CVE-2024-50230, CVE-2024-50287, CVE-2024-50148, CVE-2024-50208, CVE-2024-50267, CVE-2024-50290, CVE-2024-50085, CVE-2024-50168, CVE-2024-50205, CVE-2024-50232, CVE-2024-50153, CVE-2024-39497, CVE-2024-50194, CVE-2024-50101, CVE-2024-50257, CVE-2024-50249, CVE-2024-50299, CVE-2024-50234, CVE-2024-50209, CVE-2024-50141, CVE-2023-52913, CVE-2024-50301, CVE-2024-50236, CVE-2024-53052, CVE-2024-53101, CVE-2024-50268, CVE-2024-50218) Update Instructions: Run `sudo pro fix USN-7291-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-gcp-5.15-headers-5.15.0-1077 - 5.15.0-1077.86~20.04.1 linux-gcp-5.15-tools-5.15.0-1077 - 5.15.0-1077.86~20.04.1 linux-headers-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-image-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-image-unsigned-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-modules-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-modules-extra-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-modules-iwlwifi-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 linux-tools-5.15.0-1077-gcp - 5.15.0-1077.86~20.04.1 No subscription required linux-gcp - 5.15.0.1077.86~20.04.1 linux-gcp-edge - 5.15.0.1077.86~20.04.1 linux-headers-gcp - 5.15.0.1077.86~20.04.1 linux-headers-gcp-edge - 5.15.0.1077.86~20.04.1 linux-image-gcp - 5.15.0.1077.86~20.04.1 linux-image-gcp-edge - 5.15.0.1077.86~20.04.1 linux-modules-extra-gcp - 5.15.0.1077.86~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1077.86~20.04.1 linux-tools-gcp - 5.15.0.1077.86~20.04.1 linux-tools-gcp-edge - 5.15.0.1077.86~20.04.1 No subscription required High CVE-2023-52913 CVE-2024-26718 CVE-2024-35887 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-50010 CVE-2024-50036 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53097 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS Manfred Kaiser discovered that Dropbear through 2020.81 does not properly check the available authentication methods in the client-side SSH code. An attacker could use this vulnerability to gain unauthorized access to remote systems. (CVE-2021-36369) Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that the SSH transport protocol implementation in Dropbear had weak integrity checks. An attacker could use this vulnerability to bypass security features like encryption and integrity checks. (CVE-2023-48795) Update Instructions: Run `sudo pro fix USN-7292-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dropbear - 2019.78-2ubuntu0.1~esm1 dropbear-bin - 2019.78-2ubuntu0.1~esm1 dropbear-initramfs - 2019.78-2ubuntu0.1~esm1 dropbear-run - 2019.78-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-36369 CVE-2023-48795 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Mailbox framework; - Multiple devices driver; - Media drivers; - Network drivers; - NTB driver; - Virtio pmem driver; - Parport drivers; - PCI subsystem; - SPI subsystem; - Direct Digital Synthesis drivers; - USB Device Class drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - Framebuffer layer; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Arbitrary resource management; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - Wireless networking; - XFRM subsystem; - Key management; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - KVM core; (CVE-2024-50184, CVE-2024-47706, CVE-2024-49962, CVE-2024-35887, CVE-2024-53101, CVE-2024-50199, CVE-2024-47709, CVE-2024-50074, CVE-2024-41066, CVE-2024-42252, CVE-2024-43863, CVE-2024-47685, CVE-2024-47756, CVE-2024-50282, CVE-2024-50143, CVE-2024-50116, CVE-2024-47699, CVE-2024-47698, CVE-2024-50301, CVE-2024-47723, CVE-2024-50296, CVE-2024-50007, CVE-2024-49952, CVE-2024-50233, CVE-2023-52458, CVE-2024-53063, CVE-2024-49975, CVE-2024-50099, CVE-2024-47742, CVE-2024-50033, CVE-2024-50218, CVE-2024-50096, CVE-2024-49981, CVE-2024-40911, CVE-2024-47697, CVE-2024-49894, CVE-2024-49955, CVE-2024-53104, CVE-2024-49963, CVE-2024-49883, CVE-2024-47710, CVE-2024-49959, CVE-2024-49948, CVE-2024-50302, CVE-2024-49867, CVE-2024-50234, CVE-2024-49902, CVE-2024-50006, CVE-2024-47672, CVE-2024-50202, CVE-2024-49851, CVE-2024-35896, CVE-2024-50150, CVE-2024-53061, CVE-2024-46854, CVE-2024-50279, CVE-2024-50278, CVE-2024-50180, CVE-2024-50148, CVE-2024-50194, CVE-2024-50008, CVE-2024-47740, CVE-2024-49938, CVE-2024-46853, CVE-2024-50134, CVE-2024-44931, CVE-2024-46849, CVE-2024-49973, CVE-2024-50142, CVE-2024-49879, CVE-2024-50269, CVE-2024-50230, CVE-2024-49896, CVE-2024-49985, CVE-2024-50151, CVE-2024-40965, CVE-2024-50251, CVE-2024-49995, CVE-2024-47713, CVE-2023-52917, CVE-2024-50205, CVE-2024-49900, CVE-2024-49877, CVE-2024-47679, CVE-2024-50040, CVE-2024-47701, CVE-2024-50168, CVE-2024-49882, CVE-2024-50059, CVE-2024-49958, CVE-2024-50171, CVE-2021-47469, CVE-2024-50024, CVE-2024-47749, CVE-2024-50236, CVE-2024-50127, CVE-2024-50290, CVE-2024-47692, CVE-2024-50167, CVE-2024-49944, CVE-2024-50262, CVE-2024-47674, CVE-2024-49957, CVE-2024-50237, CVE-2024-47712, CVE-2024-49949, CVE-2024-40953, CVE-2024-50267, CVE-2024-53059, CVE-2024-49966, CVE-2024-47737, CVE-2024-49868, CVE-2024-50179, CVE-2024-50035, CVE-2024-49997, CVE-2024-50044, CVE-2024-49903, CVE-2024-46731, CVE-2024-49965, CVE-2024-50287, CVE-2024-50265, CVE-2024-47696, CVE-2024-47670, CVE-2024-47684, CVE-2024-41016, CVE-2024-49878, CVE-2024-49924, CVE-2024-50082, CVE-2024-50273, CVE-2024-38544, CVE-2024-47747, CVE-2024-50299, CVE-2024-50195, CVE-2024-50131, CVE-2024-50039, CVE-2024-49982, CVE-2024-49892, CVE-2024-50229, CVE-2024-50117, CVE-2024-49860, CVE-2024-47757, CVE-2024-53066, CVE-2024-47671, CVE-2024-50045) Update Instructions: Run `sudo pro fix USN-7293-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-208-generic - 5.4.0-208.228 linux-buildinfo-5.4.0-208-generic-lpae - 5.4.0-208.228 linux-buildinfo-5.4.0-208-lowlatency - 5.4.0-208.228 linux-cloud-tools-5.4.0-208 - 5.4.0-208.228 linux-cloud-tools-5.4.0-208-generic - 5.4.0-208.228 linux-cloud-tools-5.4.0-208-lowlatency - 5.4.0-208.228 linux-cloud-tools-common - 5.4.0-208.228 linux-doc - 5.4.0-208.228 linux-headers-5.4.0-208 - 5.4.0-208.228 linux-headers-5.4.0-208-generic - 5.4.0-208.228 linux-headers-5.4.0-208-generic-lpae - 5.4.0-208.228 linux-headers-5.4.0-208-lowlatency - 5.4.0-208.228 linux-image-5.4.0-208-generic - 5.4.0-208.228 linux-image-5.4.0-208-generic-lpae - 5.4.0-208.228 linux-image-5.4.0-208-lowlatency - 5.4.0-208.228 linux-image-unsigned-5.4.0-208-generic - 5.4.0-208.228 linux-image-unsigned-5.4.0-208-lowlatency - 5.4.0-208.228 linux-libc-dev - 5.4.0-208.228 linux-modules-5.4.0-208-generic - 5.4.0-208.228 linux-modules-5.4.0-208-generic-lpae - 5.4.0-208.228 linux-modules-5.4.0-208-lowlatency - 5.4.0-208.228 linux-modules-extra-5.4.0-208-generic - 5.4.0-208.228 linux-source-5.4.0 - 5.4.0-208.228 linux-tools-5.4.0-208 - 5.4.0-208.228 linux-tools-5.4.0-208-generic - 5.4.0-208.228 linux-tools-5.4.0-208-generic-lpae - 5.4.0-208.228 linux-tools-5.4.0-208-lowlatency - 5.4.0-208.228 linux-tools-common - 5.4.0-208.228 linux-tools-host - 5.4.0-208.228 No subscription required linux-cloud-tools-generic - 5.4.0.208.204 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.208.204 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.208.204 linux-cloud-tools-lowlatency - 5.4.0.208.204 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.208.204 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.208.204 linux-cloud-tools-virtual - 5.4.0.208.204 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.208.204 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.208.204 linux-crashdump - 5.4.0.208.204 linux-generic - 5.4.0.208.204 linux-generic-hwe-18.04 - 5.4.0.208.204 linux-generic-hwe-18.04-edge - 5.4.0.208.204 linux-generic-lpae - 5.4.0.208.204 linux-generic-lpae-hwe-18.04 - 5.4.0.208.204 linux-generic-lpae-hwe-18.04-edge - 5.4.0.208.204 linux-headers-generic - 5.4.0.208.204 linux-headers-generic-hwe-18.04 - 5.4.0.208.204 linux-headers-generic-hwe-18.04-edge - 5.4.0.208.204 linux-headers-generic-lpae - 5.4.0.208.204 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.208.204 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.208.204 linux-headers-lowlatency - 5.4.0.208.204 linux-headers-lowlatency-hwe-18.04 - 5.4.0.208.204 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.208.204 linux-headers-oem - 5.4.0.208.204 linux-headers-oem-osp1 - 5.4.0.208.204 linux-headers-virtual - 5.4.0.208.204 linux-headers-virtual-hwe-18.04 - 5.4.0.208.204 linux-headers-virtual-hwe-18.04-edge - 5.4.0.208.204 linux-image-extra-virtual - 5.4.0.208.204 linux-image-extra-virtual-hwe-18.04 - 5.4.0.208.204 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.208.204 linux-image-generic - 5.4.0.208.204 linux-image-generic-hwe-18.04 - 5.4.0.208.204 linux-image-generic-hwe-18.04-edge - 5.4.0.208.204 linux-image-generic-lpae - 5.4.0.208.204 linux-image-generic-lpae-hwe-18.04 - 5.4.0.208.204 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.208.204 linux-image-lowlatency - 5.4.0.208.204 linux-image-lowlatency-hwe-18.04 - 5.4.0.208.204 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.208.204 linux-image-oem - 5.4.0.208.204 linux-image-oem-osp1 - 5.4.0.208.204 linux-image-virtual - 5.4.0.208.204 linux-image-virtual-hwe-18.04 - 5.4.0.208.204 linux-image-virtual-hwe-18.04-edge - 5.4.0.208.204 linux-lowlatency - 5.4.0.208.204 linux-lowlatency-hwe-18.04 - 5.4.0.208.204 linux-lowlatency-hwe-18.04-edge - 5.4.0.208.204 linux-oem - 5.4.0.208.204 linux-oem-osp1 - 5.4.0.208.204 linux-oem-osp1-tools-host - 5.4.0.208.204 linux-oem-tools-host - 5.4.0.208.204 linux-source - 5.4.0.208.204 linux-tools-generic - 5.4.0.208.204 linux-tools-generic-hwe-18.04 - 5.4.0.208.204 linux-tools-generic-hwe-18.04-edge - 5.4.0.208.204 linux-tools-generic-lpae - 5.4.0.208.204 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.208.204 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.208.204 linux-tools-lowlatency - 5.4.0.208.204 linux-tools-lowlatency-hwe-18.04 - 5.4.0.208.204 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.208.204 linux-tools-oem - 5.4.0.208.204 linux-tools-oem-osp1 - 5.4.0.208.204 linux-tools-virtual - 5.4.0.208.204 linux-tools-virtual-hwe-18.04 - 5.4.0.208.204 linux-tools-virtual-hwe-18.04-edge - 5.4.0.208.204 linux-virtual - 5.4.0.208.204 linux-virtual-hwe-18.04 - 5.4.0.208.204 linux-virtual-hwe-18.04-edge - 5.4.0.208.204 No subscription required High CVE-2021-47469 CVE-2023-52458 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43863 CVE-2024-44931 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 CVE-2025-0927 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Mailbox framework; - Multiple devices driver; - Media drivers; - Network drivers; - NTB driver; - Virtio pmem driver; - Parport drivers; - PCI subsystem; - SPI subsystem; - Direct Digital Synthesis drivers; - USB Device Class drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - Framebuffer layer; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Arbitrary resource management; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - Wireless networking; - XFRM subsystem; - Key management; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - KVM core; (CVE-2024-40953, CVE-2024-50008, CVE-2024-40911, CVE-2024-47685, CVE-2024-49957, CVE-2024-38544, CVE-2024-49860, CVE-2024-46854, CVE-2024-49882, CVE-2024-44931, CVE-2024-47696, CVE-2021-47469, CVE-2024-41066, CVE-2024-46849, CVE-2024-47671, CVE-2024-49975, CVE-2024-49958, CVE-2024-50006, CVE-2024-50287, CVE-2024-50099, CVE-2024-50035, CVE-2024-46731, CVE-2024-49878, CVE-2024-50045, CVE-2023-52917, CVE-2024-47712, CVE-2024-49883, CVE-2024-50040, CVE-2024-50234, CVE-2024-50184, CVE-2024-50279, CVE-2024-49948, CVE-2024-50044, CVE-2024-50230, CVE-2024-47710, CVE-2024-50233, CVE-2024-49900, CVE-2024-49938, CVE-2024-50236, CVE-2024-47737, CVE-2024-47670, CVE-2024-41016, CVE-2024-50150, CVE-2024-50301, CVE-2024-50116, CVE-2024-47706, CVE-2024-40965, CVE-2024-50205, CVE-2024-49963, CVE-2024-47756, CVE-2024-53066, CVE-2024-49879, CVE-2024-53059, CVE-2024-50229, CVE-2024-50131, CVE-2024-53104, CVE-2024-50167, CVE-2024-47723, CVE-2024-47709, CVE-2024-42252, CVE-2024-50267, CVE-2024-50218, CVE-2024-47698, CVE-2024-50039, CVE-2024-47701, CVE-2024-50202, CVE-2024-50262, CVE-2024-50194, CVE-2024-46853, CVE-2024-47699, CVE-2024-47697, CVE-2024-50117, CVE-2024-49982, CVE-2024-47742, CVE-2024-50127, CVE-2024-50142, CVE-2024-49955, CVE-2024-47747, CVE-2024-49981, CVE-2024-47679, CVE-2024-50237, CVE-2024-43863, CVE-2024-47672, CVE-2024-50273, CVE-2024-49903, CVE-2024-50180, CVE-2024-50148, CVE-2024-50059, CVE-2024-50299, CVE-2024-47740, CVE-2024-47749, CVE-2024-49892, CVE-2024-50074, CVE-2024-49973, CVE-2024-50296, CVE-2024-49962, CVE-2024-50024, CVE-2024-49924, CVE-2024-49877, CVE-2024-49959, CVE-2024-49997, CVE-2024-50168, CVE-2024-47757, CVE-2024-49902, CVE-2024-49868, CVE-2023-52458, CVE-2024-47692, CVE-2024-49894, CVE-2024-50096, CVE-2024-47684, CVE-2024-50143, CVE-2024-35896, CVE-2024-47713, CVE-2024-50151, CVE-2024-50082, CVE-2024-50171, CVE-2024-53063, CVE-2024-50007, CVE-2024-49985, CVE-2024-49944, CVE-2024-50302, CVE-2024-49949, CVE-2024-50033, CVE-2024-49952, CVE-2024-49995, CVE-2024-50278, CVE-2024-53061, CVE-2024-50195, CVE-2024-49966, CVE-2024-50265, CVE-2024-50282, CVE-2024-35887, CVE-2024-49896, CVE-2024-50290, CVE-2024-53101, CVE-2024-49867, CVE-2024-50199, CVE-2024-49965, CVE-2024-50179, CVE-2024-47674, CVE-2024-50134, CVE-2024-50269, CVE-2024-49851, CVE-2024-50251) Update Instructions: Run `sudo pro fix USN-7294-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1099 - 5.4.0-1099.106 linux-bluefield-tools-5.4.0-1099 - 5.4.0-1099.106 linux-buildinfo-5.4.0-1099-bluefield - 5.4.0-1099.106 linux-headers-5.4.0-1099-bluefield - 5.4.0-1099.106 linux-image-5.4.0-1099-bluefield - 5.4.0-1099.106 linux-image-unsigned-5.4.0-1099-bluefield - 5.4.0-1099.106 linux-modules-5.4.0-1099-bluefield - 5.4.0-1099.106 linux-tools-5.4.0-1099-bluefield - 5.4.0-1099.106 No subscription required linux-buildinfo-5.4.0-1143-gcp - 5.4.0-1143.152 linux-gcp-headers-5.4.0-1143 - 5.4.0-1143.152 linux-gcp-tools-5.4.0-1143 - 5.4.0-1143.152 linux-headers-5.4.0-1143-gcp - 5.4.0-1143.152 linux-image-5.4.0-1143-gcp - 5.4.0-1143.152 linux-image-unsigned-5.4.0-1143-gcp - 5.4.0-1143.152 linux-modules-5.4.0-1143-gcp - 5.4.0-1143.152 linux-modules-extra-5.4.0-1143-gcp - 5.4.0-1143.152 linux-tools-5.4.0-1143-gcp - 5.4.0-1143.152 No subscription required linux-azure-cloud-tools-5.4.0-1145 - 5.4.0-1145.152 linux-azure-headers-5.4.0-1145 - 5.4.0-1145.152 linux-azure-tools-5.4.0-1145 - 5.4.0-1145.152 linux-buildinfo-5.4.0-1145-azure - 5.4.0-1145.152 linux-cloud-tools-5.4.0-1145-azure - 5.4.0-1145.152 linux-headers-5.4.0-1145-azure - 5.4.0-1145.152 linux-image-5.4.0-1145-azure - 5.4.0-1145.152 linux-image-unsigned-5.4.0-1145-azure - 5.4.0-1145.152 linux-modules-5.4.0-1145-azure - 5.4.0-1145.152 linux-modules-extra-5.4.0-1145-azure - 5.4.0-1145.152 linux-tools-5.4.0-1145-azure - 5.4.0-1145.152 No subscription required linux-bluefield - 5.4.0.1099.95 linux-headers-bluefield - 5.4.0.1099.95 linux-image-bluefield - 5.4.0.1099.95 linux-tools-bluefield - 5.4.0.1099.95 No subscription required linux-gcp-lts-20.04 - 5.4.0.1143.145 linux-headers-gcp-lts-20.04 - 5.4.0.1143.145 linux-image-gcp-lts-20.04 - 5.4.0.1143.145 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1143.145 linux-tools-gcp-lts-20.04 - 5.4.0.1143.145 No subscription required linux-azure-lts-20.04 - 5.4.0.1145.139 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1145.139 linux-headers-azure-lts-20.04 - 5.4.0.1145.139 linux-image-azure-lts-20.04 - 5.4.0.1145.139 linux-modules-extra-azure-lts-20.04 - 5.4.0.1145.139 linux-tools-azure-lts-20.04 - 5.4.0.1145.139 No subscription required High CVE-2021-47469 CVE-2023-52458 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43863 CVE-2024-44931 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Mailbox framework; - Multiple devices driver; - Media drivers; - Network drivers; - NTB driver; - Virtio pmem driver; - Parport drivers; - PCI subsystem; - SPI subsystem; - Direct Digital Synthesis drivers; - USB Device Class drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - Framebuffer layer; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Arbitrary resource management; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - Wireless networking; - XFRM subsystem; - Key management; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - KVM core; (CVE-2024-53063, CVE-2024-50236, CVE-2024-47699, CVE-2024-50044, CVE-2024-49877, CVE-2024-47692, CVE-2024-50116, CVE-2024-47679, CVE-2024-50134, CVE-2024-50045, CVE-2024-50301, CVE-2024-40965, CVE-2024-47684, CVE-2024-49944, CVE-2024-43863, CVE-2024-50059, CVE-2024-50007, CVE-2024-49973, CVE-2024-50251, CVE-2024-47674, CVE-2024-49982, CVE-2024-50143, CVE-2024-49883, CVE-2024-49851, CVE-2024-44931, CVE-2024-49949, CVE-2024-47747, CVE-2024-46853, CVE-2024-50233, CVE-2024-49924, CVE-2024-50033, CVE-2024-50024, CVE-2024-49995, CVE-2024-47737, CVE-2024-50194, CVE-2024-47712, CVE-2024-50273, CVE-2024-50229, CVE-2024-49896, CVE-2024-50199, CVE-2024-50202, CVE-2024-49868, CVE-2024-50035, CVE-2024-50184, CVE-2024-49882, CVE-2024-49962, CVE-2024-50299, CVE-2024-35887, CVE-2024-50287, CVE-2024-50265, CVE-2024-50148, CVE-2024-47757, CVE-2024-47742, CVE-2024-49902, CVE-2024-50302, CVE-2024-50096, CVE-2024-49952, CVE-2024-50099, CVE-2024-49963, CVE-2024-49900, CVE-2024-46731, CVE-2024-50131, CVE-2024-47723, CVE-2024-50237, CVE-2024-50269, CVE-2024-50142, CVE-2024-49867, CVE-2024-49985, CVE-2024-47670, CVE-2024-50008, CVE-2024-49938, CVE-2024-49878, CVE-2024-49955, CVE-2024-53104, CVE-2024-49894, CVE-2024-50039, CVE-2024-50279, CVE-2024-50006, CVE-2024-40953, CVE-2024-50180, CVE-2024-49860, CVE-2024-50117, CVE-2024-47701, CVE-2024-47698, CVE-2024-50171, CVE-2024-50151, CVE-2024-50082, CVE-2024-50290, CVE-2024-49975, CVE-2024-49903, CVE-2024-38544, CVE-2024-50218, CVE-2024-49948, CVE-2024-50282, CVE-2024-49965, CVE-2024-49959, CVE-2024-42252, CVE-2024-47749, CVE-2024-47756, CVE-2024-47672, CVE-2024-50127, CVE-2024-46854, CVE-2024-50230, CVE-2024-41066, CVE-2024-49957, CVE-2024-47713, CVE-2023-52458, CVE-2024-50167, CVE-2024-49997, CVE-2024-47685, CVE-2024-49879, CVE-2024-53059, CVE-2024-53101, CVE-2024-49958, CVE-2024-47710, CVE-2024-47706, CVE-2024-50074, CVE-2024-50296, CVE-2024-49892, CVE-2024-46849, CVE-2024-50205, CVE-2024-50168, CVE-2024-50267, CVE-2024-50262, CVE-2024-47709, CVE-2024-50195, CVE-2024-35896, CVE-2024-47696, CVE-2024-47740, CVE-2024-40911, CVE-2024-49966, CVE-2021-47469, CVE-2024-49981, CVE-2024-50234, CVE-2024-50179, CVE-2024-47697, CVE-2024-50150, CVE-2023-52917, CVE-2024-50040, CVE-2024-53061, CVE-2024-50278, CVE-2024-47671, CVE-2024-53066, CVE-2024-41016) Update Instructions: Run `sudo pro fix USN-7294-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1138-oracle - 5.4.0-1138.147 linux-headers-5.4.0-1138-oracle - 5.4.0-1138.147 linux-image-5.4.0-1138-oracle - 5.4.0-1138.147 linux-image-unsigned-5.4.0-1138-oracle - 5.4.0-1138.147 linux-modules-5.4.0-1138-oracle - 5.4.0-1138.147 linux-modules-extra-5.4.0-1138-oracle - 5.4.0-1138.147 linux-oracle-headers-5.4.0-1138 - 5.4.0-1138.147 linux-oracle-tools-5.4.0-1138 - 5.4.0-1138.147 linux-tools-5.4.0-1138-oracle - 5.4.0-1138.147 No subscription required linux-aws-cloud-tools-5.4.0-1140 - 5.4.0-1140.150 linux-aws-headers-5.4.0-1140 - 5.4.0-1140.150 linux-aws-tools-5.4.0-1140 - 5.4.0-1140.150 linux-buildinfo-5.4.0-1140-aws - 5.4.0-1140.150 linux-cloud-tools-5.4.0-1140-aws - 5.4.0-1140.150 linux-headers-5.4.0-1140-aws - 5.4.0-1140.150 linux-image-5.4.0-1140-aws - 5.4.0-1140.150 linux-image-unsigned-5.4.0-1140-aws - 5.4.0-1140.150 linux-modules-5.4.0-1140-aws - 5.4.0-1140.150 linux-modules-extra-5.4.0-1140-aws - 5.4.0-1140.150 linux-tools-5.4.0-1140-aws - 5.4.0-1140.150 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1138.131 linux-image-oracle-lts-20.04 - 5.4.0.1138.131 linux-oracle-lts-20.04 - 5.4.0.1138.131 linux-tools-oracle-lts-20.04 - 5.4.0.1138.131 No subscription required linux-aws-lts-20.04 - 5.4.0.1140.137 linux-headers-aws-lts-20.04 - 5.4.0.1140.137 linux-image-aws-lts-20.04 - 5.4.0.1140.137 linux-modules-extra-aws-lts-20.04 - 5.4.0.1140.137 linux-tools-aws-lts-20.04 - 5.4.0.1140.137 No subscription required High CVE-2021-47469 CVE-2023-52458 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43863 CVE-2024-44931 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Mailbox framework; - Multiple devices driver; - Media drivers; - Network drivers; - NTB driver; - Virtio pmem driver; - Parport drivers; - PCI subsystem; - SPI subsystem; - Direct Digital Synthesis drivers; - USB Device Class drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - Framebuffer layer; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Arbitrary resource management; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - Wireless networking; - XFRM subsystem; - Key management; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - KVM core; (CVE-2024-47698, CVE-2024-49868, CVE-2024-50006, CVE-2024-40965, CVE-2024-50233, CVE-2024-47671, CVE-2024-49944, CVE-2024-47684, CVE-2024-50134, CVE-2024-50279, CVE-2024-50302, CVE-2024-40953, CVE-2024-50234, CVE-2024-41066, CVE-2024-50040, CVE-2024-47701, CVE-2024-50033, CVE-2024-50007, CVE-2024-50143, CVE-2024-41016, CVE-2024-53059, CVE-2024-50195, CVE-2024-50202, CVE-2024-47749, CVE-2024-47685, CVE-2024-50267, CVE-2024-49965, CVE-2024-49903, CVE-2024-49883, CVE-2024-50035, CVE-2024-46849, CVE-2024-53061, CVE-2024-50151, CVE-2024-49995, CVE-2024-49867, CVE-2024-49962, CVE-2024-50218, CVE-2024-50039, CVE-2024-50148, CVE-2024-49900, CVE-2024-50287, CVE-2024-50150, CVE-2024-49879, CVE-2024-47757, CVE-2024-49997, CVE-2024-50045, CVE-2024-47742, CVE-2024-47679, CVE-2024-53063, CVE-2024-49878, CVE-2024-49860, CVE-2024-35896, CVE-2024-40911, CVE-2024-42252, CVE-2024-47723, CVE-2024-47674, CVE-2024-47737, CVE-2024-50282, CVE-2024-44931, CVE-2024-49938, CVE-2024-49963, CVE-2024-50290, CVE-2024-49958, CVE-2021-47469, CVE-2024-47670, CVE-2024-50116, CVE-2024-50262, CVE-2024-50082, CVE-2023-52917, CVE-2024-50117, CVE-2024-50131, CVE-2024-47699, CVE-2024-49896, CVE-2024-49957, CVE-2024-49952, CVE-2024-50273, CVE-2024-50171, CVE-2024-50237, CVE-2024-49955, CVE-2024-50230, CVE-2024-50194, CVE-2024-50278, CVE-2024-50127, CVE-2024-53066, CVE-2024-38544, CVE-2024-49902, CVE-2024-49892, CVE-2024-46854, CVE-2024-49966, CVE-2024-50167, CVE-2024-47697, CVE-2024-49985, CVE-2024-47696, CVE-2024-50024, CVE-2024-50251, CVE-2024-47740, CVE-2024-49882, CVE-2024-49851, CVE-2024-50059, CVE-2024-49973, CVE-2024-35887, CVE-2024-50296, CVE-2024-47706, CVE-2024-50044, CVE-2024-47712, CVE-2024-50301, CVE-2024-47709, CVE-2024-49975, CVE-2024-49877, CVE-2024-47710, CVE-2024-50269, CVE-2024-46731, CVE-2024-50099, CVE-2024-50184, CVE-2024-50299, CVE-2024-50008, CVE-2024-50265, CVE-2024-49948, CVE-2024-50229, CVE-2024-50168, CVE-2024-49894, CVE-2024-47692, CVE-2024-50074, CVE-2024-47713, CVE-2024-49924, CVE-2024-53104, CVE-2024-50205, CVE-2024-47672, CVE-2024-50096, CVE-2024-47747, CVE-2024-50199, CVE-2023-52458, CVE-2024-49959, CVE-2024-50236, CVE-2024-53101, CVE-2024-43863, CVE-2024-46853, CVE-2024-50179, CVE-2024-49981, CVE-2024-47756, CVE-2024-49949, CVE-2024-50142, CVE-2024-49982, CVE-2024-50180) Update Instructions: Run `sudo pro fix USN-7294-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1086-ibm - 5.4.0-1086.91 linux-headers-5.4.0-1086-ibm - 5.4.0-1086.91 linux-ibm-cloud-tools-common - 5.4.0-1086.91 linux-ibm-headers-5.4.0-1086 - 5.4.0-1086.91 linux-ibm-source-5.4.0 - 5.4.0-1086.91 linux-ibm-tools-5.4.0-1086 - 5.4.0-1086.91 linux-ibm-tools-common - 5.4.0-1086.91 linux-image-5.4.0-1086-ibm - 5.4.0-1086.91 linux-image-unsigned-5.4.0-1086-ibm - 5.4.0-1086.91 linux-modules-5.4.0-1086-ibm - 5.4.0-1086.91 linux-modules-extra-5.4.0-1086-ibm - 5.4.0-1086.91 linux-tools-5.4.0-1086-ibm - 5.4.0-1086.91 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1086.115 linux-ibm-lts-20.04 - 5.4.0.1086.115 linux-image-ibm-lts-20.04 - 5.4.0.1086.115 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1086.115 linux-tools-ibm-lts-20.04 - 5.4.0.1086.115 No subscription required High CVE-2021-47469 CVE-2023-52458 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43863 CVE-2024-44931 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Mailbox framework; - Multiple devices driver; - Media drivers; - Network drivers; - NTB driver; - Virtio pmem driver; - Parport drivers; - PCI subsystem; - SPI subsystem; - Direct Digital Synthesis drivers; - USB Device Class drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - Framebuffer layer; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Arbitrary resource management; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - Wireless networking; - XFRM subsystem; - Key management; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - KVM core; (CVE-2024-47672, CVE-2024-50273, CVE-2024-49896, CVE-2024-49962, CVE-2024-50007, CVE-2024-47706, CVE-2024-50302, CVE-2024-50299, CVE-2024-49959, CVE-2024-49973, CVE-2024-47674, CVE-2024-50143, CVE-2024-50278, CVE-2024-50184, CVE-2024-49892, CVE-2024-50044, CVE-2024-47701, CVE-2024-49860, CVE-2024-47692, CVE-2024-49948, CVE-2024-50039, CVE-2024-50006, CVE-2024-53066, CVE-2024-49944, CVE-2024-43863, CVE-2024-47756, CVE-2024-50082, CVE-2024-50237, CVE-2024-50262, CVE-2024-49900, CVE-2024-50059, CVE-2024-50194, CVE-2024-53063, CVE-2024-47697, CVE-2024-49975, CVE-2024-50033, CVE-2024-50148, CVE-2024-50116, CVE-2024-50168, CVE-2024-47747, CVE-2024-53104, CVE-2024-50218, CVE-2024-50279, CVE-2024-46853, CVE-2024-46854, CVE-2024-50127, CVE-2024-49995, CVE-2024-50282, CVE-2024-47685, CVE-2024-50296, CVE-2024-50099, CVE-2024-50199, CVE-2024-49879, CVE-2024-50287, CVE-2024-50265, CVE-2024-50269, CVE-2024-47698, CVE-2024-49868, CVE-2024-50035, CVE-2024-47709, CVE-2024-50024, CVE-2024-50301, CVE-2024-50142, CVE-2024-53059, CVE-2024-50008, CVE-2024-49997, CVE-2024-46849, CVE-2024-50290, CVE-2024-40953, CVE-2024-49985, CVE-2024-47737, CVE-2024-49883, CVE-2024-50040, CVE-2024-49958, CVE-2024-50205, CVE-2024-47723, CVE-2024-50180, CVE-2024-50229, CVE-2024-50131, CVE-2024-47713, CVE-2024-49963, CVE-2024-44931, CVE-2024-47742, CVE-2024-49903, CVE-2024-49949, CVE-2024-47684, CVE-2024-35896, CVE-2024-41016, CVE-2024-49955, CVE-2024-50134, CVE-2024-49938, CVE-2024-49877, CVE-2024-49981, CVE-2024-50234, CVE-2024-50096, CVE-2024-49952, CVE-2024-49957, CVE-2024-49982, CVE-2024-47710, CVE-2024-53061, CVE-2024-50267, CVE-2024-47712, CVE-2024-50195, CVE-2024-50236, CVE-2024-47749, CVE-2024-47757, CVE-2024-49894, CVE-2024-50179, CVE-2024-42252, CVE-2024-49851, CVE-2024-53101, CVE-2024-38544, CVE-2024-50117, CVE-2023-52917, CVE-2024-50045, CVE-2024-40911, CVE-2024-49882, CVE-2024-49867, CVE-2024-50202, CVE-2024-49878, CVE-2024-50251, CVE-2024-50151, CVE-2024-50171, CVE-2024-47740, CVE-2024-49965, CVE-2023-52458, CVE-2024-50233, CVE-2024-40965, CVE-2024-49924, CVE-2024-50167, CVE-2024-47670, CVE-2021-47469, CVE-2024-35887, CVE-2024-50074, CVE-2024-46731, CVE-2024-47671, CVE-2024-41066, CVE-2024-49966, CVE-2024-50150, CVE-2024-50230, CVE-2024-47696, CVE-2024-47699, CVE-2024-47679, CVE-2024-49902) Update Instructions: Run `sudo pro fix USN-7294-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1127-kvm - 5.4.0-1127.136 linux-headers-5.4.0-1127-kvm - 5.4.0-1127.136 linux-image-5.4.0-1127-kvm - 5.4.0-1127.136 linux-image-unsigned-5.4.0-1127-kvm - 5.4.0-1127.136 linux-kvm-headers-5.4.0-1127 - 5.4.0-1127.136 linux-kvm-tools-5.4.0-1127 - 5.4.0-1127.136 linux-modules-5.4.0-1127-kvm - 5.4.0-1127.136 linux-tools-5.4.0-1127-kvm - 5.4.0-1127.136 No subscription required linux-headers-kvm - 5.4.0.1127.123 linux-image-kvm - 5.4.0.1127.123 linux-kvm - 5.4.0.1127.123 linux-tools-kvm - 5.4.0.1127.123 No subscription required High CVE-2021-47469 CVE-2023-52458 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43863 CVE-2024-44931 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 Ubuntu 20.04 LTS Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - TPM device driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Mailbox framework; - Multiple devices driver; - Media drivers; - Network drivers; - NTB driver; - Virtio pmem driver; - Parport drivers; - PCI subsystem; - SPI subsystem; - Direct Digital Synthesis drivers; - TTY drivers; - USB Device Class drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - Framebuffer layer; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - SMB network file system; - Network traffic control; - Network sockets; - TCP network protocol; - BPF subsystem; - Perf events; - Arbitrary resource management; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - Netlink; - SCTP protocol; - TIPC protocol; - VMware vSockets driver; - Wireless networking; - XFRM subsystem; - Key management; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - KVM core; (CVE-2024-50116, CVE-2024-43863, CVE-2024-47757, CVE-2024-50236, CVE-2024-53104, CVE-2024-47701, CVE-2024-46854, CVE-2024-50024, CVE-2024-46849, CVE-2024-50035, CVE-2024-50262, CVE-2024-50184, CVE-2023-52458, CVE-2024-47696, CVE-2024-49957, CVE-2024-47692, CVE-2024-50007, CVE-2024-49867, CVE-2024-49900, CVE-2024-50167, CVE-2024-47697, CVE-2024-53164, CVE-2024-50179, CVE-2024-44931, CVE-2024-50301, CVE-2024-50218, CVE-2024-49995, CVE-2024-47742, CVE-2024-47756, CVE-2021-47469, CVE-2024-49982, CVE-2024-50229, CVE-2024-49851, CVE-2024-47685, CVE-2024-50265, CVE-2024-50195, CVE-2024-47747, CVE-2024-50273, CVE-2024-53066, CVE-2024-49924, CVE-2024-49963, CVE-2024-50287, CVE-2024-49948, CVE-2024-47674, CVE-2024-40967, CVE-2024-35887, CVE-2024-50044, CVE-2024-50099, CVE-2024-53059, CVE-2024-50171, CVE-2024-50082, CVE-2024-41066, CVE-2024-50202, CVE-2024-49868, CVE-2024-49952, CVE-2024-49965, CVE-2024-50296, CVE-2024-49903, CVE-2024-50194, CVE-2024-47712, CVE-2024-53101, CVE-2024-40953, CVE-2024-47706, CVE-2024-49958, CVE-2024-50059, CVE-2024-47713, CVE-2024-47737, CVE-2024-49902, CVE-2024-49959, CVE-2024-53103, CVE-2024-49973, CVE-2024-50045, CVE-2024-47710, CVE-2024-50131, CVE-2024-47671, CVE-2024-50205, CVE-2024-47672, CVE-2024-50234, CVE-2024-50233, CVE-2024-49860, CVE-2024-50127, CVE-2024-50168, CVE-2024-49962, CVE-2024-38544, CVE-2024-47749, CVE-2024-49949, CVE-2024-50096, CVE-2024-50033, CVE-2024-49955, CVE-2024-49938, CVE-2024-47698, CVE-2024-50230, CVE-2024-47723, CVE-2024-49877, CVE-2024-50180, CVE-2024-49879, CVE-2024-53061, CVE-2024-47679, CVE-2024-49892, CVE-2024-50299, CVE-2024-49896, CVE-2024-40911, CVE-2024-50134, CVE-2024-47740, CVE-2024-50039, CVE-2024-49985, CVE-2024-41016, CVE-2024-50269, CVE-2024-50290, CVE-2024-49882, CVE-2024-47699, CVE-2023-52917, CVE-2024-50267, CVE-2024-50151, CVE-2024-50251, CVE-2024-49966, CVE-2024-49981, CVE-2024-50008, CVE-2024-50006, CVE-2024-50117, CVE-2024-47670, CVE-2024-46853, CVE-2024-50282, CVE-2024-46731, CVE-2024-35896, CVE-2024-53141, CVE-2024-50279, CVE-2024-50040, CVE-2024-49883, CVE-2024-49878, CVE-2024-47684, CVE-2024-49997, CVE-2024-53063, CVE-2024-50302, CVE-2024-42252, CVE-2024-47709, CVE-2024-49894, CVE-2024-50142, CVE-2024-49944, CVE-2024-50278, CVE-2024-50150, CVE-2024-40965, CVE-2024-50237, CVE-2024-49975, CVE-2024-50074, CVE-2024-50143, CVE-2024-50199, CVE-2024-50148) Update Instructions: Run `sudo pro fix USN-7295-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1058-xilinx-zynqmp - 5.4.0-1058.62 linux-headers-5.4.0-1058-xilinx-zynqmp - 5.4.0-1058.62 linux-image-5.4.0-1058-xilinx-zynqmp - 5.4.0-1058.62 linux-modules-5.4.0-1058-xilinx-zynqmp - 5.4.0-1058.62 linux-tools-5.4.0-1058-xilinx-zynqmp - 5.4.0-1058.62 linux-xilinx-zynqmp-headers-5.4.0-1058 - 5.4.0-1058.62 linux-xilinx-zynqmp-tools-5.4.0-1058 - 5.4.0-1058.62 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1058.58 linux-image-xilinx-zynqmp - 5.4.0.1058.58 linux-tools-xilinx-zynqmp - 5.4.0.1058.58 linux-xilinx-zynqmp - 5.4.0.1058.58 No subscription required High CVE-2021-47469 CVE-2023-21400 CVE-2023-52458 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-40967 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43863 CVE-2024-44931 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53103 CVE-2024-53104 CVE-2024-53141 CVE-2024-53164 Ubuntu 20.04 LTS Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnerability to bypass security features like encryption and integrity checks. (CVE-2023-48795) Martin Mirchev discovered that ProFTPD did not properly validate user input over the network. An attacker could use this vulnerability to crash ProFTPD or execute arbitrary code. (CVE-2023-51713) Brian Ristuccia discovered that ProFTPD incorrectly inherited groups from the parent process. An attacker could use this vulnerability to elevate privileges. (CVE-2024-48651) Update Instructions: Run `sudo pro fix USN-7297-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: proftpd-basic - 1.3.6c-2ubuntu0.1 proftpd-dev - 1.3.6c-2ubuntu0.1 proftpd-doc - 1.3.6c-2ubuntu0.1 proftpd-mod-geoip - 1.3.6c-2ubuntu0.1 proftpd-mod-ldap - 1.3.6c-2ubuntu0.1 proftpd-mod-mysql - 1.3.6c-2ubuntu0.1 proftpd-mod-odbc - 1.3.6c-2ubuntu0.1 proftpd-mod-pgsql - 1.3.6c-2ubuntu0.1 proftpd-mod-snmp - 1.3.6c-2ubuntu0.1 proftpd-mod-sqlite - 1.3.6c-2ubuntu0.1 No subscription required Medium CVE-2023-48795 CVE-2023-51713 CVE-2024-48651 Ubuntu 20.04 LTS Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these issues to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7299-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: xdmx - 2:1.20.13-1ubuntu1~20.04.19 xdmx-tools - 2:1.20.13-1ubuntu1~20.04.19 xnest - 2:1.20.13-1ubuntu1~20.04.19 xorg-server-source - 2:1.20.13-1ubuntu1~20.04.19 xserver-common - 2:1.20.13-1ubuntu1~20.04.19 xserver-xephyr - 2:1.20.13-1ubuntu1~20.04.19 xserver-xorg-core - 2:1.20.13-1ubuntu1~20.04.19 xserver-xorg-dev - 2:1.20.13-1ubuntu1~20.04.19 xserver-xorg-legacy - 2:1.20.13-1ubuntu1~20.04.19 xvfb - 2:1.20.13-1ubuntu1~20.04.19 xwayland - 2:1.20.13-1ubuntu1~20.04.19 No subscription required Medium CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601 Ubuntu 20.04 LTS It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2022-49043) It was discovered that the libxml2 xmllint tool incorrectly handled certain memory operations. If a user or automated system were tricked into running xmllint on a specially crafted xml file, a remote attacker could cause xmllint to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2024-34459) It was discovered that libxml2 did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-56171) It was discovered that libxml2 could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-24928) It was discovered that libxml2 could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-27113) Update Instructions: Run `sudo pro fix USN-7302-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.9 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.9 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.9 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.9 python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.9 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.9 No subscription required Medium CVE-2022-49043 CVE-2024-34459 CVE-2024-56171 CVE-2025-24928 CVE-2025-27113 Ubuntu 20.04 LTS It was discovered that GNU binutils in nm tool is affected by an incorrect access control. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2024-57360) It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2025-0840) Update Instructions: Run `sudo pro fix USN-7306-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils - 2.34-6ubuntu1.10 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.10 binutils-alpha-linux-gnu - 2.34-6ubuntu1.10 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.10 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.10 binutils-common - 2.34-6ubuntu1.10 binutils-dev - 2.34-6ubuntu1.10 binutils-doc - 2.34-6ubuntu1.10 binutils-for-build - 2.34-6ubuntu1.10 binutils-for-host - 2.34-6ubuntu1.10 binutils-hppa-linux-gnu - 2.34-6ubuntu1.10 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.10 binutils-i686-gnu - 2.34-6ubuntu1.10 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.10 binutils-i686-linux-gnu - 2.34-6ubuntu1.10 binutils-ia64-linux-gnu - 2.34-6ubuntu1.10 binutils-m68k-linux-gnu - 2.34-6ubuntu1.10 binutils-multiarch - 2.34-6ubuntu1.10 binutils-multiarch-dev - 2.34-6ubuntu1.10 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.10 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.10 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.10 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.10 binutils-s390x-linux-gnu - 2.34-6ubuntu1.10 binutils-sh4-linux-gnu - 2.34-6ubuntu1.10 binutils-source - 2.34-6ubuntu1.10 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.10 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.10 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.10 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.10 libbinutils - 2.34-6ubuntu1.10 libctf-nobfd0 - 2.34-6ubuntu1.10 libctf0 - 2.34-6ubuntu1.10 No subscription required Medium CVE-2024-57360 CVE-2025-0840 Ubuntu 20.04 LTS Tim Boddy discovered that Expat, contained within the xmltok library, did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. Update Instructions: Run `sudo pro fix USN-7307-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxmltok1 - 1.2-4ubuntu0.20.04.1~esm5 libxmltok1-dev - 1.2-4ubuntu0.20.04.1~esm5 Available with Ubuntu Pro: https://ubuntu.com/pro Low CVE-2012-1148 Ubuntu 20.04 LTS It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated attacker could use this vulnerability to log in as an abitrary user. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5697) It was discovered that Ruby SAML incorrectly utilized the results of XML DOM traversal and canonicalization APIs. An unauthenticated attacker could use this vulnerability to log in as an abitrary user. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-11428) It was discovered that Ruby SAML did not properly verify the signature of the SAML Response, allowing multiple elements with the same ID. An unauthenticated attacker could use this vulnerability to log in as an abitrary user. (CVE-2024-45409) Update Instructions: Run `sudo pro fix USN-7309-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-saml - 1.11.0-1ubuntu0.1 No subscription required Medium CVE-2016-5697 CVE-2017-11428 CVE-2024-45409 Ubuntu 20.04 LTS It was discovered that Erlang incorrectly handled SFTP packet sizes. A remote attacker could possibly use this issue to cause Erlang to consume resources, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7313-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: erlang - 1:22.2.7+dfsg-1ubuntu0.3 erlang-asn1 - 1:22.2.7+dfsg-1ubuntu0.3 erlang-base - 1:22.2.7+dfsg-1ubuntu0.3 erlang-base-hipe - 1:22.2.7+dfsg-1ubuntu0.3 erlang-common-test - 1:22.2.7+dfsg-1ubuntu0.3 erlang-crypto - 1:22.2.7+dfsg-1ubuntu0.3 erlang-debugger - 1:22.2.7+dfsg-1ubuntu0.3 erlang-dev - 1:22.2.7+dfsg-1ubuntu0.3 erlang-dialyzer - 1:22.2.7+dfsg-1ubuntu0.3 erlang-diameter - 1:22.2.7+dfsg-1ubuntu0.3 erlang-doc - 1:22.2.7+dfsg-1ubuntu0.3 erlang-edoc - 1:22.2.7+dfsg-1ubuntu0.3 erlang-eldap - 1:22.2.7+dfsg-1ubuntu0.3 erlang-erl-docgen - 1:22.2.7+dfsg-1ubuntu0.3 erlang-et - 1:22.2.7+dfsg-1ubuntu0.3 erlang-eunit - 1:22.2.7+dfsg-1ubuntu0.3 erlang-examples - 1:22.2.7+dfsg-1ubuntu0.3 erlang-ftp - 1:22.2.7+dfsg-1ubuntu0.3 erlang-inets - 1:22.2.7+dfsg-1ubuntu0.3 erlang-jinterface - 1:22.2.7+dfsg-1ubuntu0.3 erlang-manpages - 1:22.2.7+dfsg-1ubuntu0.3 erlang-megaco - 1:22.2.7+dfsg-1ubuntu0.3 erlang-mnesia - 1:22.2.7+dfsg-1ubuntu0.3 erlang-mode - 1:22.2.7+dfsg-1ubuntu0.3 erlang-nox - 1:22.2.7+dfsg-1ubuntu0.3 erlang-observer - 1:22.2.7+dfsg-1ubuntu0.3 erlang-odbc - 1:22.2.7+dfsg-1ubuntu0.3 erlang-os-mon - 1:22.2.7+dfsg-1ubuntu0.3 erlang-parsetools - 1:22.2.7+dfsg-1ubuntu0.3 erlang-public-key - 1:22.2.7+dfsg-1ubuntu0.3 erlang-reltool - 1:22.2.7+dfsg-1ubuntu0.3 erlang-runtime-tools - 1:22.2.7+dfsg-1ubuntu0.3 erlang-snmp - 1:22.2.7+dfsg-1ubuntu0.3 erlang-src - 1:22.2.7+dfsg-1ubuntu0.3 erlang-ssh - 1:22.2.7+dfsg-1ubuntu0.3 erlang-ssl - 1:22.2.7+dfsg-1ubuntu0.3 erlang-syntax-tools - 1:22.2.7+dfsg-1ubuntu0.3 erlang-tftp - 1:22.2.7+dfsg-1ubuntu0.3 erlang-tools - 1:22.2.7+dfsg-1ubuntu0.3 erlang-wx - 1:22.2.7+dfsg-1ubuntu0.3 erlang-x11 - 1:22.2.7+dfsg-1ubuntu0.3 erlang-xmerl - 1:22.2.7+dfsg-1ubuntu0.3 No subscription required Medium CVE-2025-26618 Ubuntu 20.04 LTS It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. (CVE-2024-26458, CVE-2024-26461) It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-26462) It was discovered that the Kerberos kadmind daemon incorrectly handled log files when incremental propagation was enabled. An authenticated attacker could use this issue to cause kadmind to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-24528) Update Instructions: Run `sudo pro fix USN-7314-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-admin-server - 1.17-6ubuntu4.9 krb5-doc - 1.17-6ubuntu4.9 krb5-gss-samples - 1.17-6ubuntu4.9 krb5-k5tls - 1.17-6ubuntu4.9 krb5-kdc - 1.17-6ubuntu4.9 krb5-kdc-ldap - 1.17-6ubuntu4.9 krb5-kpropd - 1.17-6ubuntu4.9 krb5-locales - 1.17-6ubuntu4.9 krb5-multidev - 1.17-6ubuntu4.9 krb5-otp - 1.17-6ubuntu4.9 krb5-pkinit - 1.17-6ubuntu4.9 krb5-user - 1.17-6ubuntu4.9 libgssapi-krb5-2 - 1.17-6ubuntu4.9 libgssrpc4 - 1.17-6ubuntu4.9 libk5crypto3 - 1.17-6ubuntu4.9 libkadm5clnt-mit11 - 1.17-6ubuntu4.9 libkadm5srv-mit11 - 1.17-6ubuntu4.9 libkdb5-9 - 1.17-6ubuntu4.9 libkrad-dev - 1.17-6ubuntu4.9 libkrad0 - 1.17-6ubuntu4.9 libkrb5-3 - 1.17-6ubuntu4.9 libkrb5-dev - 1.17-6ubuntu4.9 libkrb5support0 - 1.17-6ubuntu4.9 No subscription required Medium CVE-2024-26458 CVE-2024-26461 CVE-2024-26462 CVE-2025-24528 Ubuntu 20.04 LTS Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax in certain scenarios. A remote attacker could possibly use this issue to perform SQL injection attacks. Update Instructions: Run `sudo pro fix USN-7315-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.22-0ubuntu0.20.04.2 libecpg-dev - 12.22-0ubuntu0.20.04.2 libecpg6 - 12.22-0ubuntu0.20.04.2 libpgtypes3 - 12.22-0ubuntu0.20.04.2 libpq-dev - 12.22-0ubuntu0.20.04.2 libpq5 - 12.22-0ubuntu0.20.04.2 postgresql-12 - 12.22-0ubuntu0.20.04.2 postgresql-client-12 - 12.22-0ubuntu0.20.04.2 postgresql-doc-12 - 12.22-0ubuntu0.20.04.2 postgresql-plperl-12 - 12.22-0ubuntu0.20.04.2 postgresql-plpython3-12 - 12.22-0ubuntu0.20.04.2 postgresql-pltcl-12 - 12.22-0ubuntu0.20.04.2 postgresql-server-dev-12 - 12.22-0ubuntu0.20.04.2 No subscription required Medium CVE-2025-1094 Ubuntu 20.04 LTS It was discovered that Raptor incorrectly handled memory operations when processing certain input files. A remote attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-25713) It was discovered that Raptor incorrectly handled parsing certain tuples. A remote attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of service. (CVE-2024-57822) It was discovered that Raptor incorrectly handled parsing certain turtles. A remote attacker could use this issue to cause Raptor to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-57823) Update Instructions: Run `sudo pro fix USN-7316-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraptor2-0 - 2.0.15-0ubuntu1.20.04.2 libraptor2-dev - 2.0.15-0ubuntu1.20.04.2 libraptor2-doc - 2.0.15-0ubuntu1.20.04.2 raptor2-utils - 2.0.15-0ubuntu1.20.04.2 No subscription required Medium CVE-2020-25713 CVE-2024-57822 CVE-2024-57823 Ubuntu 20.04 LTS George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpa_supplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. (CVE-2022-37660) Daniel De Almeida Braga, Mohamed Sabt, and Pierre-Alain Fouque discovered that wpa_supplicant and hostapd were vulnerable to side channel attacks due to the cache access patterns. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-23303, CVE-2022-23304) Update Instructions: Run `sudo pro fix USN-7317-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: hostapd - 2:2.9-1ubuntu4.6 wpagui - 2:2.9-1ubuntu4.6 wpasupplicant - 2:2.9-1ubuntu4.6 No subscription required Medium CVE-2022-23303 CVE-2022-23304 CVE-2022-37660 Ubuntu 20.04 LTS It was discovered that svg-sanitizer, vendored in SPIP, did not properly sanitize SVG/XML content. An attacker could possibly use this issue to perform cross site scripting. This issue only affected Ubuntu 24.10. (CVE-2022-23638) It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform cross site scripting. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28959) It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform PHP injection attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28960) It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28961) It was discovered that SPIP did not properly sanitize certain inputs. A remote authenticated attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-37155) It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2023-24258) It was discovered that SPIP did not properly handle serialization under certain circumstances. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2023-27372) It was discovered that SPIP did not properly sanitize HTTP requests. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-8517) Update Instructions: Run `sudo pro fix USN-7318-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: spip - 3.2.7-1ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2022-23638 CVE-2022-28959 CVE-2022-28960 CVE-2022-28961 CVE-2022-37155 CVE-2023-24258 CVE-2023-27372 CVE-2024-8517 Ubuntu 20.04 LTS It was discovered that cmark-gfm's autolink extension did not correctly handle parsing large inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39209) It was discovered that cmark-gfm did not correctly handle parsing large inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2023-22483) It was discovered that cmark-gfm did not correctly handle parsing large inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2023-22484) It was discovered that cmark-gfm did not correctly handle parsing large inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-22486, CVE-2023-26485) Update Instructions: Run `sudo pro fix USN-7319-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cmark-gfm - 0.29.0.gfm.0-4ubuntu0.1~esm1 libcmark-gfm-dev - 0.29.0.gfm.0-4ubuntu0.1~esm1 libcmark-gfm-extensions-dev - 0.29.0.gfm.0-4ubuntu0.1~esm1 libcmark-gfm-extensions0 - 0.29.0.gfm.0-4ubuntu0.1~esm1 libcmark-gfm0 - 0.29.0.gfm.0-4ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-39209 CVE-2023-22483 CVE-2023-22484 CVE-2023-22486 CVE-2023-26485 Ubuntu 20.04 LTS It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which could lead to an out-of-bounds read. A remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service (system crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-5520, CVE-2024-0322) It was discovered that the GPAC MP4Box utility incorrectly handled certain malformed text files. If a user or automated system using MP4Box were tricked into opening a specially crafted RST file, an attacker could use this issue to cause a denial of service (system crash) or execute arbitrary code. (CVE-2024-0321) Update Instructions: Run `sudo pro fix USN-7320-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gpac - 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 gpac-modules-base - 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 libgpac-dev - 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 libgpac4 - 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-5520 CVE-2024-0321 CVE-2024-0322 Ubuntu 20.04 LTS It was discovered that Redis incorrectly handled certain memory operations during pattern matching. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-31228) It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-46981) It was discovered that Redis incorrectly handled some malformed ACL selectors. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.10 and Ubuntu 24.04 LTS. (CVE-2024-51741) Update Instructions: Run `sudo pro fix USN-7321-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: redis - 5:5.0.7-2ubuntu0.1+esm3 redis-sentinel - 5:5.0.7-2ubuntu0.1+esm3 redis-server - 5:5.0.7-2ubuntu0.1+esm3 redis-tools - 5:5.0.7-2ubuntu0.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-31228 CVE-2024-46981 CVE-2024-51741 Ubuntu 20.04 LTS A security issues was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; (CVE-2024-56672) Update Instructions: Run `sudo pro fix USN-7327-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-buildinfo-5.15.0-134-lowlatency-64k - 5.15.0-134.145~20.04.1 linux-cloud-tools-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-headers-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-headers-5.15.0-134-lowlatency-64k - 5.15.0-134.145~20.04.1 linux-image-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-image-5.15.0-134-lowlatency-64k - 5.15.0-134.145~20.04.1 linux-image-unsigned-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-image-unsigned-5.15.0-134-lowlatency-64k - 5.15.0-134.145~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-134 - 5.15.0-134.145~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-134 - 5.15.0-134.145~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-134 - 5.15.0-134.145~20.04.1 linux-modules-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-modules-5.15.0-134-lowlatency-64k - 5.15.0-134.145~20.04.1 linux-modules-iwlwifi-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-tools-5.15.0-134-lowlatency - 5.15.0-134.145~20.04.1 linux-tools-5.15.0-134-lowlatency-64k - 5.15.0-134.145~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.134.145~20.04.1 No subscription required High CVE-2024-56672 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; (CVE-2024-56672) Update Instructions: Run `sudo pro fix USN-7328-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-cloud-tools-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-headers-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-image-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-image-unsigned-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1074 - 5.15.0-1074.80~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1074.80~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1074 - 5.15.0-1074.80~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1074 - 5.15.0-1074.80~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1074.80~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1074.80~20.04.1 linux-modules-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-modules-extra-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-modules-iwlwifi-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 linux-tools-5.15.0-1074-intel-iotg - 5.15.0-1074.80~20.04.1 No subscription required linux-buildinfo-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 linux-headers-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 linux-image-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 linux-image-unsigned-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 linux-modules-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 linux-modules-extra-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 linux-oracle-5.15-headers-5.15.0-1076 - 5.15.0-1076.82~20.04.1 linux-oracle-5.15-tools-5.15.0-1076 - 5.15.0-1076.82~20.04.1 linux-tools-5.15.0-1076-oracle - 5.15.0-1076.82~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1074.80~20.04.1 linux-headers-intel - 5.15.0.1074.80~20.04.1 linux-headers-intel-iotg - 5.15.0.1074.80~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1074.80~20.04.1 linux-image-intel - 5.15.0.1074.80~20.04.1 linux-image-intel-iotg - 5.15.0.1074.80~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1074.80~20.04.1 linux-intel - 5.15.0.1074.80~20.04.1 linux-intel-iotg - 5.15.0.1074.80~20.04.1 linux-intel-iotg-edge - 5.15.0.1074.80~20.04.1 linux-tools-intel - 5.15.0.1074.80~20.04.1 linux-tools-intel-iotg - 5.15.0.1074.80~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1074.80~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1076.82~20.04.1 linux-headers-oracle-edge - 5.15.0.1076.82~20.04.1 linux-image-oracle - 5.15.0.1076.82~20.04.1 linux-image-oracle-edge - 5.15.0.1076.82~20.04.1 linux-oracle - 5.15.0.1076.82~20.04.1 linux-oracle-edge - 5.15.0.1076.82~20.04.1 linux-tools-oracle - 5.15.0.1076.82~20.04.1 linux-tools-oracle-edge - 5.15.0.1076.82~20.04.1 No subscription required High CVE-2024-56672 CVE-2025-0927 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; (CVE-2024-56672) Update Instructions: Run `sudo pro fix USN-7328-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1082 - 5.15.0-1082.91~20.04.1 linux-azure-5.15-headers-5.15.0-1082 - 5.15.0-1082.91~20.04.1 linux-azure-5.15-tools-5.15.0-1082 - 5.15.0-1082.91~20.04.1 linux-buildinfo-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-cloud-tools-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-headers-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-image-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-image-unsigned-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-modules-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-modules-extra-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-modules-involflt-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 linux-tools-5.15.0-1082-azure - 5.15.0-1082.91~20.04.1 No subscription required linux-image-5.15.0-1082-azure-fde - 5.15.0-1082.91~20.04.1.1 linux-image-unsigned-5.15.0-1082-azure-fde - 5.15.0-1082.91~20.04.1.1 No subscription required linux-azure - 5.15.0.1082.91~20.04.1 linux-azure-cvm - 5.15.0.1082.91~20.04.1 linux-azure-edge - 5.15.0.1082.91~20.04.1 linux-cloud-tools-azure - 5.15.0.1082.91~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1082.91~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1082.91~20.04.1 linux-headers-azure - 5.15.0.1082.91~20.04.1 linux-headers-azure-cvm - 5.15.0.1082.91~20.04.1 linux-headers-azure-edge - 5.15.0.1082.91~20.04.1 linux-image-azure - 5.15.0.1082.91~20.04.1 linux-image-azure-cvm - 5.15.0.1082.91~20.04.1 linux-image-azure-edge - 5.15.0.1082.91~20.04.1 linux-modules-extra-azure - 5.15.0.1082.91~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1082.91~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1082.91~20.04.1 linux-modules-involflt-azure - 5.15.0.1082.91~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1082.91~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1082.91~20.04.1 linux-tools-azure - 5.15.0.1082.91~20.04.1 linux-tools-azure-cvm - 5.15.0.1082.91~20.04.1 linux-tools-azure-edge - 5.15.0.1082.91~20.04.1 No subscription required linux-azure-fde - 5.15.0.1082.91~20.04.1.58 linux-azure-fde-edge - 5.15.0.1082.91~20.04.1.58 linux-cloud-tools-azure-fde - 5.15.0.1082.91~20.04.1.58 linux-cloud-tools-azure-fde-edge - 5.15.0.1082.91~20.04.1.58 linux-headers-azure-fde - 5.15.0.1082.91~20.04.1.58 linux-headers-azure-fde-edge - 5.15.0.1082.91~20.04.1.58 linux-image-azure-fde - 5.15.0.1082.91~20.04.1.58 linux-image-azure-fde-edge - 5.15.0.1082.91~20.04.1.58 linux-modules-extra-azure-fde - 5.15.0.1082.91~20.04.1.58 linux-modules-extra-azure-fde-edge - 5.15.0.1082.91~20.04.1.58 linux-tools-azure-fde - 5.15.0.1082.91~20.04.1.58 linux-tools-azure-fde-edge - 5.15.0.1082.91~20.04.1.58 No subscription required High CVE-2024-56672 CVE-2025-0927 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Network drivers; (CVE-2024-50274, CVE-2024-53064, CVE-2024-56672) Update Instructions: Run `sudo pro fix USN-7329-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-gcp-5.15-headers-5.15.0-1078 - 5.15.0-1078.87~20.04.1 linux-gcp-5.15-tools-5.15.0-1078 - 5.15.0-1078.87~20.04.1 linux-headers-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-image-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-image-unsigned-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-modules-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-modules-extra-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-modules-iwlwifi-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 linux-tools-5.15.0-1078-gcp - 5.15.0-1078.87~20.04.1 No subscription required linux-gcp - 5.15.0.1078.87~20.04.1 linux-gcp-edge - 5.15.0.1078.87~20.04.1 linux-headers-gcp - 5.15.0.1078.87~20.04.1 linux-headers-gcp-edge - 5.15.0.1078.87~20.04.1 linux-image-gcp - 5.15.0.1078.87~20.04.1 linux-image-gcp-edge - 5.15.0.1078.87~20.04.1 linux-modules-extra-gcp - 5.15.0.1078.87~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1078.87~20.04.1 linux-tools-gcp - 5.15.0.1078.87~20.04.1 linux-tools-gcp-edge - 5.15.0.1078.87~20.04.1 No subscription required High CVE-2024-50274 CVE-2024-53064 CVE-2024-56672 CVE-2025-0927 Ubuntu 20.04 LTS It was discovered that Ansible did not properly verify certain fields of X.509 certificates. An attacker could possibly use this issue to spoof SSL servers if they were able to intercept network communications. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-3908) Martin Carpenter discovered that certain connection plugins for Ansible did not properly restrict users. An attacker with local access could possibly use this issue to escape a restricted environment via symbolic links misuse. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-6240) Robin Schneider discovered that Ansible's apt_key module did not properly verify key fingerprints. A remote attacker could possibly use this issue to perform key injection, leading to the access of sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-8614) It was discovered that Ansible would expose passwords in certain instances. An attacker could possibly use specially crafted input related to this issue to access sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-10206) It was discovered that Ansible incorrectly logged sensitive information. An attacker with local access could possibly use this issue to access sensitive information. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2019-14846) It was discovered that Ansible's solaris_zone module accepted input without performing input checking. A remote attacker could possibly use this issue to enable the execution of arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-14904) It was discovered that Ansible did not generate sufficiently random values, which could lead to the exposure of passwords. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-10729) It was discovered that Ansible's svn module could disclose passwords to users within the same node. An attacker could possibly use this issue to access sensitive information. (CVE-2020-1739) Update Instructions: Run `sudo pro fix USN-7330-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ansible - 2.9.6+dfsg-1ubuntu0.1~esm3 ansible-doc - 2.9.6+dfsg-1ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2015-3908 CVE-2015-6240 CVE-2016-8614 CVE-2019-10206 CVE-2019-14846 CVE-2019-14904 CVE-2020-10729 CVE-2020-1739 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - Network drivers; - STMicroelectronics network drivers; - Parport drivers; - Pin controllers subsystem; - Direct Digital Synthesis drivers; - TCM subsystem; - TTY drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - BTRFS file system; - File systems infrastructure; - Network file system (NFS) client; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - User-space API (UAPI); - io_uring subsystem; - BPF subsystem; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Networking core; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - XFRM subsystem; - Key management; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - KVM core; (CVE-2024-50163, CVE-2024-53104, CVE-2024-50287, CVE-2024-41066, CVE-2024-53066, CVE-2024-53097, CVE-2024-50229, CVE-2024-50142, CVE-2024-50182, CVE-2024-50156, CVE-2024-50195, CVE-2024-50232, CVE-2024-53063, CVE-2024-50134, CVE-2024-50103, CVE-2024-50110, CVE-2024-50115, CVE-2024-50233, CVE-2024-50202, CVE-2024-50268, CVE-2024-50171, CVE-2024-50234, CVE-2024-50083, CVE-2024-53061, CVE-2024-50194, CVE-2024-40953, CVE-2024-50143, CVE-2024-50278, CVE-2024-50257, CVE-2024-56672, CVE-2024-50141, CVE-2024-50128, CVE-2024-50117, CVE-2024-50292, CVE-2024-50148, CVE-2024-53055, CVE-2024-35887, CVE-2024-50236, CVE-2024-50249, CVE-2024-50282, CVE-2024-50218, CVE-2023-52913, CVE-2024-50262, CVE-2024-50269, CVE-2024-50010, CVE-2024-50299, CVE-2024-39497, CVE-2024-50296, CVE-2024-53052, CVE-2024-53058, CVE-2024-50201, CVE-2024-42291, CVE-2024-50036, CVE-2024-50154, CVE-2024-50196, CVE-2024-50251, CVE-2024-41080, CVE-2024-50074, CVE-2024-50205, CVE-2024-50131, CVE-2024-42252, CVE-2024-50082, CVE-2024-50273, CVE-2024-50072, CVE-2024-50301, CVE-2024-53088, CVE-2024-50058, CVE-2024-50085, CVE-2024-50167, CVE-2024-50150, CVE-2024-50185, CVE-2024-50208, CVE-2024-50151, CVE-2024-50086, CVE-2024-50127, CVE-2024-50153, CVE-2024-53042, CVE-2024-50162, CVE-2024-50237, CVE-2024-50290, CVE-2024-40965, CVE-2024-50193, CVE-2024-50245, CVE-2024-53059, CVE-2024-53101, CVE-2024-50295, CVE-2024-50259, CVE-2024-50192, CVE-2024-50265, CVE-2024-50279, CVE-2024-50116, CVE-2024-26718, CVE-2024-50101, CVE-2024-50168, CVE-2024-50267, CVE-2024-50198, CVE-2024-50230, CVE-2024-50199, CVE-2024-50099, CVE-2024-50247, CVE-2024-50302, CVE-2024-50160, CVE-2024-50209, CVE-2024-50244) Update Instructions: Run `sudo pro fix USN-7331-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-buildinfo-5.15.0-134-generic-64k - 5.15.0-134.145~20.04.1 linux-buildinfo-5.15.0-134-generic-lpae - 5.15.0-134.145~20.04.1 linux-cloud-tools-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-headers-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-headers-5.15.0-134-generic-64k - 5.15.0-134.145~20.04.1 linux-headers-5.15.0-134-generic-lpae - 5.15.0-134.145~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-134 - 5.15.0-134.145~20.04.1 linux-hwe-5.15-headers-5.15.0-134 - 5.15.0-134.145~20.04.1 linux-hwe-5.15-tools-5.15.0-134 - 5.15.0-134.145~20.04.1 linux-image-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-image-5.15.0-134-generic-64k - 5.15.0-134.145~20.04.1 linux-image-5.15.0-134-generic-lpae - 5.15.0-134.145~20.04.1 linux-image-unsigned-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-image-unsigned-5.15.0-134-generic-64k - 5.15.0-134.145~20.04.1 linux-modules-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-modules-5.15.0-134-generic-64k - 5.15.0-134.145~20.04.1 linux-modules-5.15.0-134-generic-lpae - 5.15.0-134.145~20.04.1 linux-modules-extra-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-modules-iwlwifi-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-tools-5.15.0-134-generic - 5.15.0-134.145~20.04.1 linux-tools-5.15.0-134-generic-64k - 5.15.0-134.145~20.04.1 linux-tools-5.15.0-134-generic-lpae - 5.15.0-134.145~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-generic-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-headers-oem-20.04 - 5.15.0.134.145~20.04.1 linux-headers-oem-20.04b - 5.15.0.134.145~20.04.1 linux-headers-oem-20.04c - 5.15.0.134.145~20.04.1 linux-headers-oem-20.04d - 5.15.0.134.145~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-image-oem-20.04 - 5.15.0.134.145~20.04.1 linux-image-oem-20.04b - 5.15.0.134.145~20.04.1 linux-image-oem-20.04c - 5.15.0.134.145~20.04.1 linux-image-oem-20.04d - 5.15.0.134.145~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.134.145~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.134.145~20.04.1 linux-oem-20.04 - 5.15.0.134.145~20.04.1 linux-oem-20.04b - 5.15.0.134.145~20.04.1 linux-oem-20.04c - 5.15.0.134.145~20.04.1 linux-oem-20.04d - 5.15.0.134.145~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-tools-oem-20.04 - 5.15.0.134.145~20.04.1 linux-tools-oem-20.04b - 5.15.0.134.145~20.04.1 linux-tools-oem-20.04c - 5.15.0.134.145~20.04.1 linux-tools-oem-20.04d - 5.15.0.134.145~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.134.145~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.134.145~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.134.145~20.04.1 No subscription required High CVE-2023-52913 CVE-2024-26718 CVE-2024-35887 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-50010 CVE-2024-50036 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53097 CVE-2024-53101 CVE-2024-53104 CVE-2024-56672 CVE-2025-0927 Ubuntu 20.04 LTS Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-1942) It was discovered that Firefox did not properly handle WebTransport connection, leading to a use-after-free vulnerability. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2025-1931) Ivan Fratric discovered that Firefox did not properly handle XSLT sorting, leading to a out-of-bounds access vulnerability. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-1932) Update Instructions: Run `sudo pro fix USN-7334-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: firefox - 136.0+build3-0ubuntu0.20.04.1 firefox-dev - 136.0+build3-0ubuntu0.20.04.1 firefox-geckodriver - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-af - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-an - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ar - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-as - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ast - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-az - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-be - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-bg - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-bn - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-br - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-bs - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ca - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-cak - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-cs - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-csb - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-cy - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-da - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-de - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-el - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-en - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-eo - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-es - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-et - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-eu - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-fa - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-fi - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-fr - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-fy - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ga - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-gd - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-gl - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-gn - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-gu - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-he - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-hi - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-hr - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-hsb - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-hu - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-hy - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ia - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-id - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-is - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-it - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ja - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ka - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-kab - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-kk - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-km - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-kn - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ko - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ku - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-lg - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-lt - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-lv - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-mai - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-mk - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ml - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-mn - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-mr - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ms - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-my - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-nb - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ne - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-nl - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-nn - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-nso - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-oc - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-or - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-pa - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-pl - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-pt - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ro - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ru - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-si - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-sk - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-sl - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-sq - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-sr - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-sv - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-sw - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-szl - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ta - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-te - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-tg - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-th - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-tr - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-uk - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-ur - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-uz - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-vi - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-xh - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hans - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-zh-hant - 136.0+build3-0ubuntu0.20.04.1 firefox-locale-zu - 136.0+build3-0ubuntu0.20.04.1 firefox-mozsymbols - 136.0+build3-0ubuntu0.20.04.1 No subscription required Medium CVE-2025-1931 CVE-2025-1932 CVE-2025-1933 CVE-2025-1934 CVE-2025-1935 CVE-2025-1936 CVE-2025-1937 CVE-2025-1942 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled text wrapping. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run `sudo pro fix USN-7335-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.28 python3-django - 2:2.2.12-1ubuntu0.28 No subscription required Medium CVE-2025-26699 Ubuntu 20.04 LTS It was discovered that LibreOffice incorrectly handled Office URI Schemes. If a user or automated system were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this issue to call internal macros. Update Instructions: Run `sudo pro fix USN-7337-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.14 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.14 No subscription required gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.14 libjuh-java - 1:6.4.7-0ubuntu0.20.04.14 libjurt-java - 1:6.4.7-0ubuntu0.20.04.14 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.14 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.14 libreoffice - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.14 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.14 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.14 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.14 libridl-java - 1:6.4.7-0ubuntu0.20.04.14 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.14 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.14 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.14 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.14 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.14 libunoil-java - 1:6.4.7-0ubuntu0.20.04.14 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.14 python3-access2base - 1:6.4.7-0ubuntu0.20.04.14 python3-uno - 1:6.4.7-0ubuntu0.20.04.14 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.14 ure - 1:6.4.7-0ubuntu0.20.04.14 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.14 No subscription required Medium CVE-2025-1080 Ubuntu 20.04 LTS Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of code in situations where templates are used maliciously. An attacker with control over a template's filename and content could potentially use this issue to enable the execution of arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-56201) It was discovered that Jinja2 sandboxed environments could be escaped through a call to a string format method. An attacker could possibly use this issue to enable the execution of arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-56326) It was discovered that Jinja2 sandboxed environments could be escaped through the malicious use of certain filters. An attacker could possibly use this issue to enable the execution of arbitrary code. (CVE-2025-27516) Update Instructions: Run `sudo pro fix USN-7343-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2 - 2.10.1-2ubuntu0.5 python-jinja2-doc - 2.10.1-2ubuntu0.5 python3-jinja2 - 2.10.1-2ubuntu0.5 No subscription required Medium CVE-2024-56201 CVE-2024-56326 CVE-2025-27516 Ubuntu 20.04 LTS USN-7343-1 fixed vulnerabilities in Jinja2. The update introduced a regression when attempting to import Jinja2 on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of code in situations where templates are used maliciously. An attacker with control over a template's filename and content could potentially use this issue to enable the execution of arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-56201) It was discovered that Jinja2 sandboxed environments could be escaped through a call to a string format method. An attacker could possibly use this issue to enable the execution of arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-56326) It was discovered that Jinja2 sandboxed environments could be escaped through the malicious use of certain filters. An attacker could possibly use this issue to enable the execution of arbitrary code. (CVE-2025-27516) Update Instructions: Run `sudo pro fix USN-7343-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-jinja2 - 2.10.1-2ubuntu0.6 python-jinja2-doc - 2.10.1-2ubuntu0.6 python3-jinja2 - 2.10.1-2ubuntu0.6 No subscription required None https://launchpad.net/bugs/2102129 Ubuntu 20.04 LTS It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-42780) It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-42782) It was discovered that OpenSC did not correctly handle the length of certain buffers, which could lead to a out-of-bounds access vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-2977) Deepanjan Pal discovered that OpenSC did not correctly authenticate a zero length PIN. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40660) It was discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to compromise key generation, certificate loading and other card management operations. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40661) Hubert Kario, Michal Shagam and Eyal Ronen discovered that OpenSC had a timing side-channel and incorrectly handled RSA padding. An attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-5992) Matteo Marini discovered that OpenSC did not properly manage memory due to certain uninitialized variables. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45615) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45616, CVE-2024-45617) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. (CVE-2024-45618, CVE-2024-45620) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45619) It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a buffer overflow. A physically proximate attacker could possibly use this issue to compromise card management operations during enrollment and modification. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-8443) Update Instructions: Run `sudo pro fix USN-7346-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: opensc - 0.20.0-3ubuntu0.1~esm2 opensc-pkcs11 - 0.20.0-3ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-42780 CVE-2021-42782 CVE-2023-2977 CVE-2023-40660 CVE-2023-40661 CVE-2023-5992 CVE-2024-45615 CVE-2024-45616 CVE-2024-45617 CVE-2024-45618 CVE-2024-45619 CVE-2024-45620 CVE-2024-8443 Ubuntu 20.04 LTS USN-7346-1 fixed vulnerabilities in OpenSC. The update introduced a regression in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-42780) It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-42782) It was discovered that OpenSC did not correctly handle the length of certain buffers, which could lead to a out-of-bounds access vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-2977) Deepanjan Pal discovered that OpenSC did not correctly authenticate a zero length PIN. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40660) It was discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to compromise key generation, certificate loading and other card management operations. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40661) Hubert Kario, Michal Shagam and Eyal Ronen discovered that OpenSC had a timing side-channel and incorrectly handled RSA padding. An attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-5992) Matteo Marini discovered that OpenSC did not properly manage memory due to certain uninitialized variables. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45615) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45616, CVE-2024-45617) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. (CVE-2024-45618, CVE-2024-45620) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45619) It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a buffer overflow. A physically proximate attacker could possibly use this issue to compromise card management operations during enrollment and modification. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-8443) Update Instructions: Run `sudo pro fix USN-7346-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: opensc - 0.20.0-3ubuntu0.1~esm3 opensc-pkcs11 - 0.20.0-3ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro None https://launchpad.net/bugs/2104948 Ubuntu 20.04 LTS USN-7346-1 fixed vulnerabilities in OpenSC. The update introduced a regression which broke smartcard based authentication. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-42780) It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-42782) It was discovered that OpenSC did not correctly handle the length of certain buffers, which could lead to a out-of-bounds access vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-2977) Deepanjan Pal discovered that OpenSC did not correctly authenticate a zero length PIN. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40660) It was discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to compromise key generation, certificate loading and other card management operations. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40661) Hubert Kario, Michal Shagam and Eyal Ronen discovered that OpenSC had a timing side-channel and incorrectly handled RSA padding. An attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-5992) Matteo Marini discovered that OpenSC did not properly manage memory due to certain uninitialized variables. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45615) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45616, CVE-2024-45617) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. (CVE-2024-45618, CVE-2024-45620) Matteo Marini discovered that OpenSC did not correctly handle certain memory operations. A physically proximate attacker could possibly use this issue to gain unauthorized access to certain systems. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-45619) It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a buffer overflow. A physically proximate attacker could possibly use this issue to compromise card management operations during enrollment and modification. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-8443) Update Instructions: Run `sudo pro fix USN-7346-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: opensc - 0.20.0-3ubuntu0.1~esm4 opensc-pkcs11 - 0.20.0-3ubuntu0.1~esm4 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-42780 CVE-2021-42782 CVE-2023-2977 CVE-2023-40660 CVE-2023-40661 CVE-2024-45615 CVE-2024-45616 CVE-2024-45617 CVE-2024-45618 CVE-2024-45620 CVE-2024-8443 https://launchpad.net/bugs/2104948 Ubuntu 20.04 LTS It was discovered that Netatalk did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-38439, CVE-2024-38440, CVE-2024-38441) Update Instructions: Run `sudo pro fix USN-7347-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: netatalk - 3.1.12~ds-4ubuntu0.20.04.4 No subscription required Medium CVE-2024-38439 CVE-2024-38440 CVE-2024-38441 Ubuntu 20.04 LTS It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-4032) It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated. (CVE-2024-9287) It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-11168) It was discovered that Python incorrectly handled parsing domain names that included square brackets. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. (CVE-2025-0938) Update Instructions: Run `sudo pro fix USN-7348-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.16 libpython3.8 - 3.8.10-0ubuntu1~20.04.16 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.16 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.16 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.16 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.16 python3.8 - 3.8.10-0ubuntu1~20.04.16 python3.8-dev - 3.8.10-0ubuntu1~20.04.16 python3.8-doc - 3.8.10-0ubuntu1~20.04.16 python3.8-examples - 3.8.10-0ubuntu1~20.04.16 python3.8-full - 3.8.10-0ubuntu1~20.04.16 python3.8-minimal - 3.8.10-0ubuntu1~20.04.16 python3.8-venv - 3.8.10-0ubuntu1~20.04.16 No subscription required Medium CVE-2024-11168 CVE-2024-4032 CVE-2024-9287 CVE-2025-0938 Ubuntu 20.04 LTS USN-7348-1 fixed vulnerabilities in Python. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-4032) It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated. (CVE-2024-9287) It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2024-11168) It was discovered that Python incorrectly handled parsing domain names that included square brackets. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. (CVE-2025-0938) Update Instructions: Run `sudo pro fix USN-7348-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python3.8 - 3.8.10-0ubuntu1~20.04.18 libpython3.8 - 3.8.10-0ubuntu1~20.04.18 libpython3.8-dev - 3.8.10-0ubuntu1~20.04.18 libpython3.8-minimal - 3.8.10-0ubuntu1~20.04.18 libpython3.8-stdlib - 3.8.10-0ubuntu1~20.04.18 libpython3.8-testsuite - 3.8.10-0ubuntu1~20.04.18 python3.8 - 3.8.10-0ubuntu1~20.04.18 python3.8-dev - 3.8.10-0ubuntu1~20.04.18 python3.8-doc - 3.8.10-0ubuntu1~20.04.18 python3.8-examples - 3.8.10-0ubuntu1~20.04.18 python3.8-full - 3.8.10-0ubuntu1~20.04.18 python3.8-minimal - 3.8.10-0ubuntu1~20.04.18 python3.8-venv - 3.8.10-0ubuntu1~20.04.18 No subscription required Medium CVE-2025-0938 Ubuntu 20.04 LTS It was discovered that RAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to write arbitrary files outside of the targeted directory. (CVE-2022-30333) It was discovered that RAR incorrectly handled certain recovery volumes. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-40477) Update Instructions: Run `sudo pro fix USN-7349-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rar - 2:6.23-1~20.04.1 No subscription required High CVE-2022-30333 CVE-2023-40477 Ubuntu 20.04 LTS It was discovered that UnRAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to write arbitrary files outside of the targeted directory. (CVE-2022-30333, CVE-2022-48579) It was discovered that UnRAR incorrectly handled certain recovery volumes. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-40477) Siddharth Dushantha discovered that UnRAR incorrectly handled ANSI escape sequences when writing screen output. If a user or automated system were tricked into processing a specially crafted RAR archive, a remote attacker could possibly use this issue to spoof screen output or cause a denial of service. (CVE-2024-33899) Update Instructions: Run `sudo pro fix USN-7350-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libunrar-dev - 1:5.6.6-2ubuntu0.1 libunrar5 - 1:5.6.6-2ubuntu0.1 unrar - 1:5.6.6-2ubuntu0.1 No subscription required High CVE-2022-30333 CVE-2022-48579 CVE-2023-40477 CVE-2024-33899 Ubuntu 20.04 LTS Nikos Papadopoulos discovered that RESTEasy improperly handled URL encoding when certain errors occur. An attacker could possibly use this issue to modify the app's behavior for other users through the network. (CVE-2020-10688) Mirko Selber discovered that RESTEasy improperly validated user input during HTTP response construction. This issue could possibly allow an attacker to cause a denial of service or execute arbitrary code. (CVE-2020-1695) It was discovered that RESTEasy unintentionally disclosed potentially sensitive server information to users during the handling of certain errors. (CVE-2020-25633) It was discovered that RESTEasy unintentionally disclosed parts of its code to users during the handling of certain errors. (CVE-2021-20289) It was discovered that RESTEasy used improper permissions when creating temporary files. An attacker could possibly use this issue to get access to sensitive data. (CVE-2023-0482) It was discovered that RESTEasy improperly handled certain HTTP requests and could be forced into a state in which it can no longer accept incoming connections. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-9622) Update Instructions: Run `sudo pro fix USN-7351-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libresteasy-java - 3.6.2-2ubuntu0.20.04.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-10688 CVE-2020-1695 CVE-2020-25633 CVE-2021-20289 CVE-2023-0482 CVE-2024-9622 Ubuntu 20.04 LTS It was discovered that FreeType incorrectly handled certain memory operations when parsing font subglyph structures. A remote attacker could use this issue to cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7352-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: freetype2-demos - 2.10.1-2ubuntu0.4 freetype2-doc - 2.10.1-2ubuntu0.4 libfreetype-dev - 2.10.1-2ubuntu0.4 libfreetype6 - 2.10.1-2ubuntu0.4 libfreetype6-dev - 2.10.1-2ubuntu0.4 No subscription required Medium CVE-2025-27363 Ubuntu 20.04 LTS Tobias S. Fink discovered that PlantUML was susceptible to cross-site scripting attacks (XSS) in instances where SVG images were rendered. An attacker could possibly use this issue to cause PlantUML to crash, resulting in a denial of service, or the execution of arbitrary code. Update Instructions: Run `sudo pro fix USN-7353-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: plantuml - 1:1.2018.13+ds-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-1231 Ubuntu 20.04 LTS Diego Cebrián discovered that djoser did not properly handle user authentication. An attacker with valid credentials could possibly use this to bypass authentication checks, such as two-factor authentication, to gain unintended access. Update Instructions: Run `sudo pro fix USN-7354-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-djoser - 2.0.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-21543 Ubuntu 20.04 LTS Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not properly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-37271) Abhishek Govindarasu, Ankush Menat and Ward Theunisse discovered that RestrictedPython did not correctly handle certain format strings. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-41039) It was discovered that RestrictedPython did not correctly restrict access to certain fields. An attacker could possibly use this issue to leak sensitive information. (CVE-2024-47532) It was discovered that RestrictedPython contained a type confusion vulnerability. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-22153) Update Instructions: Run `sudo pro fix USN-7355-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-restrictedpython - 4.0~b3-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-37271 CVE-2023-41039 CVE-2024-47532 CVE-2025-22153 Ubuntu 20.04 LTS It was discovered that uriparser did not correctly handle certain inputs, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-34402, CVE-2024-34403) Update Instructions: Run `sudo pro fix USN-7356-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: liburiparser-dev - 0.9.3-2ubuntu0.1~esm3 liburiparser-doc - 0.9.3-2ubuntu0.1~esm3 liburiparser1 - 0.9.3-2ubuntu0.1~esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-34402 CVE-2024-34403 Ubuntu 20.04 LTS Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7357-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxslt1-dev - 1.1.34-4ubuntu0.20.04.2 libxslt1.1 - 1.1.34-4ubuntu0.20.04.2 xsltproc - 1.1.34-4ubuntu0.20.04.2 No subscription required Medium CVE-2024-55549 Ubuntu 20.04 LTS It was discovered that Alpine did not use a secure connection under certain circumstances. A remote attacker could possibly use this issue to leak sensitive information. (CVE-2020-14929) It was discovered that Alpine could allow untagged responses from an IMAP server before upgrading to a TLS connection. A remote attacker could possibly use this issue to leak sensitive information. (CVE-2021-38370) It was discovered that Alpine could crash when receiving certain SMTP commands. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-46853) Update Instructions: Run `sudo pro fix USN-7360-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: alpine - 2.22+dfsg1-1ubuntu0.1~esm1 alpine-doc - 2.22+dfsg1-1ubuntu0.1~esm1 alpine-pico - 2.22+dfsg1-1ubuntu0.1~esm1 pilot - 2.22+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2020-14929 CVE-2021-38370 CVE-2021-46853 Ubuntu 20.04 LTS Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7361-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxslt1-dev - 1.1.34-4ubuntu0.20.04.3 libxslt1.1 - 1.1.34-4ubuntu0.20.04.3 xsltproc - 1.1.34-4ubuntu0.20.04.3 No subscription required Medium CVE-2025-24855 Ubuntu 20.04 LTS Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not properly handle certain return codes when authentication was not possible. An attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-24531) It was discovered that PAM-PKCS#11 did not require a private key signature for authentication by default. An attacker could possibly use this issue to bypass authentication. (CVE-2025-24032) Update Instructions: Run `sudo pro fix USN-7363-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libpam-pkcs11 - 0.6.11-2ubuntu0.1 No subscription required High CVE-2025-24032 CVE-2025-24531 Ubuntu 20.04 LTS Alexander Tan discovered that the OpenSAML C++ library was susceptible to forging of signed SAML messages. An attacker could possibly use this issue to gain unauthorized access to a system and manipulate sensitive information. Update Instructions: Run `sudo pro fix USN-7364-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libsaml-dev - 3.0.1-1ubuntu0.1 libsaml-doc - 3.0.1-1ubuntu0.1 libsaml10 - 3.0.1-1ubuntu0.1 libsaml2-dev - 3.0.1-1ubuntu0.1 libsaml2-doc - 3.0.1-1ubuntu0.1 opensaml-schemas - 3.0.1-1ubuntu0.1 opensaml-tools - 3.0.1-1ubuntu0.1 opensaml2-schemas - 3.0.1-1ubuntu0.1 opensaml2-tools - 3.0.1-1ubuntu0.1 No subscription required None https://launchpad.net/bugs/2103420 Ubuntu 20.04 LTS It was discovered that NLTK contained a regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-3842, CVE-2021-43854) Update Instructions: Run `sudo pro fix USN-7365-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python3-nltk - 3.4.5-2ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-3842 CVE-2021-43854 Ubuntu 20.04 LTS Nhật Thái Đỗ discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. (CVE-2025-25184) Phạm Quang Minh discovered that Rack incorrectly handled certain headers. A remote attacker could possibly use this issue to perform log injection. (CVE-2025-27111) Phạm Quang Minh discovered that Rack did not properly handle relative file paths. A remote attacker could potentially exploit this to include local files that should have been inaccessible. (CVE-2025-27610) Update Instructions: Run `sudo pro fix USN-7366-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm6 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-25184 CVE-2025-27111 CVE-2025-27610 Ubuntu 20.04 LTS It was discovered that zvbi incorrectly handled memory when processing user input. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7367-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libzvbi-common - 0.2.35-17ubuntu0.1~esm1 libzvbi-dev - 0.2.35-17ubuntu0.1~esm1 libzvbi-doc - 0.2.35-17ubuntu0.1~esm1 libzvbi0 - 0.2.35-17ubuntu0.1~esm1 zvbi - 0.2.35-17ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-2173 CVE-2025-2174 CVE-2025-2175 CVE-2025-2176 CVE-2025-2177 Ubuntu 20.04 LTS It was discovered that SnakeYAML incorrectly handled recursive entity references. An attacker could possibly use this issue to cause SnakeYAML to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7368-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libyaml-snake-java - 1.25+ds-2ubuntu0.1+esm1 libyaml-snake-java-doc - 1.25+ds-2ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2017-18640 Ubuntu 20.04 LTS Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use this issue to perform a cross-site request forgery (CSRF) attack. Update Instructions: Run `sudo pro fix USN-7372-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvarnishapi-dev - 6.2.1-2ubuntu0.2+esm1 libvarnishapi2 - 6.2.1-2ubuntu0.2+esm1 varnish - 6.2.1-2ubuntu0.2+esm1 varnish-doc - 6.2.1-2ubuntu0.2+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-45060 Ubuntu 20.04 LTS Benjamin Koltermann discovered that containerd incorrectly handled large user id values. This could result in containers possibly being run as root, contrary to expectations. Update Instructions: Run `sudo pro fix USN-7374-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-github-containerd-containerd-dev - 1.6.12-0ubuntu1~20.04.8 No subscription required containerd - 1.7.24-0ubuntu1~20.04.2 No subscription required Medium CVE-2024-40635 Ubuntu 20.04 LTS It was discovered that Org Mode did not correctly handle filenames containing shell metacharacters. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-28617) It was discovered that Org Mode could run untrusted code left in its buffer. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-30202) It was discovered that Org Mode did not correctly handle the contents of remote files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-30205) It was discovered that Org Mode could be made to run arbitrary Elisp code. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-39331) Update Instructions: Run `sudo pro fix USN-7375-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: elpa-org - 9.3.1+dfsg-1ubuntu0.1~esm1 org-mode - 9.3.1+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-28617 CVE-2024-30202 CVE-2024-30205 CVE-2024-39331 Ubuntu 20.04 LTS It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27830) It was discovered that Ghostscript incorrectly handled the DOCXWRITE TXTWRITE device. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-27831) It was discovered that Ghostscript incorrectly handled the NPDL device. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27832) It was discovered that Ghostscript incorrectly handled certain long TTF file names. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-27833) It was discovered that Ghostscript incorrectly handled oversized Type 4 functions in certain PDF documents. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-27834) It was discovered that Ghostscript incorrectly handled converting certain glyphs to Unicode. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27835) It was discovered that Ghostscript incorrectly handled the BJ10V device. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27836) Update Instructions: Run `sudo pro fix USN-7378-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ghostscript - 9.50~dfsg-5ubuntu4.15 ghostscript-doc - 9.50~dfsg-5ubuntu4.15 ghostscript-x - 9.50~dfsg-5ubuntu4.15 libgs-dev - 9.50~dfsg-5ubuntu4.15 libgs9 - 9.50~dfsg-5ubuntu4.15 libgs9-common - 9.50~dfsg-5ubuntu4.15 No subscription required Medium CVE-2025-27830 CVE-2025-27831 CVE-2025-27832 CVE-2025-27833 CVE-2025-27834 CVE-2025-27835 CVE-2025-27836 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - SELinux security module; - ALSA framework; - USB sound devices; (CVE-2024-56558, CVE-2024-53227, CVE-2024-53130, CVE-2025-21664, CVE-2024-53142, CVE-2024-55881, CVE-2024-57906, CVE-2024-46809, CVE-2024-53198, CVE-2024-53184, CVE-2024-53237, CVE-2024-56770, CVE-2024-53150, CVE-2024-56700, CVE-2024-50242, CVE-2024-53181, CVE-2024-56574, CVE-2024-56681, CVE-2024-56678, CVE-2024-53119, CVE-2024-53129, CVE-2024-56567, CVE-2024-56688, CVE-2024-49925, CVE-2025-21687, CVE-2024-56643, CVE-2025-21631, CVE-2024-52332, CVE-2024-53226, CVE-2025-21665, CVE-2024-56615, CVE-2024-57911, CVE-2024-53136, CVE-2024-56603, CVE-2024-56690, CVE-2024-47730, CVE-2024-56586, CVE-2024-46784, CVE-2024-56596, CVE-2024-53172, CVE-2024-57901, CVE-2024-56693, CVE-2024-56605, CVE-2024-57896, CVE-2024-56698, CVE-2024-56724, CVE-2024-49998, CVE-2024-53239, CVE-2024-53206, CVE-2024-56636, CVE-2024-56597, CVE-2024-56533, CVE-2024-42315, CVE-2024-56701, CVE-2024-56587, CVE-2024-57791, CVE-2024-56619, CVE-2024-50051, CVE-2024-56569, CVE-2025-21694, CVE-2025-21699, CVE-2024-53214, CVE-2024-57904, CVE-2024-49571, CVE-2024-56754, CVE-2024-56572, CVE-2024-49974, CVE-2024-53140, CVE-2025-21639, CVE-2024-56369, CVE-2024-56601, CVE-2024-56642, CVE-2024-57792, CVE-2024-57838, CVE-2024-53127, CVE-2025-21690, CVE-2024-56548, CVE-2024-53155, CVE-2024-47143, CVE-2024-56691, CVE-2024-57938, CVE-2025-21692, CVE-2024-56648, CVE-2024-46841, CVE-2024-57807, CVE-2024-57908, CVE-2024-50121, CVE-2024-57841, CVE-2024-53135, CVE-2024-53180, CVE-2025-21683, CVE-2024-56568, CVE-2024-56575, CVE-2024-56774, CVE-2024-56589, CVE-2024-36899, CVE-2024-57889, CVE-2024-50275, CVE-2024-56606, CVE-2024-56578, CVE-2024-56726, CVE-2024-36476, CVE-2024-53122, CVE-2024-56594, CVE-2024-56562, CVE-2024-53690, CVE-2024-56769, CVE-2024-57910, CVE-2024-56720, CVE-2024-56581, CVE-2024-56723, CVE-2025-21669, CVE-2024-56627, CVE-2024-57925, CVE-2024-56600, CVE-2024-56631, CVE-2024-56595, CVE-2024-53685, CVE-2024-53157, CVE-2024-57931, CVE-2024-56644, CVE-2024-53215, CVE-2024-57897, CVE-2024-56748, CVE-2024-53138, CVE-2025-21646, CVE-2024-47707, CVE-2024-56781, CVE-2024-57922, CVE-2024-53197, CVE-2024-56777, CVE-2024-56625, CVE-2024-56650, CVE-2024-56704, CVE-2025-21638, CVE-2024-56623, CVE-2024-57890, CVE-2024-56630, CVE-2024-53680, CVE-2025-21637, CVE-2024-56539, CVE-2024-56532, CVE-2024-53217, CVE-2024-53120, CVE-2024-56780, CVE-2022-49034, CVE-2024-43098, CVE-2024-56590, CVE-2024-50283, CVE-2024-57917, CVE-2024-56776, CVE-2024-53151, CVE-2024-49950, CVE-2024-57850, CVE-2024-44938, CVE-2024-47408, CVE-2024-56778, CVE-2024-56779, CVE-2024-56637, CVE-2024-56640, CVE-2024-57907, CVE-2024-57940, CVE-2025-21697, CVE-2024-57946, CVE-2024-53156, CVE-2024-56759, CVE-2024-53146, CVE-2024-56610, CVE-2024-56670, CVE-2024-57912, CVE-2024-57874, CVE-2024-57884, CVE-2024-56745, CVE-2024-56715, CVE-2024-56746, CVE-2024-53112, CVE-2024-53145, CVE-2024-56614, CVE-2024-53174, CVE-2024-57849, CVE-2024-56767, CVE-2024-53173, CVE-2025-21689, CVE-2024-56739, CVE-2024-56694, CVE-2024-57939, CVE-2024-56622, CVE-2024-56570, CVE-2024-56634, CVE-2024-53161, CVE-2024-53121, CVE-2024-56705, CVE-2024-56756, CVE-2024-53183, CVE-2024-56629, CVE-2025-21636, CVE-2024-56763, CVE-2024-56593, CVE-2025-21640, CVE-2024-53148, CVE-2025-21678, CVE-2024-56602, CVE-2024-57882, CVE-2024-56576, CVE-2024-53096, CVE-2024-53165, CVE-2024-57903, CVE-2024-57802, CVE-2025-21653, CVE-2024-56662, CVE-2024-56626, CVE-2024-56645, CVE-2024-48881, CVE-2024-57892, CVE-2024-56531, CVE-2024-56716, CVE-2024-56787, CVE-2024-57929, CVE-2024-50055, CVE-2024-49996, CVE-2024-53171, CVE-2025-21648, CVE-2024-57948, CVE-2024-53099, CVE-2024-56785, CVE-2024-57913, CVE-2024-53131, CVE-2024-53194, CVE-2024-56659, CVE-2024-55916, CVE-2024-56616, CVE-2024-56728, CVE-2024-43900, CVE-2025-21680, CVE-2024-53113, CVE-2024-58087, CVE-2024-56598, CVE-2024-57902, CVE-2024-56679, CVE-2025-21666, CVE-2024-57951, CVE-2024-56708, CVE-2024-56633, CVE-2024-56747, CVE-2024-53125, CVE-2024-45828, CVE-2024-53124, CVE-2024-46871, CVE-2024-57900, CVE-2024-50304, CVE-2024-53158) Update Instructions: Run `sudo pro fix USN-7387-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 linux-headers-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 linux-image-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 linux-image-unsigned-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 linux-modules-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 linux-modules-extra-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 linux-oracle-5.15-headers-5.15.0-1077 - 5.15.0-1077.83~20.04.1 linux-oracle-5.15-tools-5.15.0-1077 - 5.15.0-1077.83~20.04.1 linux-tools-5.15.0-1077-oracle - 5.15.0-1077.83~20.04.1 No subscription required linux-buildinfo-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-buildinfo-5.15.0-135-lowlatency-64k - 5.15.0-135.146~20.04.1 linux-cloud-tools-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-headers-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-headers-5.15.0-135-lowlatency-64k - 5.15.0-135.146~20.04.1 linux-image-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-image-5.15.0-135-lowlatency-64k - 5.15.0-135.146~20.04.1 linux-image-unsigned-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-image-unsigned-5.15.0-135-lowlatency-64k - 5.15.0-135.146~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-135 - 5.15.0-135.146~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-135 - 5.15.0-135.146~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-135 - 5.15.0-135.146~20.04.1 linux-modules-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-modules-5.15.0-135-lowlatency-64k - 5.15.0-135.146~20.04.1 linux-modules-iwlwifi-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-tools-5.15.0-135-lowlatency - 5.15.0-135.146~20.04.1 linux-tools-5.15.0-135-lowlatency-64k - 5.15.0-135.146~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1077.83~20.04.1 linux-headers-oracle-edge - 5.15.0.1077.83~20.04.1 linux-image-oracle - 5.15.0.1077.83~20.04.1 linux-image-oracle-edge - 5.15.0.1077.83~20.04.1 linux-oracle - 5.15.0.1077.83~20.04.1 linux-oracle-edge - 5.15.0.1077.83~20.04.1 linux-tools-oracle - 5.15.0.1077.83~20.04.1 linux-tools-oracle-edge - 5.15.0.1077.83~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.135.146~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.135.146~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.135.146~20.04.1 No subscription required High CVE-2022-49034 CVE-2024-36476 CVE-2024-36899 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50051 CVE-2024-50055 CVE-2024-50121 CVE-2024-50242 CVE-2024-50275 CVE-2024-50283 CVE-2024-50304 CVE-2024-52332 CVE-2024-53096 CVE-2024-53099 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53206 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - Media staging drivers; - TCM subsystem; - TTY drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - User-space API (UAPI); - Kernel init infrastructure; - io_uring subsystem; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Closures library; - Memory management; - 9P file system network protocol; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - ALSA framework; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - USB sound devices; - KVM core; (CVE-2024-56622, CVE-2024-42252, CVE-2024-53101, CVE-2025-21664, CVE-2024-50168, CVE-2024-53214, CVE-2024-56670, CVE-2024-53146, CVE-2024-50302, CVE-2024-56629, CVE-2024-53680, CVE-2024-53124, CVE-2024-56610, CVE-2024-50259, CVE-2024-47408, CVE-2024-53217, CVE-2025-21683, CVE-2024-50196, CVE-2025-21694, CVE-2024-56596, CVE-2024-53161, CVE-2024-53061, CVE-2024-57940, CVE-2024-41066, CVE-2024-53122, CVE-2024-56776, CVE-2024-50268, CVE-2024-53184, CVE-2024-53088, CVE-2024-56590, CVE-2024-50182, CVE-2024-56705, CVE-2024-50103, CVE-2024-57938, CVE-2024-53155, CVE-2024-50282, CVE-2024-50209, CVE-2024-53150, CVE-2024-56532, CVE-2024-57910, CVE-2024-56678, CVE-2024-53181, CVE-2024-50230, CVE-2024-42291, CVE-2024-50233, CVE-2024-53130, CVE-2024-56756, CVE-2024-53113, CVE-2024-56623, CVE-2024-41080, CVE-2024-53197, CVE-2024-53142, CVE-2024-50251, CVE-2024-50237, CVE-2024-47143, CVE-2024-56633, CVE-2024-57889, CVE-2024-53127, CVE-2024-46871, CVE-2024-56640, CVE-2024-50193, CVE-2024-53148, CVE-2025-21669, CVE-2024-53690, CVE-2024-50279, CVE-2024-56780, CVE-2024-56769, CVE-2024-53125, CVE-2024-53052, CVE-2024-56601, CVE-2024-56778, CVE-2024-50198, CVE-2025-21665, CVE-2024-53227, CVE-2024-40953, CVE-2024-50295, CVE-2024-53194, CVE-2024-56777, CVE-2024-56770, CVE-2025-21697, CVE-2024-57904, CVE-2024-56691, CVE-2024-56787, CVE-2024-57948, CVE-2024-53140, CVE-2024-50051, CVE-2025-21648, CVE-2024-56754, CVE-2024-50156, CVE-2024-50205, CVE-2024-57911, CVE-2024-50290, CVE-2024-56715, CVE-2024-56643, CVE-2024-49974, CVE-2024-50287, CVE-2024-50162, CVE-2024-57849, CVE-2024-50142, CVE-2024-53198, CVE-2024-56568, CVE-2024-56704, CVE-2024-35887, CVE-2024-57908, CVE-2024-56767, CVE-2024-56701, CVE-2025-21680, CVE-2024-57913, CVE-2024-50171, CVE-2024-56558, CVE-2024-50121, CVE-2024-50036, CVE-2024-53180, CVE-2024-53096, CVE-2024-57897, CVE-2024-56746, CVE-2024-55881, CVE-2024-57874, CVE-2024-56774, CVE-2024-57946, CVE-2024-56531, CVE-2024-56698, CVE-2024-56650, CVE-2025-21637, CVE-2024-50242, CVE-2024-49996, CVE-2024-53136, CVE-2024-56575, CVE-2024-56642, CVE-2024-56763, CVE-2024-57802, CVE-2024-57929, CVE-2024-56726, CVE-2024-56615, CVE-2024-56619, CVE-2024-50234, CVE-2024-50299, CVE-2024-56569, CVE-2024-57792, CVE-2024-50150, CVE-2024-56728, CVE-2024-53173, CVE-2024-56630, CVE-2025-21639, CVE-2024-53183, CVE-2024-56681, CVE-2024-46809, CVE-2024-53165, CVE-2024-53215, CVE-2024-50296, CVE-2024-50267, CVE-2024-53097, CVE-2024-56369, CVE-2024-56578, CVE-2024-56562, CVE-2025-21699, CVE-2024-50134, CVE-2024-56589, CVE-2024-50232, CVE-2024-53685, CVE-2024-50265, CVE-2024-53206, CVE-2024-50257, CVE-2024-57925, CVE-2024-50269, CVE-2024-56570, CVE-2024-50278, CVE-2024-56595, CVE-2024-56720, CVE-2024-50085, CVE-2024-50201, CVE-2024-56693, CVE-2023-52913, CVE-2025-21666, CVE-2024-50249, CVE-2024-50247, CVE-2024-47730, CVE-2024-49925, CVE-2025-21690, CVE-2024-56606, CVE-2024-53172, CVE-2024-53119, CVE-2024-56602, CVE-2024-50262, CVE-2024-50127, CVE-2024-50115, CVE-2024-57901, CVE-2024-50185, CVE-2024-53058, CVE-2025-21631, CVE-2024-56574, CVE-2024-56539, CVE-2025-21678, CVE-2024-56659, CVE-2024-56594, CVE-2024-56708, CVE-2024-56662, CVE-2024-55916, CVE-2024-53042, CVE-2024-50229, CVE-2024-56616, CVE-2024-50074, CVE-2024-57838, CVE-2024-50160, CVE-2024-50218, CVE-2024-56597, CVE-2024-36476, CVE-2024-49571, CVE-2024-53112, CVE-2024-50128, CVE-2024-53157, CVE-2024-56747, CVE-2024-56779, CVE-2024-50143, CVE-2024-42315, CVE-2024-56688, CVE-2024-57903, CVE-2024-50283, CVE-2025-21640, CVE-2024-53099, CVE-2024-57902, CVE-2024-57912, CVE-2024-56567, CVE-2024-56637, CVE-2024-50086, CVE-2024-56679, CVE-2024-56598, CVE-2024-50236, CVE-2024-56593, CVE-2024-50058, CVE-2024-53239, CVE-2024-57906, CVE-2024-43098, CVE-2024-53138, CVE-2024-50208, CVE-2024-49950, CVE-2024-53174, CVE-2024-50072, CVE-2024-45828, CVE-2024-56759, CVE-2024-56533, CVE-2024-50117, CVE-2024-53131, CVE-2024-47707, CVE-2025-21689, CVE-2025-21636, CVE-2024-56605, CVE-2024-57807, CVE-2024-56724, CVE-2024-57841, CVE-2024-53120, CVE-2024-50304, CVE-2024-56748, CVE-2024-58087, CVE-2024-57917, CVE-2024-44938, CVE-2024-57896, CVE-2024-56600, CVE-2024-57922, CVE-2024-53066, CVE-2024-56634, CVE-2024-53171, CVE-2024-56700, CVE-2024-57939, CVE-2024-53151, CVE-2024-50202, CVE-2024-56572, CVE-2024-40965, CVE-2024-56716, CVE-2024-46841, CVE-2024-50292, CVE-2024-57907, CVE-2024-53145, CVE-2024-50192, CVE-2024-53055, CVE-2025-21646, CVE-2024-56690, CVE-2024-57882, CVE-2024-56576, CVE-2024-50301, CVE-2024-53059, CVE-2024-56745, CVE-2024-57890, CVE-2024-50055, CVE-2024-56739, CVE-2024-50099, CVE-2024-50131, CVE-2024-50194, CVE-2024-57884, CVE-2024-43900, CVE-2024-52332, CVE-2024-57931, CVE-2024-50163, CVE-2024-53063, CVE-2024-53104, CVE-2024-57951, CVE-2025-21638, CVE-2024-53129, CVE-2024-56781, CVE-2024-50195, CVE-2024-56548, CVE-2024-56603, CVE-2024-56586, CVE-2024-50167, CVE-2024-56648, CVE-2024-56581, CVE-2024-53158, CVE-2024-56587, CVE-2024-49998, CVE-2024-50148, CVE-2024-56694, CVE-2024-50110, CVE-2024-50244, CVE-2024-46784, CVE-2024-50273, CVE-2024-50116, CVE-2024-56614, CVE-2024-50154, CVE-2024-56672, CVE-2025-21692, CVE-2024-56636, CVE-2024-56626, CVE-2024-50010, CVE-2024-39497, CVE-2024-50101, CVE-2024-50141, CVE-2024-57791, CVE-2024-50082, CVE-2024-53226, CVE-2024-53135, CVE-2024-50275, CVE-2024-56723, CVE-2024-53121, CVE-2024-50199, CVE-2024-56631, CVE-2024-50083, CVE-2024-50245, CVE-2025-21687, CVE-2024-50151, CVE-2022-49034, CVE-2024-57900, CVE-2024-53156, CVE-2024-36899, CVE-2024-50153, CVE-2024-53237, CVE-2024-56645, CVE-2024-26718, CVE-2024-57892, CVE-2025-21653, CVE-2024-56627, CVE-2024-48881, CVE-2024-56625, CVE-2024-57850, CVE-2024-56644, CVE-2024-56785) Update Instructions: Run `sudo pro fix USN-7388-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1080 - 5.15.0-1080.87~20.04.1 linux-aws-5.15-headers-5.15.0-1080 - 5.15.0-1080.87~20.04.1 linux-aws-5.15-tools-5.15.0-1080 - 5.15.0-1080.87~20.04.1 linux-buildinfo-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-cloud-tools-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-headers-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-image-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-image-unsigned-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-modules-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-modules-extra-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 linux-tools-5.15.0-1080-aws - 5.15.0-1080.87~20.04.1 No subscription required linux-aws - 5.15.0.1080.87~20.04.1 linux-aws-edge - 5.15.0.1080.87~20.04.1 linux-headers-aws - 5.15.0.1080.87~20.04.1 linux-headers-aws-edge - 5.15.0.1080.87~20.04.1 linux-image-aws - 5.15.0.1080.87~20.04.1 linux-image-aws-edge - 5.15.0.1080.87~20.04.1 linux-modules-extra-aws - 5.15.0.1080.87~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1080.87~20.04.1 linux-tools-aws - 5.15.0.1080.87~20.04.1 linux-tools-aws-edge - 5.15.0.1080.87~20.04.1 No subscription required High CVE-2022-49034 CVE-2023-52913 CVE-2024-26718 CVE-2024-35887 CVE-2024-36476 CVE-2024-36899 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50010 CVE-2024-50036 CVE-2024-50051 CVE-2024-50055 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50121 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50242 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50275 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50283 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-50304 CVE-2024-52332 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53096 CVE-2024-53097 CVE-2024-53099 CVE-2024-53101 CVE-2024-53104 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53206 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56672 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-0927 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Cryptographic API; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - eXpress Data Path; - SELinux security module; - USB sound devices; (CVE-2024-53172, CVE-2024-56572, CVE-2024-56739, CVE-2024-56643, CVE-2024-53131, CVE-2024-57904, CVE-2024-53145, CVE-2024-57908, CVE-2024-53155, CVE-2024-56691, CVE-2024-57901, CVE-2024-56595, CVE-2024-55916, CVE-2024-50051, CVE-2024-49936, CVE-2024-57900, CVE-2024-53239, CVE-2024-53142, CVE-2024-57889, CVE-2024-53217, CVE-2024-56619, CVE-2025-21653, CVE-2024-53140, CVE-2024-53130, CVE-2024-43098, CVE-2024-56746, CVE-2024-56650, CVE-2024-56723, CVE-2024-56558, CVE-2024-57884, CVE-2024-56601, CVE-2024-56581, CVE-2024-57906, CVE-2024-57948, CVE-2024-49996, CVE-2024-56598, CVE-2025-21638, CVE-2024-49925, CVE-2024-56767, CVE-2024-53127, CVE-2024-53181, CVE-2024-53194, CVE-2024-57902, CVE-2024-56630, CVE-2024-56567, CVE-2024-56602, CVE-2024-56562, CVE-2024-56596, CVE-2024-56570, CVE-2024-56670, CVE-2024-53135, CVE-2024-56629, CVE-2024-56769, CVE-2024-56637, CVE-2024-56681, CVE-2024-57910, CVE-2024-57892, CVE-2024-56574, CVE-2024-53121, CVE-2024-56532, CVE-2025-21689, CVE-2024-53156, CVE-2024-57912, CVE-2024-56597, CVE-2025-21640, CVE-2024-53690, CVE-2024-56548, CVE-2024-56633, CVE-2024-43900, CVE-2024-56631, CVE-2021-47219, CVE-2024-56659, CVE-2024-53158, CVE-2025-21639, CVE-2024-53136, CVE-2024-56615, CVE-2024-56586, CVE-2024-57946, CVE-2024-57911, CVE-2025-21699, CVE-2025-21664, CVE-2024-53174, CVE-2024-53184, CVE-2024-53138, CVE-2024-53680, CVE-2024-56593, CVE-2024-56644, CVE-2024-56720, CVE-2024-53197, CVE-2024-57802, CVE-2024-53157, CVE-2024-56756, CVE-2024-53171, CVE-2024-57931, CVE-2024-56600, CVE-2024-53112, CVE-2024-56770, CVE-2024-53214, CVE-2024-57849, CVE-2024-57890, CVE-2024-56634, CVE-2024-44938, CVE-2024-53183, CVE-2025-21697, CVE-2024-57929, CVE-2024-53165, CVE-2024-53161, CVE-2024-53150, CVE-2024-56606, CVE-2024-56748, CVE-2024-48881, CVE-2024-56594, CVE-2024-56645, CVE-2024-56781, CVE-2024-56531, CVE-2024-56605, CVE-2024-56779, CVE-2025-21678, CVE-2024-53227, CVE-2024-56688, CVE-2024-56576, CVE-2024-56587, CVE-2024-53124, CVE-2024-49884, CVE-2024-57850, CVE-2024-56569, CVE-2024-53148, CVE-2025-21694, CVE-2024-56700, CVE-2024-53173, CVE-2024-53198, CVE-2024-52332, CVE-2024-47707, CVE-2024-56539, CVE-2024-56704, CVE-2024-56747, CVE-2025-21687, CVE-2024-56690, CVE-2022-49034, CVE-2024-57938, CVE-2024-57951, CVE-2024-38588, CVE-2024-56603, CVE-2024-57807, CVE-2024-56780, CVE-2024-57922, CVE-2024-56642, CVE-2024-57913, CVE-2024-53146, CVE-2024-56614, CVE-2024-56694, CVE-2024-56724) Update Instructions: Run `sudo pro fix USN-7391-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-211-generic - 5.4.0-211.231 linux-buildinfo-5.4.0-211-generic-lpae - 5.4.0-211.231 linux-buildinfo-5.4.0-211-lowlatency - 5.4.0-211.231 linux-cloud-tools-5.4.0-211 - 5.4.0-211.231 linux-cloud-tools-5.4.0-211-generic - 5.4.0-211.231 linux-cloud-tools-5.4.0-211-lowlatency - 5.4.0-211.231 linux-cloud-tools-common - 5.4.0-211.231 linux-doc - 5.4.0-211.231 linux-headers-5.4.0-211 - 5.4.0-211.231 linux-headers-5.4.0-211-generic - 5.4.0-211.231 linux-headers-5.4.0-211-generic-lpae - 5.4.0-211.231 linux-headers-5.4.0-211-lowlatency - 5.4.0-211.231 linux-image-5.4.0-211-generic - 5.4.0-211.231 linux-image-5.4.0-211-generic-lpae - 5.4.0-211.231 linux-image-5.4.0-211-lowlatency - 5.4.0-211.231 linux-image-unsigned-5.4.0-211-generic - 5.4.0-211.231 linux-image-unsigned-5.4.0-211-lowlatency - 5.4.0-211.231 linux-libc-dev - 5.4.0-211.231 linux-modules-5.4.0-211-generic - 5.4.0-211.231 linux-modules-5.4.0-211-generic-lpae - 5.4.0-211.231 linux-modules-5.4.0-211-lowlatency - 5.4.0-211.231 linux-modules-extra-5.4.0-211-generic - 5.4.0-211.231 linux-source-5.4.0 - 5.4.0-211.231 linux-tools-5.4.0-211 - 5.4.0-211.231 linux-tools-5.4.0-211-generic - 5.4.0-211.231 linux-tools-5.4.0-211-generic-lpae - 5.4.0-211.231 linux-tools-5.4.0-211-lowlatency - 5.4.0-211.231 linux-tools-common - 5.4.0-211.231 linux-tools-host - 5.4.0-211.231 No subscription required linux-cloud-tools-generic - 5.4.0.211.206 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.211.206 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.211.206 linux-cloud-tools-lowlatency - 5.4.0.211.206 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.211.206 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.211.206 linux-cloud-tools-virtual - 5.4.0.211.206 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.211.206 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.211.206 linux-crashdump - 5.4.0.211.206 linux-generic - 5.4.0.211.206 linux-generic-hwe-18.04 - 5.4.0.211.206 linux-generic-hwe-18.04-edge - 5.4.0.211.206 linux-generic-lpae - 5.4.0.211.206 linux-generic-lpae-hwe-18.04 - 5.4.0.211.206 linux-generic-lpae-hwe-18.04-edge - 5.4.0.211.206 linux-headers-generic - 5.4.0.211.206 linux-headers-generic-hwe-18.04 - 5.4.0.211.206 linux-headers-generic-hwe-18.04-edge - 5.4.0.211.206 linux-headers-generic-lpae - 5.4.0.211.206 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.211.206 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.211.206 linux-headers-lowlatency - 5.4.0.211.206 linux-headers-lowlatency-hwe-18.04 - 5.4.0.211.206 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.211.206 linux-headers-oem - 5.4.0.211.206 linux-headers-oem-osp1 - 5.4.0.211.206 linux-headers-virtual - 5.4.0.211.206 linux-headers-virtual-hwe-18.04 - 5.4.0.211.206 linux-headers-virtual-hwe-18.04-edge - 5.4.0.211.206 linux-image-extra-virtual - 5.4.0.211.206 linux-image-extra-virtual-hwe-18.04 - 5.4.0.211.206 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.211.206 linux-image-generic - 5.4.0.211.206 linux-image-generic-hwe-18.04 - 5.4.0.211.206 linux-image-generic-hwe-18.04-edge - 5.4.0.211.206 linux-image-generic-lpae - 5.4.0.211.206 linux-image-generic-lpae-hwe-18.04 - 5.4.0.211.206 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.211.206 linux-image-lowlatency - 5.4.0.211.206 linux-image-lowlatency-hwe-18.04 - 5.4.0.211.206 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.211.206 linux-image-oem - 5.4.0.211.206 linux-image-oem-osp1 - 5.4.0.211.206 linux-image-virtual - 5.4.0.211.206 linux-image-virtual-hwe-18.04 - 5.4.0.211.206 linux-image-virtual-hwe-18.04-edge - 5.4.0.211.206 linux-lowlatency - 5.4.0.211.206 linux-lowlatency-hwe-18.04 - 5.4.0.211.206 linux-lowlatency-hwe-18.04-edge - 5.4.0.211.206 linux-oem - 5.4.0.211.206 linux-oem-osp1 - 5.4.0.211.206 linux-oem-osp1-tools-host - 5.4.0.211.206 linux-oem-tools-host - 5.4.0.211.206 linux-source - 5.4.0.211.206 linux-tools-generic - 5.4.0.211.206 linux-tools-generic-hwe-18.04 - 5.4.0.211.206 linux-tools-generic-hwe-18.04-edge - 5.4.0.211.206 linux-tools-generic-lpae - 5.4.0.211.206 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.211.206 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.211.206 linux-tools-lowlatency - 5.4.0.211.206 linux-tools-lowlatency-hwe-18.04 - 5.4.0.211.206 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.211.206 linux-tools-oem - 5.4.0.211.206 linux-tools-oem-osp1 - 5.4.0.211.206 linux-tools-virtual - 5.4.0.211.206 linux-tools-virtual-hwe-18.04 - 5.4.0.211.206 linux-tools-virtual-hwe-18.04-edge - 5.4.0.211.206 linux-virtual - 5.4.0.211.206 linux-virtual-hwe-18.04 - 5.4.0.211.206 linux-virtual-hwe-18.04-edge - 5.4.0.211.206 No subscription required High CVE-2021-47219 CVE-2022-49034 CVE-2024-23848 CVE-2024-38588 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-47707 CVE-2024-48881 CVE-2024-49884 CVE-2024-49925 CVE-2024-49936 CVE-2024-49996 CVE-2024-50051 CVE-2024-52332 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Cryptographic API; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - eXpress Data Path; - SELinux security module; - USB sound devices; (CVE-2024-56532, CVE-2024-53127, CVE-2024-56574, CVE-2024-56576, CVE-2024-57922, CVE-2024-53135, CVE-2024-56606, CVE-2024-53155, CVE-2024-53136, CVE-2024-56769, CVE-2024-56690, CVE-2024-53150, CVE-2024-38588, CVE-2024-53171, CVE-2024-56748, CVE-2024-56558, CVE-2024-56595, CVE-2024-56670, CVE-2024-56637, CVE-2024-56739, CVE-2024-56681, CVE-2024-53158, CVE-2024-53172, CVE-2024-56700, CVE-2024-56645, CVE-2024-56723, CVE-2024-56572, CVE-2024-57889, CVE-2024-43098, CVE-2024-56614, CVE-2024-53197, CVE-2025-21640, CVE-2024-57938, CVE-2024-53140, CVE-2024-57929, CVE-2024-56593, CVE-2024-56691, CVE-2025-21687, CVE-2024-56770, CVE-2024-53131, CVE-2024-56531, CVE-2024-56603, CVE-2025-21653, CVE-2024-53239, CVE-2024-57946, CVE-2024-56581, CVE-2024-56694, CVE-2024-56597, CVE-2024-57849, CVE-2024-56601, CVE-2024-53156, CVE-2024-56747, CVE-2024-53146, CVE-2025-21664, CVE-2024-53217, CVE-2025-21638, CVE-2024-53157, CVE-2024-56688, CVE-2024-47707, CVE-2024-53173, CVE-2024-56605, CVE-2024-56619, CVE-2024-49925, CVE-2024-49936, CVE-2024-56586, CVE-2024-57892, CVE-2024-56562, CVE-2024-57902, CVE-2024-53148, CVE-2024-53194, CVE-2024-56720, CVE-2024-53121, CVE-2024-48881, CVE-2024-56767, CVE-2024-56780, CVE-2024-56548, CVE-2024-57931, CVE-2024-56724, CVE-2024-53142, CVE-2024-53214, CVE-2025-21639, CVE-2024-43900, CVE-2024-56659, CVE-2024-57908, CVE-2024-57913, CVE-2024-53181, CVE-2024-56630, CVE-2024-56598, CVE-2024-56539, CVE-2024-57951, CVE-2024-56600, CVE-2024-52332, CVE-2024-55916, CVE-2024-53130, CVE-2024-56587, CVE-2024-57911, CVE-2024-57901, CVE-2024-57807, CVE-2024-49996, CVE-2025-21697, CVE-2024-53198, CVE-2024-53145, CVE-2024-57910, CVE-2022-49034, CVE-2024-56629, CVE-2024-56570, CVE-2024-57948, CVE-2024-53227, CVE-2024-56643, CVE-2024-56602, CVE-2024-57904, CVE-2024-56594, CVE-2024-56615, CVE-2024-53690, CVE-2024-56650, CVE-2025-21699, CVE-2024-56644, CVE-2024-56631, CVE-2024-53183, CVE-2024-50051, CVE-2024-49884, CVE-2024-56569, CVE-2024-56596, CVE-2024-57912, CVE-2024-56781, CVE-2024-57802, CVE-2024-56704, CVE-2024-57850, CVE-2024-57906, CVE-2025-21678, CVE-2024-56634, CVE-2024-53138, CVE-2021-47219, CVE-2024-57890, CVE-2024-53112, CVE-2024-53174, CVE-2024-56756, CVE-2024-56779, CVE-2024-57884, CVE-2024-56746, CVE-2024-53161, CVE-2024-57900, CVE-2024-56567, CVE-2024-56633, CVE-2025-21694, CVE-2024-53165, CVE-2024-56642, CVE-2024-53184, CVE-2024-44938, CVE-2024-53124, CVE-2025-21689, CVE-2024-53680) Update Instructions: Run `sudo pro fix USN-7392-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1060-xilinx-zynqmp - 5.4.0-1060.64 linux-headers-5.4.0-1060-xilinx-zynqmp - 5.4.0-1060.64 linux-image-5.4.0-1060-xilinx-zynqmp - 5.4.0-1060.64 linux-modules-5.4.0-1060-xilinx-zynqmp - 5.4.0-1060.64 linux-tools-5.4.0-1060-xilinx-zynqmp - 5.4.0-1060.64 linux-xilinx-zynqmp-headers-5.4.0-1060 - 5.4.0-1060.64 linux-xilinx-zynqmp-tools-5.4.0-1060 - 5.4.0-1060.64 No subscription required linux-buildinfo-5.4.0-1088-ibm - 5.4.0-1088.93 linux-headers-5.4.0-1088-ibm - 5.4.0-1088.93 linux-ibm-cloud-tools-common - 5.4.0-1088.93 linux-ibm-headers-5.4.0-1088 - 5.4.0-1088.93 linux-ibm-source-5.4.0 - 5.4.0-1088.93 linux-ibm-tools-5.4.0-1088 - 5.4.0-1088.93 linux-ibm-tools-common - 5.4.0-1088.93 linux-image-5.4.0-1088-ibm - 5.4.0-1088.93 linux-image-unsigned-5.4.0-1088-ibm - 5.4.0-1088.93 linux-modules-5.4.0-1088-ibm - 5.4.0-1088.93 linux-modules-extra-5.4.0-1088-ibm - 5.4.0-1088.93 linux-tools-5.4.0-1088-ibm - 5.4.0-1088.93 No subscription required linux-bluefield-headers-5.4.0-1101 - 5.4.0-1101.108 linux-bluefield-tools-5.4.0-1101 - 5.4.0-1101.108 linux-buildinfo-5.4.0-1101-bluefield - 5.4.0-1101.108 linux-headers-5.4.0-1101-bluefield - 5.4.0-1101.108 linux-image-5.4.0-1101-bluefield - 5.4.0-1101.108 linux-image-unsigned-5.4.0-1101-bluefield - 5.4.0-1101.108 linux-modules-5.4.0-1101-bluefield - 5.4.0-1101.108 linux-tools-5.4.0-1101-bluefield - 5.4.0-1101.108 No subscription required linux-buildinfo-5.4.0-1129-kvm - 5.4.0-1129.138 linux-headers-5.4.0-1129-kvm - 5.4.0-1129.138 linux-image-5.4.0-1129-kvm - 5.4.0-1129.138 linux-image-unsigned-5.4.0-1129-kvm - 5.4.0-1129.138 linux-kvm-headers-5.4.0-1129 - 5.4.0-1129.138 linux-kvm-tools-5.4.0-1129 - 5.4.0-1129.138 linux-modules-5.4.0-1129-kvm - 5.4.0-1129.138 linux-tools-5.4.0-1129-kvm - 5.4.0-1129.138 No subscription required linux-buildinfo-5.4.0-1140-oracle - 5.4.0-1140.150 linux-headers-5.4.0-1140-oracle - 5.4.0-1140.150 linux-image-5.4.0-1140-oracle - 5.4.0-1140.150 linux-image-unsigned-5.4.0-1140-oracle - 5.4.0-1140.150 linux-modules-5.4.0-1140-oracle - 5.4.0-1140.150 linux-modules-extra-5.4.0-1140-oracle - 5.4.0-1140.150 linux-oracle-headers-5.4.0-1140 - 5.4.0-1140.150 linux-oracle-tools-5.4.0-1140 - 5.4.0-1140.150 linux-tools-5.4.0-1140-oracle - 5.4.0-1140.150 No subscription required linux-buildinfo-5.4.0-1145-gcp - 5.4.0-1145.154 linux-gcp-headers-5.4.0-1145 - 5.4.0-1145.154 linux-gcp-tools-5.4.0-1145 - 5.4.0-1145.154 linux-headers-5.4.0-1145-gcp - 5.4.0-1145.154 linux-image-5.4.0-1145-gcp - 5.4.0-1145.154 linux-image-unsigned-5.4.0-1145-gcp - 5.4.0-1145.154 linux-modules-5.4.0-1145-gcp - 5.4.0-1145.154 linux-modules-extra-5.4.0-1145-gcp - 5.4.0-1145.154 linux-tools-5.4.0-1145-gcp - 5.4.0-1145.154 No subscription required linux-azure-cloud-tools-5.4.0-1147 - 5.4.0-1147.154 linux-azure-headers-5.4.0-1147 - 5.4.0-1147.154 linux-azure-tools-5.4.0-1147 - 5.4.0-1147.154 linux-buildinfo-5.4.0-1147-azure - 5.4.0-1147.154 linux-cloud-tools-5.4.0-1147-azure - 5.4.0-1147.154 linux-headers-5.4.0-1147-azure - 5.4.0-1147.154 linux-image-5.4.0-1147-azure - 5.4.0-1147.154 linux-image-unsigned-5.4.0-1147-azure - 5.4.0-1147.154 linux-modules-5.4.0-1147-azure - 5.4.0-1147.154 linux-modules-extra-5.4.0-1147-azure - 5.4.0-1147.154 linux-tools-5.4.0-1147-azure - 5.4.0-1147.154 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1060.60 linux-image-xilinx-zynqmp - 5.4.0.1060.60 linux-tools-xilinx-zynqmp - 5.4.0.1060.60 linux-xilinx-zynqmp - 5.4.0.1060.60 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1088.117 linux-ibm-lts-20.04 - 5.4.0.1088.117 linux-image-ibm-lts-20.04 - 5.4.0.1088.117 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1088.117 linux-tools-ibm-lts-20.04 - 5.4.0.1088.117 No subscription required linux-bluefield - 5.4.0.1101.97 linux-headers-bluefield - 5.4.0.1101.97 linux-image-bluefield - 5.4.0.1101.97 linux-tools-bluefield - 5.4.0.1101.97 No subscription required linux-headers-kvm - 5.4.0.1129.125 linux-image-kvm - 5.4.0.1129.125 linux-kvm - 5.4.0.1129.125 linux-tools-kvm - 5.4.0.1129.125 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1140.134 linux-image-oracle-lts-20.04 - 5.4.0.1140.134 linux-oracle-lts-20.04 - 5.4.0.1140.134 linux-tools-oracle-lts-20.04 - 5.4.0.1140.134 No subscription required linux-gcp-lts-20.04 - 5.4.0.1145.147 linux-headers-gcp-lts-20.04 - 5.4.0.1145.147 linux-image-gcp-lts-20.04 - 5.4.0.1145.147 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1145.147 linux-tools-gcp-lts-20.04 - 5.4.0.1145.147 No subscription required linux-azure-lts-20.04 - 5.4.0.1147.141 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1147.141 linux-headers-azure-lts-20.04 - 5.4.0.1147.141 linux-image-azure-lts-20.04 - 5.4.0.1147.141 linux-modules-extra-azure-lts-20.04 - 5.4.0.1147.141 linux-tools-azure-lts-20.04 - 5.4.0.1147.141 No subscription required High CVE-2021-47219 CVE-2022-49034 CVE-2024-23848 CVE-2024-38588 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-47707 CVE-2024-48881 CVE-2024-49884 CVE-2024-49925 CVE-2024-49936 CVE-2024-49996 CVE-2024-50051 CVE-2024-52332 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu Pro FIPS-updates 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Cryptographic API; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - eXpress Data Path; - SELinux security module; - USB sound devices; (CVE-2024-56532, CVE-2024-53127, CVE-2024-56574, CVE-2024-56576, CVE-2024-57922, CVE-2024-53135, CVE-2024-56606, CVE-2024-53155, CVE-2024-53136, CVE-2024-56769, CVE-2024-56690, CVE-2024-53150, CVE-2024-38588, CVE-2024-53171, CVE-2024-56748, CVE-2024-56558, CVE-2024-56595, CVE-2024-56670, CVE-2024-56637, CVE-2024-56739, CVE-2024-56681, CVE-2024-53158, CVE-2024-53172, CVE-2024-56700, CVE-2024-56645, CVE-2024-56723, CVE-2024-56572, CVE-2024-57889, CVE-2024-43098, CVE-2024-56614, CVE-2024-53197, CVE-2025-21640, CVE-2024-57938, CVE-2024-53140, CVE-2024-57929, CVE-2024-56593, CVE-2024-56691, CVE-2025-21687, CVE-2024-56770, CVE-2024-53131, CVE-2024-56531, CVE-2024-56603, CVE-2025-21653, CVE-2024-53239, CVE-2024-57946, CVE-2024-56581, CVE-2024-56694, CVE-2024-56597, CVE-2024-57849, CVE-2024-56601, CVE-2024-53156, CVE-2024-56747, CVE-2024-53146, CVE-2025-21664, CVE-2024-53217, CVE-2025-21638, CVE-2024-53157, CVE-2024-56688, CVE-2024-47707, CVE-2024-53173, CVE-2024-56605, CVE-2024-56619, CVE-2024-49925, CVE-2024-49936, CVE-2024-56586, CVE-2024-57892, CVE-2024-56562, CVE-2024-57902, CVE-2024-53148, CVE-2024-53194, CVE-2024-56720, CVE-2024-53121, CVE-2024-48881, CVE-2024-56767, CVE-2024-56780, CVE-2024-56548, CVE-2024-57931, CVE-2024-56724, CVE-2024-53142, CVE-2024-53214, CVE-2025-21639, CVE-2024-43900, CVE-2024-56659, CVE-2024-57908, CVE-2024-57913, CVE-2024-53181, CVE-2024-56630, CVE-2024-56598, CVE-2024-56539, CVE-2024-57951, CVE-2024-56600, CVE-2024-52332, CVE-2024-55916, CVE-2024-53130, CVE-2024-56587, CVE-2024-57911, CVE-2024-57901, CVE-2024-57807, CVE-2024-49996, CVE-2025-21697, CVE-2024-53198, CVE-2024-53145, CVE-2024-57910, CVE-2022-49034, CVE-2024-56629, CVE-2024-56570, CVE-2024-57948, CVE-2024-53227, CVE-2024-56643, CVE-2024-56602, CVE-2024-57904, CVE-2024-56594, CVE-2024-56615, CVE-2024-53690, CVE-2024-56650, CVE-2025-21699, CVE-2024-56644, CVE-2024-56631, CVE-2024-53183, CVE-2024-50051, CVE-2024-49884, CVE-2024-56569, CVE-2024-56596, CVE-2024-57912, CVE-2024-56781, CVE-2024-57802, CVE-2024-56704, CVE-2024-57850, CVE-2024-57906, CVE-2025-21678, CVE-2024-56634, CVE-2024-53138, CVE-2021-47219, CVE-2024-57890, CVE-2024-53112, CVE-2024-53174, CVE-2024-56756, CVE-2024-56779, CVE-2024-57884, CVE-2024-56746, CVE-2024-53161, CVE-2024-57900, CVE-2024-56567, CVE-2024-56633, CVE-2025-21694, CVE-2024-53165, CVE-2024-56642, CVE-2024-53184, CVE-2024-44938, CVE-2024-53124, CVE-2025-21689, CVE-2024-53680) Update Instructions: Run `sudo pro fix USN-7392-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-gcp-fips-headers-5.4.0-1145 - 5.4.0-1145.154+fips1 linux-gcp-fips-tools-5.4.0-1145 - 5.4.0-1145.154+fips1 linux-headers-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-image-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-image-hmac-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-image-unsigned-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-image-unsigned-hmac-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-modules-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-modules-extra-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 linux-tools-5.4.0-1145-gcp-fips - 5.4.0-1145.154+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips-cloud-tools-5.4.0-1147 - 5.4.0-1147.154+fips1 linux-azure-fips-headers-5.4.0-1147 - 5.4.0-1147.154+fips1 linux-azure-fips-tools-5.4.0-1147 - 5.4.0-1147.154+fips1 linux-buildinfo-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-cloud-tools-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-headers-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-image-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-image-hmac-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-image-unsigned-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-image-unsigned-hmac-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-modules-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-modules-extra-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 linux-tools-5.4.0-1147-azure-fips - 5.4.0-1147.154+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-gcp-fips - 5.4.0.1145.87 linux-headers-gcp-fips - 5.4.0.1145.87 linux-image-gcp-fips - 5.4.0.1145.87 linux-modules-extra-gcp-fips - 5.4.0.1145.87 linux-tools-gcp-fips - 5.4.0.1145.87 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips - 5.4.0.1147.85 linux-cloud-tools-azure-fips - 5.4.0.1147.85 linux-headers-azure-fips - 5.4.0.1147.85 linux-image-azure-fips - 5.4.0.1147.85 linux-modules-extra-azure-fips - 5.4.0.1147.85 linux-tools-azure-fips - 5.4.0.1147.85 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-47219 CVE-2022-49034 CVE-2024-23848 CVE-2024-38588 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-47707 CVE-2024-48881 CVE-2024-49884 CVE-2024-49925 CVE-2024-49936 CVE-2024-49996 CVE-2024-50051 CVE-2024-52332 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Cryptographic API; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - eXpress Data Path; - SELinux security module; - USB sound devices; (CVE-2024-56532, CVE-2024-53127, CVE-2024-56574, CVE-2024-56576, CVE-2024-57922, CVE-2024-53135, CVE-2024-56606, CVE-2024-53155, CVE-2024-53136, CVE-2024-56769, CVE-2024-56690, CVE-2024-53150, CVE-2024-38588, CVE-2024-53171, CVE-2024-56748, CVE-2024-56558, CVE-2024-56595, CVE-2024-56670, CVE-2024-56637, CVE-2024-56739, CVE-2024-56681, CVE-2024-53158, CVE-2024-53172, CVE-2024-56700, CVE-2024-56645, CVE-2024-56723, CVE-2024-56572, CVE-2024-57889, CVE-2024-43098, CVE-2024-56614, CVE-2024-53197, CVE-2025-21640, CVE-2024-57938, CVE-2024-53140, CVE-2024-57929, CVE-2024-56593, CVE-2024-56691, CVE-2025-21687, CVE-2024-56770, CVE-2024-53131, CVE-2024-56531, CVE-2024-56603, CVE-2025-21653, CVE-2024-53239, CVE-2024-57946, CVE-2024-56581, CVE-2024-56694, CVE-2024-56597, CVE-2024-57849, CVE-2024-56601, CVE-2024-53156, CVE-2024-56747, CVE-2024-53146, CVE-2025-21664, CVE-2024-53217, CVE-2025-21638, CVE-2024-53157, CVE-2024-56688, CVE-2024-47707, CVE-2024-53173, CVE-2024-56605, CVE-2024-56619, CVE-2024-49925, CVE-2024-49936, CVE-2024-56586, CVE-2024-57892, CVE-2024-56562, CVE-2024-57902, CVE-2024-53148, CVE-2024-53194, CVE-2024-56720, CVE-2024-53121, CVE-2024-48881, CVE-2024-56767, CVE-2024-56780, CVE-2024-56548, CVE-2024-57931, CVE-2024-56724, CVE-2024-53142, CVE-2024-53214, CVE-2025-21639, CVE-2024-43900, CVE-2024-56659, CVE-2024-57908, CVE-2024-57913, CVE-2024-53181, CVE-2024-56630, CVE-2024-56598, CVE-2024-56539, CVE-2024-57951, CVE-2024-56600, CVE-2024-52332, CVE-2024-55916, CVE-2024-53130, CVE-2024-56587, CVE-2024-57911, CVE-2024-57901, CVE-2024-57807, CVE-2024-49996, CVE-2025-21697, CVE-2024-53198, CVE-2024-53145, CVE-2024-57910, CVE-2022-49034, CVE-2024-56629, CVE-2024-56570, CVE-2024-57948, CVE-2024-53227, CVE-2024-56643, CVE-2024-56602, CVE-2024-57904, CVE-2024-56594, CVE-2024-56615, CVE-2024-53690, CVE-2024-56650, CVE-2025-21699, CVE-2024-56644, CVE-2024-56631, CVE-2024-53183, CVE-2024-50051, CVE-2024-49884, CVE-2024-56569, CVE-2024-56596, CVE-2024-57912, CVE-2024-56781, CVE-2024-57802, CVE-2024-56704, CVE-2024-57850, CVE-2024-57906, CVE-2025-21678, CVE-2024-56634, CVE-2024-53138, CVE-2021-47219, CVE-2024-57890, CVE-2024-53112, CVE-2024-53174, CVE-2024-56756, CVE-2024-56779, CVE-2024-57884, CVE-2024-56746, CVE-2024-53161, CVE-2024-57900, CVE-2024-56567, CVE-2024-56633, CVE-2025-21694, CVE-2024-53165, CVE-2024-56642, CVE-2024-53184, CVE-2024-44938, CVE-2024-53124, CVE-2025-21689, CVE-2024-53680) Update Instructions: Run `sudo pro fix USN-7392-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-5.4.0-1142 - 5.4.0-1142.152 linux-aws-headers-5.4.0-1142 - 5.4.0-1142.152 linux-aws-tools-5.4.0-1142 - 5.4.0-1142.152 linux-buildinfo-5.4.0-1142-aws - 5.4.0-1142.152 linux-cloud-tools-5.4.0-1142-aws - 5.4.0-1142.152 linux-headers-5.4.0-1142-aws - 5.4.0-1142.152 linux-image-5.4.0-1142-aws - 5.4.0-1142.152 linux-image-unsigned-5.4.0-1142-aws - 5.4.0-1142.152 linux-modules-5.4.0-1142-aws - 5.4.0-1142.152 linux-modules-extra-5.4.0-1142-aws - 5.4.0-1142.152 linux-tools-5.4.0-1142-aws - 5.4.0-1142.152 No subscription required linux-aws-lts-20.04 - 5.4.0.1142.139 linux-headers-aws-lts-20.04 - 5.4.0.1142.139 linux-image-aws-lts-20.04 - 5.4.0.1142.139 linux-modules-extra-aws-lts-20.04 - 5.4.0.1142.139 linux-tools-aws-lts-20.04 - 5.4.0.1142.139 No subscription required High CVE-2021-47219 CVE-2022-49034 CVE-2024-23848 CVE-2024-38588 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-47707 CVE-2024-48881 CVE-2024-49884 CVE-2024-49925 CVE-2024-49936 CVE-2024-49996 CVE-2024-50051 CVE-2024-52332 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu Pro FIPS-updates 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Cryptographic API; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - eXpress Data Path; - SELinux security module; - USB sound devices; (CVE-2024-56532, CVE-2024-53127, CVE-2024-56574, CVE-2024-56576, CVE-2024-57922, CVE-2024-53135, CVE-2024-56606, CVE-2024-53155, CVE-2024-53136, CVE-2024-56769, CVE-2024-56690, CVE-2024-53150, CVE-2024-38588, CVE-2024-53171, CVE-2024-56748, CVE-2024-56558, CVE-2024-56595, CVE-2024-56670, CVE-2024-56637, CVE-2024-56739, CVE-2024-56681, CVE-2024-53158, CVE-2024-53172, CVE-2024-56700, CVE-2024-56645, CVE-2024-56723, CVE-2024-56572, CVE-2024-57889, CVE-2024-43098, CVE-2024-56614, CVE-2024-53197, CVE-2025-21640, CVE-2024-57938, CVE-2024-53140, CVE-2024-57929, CVE-2024-56593, CVE-2024-56691, CVE-2025-21687, CVE-2024-56770, CVE-2024-53131, CVE-2024-56531, CVE-2024-56603, CVE-2025-21653, CVE-2024-53239, CVE-2024-57946, CVE-2024-56581, CVE-2024-56694, CVE-2024-56597, CVE-2024-57849, CVE-2024-56601, CVE-2024-53156, CVE-2024-56747, CVE-2024-53146, CVE-2025-21664, CVE-2024-53217, CVE-2025-21638, CVE-2024-53157, CVE-2024-56688, CVE-2024-47707, CVE-2024-53173, CVE-2024-56605, CVE-2024-56619, CVE-2024-49925, CVE-2024-49936, CVE-2024-56586, CVE-2024-57892, CVE-2024-56562, CVE-2024-57902, CVE-2024-53148, CVE-2024-53194, CVE-2024-56720, CVE-2024-53121, CVE-2024-48881, CVE-2024-56767, CVE-2024-56780, CVE-2024-56548, CVE-2024-57931, CVE-2024-56724, CVE-2024-53142, CVE-2024-53214, CVE-2025-21639, CVE-2024-43900, CVE-2024-56659, CVE-2024-57908, CVE-2024-57913, CVE-2024-53181, CVE-2024-56630, CVE-2024-56598, CVE-2024-56539, CVE-2024-57951, CVE-2024-56600, CVE-2024-52332, CVE-2024-55916, CVE-2024-53130, CVE-2024-56587, CVE-2024-57911, CVE-2024-57901, CVE-2024-57807, CVE-2024-49996, CVE-2025-21697, CVE-2024-53198, CVE-2024-53145, CVE-2024-57910, CVE-2022-49034, CVE-2024-56629, CVE-2024-56570, CVE-2024-57948, CVE-2024-53227, CVE-2024-56643, CVE-2024-56602, CVE-2024-57904, CVE-2024-56594, CVE-2024-56615, CVE-2024-53690, CVE-2024-56650, CVE-2025-21699, CVE-2024-56644, CVE-2024-56631, CVE-2024-53183, CVE-2024-50051, CVE-2024-49884, CVE-2024-56569, CVE-2024-56596, CVE-2024-57912, CVE-2024-56781, CVE-2024-57802, CVE-2024-56704, CVE-2024-57850, CVE-2024-57906, CVE-2025-21678, CVE-2024-56634, CVE-2024-53138, CVE-2021-47219, CVE-2024-57890, CVE-2024-53112, CVE-2024-53174, CVE-2024-56756, CVE-2024-56779, CVE-2024-57884, CVE-2024-56746, CVE-2024-53161, CVE-2024-57900, CVE-2024-56567, CVE-2024-56633, CVE-2025-21694, CVE-2024-53165, CVE-2024-56642, CVE-2024-53184, CVE-2024-44938, CVE-2024-53124, CVE-2025-21689, CVE-2024-53680) Update Instructions: Run `sudo pro fix USN-7392-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-fips-headers-5.4.0-1142 - 5.4.0-1142.153+fips1 linux-aws-fips-tools-5.4.0-1142 - 5.4.0-1142.153+fips1 linux-buildinfo-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-headers-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-image-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-image-hmac-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-image-unsigned-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-image-unsigned-hmac-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-modules-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-modules-extra-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 linux-tools-5.4.0-1142-aws-fips - 5.4.0-1142.153+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-aws-fips - 5.4.0.1142.89 linux-headers-aws-fips - 5.4.0.1142.89 linux-image-aws-fips - 5.4.0.1142.89 linux-modules-extra-aws-fips - 5.4.0.1142.89 linux-tools-aws-fips - 5.4.0.1142.89 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-47219 CVE-2022-49034 CVE-2024-23848 CVE-2024-38588 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-47707 CVE-2024-48881 CVE-2024-49884 CVE-2024-49925 CVE-2024-49936 CVE-2024-49996 CVE-2024-50051 CVE-2024-52332 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu Pro FIPS-updates 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Virtio block driver; - TPM device driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NTB driver; - Virtio pmem driver; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - USB Device Class drivers; - USB Gadget drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Network traffic control; - Network sockets; - TCP network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Perf events; - Arbitrary resource management; - Tracing infrastructure; - Closures library; - Memory management; - 9P file system network protocol; - Amateur Radio drivers; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; - KVM core; (CVE-2024-49938, CVE-2024-41066, CVE-2024-57951, CVE-2024-56779, CVE-2024-50194, CVE-2024-50265, CVE-2024-56596, CVE-2024-57922, CVE-2024-56614, CVE-2024-57912, CVE-2024-50251, CVE-2024-56569, CVE-2024-56587, CVE-2024-57807, CVE-2024-50051, CVE-2024-49997, CVE-2024-57911, CVE-2024-50195, CVE-2024-50205, CVE-2024-35896, CVE-2025-21689, CVE-2024-43098, CVE-2024-47757, CVE-2025-21639, CVE-2024-57900, CVE-2024-56634, CVE-2024-50230, CVE-2024-57946, CVE-2024-53059, CVE-2024-50290, CVE-2024-49985, CVE-2024-50142, CVE-2024-49925, CVE-2024-50199, CVE-2024-47699, CVE-2024-53172, CVE-2024-53173, CVE-2024-56631, CVE-2024-57938, CVE-2024-53101, CVE-2024-53197, CVE-2024-49896, CVE-2024-47697, CVE-2024-56644, CVE-2024-50236, CVE-2024-46731, CVE-2024-47674, CVE-2024-38544, CVE-2024-46853, CVE-2024-47740, CVE-2024-53121, CVE-2024-50082, CVE-2024-53165, CVE-2024-50040, CVE-2024-57929, CVE-2024-57889, CVE-2024-49860, CVE-2024-50287, CVE-2022-49034, CVE-2024-56690, CVE-2024-50302, CVE-2024-50006, CVE-2024-49949, CVE-2024-49868, CVE-2024-49903, CVE-2024-47723, CVE-2024-49936, CVE-2024-49955, CVE-2024-50234, CVE-2024-50301, CVE-2024-47670, CVE-2024-56574, CVE-2024-50168, CVE-2024-57913, CVE-2024-56602, CVE-2024-56630, CVE-2024-53130, CVE-2024-53145, CVE-2024-56642, CVE-2024-50202, CVE-2024-38588, CVE-2024-56767, CVE-2024-50024, CVE-2024-53198, CVE-2024-56548, CVE-2024-50184, CVE-2024-47756, CVE-2024-50167, CVE-2025-21694, CVE-2024-53063, CVE-2024-49966, CVE-2024-50299, CVE-2024-50143, CVE-2024-49924, CVE-2024-53061, CVE-2024-53124, CVE-2024-49902, CVE-2024-56739, CVE-2024-49952, CVE-2025-21664, CVE-2024-49877, CVE-2024-47701, CVE-2024-52332, CVE-2024-49975, CVE-2024-56645, CVE-2024-53140, CVE-2024-49948, CVE-2024-56724, CVE-2024-49963, CVE-2025-21687, CVE-2024-47698, CVE-2024-50039, CVE-2024-56595, CVE-2024-50282, CVE-2023-52458, CVE-2024-56615, CVE-2024-40965, CVE-2024-49965, CVE-2024-53112, CVE-2024-53135, CVE-2024-56601, CVE-2024-56532, CVE-2024-53184, CVE-2024-47672, CVE-2024-53155, CVE-2024-50171, CVE-2024-50035, CVE-2024-56704, CVE-2024-53156, CVE-2024-47685, CVE-2024-50044, CVE-2024-47712, CVE-2024-47707, CVE-2024-50179, CVE-2024-56594, CVE-2024-56688, CVE-2024-50151, CVE-2025-21699, CVE-2024-56598, CVE-2024-47737, CVE-2024-57849, CVE-2024-56576, CVE-2025-21638, CVE-2024-53181, CVE-2024-50033, CVE-2024-49995, CVE-2024-56756, CVE-2024-49867, CVE-2025-21697, CVE-2024-56600, CVE-2024-56670, CVE-2024-47713, CVE-2024-46854, CVE-2024-47671, CVE-2024-53680, CVE-2024-49851, CVE-2024-49883, CVE-2024-56780, CVE-2024-56770, CVE-2024-56650, CVE-2024-53146, CVE-2024-50218, CVE-2024-56531, CVE-2024-47706, CVE-2024-56572, CVE-2024-47709, CVE-2024-49958, CVE-2024-57948, CVE-2024-40911, CVE-2024-57904, CVE-2024-56769, CVE-2024-35887, CVE-2025-21678, CVE-2024-57802, CVE-2024-56700, CVE-2024-43900, CVE-2024-47747, CVE-2024-50059, CVE-2024-56606, CVE-2024-53161, CVE-2024-50116, CVE-2024-50180, CVE-2024-50127, CVE-2024-53131, CVE-2024-53157, CVE-2024-50279, CVE-2024-57850, CVE-2024-56619, CVE-2024-49982, CVE-2024-56748, CVE-2024-53104, CVE-2024-49981, CVE-2024-56643, CVE-2024-49962, CVE-2024-50131, CVE-2024-56781, CVE-2024-50233, CVE-2024-56597, CVE-2024-56567, CVE-2024-57902, CVE-2024-43863, CVE-2024-56581, CVE-2024-53171, CVE-2024-56633, CVE-2024-50296, CVE-2024-49879, CVE-2024-56593, CVE-2024-47679, CVE-2024-53148, CVE-2024-50237, CVE-2024-49959, CVE-2024-50269, CVE-2024-53138, CVE-2024-49957, CVE-2024-50278, CVE-2024-49894, CVE-2024-49900, CVE-2024-56586, CVE-2024-50148, CVE-2024-50262, CVE-2024-56720, CVE-2024-50096, CVE-2024-57931, CVE-2024-56681, CVE-2021-47219, CVE-2025-21640, CVE-2024-56603, CVE-2024-50229, CVE-2024-53174, CVE-2024-50007, CVE-2024-49944, CVE-2024-50273, CVE-2024-49878, CVE-2024-56605, CVE-2024-53150, CVE-2024-44931, CVE-2024-53214, CVE-2024-49882, CVE-2024-53158, CVE-2024-55916, CVE-2024-50117, CVE-2024-56570, CVE-2024-44938, CVE-2024-53239, CVE-2024-53217, CVE-2024-50099, CVE-2024-50267, CVE-2024-56562, CVE-2024-40953, CVE-2024-57884, CVE-2024-49892, CVE-2024-56659, CVE-2024-56746, CVE-2024-50074, CVE-2024-41016, CVE-2024-53142, CVE-2024-57901, CVE-2024-56637, CVE-2024-47710, CVE-2024-46849, CVE-2024-57910, CVE-2024-47692, CVE-2024-48881, CVE-2024-53194, CVE-2024-56558, CVE-2024-56747, CVE-2024-56629, CVE-2024-47696, CVE-2024-56691, CVE-2024-53227, CVE-2024-57908, CVE-2024-57892, CVE-2024-53183, CVE-2024-56723, CVE-2024-42252, CVE-2024-57890, CVE-2024-50134, CVE-2024-56694, CVE-2024-57906, CVE-2024-56539, CVE-2024-53690, CVE-2024-53066, CVE-2024-49973, CVE-2024-47684, CVE-2024-50045, CVE-2024-49884, CVE-2025-21653, CVE-2024-47749, CVE-2024-47742, CVE-2024-50008, CVE-2024-50150, CVE-2024-53127, CVE-2024-49996) Update Instructions: Run `sudo pro fix USN-7393-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1116-fips - 5.4.0-1116.126 linux-fips-headers-5.4.0-1116 - 5.4.0-1116.126 linux-fips-tools-5.4.0-1116 - 5.4.0-1116.126 linux-fips-tools-host - 5.4.0-1116.126 linux-headers-5.4.0-1116-fips - 5.4.0-1116.126 linux-image-5.4.0-1116-fips - 5.4.0-1116.126 linux-image-hmac-5.4.0-1116-fips - 5.4.0-1116.126 linux-image-unsigned-5.4.0-1116-fips - 5.4.0-1116.126 linux-image-unsigned-hmac-5.4.0-1116-fips - 5.4.0-1116.126 linux-modules-5.4.0-1116-fips - 5.4.0-1116.126 linux-modules-extra-5.4.0-1116-fips - 5.4.0-1116.126 linux-tools-5.4.0-1116-fips - 5.4.0-1116.126 Available with Ubuntu Pro: https://ubuntu.com/pro linux-fips - 5.4.0.1116.113 linux-headers-fips - 5.4.0.1116.113 linux-image-fips - 5.4.0.1116.113 linux-signed-fips - 5.4.0.1116.113 linux-signed-image-fips - 5.4.0.1116.113 linux-tools-fips - 5.4.0.1116.113 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-47219 CVE-2022-49034 CVE-2023-52458 CVE-2024-23848 CVE-2024-35887 CVE-2024-35896 CVE-2024-38544 CVE-2024-38588 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43098 CVE-2024-43863 CVE-2024-43900 CVE-2024-44931 CVE-2024-44938 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47707 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-48881 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49925 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49996 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50051 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-52332 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Marius Berntsberg, Trygve Vea, Tore Anderson, Rodolfo Alonso, Jay Faulkner, and Brian Haley discovered that OVN incorrectly handled certain crafted UDP packets. A remote attacker could possibly use this issue to bypass egress ACL rules. Update Instructions: Run `sudo pro fix USN-7396-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ovn-central - 20.03.2-0ubuntu0.20.04.6 ovn-common - 20.03.2-0ubuntu0.20.04.6 ovn-controller-vtep - 20.03.2-0ubuntu0.20.04.6 ovn-doc - 20.03.2-0ubuntu0.20.04.6 ovn-docker - 20.03.2-0ubuntu0.20.04.6 ovn-host - 20.03.2-0ubuntu0.20.04.6 ovn-ic - 20.03.2-0ubuntu0.20.04.6 ovn-ic-db - 20.03.2-0ubuntu0.20.04.6 No subscription required Medium CVE-2025-0650 Ubuntu 20.04 LTS Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7397-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: aom-tools - 1.0.0.errata1-3+deb11u1ubuntu0.1 libaom-dev - 1.0.0.errata1-3+deb11u1ubuntu0.1 libaom-doc - 1.0.0.errata1-3+deb11u1ubuntu0.1 libaom0 - 1.0.0.errata1-3+deb11u1ubuntu0.1 No subscription required Medium CVE-2024-5171 Ubuntu 20.04 LTS It was discovered that libtar may perform out-of-bounds reads when processing specially crafted tar files. An attacker could possibly use this issue to cause libtar to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2021-33643, CVE-2021-33644) It was discovered that libtar contained a memory leak due to failing to free a variable, causing performance degradation. An attacker could possibly use this issue to cause libtar to crash, resulting in a denial of service. (CVE-2021-33645, CVE-2021-33646) Update Instructions: Run `sudo pro fix USN-7398-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtar-dev - 1.2.20-8ubuntu0.20.04.1 libtar0 - 1.2.20-8ubuntu0.20.04.1 No subscription required Medium CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646 Ubuntu 20.04 LTS It was discovered that RabbitMQ Server's management UI did not sanitize certain input. An attacker could possibly use this issue to inject code by performing a cross-site scripting (XSS) attack. Update Instructions: Run `sudo pro fix USN-7399-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rabbitmq-server - 3.8.3-0ubuntu0.3 No subscription required Medium CVE-2025-30219 Ubuntu 20.04 LTS It was discovered that PHP incorrectly handle certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2024-11235) It was discovered that PHP incorrectly handle certain folded headers. An attacker could possibly use this issue to cause a crash or execute arbritrary code. (CVE-2025-1217) It was discovered that PHP incorrectly handled certain headers. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS Ubuntu 24.10, and Ubuntu 24.04 LTS. (CVE-2025-1219) It was discovered that PHP incorrectly handle certain headers with invalid name and no colon. An attacker could possibly use this issue to confuse applications into accepting invalid headers causing code injection. (CVE-2025-1734) It was discovered that PHP incorrectly handled certain headers. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.10, and Ubuntu 24.04 LTS. (CVE-2025-1736) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2025-1861) Update Instructions: Run `sudo pro fix USN-7400-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libapache2-mod-php7.4 - 7.4.3-4ubuntu2.29 libphp7.4-embed - 7.4.3-4ubuntu2.29 php7.4 - 7.4.3-4ubuntu2.29 php7.4-bcmath - 7.4.3-4ubuntu2.29 php7.4-bz2 - 7.4.3-4ubuntu2.29 php7.4-cgi - 7.4.3-4ubuntu2.29 php7.4-cli - 7.4.3-4ubuntu2.29 php7.4-common - 7.4.3-4ubuntu2.29 php7.4-curl - 7.4.3-4ubuntu2.29 php7.4-dba - 7.4.3-4ubuntu2.29 php7.4-dev - 7.4.3-4ubuntu2.29 php7.4-enchant - 7.4.3-4ubuntu2.29 php7.4-fpm - 7.4.3-4ubuntu2.29 php7.4-gd - 7.4.3-4ubuntu2.29 php7.4-gmp - 7.4.3-4ubuntu2.29 php7.4-imap - 7.4.3-4ubuntu2.29 php7.4-interbase - 7.4.3-4ubuntu2.29 php7.4-intl - 7.4.3-4ubuntu2.29 php7.4-json - 7.4.3-4ubuntu2.29 php7.4-ldap - 7.4.3-4ubuntu2.29 php7.4-mbstring - 7.4.3-4ubuntu2.29 php7.4-mysql - 7.4.3-4ubuntu2.29 php7.4-odbc - 7.4.3-4ubuntu2.29 php7.4-opcache - 7.4.3-4ubuntu2.29 php7.4-pgsql - 7.4.3-4ubuntu2.29 php7.4-phpdbg - 7.4.3-4ubuntu2.29 php7.4-pspell - 7.4.3-4ubuntu2.29 php7.4-readline - 7.4.3-4ubuntu2.29 php7.4-snmp - 7.4.3-4ubuntu2.29 php7.4-soap - 7.4.3-4ubuntu2.29 php7.4-sqlite3 - 7.4.3-4ubuntu2.29 php7.4-sybase - 7.4.3-4ubuntu2.29 php7.4-tidy - 7.4.3-4ubuntu2.29 php7.4-xml - 7.4.3-4ubuntu2.29 php7.4-xmlrpc - 7.4.3-4ubuntu2.29 php7.4-xsl - 7.4.3-4ubuntu2.29 php7.4-zip - 7.4.3-4ubuntu2.29 No subscription required Medium CVE-2024-11235 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Ubuntu 20.04 LTS It was discovered that phpseclib did not correctly handle RSA PKCS#1 v1.5 signature verification. An attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-30130) It was discovered that phpseclib did not correctly handle certain characters in certain TLS fields, which could lead to name confusion. An attacker could possibly use this issue to bypass authentication. (CVE-2023-52892) It was discovered that phpseclib incorrectly limited the size of prime numbers generated by isPrime. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-27354) It was discovered that phpseclib did not correctly handle processing the ASN.1 object identifier of a certificate. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-27355) Update Instructions: Run `sudo pro fix USN-7404-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-seclib - 1.0.18-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro php-phpseclib - 2.0.23-2ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-30130 CVE-2023-52892 CVE-2024-27354 CVE-2024-27355 Ubuntu 20.04 LTS It was discovered that InspIRCd did not correctly handle certificate fingerprints, which could lead to spoofing. A remote attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7142) It was discovered that InspIRCd did not correctly handle certain memory operations, which could lead to a NULL pointer dereference. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-20917) It was discovered that InspIRCd did not correctly handle certain memory operations, which could lead to a use-after-free. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-25269) Update Instructions: Run `sudo pro fix USN-7405-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: inspircd - 3.4.0-2ubuntu1+esm1 inspircd-dev - 3.4.0-2ubuntu1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-7142 CVE-2019-20917 CVE-2020-25269 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; (CVE-2024-26928, CVE-2024-56658, CVE-2024-35864, CVE-2024-57798) Update Instructions: Run `sudo pro fix USN-7406-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 linux-headers-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 linux-image-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 linux-image-unsigned-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 linux-modules-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 linux-modules-extra-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 linux-oracle-5.15-headers-5.15.0-1078 - 5.15.0-1078.84~20.04.1 linux-oracle-5.15-tools-5.15.0-1078 - 5.15.0-1078.84~20.04.1 linux-tools-5.15.0-1078-oracle - 5.15.0-1078.84~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1081 - 5.15.0-1081.88~20.04.1 linux-aws-5.15-headers-5.15.0-1081 - 5.15.0-1081.88~20.04.1 linux-aws-5.15-tools-5.15.0-1081 - 5.15.0-1081.88~20.04.1 linux-buildinfo-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-cloud-tools-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-headers-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-image-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-image-unsigned-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-modules-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-modules-extra-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 linux-tools-5.15.0-1081-aws - 5.15.0-1081.88~20.04.1 No subscription required linux-buildinfo-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-buildinfo-5.15.0-136-lowlatency-64k - 5.15.0-136.147~20.04.1 linux-cloud-tools-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-headers-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-headers-5.15.0-136-lowlatency-64k - 5.15.0-136.147~20.04.1 linux-image-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-image-5.15.0-136-lowlatency-64k - 5.15.0-136.147~20.04.1 linux-image-unsigned-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-image-unsigned-5.15.0-136-lowlatency-64k - 5.15.0-136.147~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-136 - 5.15.0-136.147~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-136 - 5.15.0-136.147~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-136 - 5.15.0-136.147~20.04.1 linux-modules-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-modules-5.15.0-136-lowlatency-64k - 5.15.0-136.147~20.04.1 linux-modules-iwlwifi-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-tools-5.15.0-136-lowlatency - 5.15.0-136.147~20.04.1 linux-tools-5.15.0-136-lowlatency-64k - 5.15.0-136.147~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1078.84~20.04.1 linux-headers-oracle-edge - 5.15.0.1078.84~20.04.1 linux-image-oracle - 5.15.0.1078.84~20.04.1 linux-image-oracle-edge - 5.15.0.1078.84~20.04.1 linux-oracle - 5.15.0.1078.84~20.04.1 linux-oracle-edge - 5.15.0.1078.84~20.04.1 linux-tools-oracle - 5.15.0.1078.84~20.04.1 linux-tools-oracle-edge - 5.15.0.1078.84~20.04.1 No subscription required linux-aws - 5.15.0.1081.88~20.04.1 linux-aws-edge - 5.15.0.1081.88~20.04.1 linux-headers-aws - 5.15.0.1081.88~20.04.1 linux-headers-aws-edge - 5.15.0.1081.88~20.04.1 linux-image-aws - 5.15.0.1081.88~20.04.1 linux-image-aws-edge - 5.15.0.1081.88~20.04.1 linux-modules-extra-aws - 5.15.0.1081.88~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1081.88~20.04.1 linux-tools-aws - 5.15.0.1081.88~20.04.1 linux-tools-aws-edge - 5.15.0.1081.88~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.136.147~20.04.1 No subscription required High CVE-2024-26928 CVE-2024-35864 CVE-2024-56658 CVE-2024-57798 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Network namespace; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - SELinux security module; - ALSA framework; - USB sound devices; (CVE-2024-50242, CVE-2024-53165, CVE-2024-56569, CVE-2024-57938, CVE-2024-57889, CVE-2024-53226, CVE-2024-57882, CVE-2024-57913, CVE-2024-53096, CVE-2024-56575, CVE-2024-56630, CVE-2024-50055, CVE-2024-53129, CVE-2025-21646, CVE-2024-50121, CVE-2024-56594, CVE-2024-57802, CVE-2024-53183, CVE-2024-57904, CVE-2025-21653, CVE-2024-56633, CVE-2024-56595, CVE-2024-56659, CVE-2024-47730, CVE-2024-57948, CVE-2024-56614, CVE-2024-56601, CVE-2024-36476, CVE-2024-49998, CVE-2024-53122, CVE-2024-56701, CVE-2024-56781, CVE-2024-56785, CVE-2024-47707, CVE-2025-21694, CVE-2024-56715, CVE-2024-56693, CVE-2024-56587, CVE-2024-56726, CVE-2024-56688, CVE-2024-53124, CVE-2024-46871, CVE-2025-21648, CVE-2024-56603, CVE-2024-56779, CVE-2025-21637, CVE-2025-21664, CVE-2024-57951, CVE-2024-53136, CVE-2025-21687, CVE-2024-57798, CVE-2024-53680, CVE-2024-56606, CVE-2024-56643, CVE-2024-56634, CVE-2024-56716, CVE-2024-57908, CVE-2024-56774, CVE-2024-56562, CVE-2025-21669, CVE-2024-57849, CVE-2024-56623, CVE-2024-56691, CVE-2024-53155, CVE-2024-49996, CVE-2024-56615, CVE-2024-47143, CVE-2024-56616, CVE-2024-56589, CVE-2024-56532, CVE-2024-53181, CVE-2024-53112, CVE-2024-53130, CVE-2024-56640, CVE-2024-57791, CVE-2024-56574, CVE-2024-57792, CVE-2024-56690, CVE-2024-57940, CVE-2024-53157, CVE-2024-48881, CVE-2024-57925, CVE-2025-21638, CVE-2024-57897, CVE-2024-56586, CVE-2024-56570, CVE-2024-56694, CVE-2024-56637, CVE-2024-53142, CVE-2024-57906, CVE-2024-49925, CVE-2024-56787, CVE-2024-56605, CVE-2024-57841, CVE-2024-53215, CVE-2024-57917, CVE-2024-43900, CVE-2024-50304, CVE-2024-56780, CVE-2024-56644, CVE-2024-56597, CVE-2025-21640, CVE-2024-56756, CVE-2024-53239, CVE-2024-57912, CVE-2024-56567, CVE-2024-55881, CVE-2024-53237, CVE-2024-56593, CVE-2024-53184, CVE-2024-56708, CVE-2024-57911, CVE-2024-56746, CVE-2024-53197, CVE-2024-57807, CVE-2024-57903, CVE-2024-56369, CVE-2024-56739, CVE-2024-56600, CVE-2024-57838, CVE-2024-53120, CVE-2024-57929, CVE-2024-56754, CVE-2024-56679, CVE-2024-56745, CVE-2024-57890, CVE-2025-21697, CVE-2024-57931, CVE-2024-53172, CVE-2024-53227, CVE-2024-56548, CVE-2024-53206, CVE-2024-56650, CVE-2024-56769, CVE-2024-57902, CVE-2025-21666, CVE-2024-56705, CVE-2025-21680, CVE-2025-21689, CVE-2024-57907, CVE-2024-56670, CVE-2024-56728, CVE-2024-53146, CVE-2024-55916, CVE-2024-53685, CVE-2024-56578, CVE-2024-57896, CVE-2024-49950, CVE-2024-56763, CVE-2024-44938, CVE-2025-21678, CVE-2024-57874, CVE-2024-47408, CVE-2024-56636, CVE-2024-56723, CVE-2024-56776, CVE-2024-56681, CVE-2024-56610, CVE-2024-56581, CVE-2024-56539, CVE-2024-56720, CVE-2024-53135, CVE-2025-21639, CVE-2024-53158, CVE-2024-53214, CVE-2024-46784, CVE-2024-53194, CVE-2024-57939, CVE-2024-56747, CVE-2024-53161, CVE-2024-57850, CVE-2024-56602, CVE-2025-21692, CVE-2024-56626, CVE-2024-53113, CVE-2024-56770, CVE-2024-53121, CVE-2024-56598, CVE-2024-57900, CVE-2022-49034, CVE-2024-53198, CVE-2024-53171, CVE-2024-56619, CVE-2024-56631, CVE-2024-56558, CVE-2024-53138, CVE-2024-53151, CVE-2024-56622, CVE-2024-56704, CVE-2024-53173, CVE-2024-56662, CVE-2024-53131, CVE-2025-21683, CVE-2024-53125, CVE-2025-21631, CVE-2024-56625, CVE-2025-21699, CVE-2024-53140, CVE-2024-57910, CVE-2024-56724, CVE-2024-56777, CVE-2024-56596, CVE-2024-56648, CVE-2024-53145, CVE-2024-50051, CVE-2024-58087, CVE-2024-57884, CVE-2024-57946, CVE-2025-21636, CVE-2024-35864, CVE-2024-57892, CVE-2024-56572, CVE-2024-56778, CVE-2024-53156, CVE-2024-56531, CVE-2024-56629, CVE-2024-56698, CVE-2024-43098, CVE-2024-56700, CVE-2024-56533, CVE-2025-21665, CVE-2024-56658, CVE-2025-21690, CVE-2024-53150, CVE-2024-52332, CVE-2024-53180, CVE-2024-53119, CVE-2024-53217, CVE-2024-49974, CVE-2024-57922, CVE-2024-26928, CVE-2024-56568, CVE-2024-53174, CVE-2024-56767, CVE-2024-56590, CVE-2024-56642, CVE-2024-56748, CVE-2024-56645, CVE-2024-46841, CVE-2024-46809, CVE-2024-42315, CVE-2024-56678, CVE-2024-36899, CVE-2024-56759, CVE-2024-50275, CVE-2024-49571, CVE-2024-53148, CVE-2024-56576, CVE-2024-53099, CVE-2024-56627, CVE-2024-53690, CVE-2024-50283, CVE-2024-53127, CVE-2024-45828, CVE-2024-57901) Update Instructions: Run `sudo pro fix USN-7407-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-buildinfo-5.15.0-136-generic-64k - 5.15.0-136.147~20.04.1 linux-buildinfo-5.15.0-136-generic-lpae - 5.15.0-136.147~20.04.1 linux-cloud-tools-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-headers-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-headers-5.15.0-136-generic-64k - 5.15.0-136.147~20.04.1 linux-headers-5.15.0-136-generic-lpae - 5.15.0-136.147~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-136 - 5.15.0-136.147~20.04.1 linux-hwe-5.15-headers-5.15.0-136 - 5.15.0-136.147~20.04.1 linux-hwe-5.15-tools-5.15.0-136 - 5.15.0-136.147~20.04.1 linux-image-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-image-5.15.0-136-generic-64k - 5.15.0-136.147~20.04.1 linux-image-5.15.0-136-generic-lpae - 5.15.0-136.147~20.04.1 linux-image-unsigned-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-image-unsigned-5.15.0-136-generic-64k - 5.15.0-136.147~20.04.1 linux-modules-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-modules-5.15.0-136-generic-64k - 5.15.0-136.147~20.04.1 linux-modules-5.15.0-136-generic-lpae - 5.15.0-136.147~20.04.1 linux-modules-extra-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-modules-iwlwifi-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-tools-5.15.0-136-generic - 5.15.0-136.147~20.04.1 linux-tools-5.15.0-136-generic-64k - 5.15.0-136.147~20.04.1 linux-tools-5.15.0-136-generic-lpae - 5.15.0-136.147~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-generic-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-headers-oem-20.04 - 5.15.0.136.147~20.04.1 linux-headers-oem-20.04b - 5.15.0.136.147~20.04.1 linux-headers-oem-20.04c - 5.15.0.136.147~20.04.1 linux-headers-oem-20.04d - 5.15.0.136.147~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-image-oem-20.04 - 5.15.0.136.147~20.04.1 linux-image-oem-20.04b - 5.15.0.136.147~20.04.1 linux-image-oem-20.04c - 5.15.0.136.147~20.04.1 linux-image-oem-20.04d - 5.15.0.136.147~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.136.147~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.136.147~20.04.1 linux-oem-20.04 - 5.15.0.136.147~20.04.1 linux-oem-20.04b - 5.15.0.136.147~20.04.1 linux-oem-20.04c - 5.15.0.136.147~20.04.1 linux-oem-20.04d - 5.15.0.136.147~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-tools-oem-20.04 - 5.15.0.136.147~20.04.1 linux-tools-oem-20.04b - 5.15.0.136.147~20.04.1 linux-tools-oem-20.04c - 5.15.0.136.147~20.04.1 linux-tools-oem-20.04d - 5.15.0.136.147~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.136.147~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.136.147~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.136.147~20.04.1 No subscription required High CVE-2022-49034 CVE-2024-26928 CVE-2024-35864 CVE-2024-36476 CVE-2024-36899 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50051 CVE-2024-50055 CVE-2024-50121 CVE-2024-50242 CVE-2024-50275 CVE-2024-50283 CVE-2024-50304 CVE-2024-52332 CVE-2024-53096 CVE-2024-53099 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53206 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56658 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57798 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Network namespace; - Networking core; (CVE-2024-56658, CVE-2024-35864, CVE-2024-26928) Update Instructions: Run `sudo pro fix USN-7408-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1061-xilinx-zynqmp - 5.4.0-1061.65 linux-headers-5.4.0-1061-xilinx-zynqmp - 5.4.0-1061.65 linux-image-5.4.0-1061-xilinx-zynqmp - 5.4.0-1061.65 linux-modules-5.4.0-1061-xilinx-zynqmp - 5.4.0-1061.65 linux-tools-5.4.0-1061-xilinx-zynqmp - 5.4.0-1061.65 linux-xilinx-zynqmp-headers-5.4.0-1061 - 5.4.0-1061.65 linux-xilinx-zynqmp-tools-5.4.0-1061 - 5.4.0-1061.65 No subscription required linux-buildinfo-5.4.0-1089-ibm - 5.4.0-1089.94 linux-headers-5.4.0-1089-ibm - 5.4.0-1089.94 linux-ibm-cloud-tools-common - 5.4.0-1089.94 linux-ibm-headers-5.4.0-1089 - 5.4.0-1089.94 linux-ibm-source-5.4.0 - 5.4.0-1089.94 linux-ibm-tools-5.4.0-1089 - 5.4.0-1089.94 linux-ibm-tools-common - 5.4.0-1089.94 linux-image-5.4.0-1089-ibm - 5.4.0-1089.94 linux-image-unsigned-5.4.0-1089-ibm - 5.4.0-1089.94 linux-modules-5.4.0-1089-ibm - 5.4.0-1089.94 linux-modules-extra-5.4.0-1089-ibm - 5.4.0-1089.94 linux-tools-5.4.0-1089-ibm - 5.4.0-1089.94 No subscription required linux-bluefield-headers-5.4.0-1102 - 5.4.0-1102.109 linux-bluefield-tools-5.4.0-1102 - 5.4.0-1102.109 linux-buildinfo-5.4.0-1102-bluefield - 5.4.0-1102.109 linux-headers-5.4.0-1102-bluefield - 5.4.0-1102.109 linux-image-5.4.0-1102-bluefield - 5.4.0-1102.109 linux-image-unsigned-5.4.0-1102-bluefield - 5.4.0-1102.109 linux-modules-5.4.0-1102-bluefield - 5.4.0-1102.109 linux-tools-5.4.0-1102-bluefield - 5.4.0-1102.109 No subscription required linux-buildinfo-5.4.0-1130-kvm - 5.4.0-1130.139 linux-headers-5.4.0-1130-kvm - 5.4.0-1130.139 linux-image-5.4.0-1130-kvm - 5.4.0-1130.139 linux-image-unsigned-5.4.0-1130-kvm - 5.4.0-1130.139 linux-kvm-headers-5.4.0-1130 - 5.4.0-1130.139 linux-kvm-tools-5.4.0-1130 - 5.4.0-1130.139 linux-modules-5.4.0-1130-kvm - 5.4.0-1130.139 linux-tools-5.4.0-1130-kvm - 5.4.0-1130.139 No subscription required linux-buildinfo-5.4.0-1141-oracle - 5.4.0-1141.151 linux-headers-5.4.0-1141-oracle - 5.4.0-1141.151 linux-image-5.4.0-1141-oracle - 5.4.0-1141.151 linux-image-unsigned-5.4.0-1141-oracle - 5.4.0-1141.151 linux-modules-5.4.0-1141-oracle - 5.4.0-1141.151 linux-modules-extra-5.4.0-1141-oracle - 5.4.0-1141.151 linux-oracle-headers-5.4.0-1141 - 5.4.0-1141.151 linux-oracle-tools-5.4.0-1141 - 5.4.0-1141.151 linux-tools-5.4.0-1141-oracle - 5.4.0-1141.151 No subscription required linux-buildinfo-5.4.0-1146-gcp - 5.4.0-1146.155 linux-gcp-headers-5.4.0-1146 - 5.4.0-1146.155 linux-gcp-tools-5.4.0-1146 - 5.4.0-1146.155 linux-headers-5.4.0-1146-gcp - 5.4.0-1146.155 linux-image-5.4.0-1146-gcp - 5.4.0-1146.155 linux-image-unsigned-5.4.0-1146-gcp - 5.4.0-1146.155 linux-modules-5.4.0-1146-gcp - 5.4.0-1146.155 linux-modules-extra-5.4.0-1146-gcp - 5.4.0-1146.155 linux-tools-5.4.0-1146-gcp - 5.4.0-1146.155 No subscription required linux-azure-cloud-tools-5.4.0-1148 - 5.4.0-1148.155 linux-azure-headers-5.4.0-1148 - 5.4.0-1148.155 linux-azure-tools-5.4.0-1148 - 5.4.0-1148.155 linux-buildinfo-5.4.0-1148-azure - 5.4.0-1148.155 linux-cloud-tools-5.4.0-1148-azure - 5.4.0-1148.155 linux-headers-5.4.0-1148-azure - 5.4.0-1148.155 linux-image-5.4.0-1148-azure - 5.4.0-1148.155 linux-image-unsigned-5.4.0-1148-azure - 5.4.0-1148.155 linux-modules-5.4.0-1148-azure - 5.4.0-1148.155 linux-modules-extra-5.4.0-1148-azure - 5.4.0-1148.155 linux-tools-5.4.0-1148-azure - 5.4.0-1148.155 No subscription required linux-buildinfo-5.4.0-212-generic - 5.4.0-212.232 linux-buildinfo-5.4.0-212-generic-lpae - 5.4.0-212.232 linux-buildinfo-5.4.0-212-lowlatency - 5.4.0-212.232 linux-cloud-tools-5.4.0-212 - 5.4.0-212.232 linux-cloud-tools-5.4.0-212-generic - 5.4.0-212.232 linux-cloud-tools-5.4.0-212-lowlatency - 5.4.0-212.232 linux-cloud-tools-common - 5.4.0-212.232 linux-doc - 5.4.0-212.232 linux-headers-5.4.0-212 - 5.4.0-212.232 linux-headers-5.4.0-212-generic - 5.4.0-212.232 linux-headers-5.4.0-212-generic-lpae - 5.4.0-212.232 linux-headers-5.4.0-212-lowlatency - 5.4.0-212.232 linux-image-5.4.0-212-generic - 5.4.0-212.232 linux-image-5.4.0-212-generic-lpae - 5.4.0-212.232 linux-image-5.4.0-212-lowlatency - 5.4.0-212.232 linux-image-unsigned-5.4.0-212-generic - 5.4.0-212.232 linux-image-unsigned-5.4.0-212-lowlatency - 5.4.0-212.232 linux-libc-dev - 5.4.0-212.232 linux-modules-5.4.0-212-generic - 5.4.0-212.232 linux-modules-5.4.0-212-generic-lpae - 5.4.0-212.232 linux-modules-5.4.0-212-lowlatency - 5.4.0-212.232 linux-modules-extra-5.4.0-212-generic - 5.4.0-212.232 linux-source-5.4.0 - 5.4.0-212.232 linux-tools-5.4.0-212 - 5.4.0-212.232 linux-tools-5.4.0-212-generic - 5.4.0-212.232 linux-tools-5.4.0-212-generic-lpae - 5.4.0-212.232 linux-tools-5.4.0-212-lowlatency - 5.4.0-212.232 linux-tools-common - 5.4.0-212.232 linux-tools-host - 5.4.0-212.232 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1061.61 linux-image-xilinx-zynqmp - 5.4.0.1061.61 linux-tools-xilinx-zynqmp - 5.4.0.1061.61 linux-xilinx-zynqmp - 5.4.0.1061.61 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1089.118 linux-ibm-lts-20.04 - 5.4.0.1089.118 linux-image-ibm-lts-20.04 - 5.4.0.1089.118 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1089.118 linux-tools-ibm-lts-20.04 - 5.4.0.1089.118 No subscription required linux-bluefield - 5.4.0.1102.98 linux-headers-bluefield - 5.4.0.1102.98 linux-image-bluefield - 5.4.0.1102.98 linux-tools-bluefield - 5.4.0.1102.98 No subscription required linux-headers-kvm - 5.4.0.1130.126 linux-image-kvm - 5.4.0.1130.126 linux-kvm - 5.4.0.1130.126 linux-tools-kvm - 5.4.0.1130.126 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1141.135 linux-image-oracle-lts-20.04 - 5.4.0.1141.135 linux-oracle-lts-20.04 - 5.4.0.1141.135 linux-tools-oracle-lts-20.04 - 5.4.0.1141.135 No subscription required linux-gcp-lts-20.04 - 5.4.0.1146.148 linux-headers-gcp-lts-20.04 - 5.4.0.1146.148 linux-image-gcp-lts-20.04 - 5.4.0.1146.148 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1146.148 linux-tools-gcp-lts-20.04 - 5.4.0.1146.148 No subscription required linux-azure-lts-20.04 - 5.4.0.1148.142 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1148.142 linux-headers-azure-lts-20.04 - 5.4.0.1148.142 linux-image-azure-lts-20.04 - 5.4.0.1148.142 linux-modules-extra-azure-lts-20.04 - 5.4.0.1148.142 linux-tools-azure-lts-20.04 - 5.4.0.1148.142 No subscription required linux-cloud-tools-generic - 5.4.0.212.207 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.212.207 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.212.207 linux-cloud-tools-lowlatency - 5.4.0.212.207 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.212.207 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.212.207 linux-cloud-tools-virtual - 5.4.0.212.207 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.212.207 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.212.207 linux-crashdump - 5.4.0.212.207 linux-generic - 5.4.0.212.207 linux-generic-hwe-18.04 - 5.4.0.212.207 linux-generic-hwe-18.04-edge - 5.4.0.212.207 linux-generic-lpae - 5.4.0.212.207 linux-generic-lpae-hwe-18.04 - 5.4.0.212.207 linux-generic-lpae-hwe-18.04-edge - 5.4.0.212.207 linux-headers-generic - 5.4.0.212.207 linux-headers-generic-hwe-18.04 - 5.4.0.212.207 linux-headers-generic-hwe-18.04-edge - 5.4.0.212.207 linux-headers-generic-lpae - 5.4.0.212.207 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.212.207 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.212.207 linux-headers-lowlatency - 5.4.0.212.207 linux-headers-lowlatency-hwe-18.04 - 5.4.0.212.207 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.212.207 linux-headers-oem - 5.4.0.212.207 linux-headers-oem-osp1 - 5.4.0.212.207 linux-headers-virtual - 5.4.0.212.207 linux-headers-virtual-hwe-18.04 - 5.4.0.212.207 linux-headers-virtual-hwe-18.04-edge - 5.4.0.212.207 linux-image-extra-virtual - 5.4.0.212.207 linux-image-extra-virtual-hwe-18.04 - 5.4.0.212.207 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.212.207 linux-image-generic - 5.4.0.212.207 linux-image-generic-hwe-18.04 - 5.4.0.212.207 linux-image-generic-hwe-18.04-edge - 5.4.0.212.207 linux-image-generic-lpae - 5.4.0.212.207 linux-image-generic-lpae-hwe-18.04 - 5.4.0.212.207 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.212.207 linux-image-lowlatency - 5.4.0.212.207 linux-image-lowlatency-hwe-18.04 - 5.4.0.212.207 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.212.207 linux-image-oem - 5.4.0.212.207 linux-image-oem-osp1 - 5.4.0.212.207 linux-image-virtual - 5.4.0.212.207 linux-image-virtual-hwe-18.04 - 5.4.0.212.207 linux-image-virtual-hwe-18.04-edge - 5.4.0.212.207 linux-lowlatency - 5.4.0.212.207 linux-lowlatency-hwe-18.04 - 5.4.0.212.207 linux-lowlatency-hwe-18.04-edge - 5.4.0.212.207 linux-oem - 5.4.0.212.207 linux-oem-osp1 - 5.4.0.212.207 linux-oem-osp1-tools-host - 5.4.0.212.207 linux-oem-tools-host - 5.4.0.212.207 linux-source - 5.4.0.212.207 linux-tools-generic - 5.4.0.212.207 linux-tools-generic-hwe-18.04 - 5.4.0.212.207 linux-tools-generic-hwe-18.04-edge - 5.4.0.212.207 linux-tools-generic-lpae - 5.4.0.212.207 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.212.207 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.212.207 linux-tools-lowlatency - 5.4.0.212.207 linux-tools-lowlatency-hwe-18.04 - 5.4.0.212.207 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.212.207 linux-tools-oem - 5.4.0.212.207 linux-tools-oem-osp1 - 5.4.0.212.207 linux-tools-virtual - 5.4.0.212.207 linux-tools-virtual-hwe-18.04 - 5.4.0.212.207 linux-tools-virtual-hwe-18.04-edge - 5.4.0.212.207 linux-virtual - 5.4.0.212.207 linux-virtual-hwe-18.04 - 5.4.0.212.207 linux-virtual-hwe-18.04-edge - 5.4.0.212.207 No subscription required High CVE-2024-26928 CVE-2024-35864 CVE-2024-56658 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Network namespace; - Networking core; (CVE-2024-56658, CVE-2024-35864, CVE-2024-26928) Update Instructions: Run `sudo pro fix USN-7408-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1117-fips - 5.4.0-1117.127 linux-fips-headers-5.4.0-1117 - 5.4.0-1117.127 linux-fips-tools-5.4.0-1117 - 5.4.0-1117.127 linux-fips-tools-host - 5.4.0-1117.127 linux-headers-5.4.0-1117-fips - 5.4.0-1117.127 linux-image-5.4.0-1117-fips - 5.4.0-1117.127 linux-image-hmac-5.4.0-1117-fips - 5.4.0-1117.127 linux-image-unsigned-5.4.0-1117-fips - 5.4.0-1117.127 linux-image-unsigned-hmac-5.4.0-1117-fips - 5.4.0-1117.127 linux-modules-5.4.0-1117-fips - 5.4.0-1117.127 linux-modules-extra-5.4.0-1117-fips - 5.4.0-1117.127 linux-tools-5.4.0-1117-fips - 5.4.0-1117.127 Available with Ubuntu Pro: https://ubuntu.com/pro linux-fips - 5.4.0.1117.114 linux-headers-fips - 5.4.0.1117.114 linux-image-fips - 5.4.0.1117.114 linux-signed-fips - 5.4.0.1117.114 linux-signed-image-fips - 5.4.0.1117.114 linux-tools-fips - 5.4.0.1117.114 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2024-26928 CVE-2024-35864 CVE-2024-56658 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Network namespace; - Networking core; (CVE-2024-56658, CVE-2024-35864, CVE-2024-26928) Update Instructions: Run `sudo pro fix USN-7408-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-gcp-fips-headers-5.4.0-1146 - 5.4.0-1146.155+fips1 linux-gcp-fips-tools-5.4.0-1146 - 5.4.0-1146.155+fips1 linux-headers-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-image-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-image-hmac-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-image-unsigned-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-image-unsigned-hmac-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-modules-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-modules-extra-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 linux-tools-5.4.0-1146-gcp-fips - 5.4.0-1146.155+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips-cloud-tools-5.4.0-1148 - 5.4.0-1148.156+fips1 linux-azure-fips-headers-5.4.0-1148 - 5.4.0-1148.156+fips1 linux-azure-fips-tools-5.4.0-1148 - 5.4.0-1148.156+fips1 linux-buildinfo-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-cloud-tools-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-headers-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-image-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-image-hmac-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-image-unsigned-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-image-unsigned-hmac-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-modules-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-modules-extra-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 linux-tools-5.4.0-1148-azure-fips - 5.4.0-1148.156+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-gcp-fips - 5.4.0.1146.88 linux-headers-gcp-fips - 5.4.0.1146.88 linux-image-gcp-fips - 5.4.0.1146.88 linux-modules-extra-gcp-fips - 5.4.0.1146.88 linux-tools-gcp-fips - 5.4.0.1146.88 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips - 5.4.0.1148.86 linux-cloud-tools-azure-fips - 5.4.0.1148.86 linux-headers-azure-fips - 5.4.0.1148.86 linux-image-azure-fips - 5.4.0.1148.86 linux-modules-extra-azure-fips - 5.4.0.1148.86 linux-tools-azure-fips - 5.4.0.1148.86 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2024-26928 CVE-2024-35864 CVE-2024-56658 Ubuntu 20.04 LTS It was discovered that ruby-saml did not correctly handle XML parsing. An attacker could possibly use this issue to perform a signature wrapping attack and bypass authentication. (CVE-2025-25291 and CVE-2025-25292) It was discovered that ruby-saml did not correctly handle decompressing SAML responses. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-25293) Update Instructions: Run `sudo pro fix USN-7409-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-saml - 1.11.0-1ubuntu0.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-25291 CVE-2025-25292 CVE-2025-25293 Ubuntu 20.04 LTS It was discovered that Tomcat incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause tomcat9 to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7410-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtomcat9-embed-java - 9.0.31-1ubuntu0.9 libtomcat9-java - 9.0.31-1ubuntu0.9 tomcat9 - 9.0.31-1ubuntu0.9 tomcat9-admin - 9.0.31-1ubuntu0.9 tomcat9-common - 9.0.31-1ubuntu0.9 tomcat9-docs - 9.0.31-1ubuntu0.9 tomcat9-examples - 9.0.31-1ubuntu0.9 tomcat9-user - 9.0.31-1ubuntu0.9 No subscription required High CVE-2023-44487 Ubuntu 20.04 LTS It was discovered that GnuPG incorrectly handled importing keys with certain crafted subkey data. If a user or automated system were tricked into importing a specially crafted key, a remote attacker may prevent users from importing other keys in the future. Update Instructions: Run `sudo pro fix USN-7412-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dirmngr - 2.2.19-3ubuntu2.4 gnupg - 2.2.19-3ubuntu2.4 gnupg-agent - 2.2.19-3ubuntu2.4 gnupg-l10n - 2.2.19-3ubuntu2.4 gnupg-utils - 2.2.19-3ubuntu2.4 gnupg2 - 2.2.19-3ubuntu2.4 gpg - 2.2.19-3ubuntu2.4 gpg-agent - 2.2.19-3ubuntu2.4 gpg-wks-client - 2.2.19-3ubuntu2.4 gpg-wks-server - 2.2.19-3ubuntu2.4 gpgconf - 2.2.19-3ubuntu2.4 gpgsm - 2.2.19-3ubuntu2.4 gpgv - 2.2.19-3ubuntu2.4 gpgv-static - 2.2.19-3ubuntu2.4 gpgv-win32 - 2.2.19-3ubuntu2.4 gpgv2 - 2.2.19-3ubuntu2.4 scdaemon - 2.2.19-3ubuntu2.4 No subscription required Medium CVE-2025-30258 Ubuntu 20.04 LTS Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Virtio block driver; - TPM device driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NTB driver; - Virtio pmem driver; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - TTY drivers; - USB Device Class drivers; - USB Gadget drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - Bluetooth subsystem; - LAPB network protocol; - Network traffic control; - Network sockets; - TCP network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Perf events; - Arbitrary resource management; - Tracing infrastructure; - Closures library; - Memory management; - 9P file system network protocol; - Amateur Radio drivers; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; - KVM core; (CVE-2024-53680, CVE-2024-49957, CVE-2024-50179, CVE-2024-57913, CVE-2024-57938, CVE-2024-35965, CVE-2024-56746, CVE-2024-50151, CVE-2024-49962, CVE-2024-50082, CVE-2024-50278, CVE-2024-46854, CVE-2024-56539, CVE-2024-50150, CVE-2024-56606, CVE-2024-50234, CVE-2024-56748, CVE-2024-57807, CVE-2024-47692, CVE-2024-56614, CVE-2024-57931, CVE-2024-50265, CVE-2024-57884, CVE-2024-50264, CVE-2024-56601, CVE-2024-49894, CVE-2024-50040, CVE-2024-49892, CVE-2024-57802, CVE-2024-38544, CVE-2024-56779, CVE-2024-49924, CVE-2024-56681, CVE-2021-47101, CVE-2024-47672, CVE-2024-47670, CVE-2024-50143, CVE-2024-57922, CVE-2024-50195, CVE-2022-49034, CVE-2024-47740, CVE-2024-56615, CVE-2024-56637, CVE-2024-47747, CVE-2024-53057, CVE-2024-50290, CVE-2024-50116, CVE-2024-50134, CVE-2024-47707, CVE-2024-53155, CVE-2024-56630, CVE-2024-53183, CVE-2024-56642, CVE-2024-57892, CVE-2024-56603, CVE-2024-53059, CVE-2025-21653, CVE-2024-53194, CVE-2024-50024, CVE-2024-52332, CVE-2024-50168, CVE-2024-53156, CVE-2024-56595, CVE-2024-53104, CVE-2024-49948, CVE-2024-53066, CVE-2024-56747, CVE-2024-50148, CVE-2024-53197, CVE-2024-50184, CVE-2024-53214, CVE-2024-50230, CVE-2024-57908, CVE-2024-56694, CVE-2025-21694, CVE-2024-47749, CVE-2024-47742, CVE-2024-53198, CVE-2024-49997, CVE-2024-53135, CVE-2024-36952, CVE-2024-53103, CVE-2024-49860, CVE-2024-50007, CVE-2024-49949, CVE-2024-57911, CVE-2024-53101, CVE-2024-56576, CVE-2024-56558, CVE-2024-56570, CVE-2024-50131, CVE-2024-56587, CVE-2024-56780, CVE-2024-53145, CVE-2024-53112, CVE-2025-21697, CVE-2024-56596, CVE-2024-48881, CVE-2024-49958, CVE-2024-53148, CVE-2024-47671, CVE-2024-56659, CVE-2024-50267, CVE-2024-50279, CVE-2024-56633, CVE-2024-50205, CVE-2024-49944, CVE-2024-53157, CVE-2024-43892, CVE-2025-21699, CVE-2024-49882, CVE-2024-43098, CVE-2023-52821, CVE-2024-47685, CVE-2024-50218, CVE-2024-49975, CVE-2024-53171, CVE-2024-57948, CVE-2024-56756, CVE-2024-47679, CVE-2024-53140, CVE-2024-56739, CVE-2024-56629, CVE-2024-47698, CVE-2024-53217, CVE-2024-53146, CVE-2024-49966, CVE-2024-53227, CVE-2024-50167, CVE-2024-57910, CVE-2024-57951, CVE-2024-56643, CVE-2024-53172, CVE-2024-50299, CVE-2024-53690, CVE-2024-50035, CVE-2024-50202, CVE-2024-49878, CVE-2024-50251, CVE-2024-47699, CVE-2024-50296, CVE-2024-56569, CVE-2024-42252, CVE-2024-47713, CVE-2024-56650, CVE-2024-53150, CVE-2024-56634, CVE-2024-56691, CVE-2024-53239, CVE-2024-50180, CVE-2024-56602, CVE-2024-44938, CVE-2024-50236, CVE-2024-49884, CVE-2024-47757, CVE-2024-50044, CVE-2024-46853, CVE-2024-50045, CVE-2024-50194, CVE-2024-35887, CVE-2024-56594, CVE-2024-50302, CVE-2024-56631, CVE-2024-35967, CVE-2024-56690, CVE-2024-56723, CVE-2024-49973, CVE-2024-53165, CVE-2024-50237, CVE-2024-50117, CVE-2024-57929, CVE-2024-49883, CVE-2024-46849, CVE-2024-49903, CVE-2024-50142, CVE-2024-56770, CVE-2024-50301, CVE-2024-53130, CVE-2024-53131, CVE-2024-47710, CVE-2024-49995, CVE-2024-44931, CVE-2024-56720, CVE-2024-49867, CVE-2024-49879, CVE-2024-53138, CVE-2024-53184, CVE-2024-47737, CVE-2024-50127, CVE-2024-57904, CVE-2024-56572, CVE-2024-56704, CVE-2024-35896, CVE-2024-40953, CVE-2024-56600, CVE-2024-50282, CVE-2024-47756, CVE-2024-49959, CVE-2024-49936, CVE-2024-53173, CVE-2024-57902, CVE-2025-21639, CVE-2024-46731, CVE-2024-56700, CVE-2024-57890, CVE-2025-21687, CVE-2024-47674, CVE-2024-50099, CVE-2024-56769, CVE-2024-50287, CVE-2024-53127, CVE-2024-41066, CVE-2024-53158, CVE-2025-21638, CVE-2024-47706, CVE-2024-47684, CVE-2024-53124, CVE-2024-49902, CVE-2024-56598, CVE-2024-57906, CVE-2024-53121, CVE-2024-35963, CVE-2024-49996, CVE-2024-53141, CVE-2024-50051, CVE-2024-56644, CVE-2024-56688, CVE-2024-57849, CVE-2024-57900, CVE-2024-56593, CVE-2024-56767, CVE-2024-49982, CVE-2024-49965, CVE-2024-50229, CVE-2024-53161, CVE-2024-49868, CVE-2024-49900, CVE-2024-50269, CVE-2024-57946, CVE-2024-47709, CVE-2024-49851, CVE-2024-50199, CVE-2024-56724, CVE-2024-50039, CVE-2024-56581, CVE-2024-50233, CVE-2024-56670, CVE-2024-50006, CVE-2024-35966, CVE-2024-56597, CVE-2024-50273, CVE-2024-53063, CVE-2024-56781, CVE-2024-56574, CVE-2024-56567, CVE-2024-47723, CVE-2024-53061, CVE-2025-0927, CVE-2024-53142, CVE-2024-49877, CVE-2024-47697, CVE-2024-49952, CVE-2024-53174, CVE-2024-56645, CVE-2021-47219, CVE-2024-49981, CVE-2025-21640, CVE-2024-49955, CVE-2023-52458, CVE-2024-53164, CVE-2024-57850, CVE-2025-21678, CVE-2024-56532, CVE-2024-40965, CVE-2024-56586, CVE-2021-47001, CVE-2024-40967, CVE-2024-49896, CVE-2024-47701, CVE-2024-50008, CVE-2024-43863, CVE-2024-43900, CVE-2024-49938, CVE-2024-56562, CVE-2024-40910, CVE-2024-38588, CVE-2025-21689, CVE-2024-53181, CVE-2024-56619, CVE-2024-49985, CVE-2024-50096, CVE-2024-56605, CVE-2024-50059, CVE-2024-47696, CVE-2024-50074, CVE-2024-57889, CVE-2024-56548, CVE-2024-57901, CVE-2024-49963, CVE-2024-41016, CVE-2024-47712, CVE-2024-49925, CVE-2024-50033, CVE-2024-50262, CVE-2024-56531, CVE-2024-57912, CVE-2024-40911, CVE-2024-38553, CVE-2024-50171, CVE-2025-21664, CVE-2024-55916, CVE-2024-38597, CVE-2021-47469) Update Instructions: Run `sudo pro fix USN-7413-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1048-iot - 5.4.0-1048.51 linux-headers-5.4.0-1048-iot - 5.4.0-1048.51 linux-image-5.4.0-1048-iot - 5.4.0-1048.51 linux-image-unsigned-5.4.0-1048-iot - 5.4.0-1048.51 linux-iot-headers-5.4.0-1048 - 5.4.0-1048.51 linux-iot-tools-5.4.0-1048 - 5.4.0-1048.51 linux-modules-5.4.0-1048-iot - 5.4.0-1048.51 linux-tools-5.4.0-1048-iot - 5.4.0-1048.51 No subscription required linux-headers-iot - 5.4.0.1048.46 linux-image-iot - 5.4.0.1048.46 linux-iot - 5.4.0.1048.46 linux-tools-iot - 5.4.0.1048.46 No subscription required High CVE-2021-47001 CVE-2021-47101 CVE-2021-47219 CVE-2021-47469 CVE-2022-38096 CVE-2022-49034 CVE-2023-21400 CVE-2023-52458 CVE-2023-52821 CVE-2024-23848 CVE-2024-35887 CVE-2024-35896 CVE-2024-35963 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-36952 CVE-2024-38544 CVE-2024-38553 CVE-2024-38588 CVE-2024-38597 CVE-2024-40910 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-40967 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43098 CVE-2024-43863 CVE-2024-43892 CVE-2024-43900 CVE-2024-44931 CVE-2024-44938 CVE-2024-46731 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47707 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-48881 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49925 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49995 CVE-2024-49996 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50051 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50262 CVE-2024-50264 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-52332 CVE-2024-53057 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53103 CVE-2024-53104 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53138 CVE-2024-53140 CVE-2024-53141 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53164 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Stelios Tsampas discovered that Kamailio did not correctly handle certain memory operations, which could lead to a buffer overflow. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-2385) Henning Westerholt discovered that Kamailio did not correctly handle duplicated headers, which could lead to a segmentation fault. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14767) It was discovered that Kamailio did not correctly handle parsing certain headers containing whitespace characters. An authenticated attacker could possibly use this issue to gain access to unauthorized resources and expose sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-28361) Update Instructions: Run `sudo pro fix USN-7416-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kamailio - 5.3.2-1ubuntu0.1~esm2 kamailio-autheph-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-berkeley-bin - 5.3.2-1ubuntu0.1~esm2 kamailio-berkeley-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-cnxcc-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-cpl-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-erlang-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-extra-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-geoip-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-geoip2-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-ims-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-json-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-kazoo-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-ldap-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-lua-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-memcached-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-mongodb-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-mono-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-mysql-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-outbound-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-perl-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-phonenum-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-postgres-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-presence-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-python3-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-rabbitmq-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-radius-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-redis-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-ruby-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-sctp-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-snmpstats-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-sqlite-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-systemd-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-tls-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-unixodbc-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-utils-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-websocket-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-xml-modules - 5.3.2-1ubuntu0.1~esm2 kamailio-xmpp-modules - 5.3.2-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2016-2385 CVE-2018-14767 CVE-2020-28361 Ubuntu 20.04 LTS It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2024-35176, CVE-2024-39908, CVE-2024-41123, CVE-2024-43398) It was discovered that Ruby incorrectly handled expanding ranges in the net-imap response parser. If a user or automated system were tricked into connecting to a malicious IMAP server, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-25186) It was discovered that the Ruby CGI gem incorrectly handled parsing certain cookies. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2025-27219) It was discovered that the Ruby CGI gem incorrectly handled parsing certain regular expressions. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2025-27220) It was discovered that the Ruby URI gem incorrectly handled certain URI handling methods. A remote attacker could possibly use this issue to leak authentication credentials. (CVE-2025-27221) Update Instructions: Run `sudo pro fix USN-7418-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libruby2.7 - 2.7.0-5ubuntu1.18 ruby2.7 - 2.7.0-5ubuntu1.18 ruby2.7-dev - 2.7.0-5ubuntu1.18 ruby2.7-doc - 2.7.0-5ubuntu1.18 No subscription required Medium CVE-2024-35176 CVE-2024-39908 CVE-2024-41123 CVE-2024-43398 CVE-2025-25186 CVE-2025-27219 CVE-2025-27220 CVE-2025-27221 Ubuntu 20.04 LTS It was discovered that Vim incorrectly handled memory when using invalid input with the log option. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-1215) It was discovered that Vim incorrectly handled memory when redirecting certain output to the register. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-26603) Update Instructions: Run `sudo pro fix USN-7419-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: vim - 2:8.1.2269-1ubuntu5.32 vim-athena - 2:8.1.2269-1ubuntu5.32 vim-common - 2:8.1.2269-1ubuntu5.32 vim-doc - 2:8.1.2269-1ubuntu5.32 vim-gtk - 2:8.1.2269-1ubuntu5.32 vim-gtk3 - 2:8.1.2269-1ubuntu5.32 vim-gui-common - 2:8.1.2269-1ubuntu5.32 vim-nox - 2:8.1.2269-1ubuntu5.32 vim-runtime - 2:8.1.2269-1ubuntu5.32 vim-tiny - 2:8.1.2269-1ubuntu5.32 xxd - 2:8.1.2269-1ubuntu5.32 No subscription required Medium CVE-2025-1215 CVE-2025-26603 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Network namespace; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - SELinux security module; - ALSA framework; - USB sound devices; (CVE-2024-53680, CVE-2024-53148, CVE-2024-47408, CVE-2024-53122, CVE-2024-56691, CVE-2024-56763, CVE-2024-53227, CVE-2024-56369, CVE-2024-50275, CVE-2024-57892, CVE-2024-53142, CVE-2024-56693, CVE-2024-56658, CVE-2024-57882, CVE-2024-56606, CVE-2024-46871, CVE-2024-57907, CVE-2024-56642, CVE-2025-21631, CVE-2024-57908, CVE-2024-57890, CVE-2024-53194, CVE-2024-57913, CVE-2024-56659, CVE-2024-56643, CVE-2024-56590, CVE-2024-56754, CVE-2025-21678, CVE-2024-56678, CVE-2024-49974, CVE-2024-56614, CVE-2024-53124, CVE-2022-49034, CVE-2024-49996, CVE-2024-47143, CVE-2024-50055, CVE-2024-53184, CVE-2024-56681, CVE-2025-21683, CVE-2024-57922, CVE-2024-56532, CVE-2024-53161, CVE-2024-57791, CVE-2025-21664, CVE-2024-53206, CVE-2024-56589, CVE-2024-57902, CVE-2024-56633, CVE-2024-53140, CVE-2024-56627, CVE-2024-57912, CVE-2024-55916, CVE-2024-56594, CVE-2025-21690, CVE-2024-56602, CVE-2024-49998, CVE-2024-53171, CVE-2024-53174, CVE-2024-53172, CVE-2024-56701, CVE-2024-52332, CVE-2024-57948, CVE-2024-57802, CVE-2024-53237, CVE-2024-50304, CVE-2024-56568, CVE-2024-49571, CVE-2025-21636, CVE-2024-57906, CVE-2024-57939, CVE-2024-57931, CVE-2024-56698, CVE-2024-56781, CVE-2024-50051, CVE-2024-57904, CVE-2024-43900, CVE-2024-53146, CVE-2024-53217, CVE-2024-56548, CVE-2024-56616, CVE-2024-53155, CVE-2024-57889, CVE-2025-21666, CVE-2024-53165, CVE-2024-56615, CVE-2024-56629, CVE-2024-53197, CVE-2024-47707, CVE-2024-53690, CVE-2024-56572, CVE-2024-56748, CVE-2024-45828, CVE-2024-53156, CVE-2024-53150, CVE-2024-53181, CVE-2024-56625, CVE-2024-57938, CVE-2024-56708, CVE-2024-57925, CVE-2024-56644, CVE-2024-50121, CVE-2024-53125, CVE-2025-21697, CVE-2024-53180, CVE-2024-53129, CVE-2024-57910, CVE-2024-57951, CVE-2024-46841, CVE-2024-56670, CVE-2024-56759, CVE-2024-56662, CVE-2024-56769, CVE-2024-56623, CVE-2024-26928, CVE-2024-56777, CVE-2024-53183, CVE-2024-53135, CVE-2024-57884, CVE-2024-56778, CVE-2024-56774, CVE-2024-53145, CVE-2024-56574, CVE-2025-21687, CVE-2024-53215, CVE-2024-57807, CVE-2024-56704, CVE-2025-21665, CVE-2024-56637, CVE-2024-56601, CVE-2024-56650, CVE-2024-57911, CVE-2024-57900, CVE-2024-56716, CVE-2025-21689, CVE-2024-56597, CVE-2024-56570, CVE-2024-56779, CVE-2025-21653, CVE-2024-56747, CVE-2024-56622, CVE-2024-44938, CVE-2025-21639, CVE-2024-56578, CVE-2024-56728, CVE-2024-53151, CVE-2024-56723, CVE-2024-53158, CVE-2024-56645, CVE-2024-56586, CVE-2024-50242, CVE-2024-53099, CVE-2024-56726, CVE-2024-35864, CVE-2024-56739, CVE-2024-56785, CVE-2024-46784, CVE-2024-56539, CVE-2024-57838, CVE-2024-57850, CVE-2024-56593, CVE-2024-53239, CVE-2024-53173, CVE-2024-57901, CVE-2024-56595, CVE-2024-53138, CVE-2024-56724, CVE-2025-21699, CVE-2025-21694, CVE-2024-49925, CVE-2024-53113, CVE-2024-56603, CVE-2024-53119, CVE-2024-53121, CVE-2024-48881, CVE-2024-56745, CVE-2025-21637, CVE-2025-21640, CVE-2024-50283, CVE-2024-42069, CVE-2024-53214, CVE-2024-56605, CVE-2024-53226, CVE-2024-56640, CVE-2024-57929, CVE-2024-56575, CVE-2024-56700, CVE-2024-57903, CVE-2024-56776, CVE-2024-56679, CVE-2024-56648, CVE-2025-21692, CVE-2024-56558, CVE-2024-53198, CVE-2024-56787, CVE-2024-56600, CVE-2024-56576, CVE-2024-53120, CVE-2024-56531, CVE-2024-56567, CVE-2025-21680, CVE-2024-56780, CVE-2024-56631, CVE-2024-56694, CVE-2024-43098, CVE-2024-53127, CVE-2024-56626, CVE-2024-56598, CVE-2024-47730, CVE-2024-53130, CVE-2024-56619, CVE-2024-56569, CVE-2024-57917, CVE-2024-56767, CVE-2024-56587, CVE-2024-56690, CVE-2024-53112, CVE-2024-57946, CVE-2025-21638, CVE-2024-56770, CVE-2024-56596, CVE-2024-56720, CVE-2024-36476, CVE-2024-56533, CVE-2025-21648, CVE-2024-56705, CVE-2025-21646, CVE-2024-57897, CVE-2024-57798, CVE-2024-56636, CVE-2024-53096, CVE-2024-56715, CVE-2024-58087, CVE-2024-57841, CVE-2024-46809, CVE-2024-56634, CVE-2024-53685, CVE-2024-56756, CVE-2024-56562, CVE-2024-57874, CVE-2024-56581, CVE-2024-56630, CVE-2025-21669, CVE-2024-57896, CVE-2024-55881, CVE-2024-53157, CVE-2024-56688, CVE-2024-57849, CVE-2024-53131, CVE-2024-56610, CVE-2024-57940, CVE-2024-57792, CVE-2024-36899, CVE-2024-53136, CVE-2024-42315, CVE-2024-56746, CVE-2024-49950) Update Instructions: Run `sudo pro fix USN-7421-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1086 - 5.15.0-1086.95~20.04.1 linux-azure-5.15-headers-5.15.0-1086 - 5.15.0-1086.95~20.04.1 linux-azure-5.15-tools-5.15.0-1086 - 5.15.0-1086.95~20.04.1 linux-buildinfo-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-cloud-tools-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-headers-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-image-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-image-unsigned-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-modules-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-modules-extra-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-modules-involflt-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 linux-tools-5.15.0-1086-azure - 5.15.0-1086.95~20.04.1 No subscription required linux-image-5.15.0-1086-azure-fde - 5.15.0-1086.95~20.04.1.1 linux-image-unsigned-5.15.0-1086-azure-fde - 5.15.0-1086.95~20.04.1.1 No subscription required linux-azure - 5.15.0.1086.95~20.04.1 linux-azure-cvm - 5.15.0.1086.95~20.04.1 linux-azure-edge - 5.15.0.1086.95~20.04.1 linux-cloud-tools-azure - 5.15.0.1086.95~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1086.95~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1086.95~20.04.1 linux-headers-azure - 5.15.0.1086.95~20.04.1 linux-headers-azure-cvm - 5.15.0.1086.95~20.04.1 linux-headers-azure-edge - 5.15.0.1086.95~20.04.1 linux-image-azure - 5.15.0.1086.95~20.04.1 linux-image-azure-cvm - 5.15.0.1086.95~20.04.1 linux-image-azure-edge - 5.15.0.1086.95~20.04.1 linux-modules-extra-azure - 5.15.0.1086.95~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1086.95~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1086.95~20.04.1 linux-modules-involflt-azure - 5.15.0.1086.95~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1086.95~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1086.95~20.04.1 linux-tools-azure - 5.15.0.1086.95~20.04.1 linux-tools-azure-cvm - 5.15.0.1086.95~20.04.1 linux-tools-azure-edge - 5.15.0.1086.95~20.04.1 No subscription required linux-azure-fde - 5.15.0.1086.95~20.04.1.61 linux-azure-fde-edge - 5.15.0.1086.95~20.04.1.61 linux-cloud-tools-azure-fde - 5.15.0.1086.95~20.04.1.61 linux-cloud-tools-azure-fde-edge - 5.15.0.1086.95~20.04.1.61 linux-headers-azure-fde - 5.15.0.1086.95~20.04.1.61 linux-headers-azure-fde-edge - 5.15.0.1086.95~20.04.1.61 linux-image-azure-fde - 5.15.0.1086.95~20.04.1.61 linux-image-azure-fde-edge - 5.15.0.1086.95~20.04.1.61 linux-modules-extra-azure-fde - 5.15.0.1086.95~20.04.1.61 linux-modules-extra-azure-fde-edge - 5.15.0.1086.95~20.04.1.61 linux-tools-azure-fde - 5.15.0.1086.95~20.04.1.61 linux-tools-azure-fde-edge - 5.15.0.1086.95~20.04.1.61 No subscription required High CVE-2022-49034 CVE-2024-26928 CVE-2024-35864 CVE-2024-36476 CVE-2024-36899 CVE-2024-42069 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50051 CVE-2024-50055 CVE-2024-50121 CVE-2024-50242 CVE-2024-50275 CVE-2024-50283 CVE-2024-50304 CVE-2024-52332 CVE-2024-53096 CVE-2024-53099 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53206 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56658 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57798 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS It was discovered that FIS-GT.M could incorrectly dereference memory in certain instances. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. (CVE-2021-44492, CVE-2021-44498, CVE-2021-44508) It was discovered that FIS-GT.M could perform a division by zero due to a lack of input validation. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. (CVE-2021-44500) It was discovered that FIS-GT.M could be forced to allocate memory of a chosen size through crafted input. An attacker could possibly use this issue to exhaust the available memory of FIS-GT.M, leading to a crash that would result in a denial of service. (CVE-2021-44502) It was discovered that FIS-GT.M could be forced to read from uninitialized memory due to a lack of input validation. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2021-44506) It was discovered that FIS-GT.M could crash due to an integer underflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-44509, CVE-2021-44510) Update Instructions: Run `sudo pro fix USN-7422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fis-gtm - 6.3-007-1ubuntu0.1~esm1 fis-gtm-6.3-007 - 6.3-007-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-44492 CVE-2021-44498 CVE-2021-44500 CVE-2021-44502 CVE-2021-44506 CVE-2021-44508 CVE-2021-44509 CVE-2021-44510 Ubuntu 20.04 LTS It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. (CVE-2025-1153, CVE-2025-1182) It was discovered that ld in GNU binutils incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2025-1176) It was discovered that ld in GNU binutils incorrectly handled certain files. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-1178, CVE-2025-1181) Update Instructions: Run `sudo pro fix USN-7423-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: binutils - 2.34-6ubuntu1.11 binutils-aarch64-linux-gnu - 2.34-6ubuntu1.11 binutils-alpha-linux-gnu - 2.34-6ubuntu1.11 binutils-arm-linux-gnueabi - 2.34-6ubuntu1.11 binutils-arm-linux-gnueabihf - 2.34-6ubuntu1.11 binutils-common - 2.34-6ubuntu1.11 binutils-dev - 2.34-6ubuntu1.11 binutils-doc - 2.34-6ubuntu1.11 binutils-for-build - 2.34-6ubuntu1.11 binutils-for-host - 2.34-6ubuntu1.11 binutils-hppa-linux-gnu - 2.34-6ubuntu1.11 binutils-hppa64-linux-gnu - 2.34-6ubuntu1.11 binutils-i686-gnu - 2.34-6ubuntu1.11 binutils-i686-kfreebsd-gnu - 2.34-6ubuntu1.11 binutils-i686-linux-gnu - 2.34-6ubuntu1.11 binutils-ia64-linux-gnu - 2.34-6ubuntu1.11 binutils-m68k-linux-gnu - 2.34-6ubuntu1.11 binutils-multiarch - 2.34-6ubuntu1.11 binutils-multiarch-dev - 2.34-6ubuntu1.11 binutils-powerpc-linux-gnu - 2.34-6ubuntu1.11 binutils-powerpc64-linux-gnu - 2.34-6ubuntu1.11 binutils-powerpc64le-linux-gnu - 2.34-6ubuntu1.11 binutils-riscv64-linux-gnu - 2.34-6ubuntu1.11 binutils-s390x-linux-gnu - 2.34-6ubuntu1.11 binutils-sh4-linux-gnu - 2.34-6ubuntu1.11 binutils-source - 2.34-6ubuntu1.11 binutils-sparc64-linux-gnu - 2.34-6ubuntu1.11 binutils-x86-64-kfreebsd-gnu - 2.34-6ubuntu1.11 binutils-x86-64-linux-gnu - 2.34-6ubuntu1.11 binutils-x86-64-linux-gnux32 - 2.34-6ubuntu1.11 libbinutils - 2.34-6ubuntu1.11 libctf-nobfd0 - 2.34-6ubuntu1.11 libctf0 - 2.34-6ubuntu1.11 No subscription required Medium CVE-2025-1153 CVE-2025-1176 CVE-2025-1178 CVE-2025-1181 CVE-2025-1182 Ubuntu 20.04 LTS It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7425-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: erlang - 1:22.2.7+dfsg-1ubuntu0.4 erlang-asn1 - 1:22.2.7+dfsg-1ubuntu0.4 erlang-base - 1:22.2.7+dfsg-1ubuntu0.4 erlang-base-hipe - 1:22.2.7+dfsg-1ubuntu0.4 erlang-common-test - 1:22.2.7+dfsg-1ubuntu0.4 erlang-crypto - 1:22.2.7+dfsg-1ubuntu0.4 erlang-debugger - 1:22.2.7+dfsg-1ubuntu0.4 erlang-dev - 1:22.2.7+dfsg-1ubuntu0.4 erlang-dialyzer - 1:22.2.7+dfsg-1ubuntu0.4 erlang-diameter - 1:22.2.7+dfsg-1ubuntu0.4 erlang-doc - 1:22.2.7+dfsg-1ubuntu0.4 erlang-edoc - 1:22.2.7+dfsg-1ubuntu0.4 erlang-eldap - 1:22.2.7+dfsg-1ubuntu0.4 erlang-erl-docgen - 1:22.2.7+dfsg-1ubuntu0.4 erlang-et - 1:22.2.7+dfsg-1ubuntu0.4 erlang-eunit - 1:22.2.7+dfsg-1ubuntu0.4 erlang-examples - 1:22.2.7+dfsg-1ubuntu0.4 erlang-ftp - 1:22.2.7+dfsg-1ubuntu0.4 erlang-inets - 1:22.2.7+dfsg-1ubuntu0.4 erlang-jinterface - 1:22.2.7+dfsg-1ubuntu0.4 erlang-manpages - 1:22.2.7+dfsg-1ubuntu0.4 erlang-megaco - 1:22.2.7+dfsg-1ubuntu0.4 erlang-mnesia - 1:22.2.7+dfsg-1ubuntu0.4 erlang-mode - 1:22.2.7+dfsg-1ubuntu0.4 erlang-nox - 1:22.2.7+dfsg-1ubuntu0.4 erlang-observer - 1:22.2.7+dfsg-1ubuntu0.4 erlang-odbc - 1:22.2.7+dfsg-1ubuntu0.4 erlang-os-mon - 1:22.2.7+dfsg-1ubuntu0.4 erlang-parsetools - 1:22.2.7+dfsg-1ubuntu0.4 erlang-public-key - 1:22.2.7+dfsg-1ubuntu0.4 erlang-reltool - 1:22.2.7+dfsg-1ubuntu0.4 erlang-runtime-tools - 1:22.2.7+dfsg-1ubuntu0.4 erlang-snmp - 1:22.2.7+dfsg-1ubuntu0.4 erlang-src - 1:22.2.7+dfsg-1ubuntu0.4 erlang-ssh - 1:22.2.7+dfsg-1ubuntu0.4 erlang-ssl - 1:22.2.7+dfsg-1ubuntu0.4 erlang-syntax-tools - 1:22.2.7+dfsg-1ubuntu0.4 erlang-tftp - 1:22.2.7+dfsg-1ubuntu0.4 erlang-tools - 1:22.2.7+dfsg-1ubuntu0.4 erlang-wx - 1:22.2.7+dfsg-1ubuntu0.4 erlang-x11 - 1:22.2.7+dfsg-1ubuntu0.4 erlang-xmerl - 1:22.2.7+dfsg-1ubuntu0.4 No subscription required Medium CVE-2025-30211 Ubuntu 20.04 LTS It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7426-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.6 libpoppler-cpp-dev - 0.86.1-0ubuntu1.6 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.6 libpoppler-dev - 0.86.1-0ubuntu1.6 libpoppler-glib-dev - 0.86.1-0ubuntu1.6 libpoppler-glib-doc - 0.86.1-0ubuntu1.6 libpoppler-glib8 - 0.86.1-0ubuntu1.6 libpoppler-private-dev - 0.86.1-0ubuntu1.6 libpoppler-qt5-1 - 0.86.1-0ubuntu1.6 libpoppler-qt5-dev - 0.86.1-0ubuntu1.6 libpoppler97 - 0.86.1-0ubuntu1.6 poppler-utils - 0.86.1-0ubuntu1.6 No subscription required Medium CVE-2025-32364 CVE-2025-32365 Ubuntu 20.04 LTS Kim Alvefur discovered that Dino did not correctly sanitize certain messages. A remote attacker could possibly use this issue to leak sensitive information. Update Instructions: Run `sudo pro fix USN-7430-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: dino-im - 0.1.0-1ubuntu0.1~esm1 dino-im-common - 0.1.0-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-28686 Ubuntu 20.04 LTS It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. (CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053) It was discovered that libsoup could be made to dereference invalid memory. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. (CVE-2025-32051) Update Instructions: Run `sudo pro fix USN-7432-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-soup-2.4 - 2.70.0-1ubuntu0.2 libsoup-gnome2.4-1 - 2.70.0-1ubuntu0.2 libsoup-gnome2.4-dev - 2.70.0-1ubuntu0.2 libsoup2.4-1 - 2.70.0-1ubuntu0.2 libsoup2.4-dev - 2.70.0-1ubuntu0.2 libsoup2.4-doc - 2.70.0-1ubuntu0.2 libsoup2.4-tests - 2.70.0-1ubuntu0.2 No subscription required Medium CVE-2025-2784 CVE-2025-32050 CVE-2025-32051 CVE-2025-32052 CVE-2025-32053 Ubuntu 20.04 LTS USN-6200-2 fixed a vulnerability in ImageMagick. It was discovered that the fix for CVE-2023-34151 was incomplete. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. (CVE-2023-34151) Update Instructions: Run `sudo pro fix USN-7440-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: imagemagick - 8:6.9.10.23+dfsg-2.1ubuntu11.11 imagemagick-6-common - 8:6.9.10.23+dfsg-2.1ubuntu11.11 imagemagick-6-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.11 imagemagick-6.q16 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 imagemagick-6.q16hdri - 8:6.9.10.23+dfsg-2.1ubuntu11.11 imagemagick-common - 8:6.9.10.23+dfsg-2.1ubuntu11.11 imagemagick-doc - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libimage-magick-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libimage-magick-q16-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libimage-magick-q16hdri-perl - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagick++-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagick++-6.q16-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagick++-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagick++-6.q16hdri-8 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagick++-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagick++-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6-arch-config - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6.q16-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6.q16hdri-6-extra - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickcore-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickwand-6-headers - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickwand-6.q16-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickwand-6.q16-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickwand-6.q16hdri-6 - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickwand-6.q16hdri-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 libmagickwand-dev - 8:6.9.10.23+dfsg-2.1ubuntu11.11 perlmagick - 8:6.9.10.23+dfsg-2.1ubuntu11.11 No subscription required Medium CVE-2023-34151 https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/2106393 Ubuntu 20.04 LTS It was discovered that Eclipse Mosquitto client incorrectly handled memory when receiving a SUBACK packet. An attacker with a malicious broker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2024-10525) Xiangpu Song discovered that Eclipse Mosquitto broker did not properly manage memory under certain circumstances. A malicious client with a remote connection could possibly use this issue to cause the broker to crash resulting in a denial of service, or another unspecified impact. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-3935) Update Instructions: Run `sudo pro fix USN-7441-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmosquitto-dev - 1.6.9-1ubuntu0.1~esm2 libmosquitto1 - 1.6.9-1ubuntu0.1~esm2 libmosquittopp-dev - 1.6.9-1ubuntu0.1~esm2 libmosquittopp1 - 1.6.9-1ubuntu0.1~esm2 mosquitto - 1.6.9-1ubuntu0.1~esm2 mosquitto-clients - 1.6.9-1ubuntu0.1~esm2 mosquitto-dev - 1.6.9-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-10525 CVE-2024-3935 Ubuntu 20.04 LTS Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise. Update Instructions: Run `sudo pro fix USN-7443-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: erlang - 1:22.2.7+dfsg-1ubuntu0.5 erlang-asn1 - 1:22.2.7+dfsg-1ubuntu0.5 erlang-base - 1:22.2.7+dfsg-1ubuntu0.5 erlang-base-hipe - 1:22.2.7+dfsg-1ubuntu0.5 erlang-common-test - 1:22.2.7+dfsg-1ubuntu0.5 erlang-crypto - 1:22.2.7+dfsg-1ubuntu0.5 erlang-debugger - 1:22.2.7+dfsg-1ubuntu0.5 erlang-dev - 1:22.2.7+dfsg-1ubuntu0.5 erlang-dialyzer - 1:22.2.7+dfsg-1ubuntu0.5 erlang-diameter - 1:22.2.7+dfsg-1ubuntu0.5 erlang-doc - 1:22.2.7+dfsg-1ubuntu0.5 erlang-edoc - 1:22.2.7+dfsg-1ubuntu0.5 erlang-eldap - 1:22.2.7+dfsg-1ubuntu0.5 erlang-erl-docgen - 1:22.2.7+dfsg-1ubuntu0.5 erlang-et - 1:22.2.7+dfsg-1ubuntu0.5 erlang-eunit - 1:22.2.7+dfsg-1ubuntu0.5 erlang-examples - 1:22.2.7+dfsg-1ubuntu0.5 erlang-ftp - 1:22.2.7+dfsg-1ubuntu0.5 erlang-inets - 1:22.2.7+dfsg-1ubuntu0.5 erlang-jinterface - 1:22.2.7+dfsg-1ubuntu0.5 erlang-manpages - 1:22.2.7+dfsg-1ubuntu0.5 erlang-megaco - 1:22.2.7+dfsg-1ubuntu0.5 erlang-mnesia - 1:22.2.7+dfsg-1ubuntu0.5 erlang-mode - 1:22.2.7+dfsg-1ubuntu0.5 erlang-nox - 1:22.2.7+dfsg-1ubuntu0.5 erlang-observer - 1:22.2.7+dfsg-1ubuntu0.5 erlang-odbc - 1:22.2.7+dfsg-1ubuntu0.5 erlang-os-mon - 1:22.2.7+dfsg-1ubuntu0.5 erlang-parsetools - 1:22.2.7+dfsg-1ubuntu0.5 erlang-public-key - 1:22.2.7+dfsg-1ubuntu0.5 erlang-reltool - 1:22.2.7+dfsg-1ubuntu0.5 erlang-runtime-tools - 1:22.2.7+dfsg-1ubuntu0.5 erlang-snmp - 1:22.2.7+dfsg-1ubuntu0.5 erlang-src - 1:22.2.7+dfsg-1ubuntu0.5 erlang-ssh - 1:22.2.7+dfsg-1ubuntu0.5 erlang-ssl - 1:22.2.7+dfsg-1ubuntu0.5 erlang-syntax-tools - 1:22.2.7+dfsg-1ubuntu0.5 erlang-tftp - 1:22.2.7+dfsg-1ubuntu0.5 erlang-tools - 1:22.2.7+dfsg-1ubuntu0.5 erlang-wx - 1:22.2.7+dfsg-1ubuntu0.5 erlang-x11 - 1:22.2.7+dfsg-1ubuntu0.5 erlang-xmerl - 1:22.2.7+dfsg-1ubuntu0.5 No subscription required High CVE-2025-32433 Ubuntu 20.04 LTS It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. (CVE-2023-32683) It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue to gain access to sensitive information. (CVE-2023-43796) It was discovered that Synapse could be tricked into rejecting state changes in rooms. An attacker could possibly use this issue to cause Synapse to stop functioning properly, resulting in a denial of service. This issue was only fixed in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39374) It was discovered that Synapse stored user credentials in a server's database temporarily. An attacker could possibly use this issue to gain access to sensitive information. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2023-41335) It was discovered that Synapse could incorrectly respond to server authorization events. An attacker could possibly use this issue to bypass authentication mechanisms. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2022-39335) It was discovered that Synapse could be manipulated to mark messages as read when they had not been viewed. An attacker could possibly use this issue to perform repudiation-based attacks. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2023-42453) It was discovered that Synapse had several memory-related issues. An attacker could possibly use this issue to cause Synapse to crash, resulting in a denial of service. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2024-31208) It was discovered that Synapse could run external tools due to a unchecked thumbnail rendering routine. An attacker could possibly use this issue to cause Synapse to crash, resulting in a denial of service, or execute arbitrary code. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2024-53863) Update Instructions: Run `sudo pro fix USN-7444-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: matrix-synapse - 1.11.0-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-32683 CVE-2023-43796 CVE-2022-39374 CVE-2023-41335 CVE-2022-39335 CVE-2023-42453 CVE-2024-31208 CVE-2024-53863 Ubuntu 20.04 LTS It was discovered that Yelp incorrectly handled paths in ghelp URLs. A remote attacker could use this issue to trick users into opening malicious downloaded help files and exfiltrate sensitive information. Update Instructions: Run `sudo pro fix USN-7447-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: yelp-xsl - 3.36.0-1ubuntu0.1 No subscription required libyelp-dev - 3.36.2-0ubuntu1.1 libyelp0 - 3.36.2-0ubuntu1.1 yelp - 3.36.2-0ubuntu1.1 No subscription required Medium CVE-2025-3155 Ubuntu 20.04 LTS It was discovered that the libarchive bsdunzip utility incorrectly handled certain ZIP archive files. If a user or automated system were tricked into processing a specially crafted ZIP archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-1632) It was discovered that libarchive incorrectly handled certain TAR archive files. If a user or automated system were tricked into processing a specially crafted TAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-25724) Update Instructions: Run `sudo pro fix USN-7454-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libarchive-dev - 3.4.0-2ubuntu1.5 libarchive-tools - 3.4.0-2ubuntu1.5 libarchive13 - 3.4.0-2ubuntu1.5 No subscription required Medium CVE-2025-1632 CVE-2025-25724 Ubuntu 20.04 LTS Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - File systems infrastructure; - NTFS3 file system; - Ethernet bridge; - Ethtool driver; - IPv6 networking; - Network traffic control; - VMware vSockets driver; (CVE-2025-21703, CVE-2024-56651, CVE-2024-50248, CVE-2025-21701, CVE-2024-26837, CVE-2024-46826, CVE-2025-21993, CVE-2025-21702, CVE-2024-50256, CVE-2025-21756, CVE-2025-21700) Update Instructions: Run `sudo pro fix USN-7455-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1087 - 5.15.0-1087.96~20.04.1 linux-azure-5.15-headers-5.15.0-1087 - 5.15.0-1087.96~20.04.1 linux-azure-5.15-tools-5.15.0-1087 - 5.15.0-1087.96~20.04.1 linux-buildinfo-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-cloud-tools-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-headers-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-image-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-image-unsigned-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-modules-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-modules-extra-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-modules-involflt-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 linux-tools-5.15.0-1087-azure - 5.15.0-1087.96~20.04.1 No subscription required linux-image-5.15.0-1087-azure-fde - 5.15.0-1087.96~20.04.1.1 linux-image-unsigned-5.15.0-1087-azure-fde - 5.15.0-1087.96~20.04.1.1 No subscription required linux-buildinfo-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-buildinfo-5.15.0-138-generic-64k - 5.15.0-138.148~20.04.1 linux-buildinfo-5.15.0-138-generic-lpae - 5.15.0-138.148~20.04.1 linux-buildinfo-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-buildinfo-5.15.0-138-lowlatency-64k - 5.15.0-138.148~20.04.1 linux-cloud-tools-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-cloud-tools-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-headers-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-headers-5.15.0-138-generic-64k - 5.15.0-138.148~20.04.1 linux-headers-5.15.0-138-generic-lpae - 5.15.0-138.148~20.04.1 linux-headers-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-headers-5.15.0-138-lowlatency-64k - 5.15.0-138.148~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-138 - 5.15.0-138.148~20.04.1 linux-hwe-5.15-headers-5.15.0-138 - 5.15.0-138.148~20.04.1 linux-hwe-5.15-tools-5.15.0-138 - 5.15.0-138.148~20.04.1 linux-image-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-image-5.15.0-138-generic-64k - 5.15.0-138.148~20.04.1 linux-image-5.15.0-138-generic-lpae - 5.15.0-138.148~20.04.1 linux-image-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-image-5.15.0-138-lowlatency-64k - 5.15.0-138.148~20.04.1 linux-image-unsigned-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-image-unsigned-5.15.0-138-generic-64k - 5.15.0-138.148~20.04.1 linux-image-unsigned-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-image-unsigned-5.15.0-138-lowlatency-64k - 5.15.0-138.148~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-138 - 5.15.0-138.148~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-138 - 5.15.0-138.148~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-138 - 5.15.0-138.148~20.04.1 linux-modules-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-modules-5.15.0-138-generic-64k - 5.15.0-138.148~20.04.1 linux-modules-5.15.0-138-generic-lpae - 5.15.0-138.148~20.04.1 linux-modules-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-modules-5.15.0-138-lowlatency-64k - 5.15.0-138.148~20.04.1 linux-modules-extra-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-modules-iwlwifi-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-modules-iwlwifi-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-tools-5.15.0-138-generic - 5.15.0-138.148~20.04.1 linux-tools-5.15.0-138-generic-64k - 5.15.0-138.148~20.04.1 linux-tools-5.15.0-138-generic-lpae - 5.15.0-138.148~20.04.1 linux-tools-5.15.0-138-lowlatency - 5.15.0-138.148~20.04.1 linux-tools-5.15.0-138-lowlatency-64k - 5.15.0-138.148~20.04.1 No subscription required linux-azure - 5.15.0.1087.96~20.04.1 linux-azure-cvm - 5.15.0.1087.96~20.04.1 linux-azure-edge - 5.15.0.1087.96~20.04.1 linux-cloud-tools-azure - 5.15.0.1087.96~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1087.96~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1087.96~20.04.1 linux-headers-azure - 5.15.0.1087.96~20.04.1 linux-headers-azure-cvm - 5.15.0.1087.96~20.04.1 linux-headers-azure-edge - 5.15.0.1087.96~20.04.1 linux-image-azure - 5.15.0.1087.96~20.04.1 linux-image-azure-cvm - 5.15.0.1087.96~20.04.1 linux-image-azure-edge - 5.15.0.1087.96~20.04.1 linux-modules-extra-azure - 5.15.0.1087.96~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1087.96~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1087.96~20.04.1 linux-modules-involflt-azure - 5.15.0.1087.96~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1087.96~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1087.96~20.04.1 linux-tools-azure - 5.15.0.1087.96~20.04.1 linux-tools-azure-cvm - 5.15.0.1087.96~20.04.1 linux-tools-azure-edge - 5.15.0.1087.96~20.04.1 No subscription required linux-azure-fde - 5.15.0.1087.96~20.04.1.62 linux-azure-fde-edge - 5.15.0.1087.96~20.04.1.62 linux-cloud-tools-azure-fde - 5.15.0.1087.96~20.04.1.62 linux-cloud-tools-azure-fde-edge - 5.15.0.1087.96~20.04.1.62 linux-headers-azure-fde - 5.15.0.1087.96~20.04.1.62 linux-headers-azure-fde-edge - 5.15.0.1087.96~20.04.1.62 linux-image-azure-fde - 5.15.0.1087.96~20.04.1.62 linux-image-azure-fde-edge - 5.15.0.1087.96~20.04.1.62 linux-modules-extra-azure-fde - 5.15.0.1087.96~20.04.1.62 linux-modules-extra-azure-fde-edge - 5.15.0.1087.96~20.04.1.62 linux-tools-azure-fde - 5.15.0.1087.96~20.04.1.62 linux-tools-azure-fde-edge - 5.15.0.1087.96~20.04.1.62 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-generic-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-headers-oem-20.04 - 5.15.0.138.148~20.04.1 linux-headers-oem-20.04b - 5.15.0.138.148~20.04.1 linux-headers-oem-20.04c - 5.15.0.138.148~20.04.1 linux-headers-oem-20.04d - 5.15.0.138.148~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-image-oem-20.04 - 5.15.0.138.148~20.04.1 linux-image-oem-20.04b - 5.15.0.138.148~20.04.1 linux-image-oem-20.04c - 5.15.0.138.148~20.04.1 linux-image-oem-20.04d - 5.15.0.138.148~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.138.148~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.138.148~20.04.1 linux-oem-20.04 - 5.15.0.138.148~20.04.1 linux-oem-20.04b - 5.15.0.138.148~20.04.1 linux-oem-20.04c - 5.15.0.138.148~20.04.1 linux-oem-20.04d - 5.15.0.138.148~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-tools-oem-20.04 - 5.15.0.138.148~20.04.1 linux-tools-oem-20.04b - 5.15.0.138.148~20.04.1 linux-tools-oem-20.04c - 5.15.0.138.148~20.04.1 linux-tools-oem-20.04d - 5.15.0.138.148~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.138.148~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.138.148~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.138.148~20.04.1 No subscription required High CVE-2022-0995 CVE-2024-26837 CVE-2024-46826 CVE-2024-50248 CVE-2024-50256 CVE-2024-56651 CVE-2025-21700 CVE-2025-21701 CVE-2025-21702 CVE-2025-21703 CVE-2025-21756 CVE-2025-21993 Ubuntu 20.04 LTS Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - File systems infrastructure; - NTFS3 file system; - Ethernet bridge; - Ethtool driver; - IPv6 networking; - Network traffic control; - VMware vSockets driver; (CVE-2025-21993, CVE-2025-21703, CVE-2024-50248, CVE-2025-21700, CVE-2024-50256, CVE-2025-21701, CVE-2024-56651, CVE-2025-21756, CVE-2024-26837, CVE-2025-21702, CVE-2024-46826) Update Instructions: Run `sudo pro fix USN-7455-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 linux-headers-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 linux-image-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 linux-image-unsigned-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 linux-modules-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 linux-modules-extra-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 linux-oracle-5.15-headers-5.15.0-1079 - 5.15.0-1079.85~20.04.1 linux-oracle-5.15-tools-5.15.0-1079 - 5.15.0-1079.85~20.04.1 linux-tools-5.15.0-1079-oracle - 5.15.0-1079.85~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1079.85~20.04.1 linux-headers-oracle-edge - 5.15.0.1079.85~20.04.1 linux-image-oracle - 5.15.0.1079.85~20.04.1 linux-image-oracle-edge - 5.15.0.1079.85~20.04.1 linux-oracle - 5.15.0.1079.85~20.04.1 linux-oracle-edge - 5.15.0.1079.85~20.04.1 linux-tools-oracle - 5.15.0.1079.85~20.04.1 linux-tools-oracle-edge - 5.15.0.1079.85~20.04.1 No subscription required High CVE-2022-0995 CVE-2024-26837 CVE-2024-46826 CVE-2024-50248 CVE-2024-50256 CVE-2024-56651 CVE-2025-21700 CVE-2025-21701 CVE-2025-21702 CVE-2025-21703 CVE-2025-21756 CVE-2025-21993 Ubuntu 20.04 LTS Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - iSCSI Boot Firmware Table Attributes driver; - Network drivers; - File systems infrastructure; - NTFS3 file system; - Ethernet bridge; - Ethtool driver; - IPv6 networking; - Network traffic control; - VMware vSockets driver; (CVE-2024-26837, CVE-2025-21993, CVE-2025-21702, CVE-2024-50248, CVE-2024-46826, CVE-2024-50256, CVE-2025-21703, CVE-2025-21700, CVE-2025-21756, CVE-2025-21701, CVE-2024-56651) Update Instructions: Run `sudo pro fix USN-7455-5` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1082 - 5.15.0-1082.89~20.04.1 linux-aws-5.15-headers-5.15.0-1082 - 5.15.0-1082.89~20.04.1 linux-aws-5.15-tools-5.15.0-1082 - 5.15.0-1082.89~20.04.1 linux-buildinfo-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-cloud-tools-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-headers-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-image-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-image-unsigned-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-modules-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-modules-extra-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 linux-tools-5.15.0-1082-aws - 5.15.0-1082.89~20.04.1 No subscription required linux-aws - 5.15.0.1082.89~20.04.1 linux-aws-edge - 5.15.0.1082.89~20.04.1 linux-headers-aws - 5.15.0.1082.89~20.04.1 linux-headers-aws-edge - 5.15.0.1082.89~20.04.1 linux-image-aws - 5.15.0.1082.89~20.04.1 linux-image-aws-edge - 5.15.0.1082.89~20.04.1 linux-modules-extra-aws - 5.15.0.1082.89~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1082.89~20.04.1 linux-tools-aws - 5.15.0.1082.89~20.04.1 linux-tools-aws-edge - 5.15.0.1082.89~20.04.1 No subscription required High CVE-2022-0995 CVE-2024-26837 CVE-2024-46826 CVE-2024-50248 CVE-2024-50256 CVE-2024-56651 CVE-2025-21700 CVE-2025-21701 CVE-2025-21702 CVE-2025-21703 CVE-2025-21756 CVE-2025-21993 Ubuntu 20.04 LTS Fabien Potencier discovered that Twig did not run sandbox security checks in some circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-45411) Jamie Schouten discovered that Twig could bypass the security policy for an object call. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-51754) Update Instructions: Run `sudo pro fix USN-7456-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: php-twig - 2.12.5-1ubuntu0.1~esm2 php-twig-cssinliner-extra - 2.12.5-1ubuntu0.1~esm2 php-twig-doc - 2.12.5-1ubuntu0.1~esm2 php-twig-extra-bundle - 2.12.5-1ubuntu0.1~esm2 php-twig-html-extra - 2.12.5-1ubuntu0.1~esm2 php-twig-inky-extra - 2.12.5-1ubuntu0.1~esm2 php-twig-intl-extra - 2.12.5-1ubuntu0.1~esm2 php-twig-markdown-extra - 2.12.5-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-45411 CVE-2024-51754 Ubuntu 20.04 LTS It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations. Update Instructions: Run `sudo pro fix USN-7457-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openssh-client - 1:8.2p1-4ubuntu0.13 openssh-server - 1:8.2p1-4ubuntu0.13 openssh-sftp-server - 1:8.2p1-4ubuntu0.13 openssh-tests - 1:8.2p1-4ubuntu0.13 ssh - 1:8.2p1-4ubuntu0.13 ssh-askpass-gnome - 1:8.2p1-4ubuntu0.13 No subscription required Medium CVE-2025-32728 Ubuntu 20.04 LTS Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - STMicroelectronics network drivers; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - Media staging drivers; - TCM subsystem; - TTY drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - IP tunnels definitions; - LAPB network protocol; - Network namespace; - User-space API (UAPI); - Kernel init infrastructure; - io_uring subsystem; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Closures library; - Memory management; - 9P file system network protocol; - Amateur Radio drivers; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - ALSA framework; - FireWire sound drivers; - HD-audio driver; - QCOM ASoC drivers; - STMicroelectronics SoC drivers; - USB sound devices; - KVM core; (CVE-2024-56747, CVE-2024-56575, CVE-2024-56781, CVE-2024-53173, CVE-2024-56662, CVE-2024-56778, CVE-2024-56615, CVE-2024-56693, CVE-2024-57906, CVE-2024-53194, CVE-2024-56779, CVE-2024-56619, CVE-2024-53059, CVE-2024-57938, CVE-2024-56643, CVE-2024-53055, CVE-2024-50198, CVE-2024-57841, CVE-2024-56616, CVE-2024-57908, CVE-2024-50249, CVE-2024-57838, CVE-2024-56558, CVE-2024-53113, CVE-2024-56630, CVE-2025-21638, CVE-2024-56637, CVE-2024-56776, CVE-2024-56625, CVE-2024-46841, CVE-2024-53122, CVE-2024-53145, CVE-2024-56780, CVE-2024-56629, CVE-2024-56650, CVE-2024-50101, CVE-2024-56576, CVE-2024-53129, CVE-2024-56587, CVE-2024-53127, CVE-2024-53121, CVE-2024-56567, CVE-2024-50162, CVE-2024-56605, CVE-2024-53135, CVE-2024-53172, CVE-2025-21692, CVE-2024-50110, CVE-2024-56698, CVE-2024-56623, CVE-2025-21678, CVE-2024-53112, CVE-2024-57874, CVE-2025-21669, CVE-2024-50086, CVE-2024-50143, CVE-2024-49974, CVE-2025-21664, CVE-2024-42291, CVE-2024-56701, CVE-2024-50072, CVE-2024-57903, CVE-2024-41080, CVE-2024-53131, CVE-2024-50301, CVE-2024-56670, CVE-2024-57902, CVE-2024-57925, CVE-2024-57889, CVE-2024-57897, CVE-2024-50150, CVE-2024-56601, CVE-2024-45828, CVE-2025-21690, CVE-2024-50230, CVE-2024-50115, CVE-2024-57951, CVE-2025-21631, CVE-2024-56606, CVE-2024-52332, CVE-2024-50282, CVE-2024-36476, CVE-2024-50192, CVE-2024-50156, CVE-2024-49571, CVE-2024-57946, CVE-2024-46809, CVE-2024-56634, CVE-2024-47707, CVE-2024-49996, CVE-2024-57849, CVE-2024-56645, CVE-2024-50074, CVE-2024-49925, CVE-2024-56658, CVE-2024-56562, CVE-2024-50141, CVE-2024-53171, CVE-2024-56593, CVE-2024-53150, CVE-2024-53214, CVE-2024-50296, CVE-2025-21683, CVE-2024-50195, CVE-2024-53239, CVE-2024-49950, CVE-2025-21636, CVE-2024-50265, CVE-2024-57850, CVE-2024-57917, CVE-2024-50148, CVE-2024-50036, CVE-2024-50259, CVE-2024-53052, CVE-2024-56598, CVE-2024-56597, CVE-2024-53217, CVE-2024-53061, CVE-2024-53063, CVE-2024-50127, CVE-2024-50273, CVE-2024-57901, CVE-2024-50202, CVE-2024-50232, CVE-2024-50229, CVE-2025-21687, CVE-2024-53174, CVE-2024-50193, CVE-2024-50151, CVE-2024-50218, CVE-2024-56679, CVE-2024-53181, CVE-2024-53099, CVE-2024-56572, CVE-2024-50185, CVE-2024-56578, CVE-2024-56532, CVE-2025-21639, CVE-2024-57922, CVE-2024-50171, CVE-2024-53066, CVE-2024-50287, CVE-2025-21697, CVE-2024-53180, CVE-2024-44938, CVE-2024-56636, CVE-2024-56739, CVE-2024-57807, CVE-2024-56569, CVE-2024-56531, CVE-2024-57913, CVE-2024-56681, CVE-2024-56694, CVE-2022-49034, CVE-2024-56756, CVE-2024-50168, CVE-2024-50131, CVE-2024-47143, CVE-2024-50292, CVE-2024-56533, CVE-2024-42315, CVE-2024-50283, CVE-2024-50142, CVE-2024-57802, CVE-2024-57929, CVE-2025-21699, CVE-2024-35864, CVE-2024-50209, CVE-2024-53197, CVE-2024-50278, CVE-2024-50299, CVE-2025-21694, CVE-2024-58087, CVE-2024-57904, CVE-2024-56726, CVE-2024-56678, CVE-2024-50167, CVE-2024-50236, CVE-2024-50083, CVE-2025-21646, CVE-2024-56633, CVE-2024-50051, CVE-2024-56785, CVE-2024-56767, CVE-2024-50085, CVE-2024-50117, CVE-2024-50268, CVE-2024-56672, CVE-2025-21653, CVE-2024-57900, CVE-2024-50196, CVE-2024-57911, CVE-2024-50233, CVE-2024-50290, CVE-2024-56754, CVE-2024-53680, CVE-2024-56724, CVE-2024-56596, CVE-2024-50275, CVE-2024-56539, CVE-2024-57884, CVE-2024-53226, CVE-2024-56659, CVE-2025-21689, CVE-2024-57912, CVE-2024-56626, CVE-2024-50099, CVE-2024-50058, CVE-2025-21665, CVE-2024-56610, CVE-2024-50262, CVE-2024-57882, CVE-2024-53138, CVE-2024-35887, CVE-2024-36899, CVE-2024-53237, CVE-2024-56644, CVE-2024-50153, CVE-2024-50154, CVE-2024-57792, CVE-2024-53142, CVE-2024-56720, CVE-2024-57931, CVE-2024-53058, CVE-2024-56745, CVE-2024-50304, CVE-2024-56648, CVE-2024-46871, CVE-2024-50055, CVE-2024-50182, CVE-2025-21666, CVE-2024-50208, CVE-2024-57910, CVE-2024-50194, CVE-2024-53685, CVE-2024-50010, CVE-2024-57948, CVE-2024-48881, CVE-2024-50160, CVE-2024-50269, CVE-2024-56748, CVE-2024-53183, CVE-2024-56777, CVE-2024-56769, CVE-2024-56594, CVE-2024-53140, CVE-2024-53151, CVE-2024-56723, CVE-2024-50245, CVE-2024-50128, CVE-2024-56581, CVE-2024-56770, CVE-2024-50121, CVE-2024-56589, CVE-2024-50234, CVE-2024-56700, CVE-2024-53158, CVE-2024-40953, CVE-2024-50257, CVE-2024-57892, CVE-2024-53165, CVE-2024-53042, CVE-2024-53097, CVE-2024-50279, CVE-2024-42252, CVE-2024-56642, CVE-2024-56622, CVE-2024-50295, CVE-2024-50199, CVE-2024-40965, CVE-2024-53161, CVE-2024-56586, CVE-2024-53088, CVE-2024-50134, CVE-2024-41066, CVE-2024-50237, CVE-2024-56688, CVE-2024-53096, CVE-2024-50116, CVE-2024-56705, CVE-2024-43098, CVE-2024-53184, CVE-2024-56774, CVE-2024-53215, CVE-2024-53156, CVE-2024-53146, CVE-2024-56600, CVE-2024-50302, CVE-2024-50247, CVE-2024-56690, CVE-2024-26928, CVE-2024-53198, CVE-2024-56691, CVE-2024-53120, CVE-2024-50103, CVE-2023-52913, CVE-2024-56602, CVE-2024-56728, CVE-2025-21648, CVE-2024-47730, CVE-2024-53227, CVE-2024-50205, CVE-2024-57940, CVE-2024-53119, CVE-2024-50267, CVE-2024-53125, CVE-2024-56716, CVE-2024-56627, CVE-2024-53101, CVE-2024-56640, CVE-2024-56369, CVE-2024-50244, CVE-2024-53157, CVE-2024-56746, CVE-2024-50251, CVE-2024-57907, CVE-2025-21680, CVE-2024-47408, CVE-2024-56548, CVE-2024-56715, CVE-2024-57939, CVE-2024-46784, CVE-2024-50201, CVE-2024-53130, CVE-2024-50163, CVE-2024-56595, CVE-2024-49998, CVE-2024-53104, CVE-2024-53690, CVE-2024-56704, CVE-2024-56570, CVE-2024-57798, CVE-2024-56763, CVE-2024-56603, CVE-2024-56568, CVE-2025-21640, CVE-2024-53155, CVE-2024-56590, CVE-2024-56708, CVE-2024-39497, CVE-2024-50082, CVE-2024-53148, CVE-2024-56787, CVE-2024-57890, CVE-2024-53124, CVE-2024-43900, CVE-2024-56614, CVE-2025-21637, CVE-2024-26718, CVE-2024-55881, CVE-2024-56759, CVE-2024-57791, CVE-2024-50242, CVE-2024-57896, CVE-2024-56631, CVE-2024-56574, CVE-2024-55916) Update Instructions: Run `sudo pro fix USN-7458-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 linux-headers-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 linux-ibm-5.15-headers-5.15.0-1074 - 5.15.0-1074.77~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1074.77~20.04.1 linux-ibm-5.15-tools-5.15.0-1074 - 5.15.0-1074.77~20.04.1 linux-image-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 linux-image-unsigned-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 linux-modules-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 linux-modules-extra-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 linux-tools-5.15.0-1074-ibm - 5.15.0-1074.77~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1074.77~20.04.1 linux-headers-ibm-edge - 5.15.0.1074.77~20.04.1 linux-ibm - 5.15.0.1074.77~20.04.1 linux-ibm-edge - 5.15.0.1074.77~20.04.1 linux-image-ibm - 5.15.0.1074.77~20.04.1 linux-image-ibm-edge - 5.15.0.1074.77~20.04.1 linux-tools-ibm - 5.15.0.1074.77~20.04.1 linux-tools-ibm-edge - 5.15.0.1074.77~20.04.1 No subscription required High CVE-2022-49034 CVE-2023-52913 CVE-2024-26718 CVE-2024-26928 CVE-2024-35864 CVE-2024-35887 CVE-2024-36476 CVE-2024-36899 CVE-2024-39497 CVE-2024-40953 CVE-2024-40965 CVE-2024-41066 CVE-2024-41080 CVE-2024-42252 CVE-2024-42291 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50010 CVE-2024-50036 CVE-2024-50051 CVE-2024-50055 CVE-2024-50058 CVE-2024-50072 CVE-2024-50074 CVE-2024-50082 CVE-2024-50083 CVE-2024-50085 CVE-2024-50086 CVE-2024-50099 CVE-2024-50101 CVE-2024-50103 CVE-2024-50110 CVE-2024-50115 CVE-2024-50116 CVE-2024-50117 CVE-2024-50121 CVE-2024-50127 CVE-2024-50128 CVE-2024-50131 CVE-2024-50134 CVE-2024-50141 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50153 CVE-2024-50154 CVE-2024-50156 CVE-2024-50160 CVE-2024-50162 CVE-2024-50163 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50182 CVE-2024-50185 CVE-2024-50192 CVE-2024-50193 CVE-2024-50194 CVE-2024-50195 CVE-2024-50196 CVE-2024-50198 CVE-2024-50199 CVE-2024-50201 CVE-2024-50202 CVE-2024-50205 CVE-2024-50208 CVE-2024-50209 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50232 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50242 CVE-2024-50244 CVE-2024-50245 CVE-2024-50247 CVE-2024-50249 CVE-2024-50251 CVE-2024-50257 CVE-2024-50259 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50268 CVE-2024-50269 CVE-2024-50273 CVE-2024-50275 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50283 CVE-2024-50287 CVE-2024-50290 CVE-2024-50292 CVE-2024-50295 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-50304 CVE-2024-52332 CVE-2024-53042 CVE-2024-53052 CVE-2024-53055 CVE-2024-53058 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53088 CVE-2024-53096 CVE-2024-53097 CVE-2024-53099 CVE-2024-53101 CVE-2024-53104 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56658 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56672 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57798 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-0927 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 Ubuntu 20.04 LTS Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Network namespace; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - Ethtool driver; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - SELinux security module; - ALSA framework; - USB sound devices; (CVE-2024-57913, CVE-2024-56748, CVE-2024-46871, CVE-2024-57900, CVE-2025-21637, CVE-2025-21756, CVE-2024-53680, CVE-2024-56728, CVE-2024-46826, CVE-2024-57910, CVE-2024-56679, CVE-2024-53215, CVE-2024-56640, CVE-2024-56634, CVE-2024-56594, CVE-2024-56619, CVE-2024-50242, CVE-2024-53150, CVE-2024-49925, CVE-2024-56648, CVE-2024-53121, CVE-2024-36476, CVE-2025-21631, CVE-2024-49996, CVE-2024-56723, CVE-2025-21690, CVE-2024-56769, CVE-2024-56767, CVE-2025-21664, CVE-2024-53155, CVE-2024-48881, CVE-2024-57925, CVE-2024-53197, CVE-2024-53156, CVE-2024-35864, CVE-2024-53122, CVE-2024-50121, CVE-2025-21700, CVE-2022-49034, CVE-2025-21648, CVE-2024-57903, CVE-2024-57902, CVE-2024-53184, CVE-2024-57922, CVE-2024-56644, CVE-2024-53151, CVE-2024-53239, CVE-2024-56636, CVE-2024-56651, CVE-2024-57911, CVE-2024-56532, CVE-2024-56739, CVE-2024-56600, CVE-2024-57917, CVE-2024-57901, CVE-2024-56623, CVE-2024-56570, CVE-2024-57838, CVE-2024-56586, CVE-2024-50055, CVE-2024-47730, CVE-2024-57841, CVE-2024-56548, CVE-2024-57906, CVE-2024-56606, CVE-2024-57896, CVE-2024-56787, CVE-2024-56785, CVE-2024-57849, CVE-2024-57807, CVE-2024-50248, CVE-2024-56576, CVE-2024-53158, CVE-2024-53198, CVE-2024-53194, CVE-2025-21701, CVE-2024-57890, CVE-2025-21703, CVE-2024-56629, CVE-2025-21687, CVE-2024-53146, CVE-2024-56643, CVE-2024-56637, CVE-2024-56745, CVE-2025-21665, CVE-2024-53165, CVE-2024-57850, CVE-2024-57889, CVE-2024-56558, CVE-2024-56659, CVE-2024-56781, CVE-2024-57892, CVE-2024-56601, CVE-2024-56597, CVE-2024-57791, CVE-2025-21653, CVE-2024-56746, CVE-2024-56631, CVE-2024-56590, CVE-2024-56596, CVE-2024-56756, CVE-2024-56569, CVE-2024-47707, CVE-2024-47143, CVE-2024-57940, CVE-2024-42315, CVE-2025-21689, CVE-2024-53161, CVE-2024-57951, CVE-2024-50256, CVE-2024-56598, CVE-2024-57884, CVE-2024-56662, CVE-2024-56716, CVE-2024-26837, CVE-2025-21683, CVE-2024-56593, CVE-2024-53129, CVE-2024-45828, CVE-2024-53206, CVE-2024-56650, CVE-2024-57912, CVE-2024-56715, CVE-2024-56630, CVE-2024-53113, CVE-2024-56763, CVE-2025-21669, CVE-2024-53174, CVE-2024-56776, CVE-2024-53119, CVE-2024-55881, CVE-2024-53099, CVE-2024-56539, CVE-2024-56724, CVE-2024-53142, CVE-2024-53157, CVE-2024-56774, CVE-2024-57802, CVE-2024-53183, CVE-2024-56759, CVE-2024-58087, CVE-2024-50304, CVE-2024-26928, CVE-2024-56531, CVE-2024-56747, CVE-2024-56625, CVE-2024-53127, CVE-2024-53136, CVE-2025-21993, CVE-2024-53226, CVE-2024-56778, CVE-2024-53124, CVE-2024-57798, CVE-2024-56562, CVE-2024-50275, CVE-2024-57907, CVE-2024-56589, CVE-2024-53217, CVE-2024-50051, CVE-2024-56574, CVE-2024-55916, CVE-2024-56572, CVE-2024-56627, CVE-2024-56720, CVE-2024-57939, CVE-2025-21699, CVE-2024-56642, CVE-2024-56670, CVE-2024-56622, CVE-2024-56575, CVE-2024-53685, CVE-2024-56678, CVE-2024-56779, CVE-2024-56690, CVE-2024-57938, CVE-2024-49950, CVE-2024-56726, CVE-2024-53227, CVE-2024-53131, CVE-2025-21680, CVE-2024-56605, CVE-2024-57908, CVE-2024-56704, CVE-2024-43900, CVE-2024-56708, CVE-2024-56777, CVE-2024-53120, CVE-2025-21640, CVE-2024-56615, CVE-2024-53138, CVE-2024-53214, CVE-2024-53130, CVE-2024-56770, CVE-2024-56603, CVE-2024-53180, CVE-2024-53181, CVE-2024-47408, CVE-2025-21692, CVE-2024-56698, CVE-2024-49571, CVE-2024-56681, CVE-2024-56614, CVE-2024-56693, CVE-2024-56633, CVE-2024-56610, CVE-2024-56645, CVE-2024-57874, CVE-2025-21678, CVE-2024-56691, CVE-2024-56578, CVE-2024-57897, CVE-2024-46784, CVE-2024-56694, CVE-2025-21636, CVE-2024-43098, CVE-2024-53172, CVE-2024-56780, CVE-2024-36899, CVE-2024-56595, CVE-2024-49998, CVE-2024-53140, CVE-2024-56581, CVE-2024-56688, CVE-2024-56369, CVE-2024-53690, CVE-2024-46841, CVE-2025-21702, CVE-2024-53148, CVE-2024-57792, CVE-2024-53135, CVE-2024-53145, CVE-2024-46809, CVE-2025-21666, CVE-2024-53173, CVE-2024-53171, CVE-2025-21646, CVE-2025-21639, CVE-2024-44938, CVE-2024-56626, CVE-2024-49974, CVE-2024-57931, CVE-2024-56568, CVE-2025-21694, CVE-2024-56658, CVE-2024-57929, CVE-2024-56533, CVE-2024-56602, CVE-2024-53237, CVE-2024-56701, CVE-2024-57882, CVE-2024-56587, CVE-2024-56616, CVE-2024-56705, CVE-2024-53125, CVE-2024-57904, CVE-2025-21638, CVE-2024-52332, CVE-2024-57946, CVE-2024-56754, CVE-2024-56700, CVE-2024-56567, CVE-2024-50283, CVE-2025-21697, CVE-2024-57948, CVE-2024-53096, CVE-2024-53112) Update Instructions: Run `sudo pro fix USN-7459-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-cloud-tools-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-headers-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-image-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-image-unsigned-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1077 - 5.15.0-1077.83~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1077.83~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1077 - 5.15.0-1077.83~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1077 - 5.15.0-1077.83~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1077.83~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1077.83~20.04.1 linux-modules-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-modules-extra-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-modules-iwlwifi-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 linux-tools-5.15.0-1077-intel-iotg - 5.15.0-1077.83~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1077.83~20.04.1 linux-headers-intel - 5.15.0.1077.83~20.04.1 linux-headers-intel-iotg - 5.15.0.1077.83~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1077.83~20.04.1 linux-image-intel - 5.15.0.1077.83~20.04.1 linux-image-intel-iotg - 5.15.0.1077.83~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1077.83~20.04.1 linux-intel - 5.15.0.1077.83~20.04.1 linux-intel-iotg - 5.15.0.1077.83~20.04.1 linux-intel-iotg-edge - 5.15.0.1077.83~20.04.1 linux-tools-intel - 5.15.0.1077.83~20.04.1 linux-tools-intel-iotg - 5.15.0.1077.83~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1077.83~20.04.1 No subscription required High CVE-2022-0995 CVE-2022-49034 CVE-2024-26837 CVE-2024-26928 CVE-2024-35864 CVE-2024-36476 CVE-2024-36899 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46826 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50051 CVE-2024-50055 CVE-2024-50121 CVE-2024-50242 CVE-2024-50248 CVE-2024-50256 CVE-2024-50275 CVE-2024-50283 CVE-2024-50304 CVE-2024-52332 CVE-2024-53096 CVE-2024-53099 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53206 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56651 CVE-2024-56658 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57798 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 CVE-2025-21700 CVE-2025-21701 CVE-2025-21702 CVE-2025-21703 CVE-2025-21756 CVE-2025-21993 Ubuntu 20.04 LTS Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or escalate their privileges. (CVE-2022-0995) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - RAM backed block device driver; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - iSCSI Boot Firmware Table Attributes driver; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - i.MX SoC drivers; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Network namespace; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - DMA mapping infrastructure; - KCSAN framework; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - Distributed Switch Architecture; - Ethtool driver; - HSR network protocol; - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Multipath TCP; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - VMware vSockets driver; - eXpress Data Path; - SELinux security module; - ALSA framework; - USB sound devices; (CVE-2024-53690, CVE-2024-56642, CVE-2024-56777, CVE-2024-49998, CVE-2024-53181, CVE-2024-53184, CVE-2024-53180, CVE-2024-56615, CVE-2024-56679, CVE-2024-53099, CVE-2025-21993, CVE-2024-53112, CVE-2024-56594, CVE-2024-56606, CVE-2024-56533, CVE-2024-56616, CVE-2024-56631, CVE-2024-46784, CVE-2024-53124, CVE-2024-56623, CVE-2024-57939, CVE-2025-21694, CVE-2025-21653, CVE-2024-56548, CVE-2024-56600, CVE-2024-56578, CVE-2024-53198, CVE-2024-56619, CVE-2024-44938, CVE-2024-56688, CVE-2024-56651, CVE-2024-53215, CVE-2024-53150, CVE-2025-21687, CVE-2025-21646, CVE-2024-49571, CVE-2024-57884, CVE-2025-21700, CVE-2024-57907, CVE-2024-56569, CVE-2024-56747, CVE-2024-56575, CVE-2024-56700, CVE-2025-21640, CVE-2024-52332, CVE-2024-56648, CVE-2025-21637, CVE-2024-53120, CVE-2024-53685, CVE-2024-57798, CVE-2024-56597, CVE-2024-53142, CVE-2024-46809, CVE-2024-56574, CVE-2024-56595, CVE-2025-21703, CVE-2024-26837, CVE-2024-57850, CVE-2024-56759, CVE-2024-49950, CVE-2025-21636, CVE-2024-57925, CVE-2024-57931, CVE-2024-35864, CVE-2025-21683, CVE-2024-56587, CVE-2024-50248, CVE-2024-57948, CVE-2024-56670, CVE-2024-56558, CVE-2024-57908, CVE-2024-56769, CVE-2024-56681, CVE-2024-56602, CVE-2024-55916, CVE-2024-57841, CVE-2024-36476, CVE-2024-56691, CVE-2024-57951, CVE-2024-53127, CVE-2024-56779, CVE-2024-56704, CVE-2024-56568, CVE-2024-56754, CVE-2024-53239, CVE-2024-56659, CVE-2024-47143, CVE-2024-58087, CVE-2024-56693, CVE-2024-56567, CVE-2024-53138, CVE-2024-47408, CVE-2024-53161, CVE-2025-21664, CVE-2025-21701, CVE-2024-56593, CVE-2024-53158, CVE-2024-50256, CVE-2024-57900, CVE-2024-57901, CVE-2024-57791, CVE-2024-48881, CVE-2024-57792, CVE-2024-50304, CVE-2024-53172, CVE-2024-57903, CVE-2024-50283, CVE-2024-56636, CVE-2024-53096, CVE-2024-53129, CVE-2024-53206, CVE-2025-21690, CVE-2025-21631, CVE-2024-57807, CVE-2024-50242, CVE-2024-56572, CVE-2024-57929, CVE-2024-56645, CVE-2024-56785, CVE-2025-21702, CVE-2024-53237, CVE-2024-53146, CVE-2024-56627, CVE-2024-53680, CVE-2024-56739, CVE-2024-56720, CVE-2024-56780, CVE-2025-21692, CVE-2024-57940, CVE-2024-56776, CVE-2025-21680, CVE-2024-56701, CVE-2024-53197, CVE-2024-53113, CVE-2024-46871, CVE-2024-46841, CVE-2024-56763, CVE-2024-56658, CVE-2024-56723, CVE-2024-49996, CVE-2024-53151, CVE-2024-56634, CVE-2024-43098, CVE-2024-56637, CVE-2024-43900, CVE-2024-53174, CVE-2024-53145, CVE-2024-56614, CVE-2024-56610, CVE-2024-56643, CVE-2024-56726, CVE-2024-56694, CVE-2024-56562, CVE-2024-56770, CVE-2024-56745, CVE-2024-56767, CVE-2024-56724, CVE-2024-57917, CVE-2024-56626, CVE-2024-57874, CVE-2024-57913, CVE-2024-53121, CVE-2024-57889, CVE-2024-50051, CVE-2024-56596, CVE-2024-57897, CVE-2024-53122, CVE-2024-56629, CVE-2024-50055, CVE-2024-56633, CVE-2024-56746, CVE-2024-56678, CVE-2024-47730, CVE-2025-21638, CVE-2024-53165, CVE-2024-53155, CVE-2024-56756, CVE-2024-53194, CVE-2024-57892, CVE-2024-45828, CVE-2024-56605, CVE-2024-53227, CVE-2025-21665, CVE-2024-56576, CVE-2025-21699, CVE-2024-57911, CVE-2024-47707, CVE-2024-56586, CVE-2024-56728, CVE-2024-56787, CVE-2024-56539, CVE-2024-46826, CVE-2025-21669, CVE-2024-56662, CVE-2024-53183, CVE-2024-57802, CVE-2024-57946, CVE-2024-56650, CVE-2024-36899, CVE-2024-53148, CVE-2024-55881, CVE-2024-57906, CVE-2024-57938, CVE-2024-56603, CVE-2024-57922, CVE-2024-56715, CVE-2024-56598, CVE-2024-49974, CVE-2024-56690, CVE-2025-21666, CVE-2022-49034, CVE-2024-56698, CVE-2024-56625, CVE-2024-57902, CVE-2024-56589, CVE-2024-56774, CVE-2024-56630, CVE-2025-21648, CVE-2024-53217, CVE-2025-21639, CVE-2024-53173, CVE-2024-56622, CVE-2024-53140, CVE-2024-56601, CVE-2025-21689, CVE-2024-56781, CVE-2024-42315, CVE-2024-50121, CVE-2024-53135, CVE-2024-57904, CVE-2024-53125, CVE-2024-56705, CVE-2024-56590, CVE-2024-53157, CVE-2025-21756, CVE-2024-57910, CVE-2024-53136, CVE-2024-53156, CVE-2024-56581, CVE-2024-56640, CVE-2024-53226, CVE-2024-57882, CVE-2024-49925, CVE-2024-53119, CVE-2024-56708, CVE-2025-21678, CVE-2024-57838, CVE-2024-56716, CVE-2024-56778, CVE-2024-56748, CVE-2024-53131, CVE-2024-57896, CVE-2024-56644, CVE-2024-50275, CVE-2024-57849, CVE-2024-56532, CVE-2024-57890, CVE-2024-56570, CVE-2025-21697, CVE-2024-53214, CVE-2024-53130, CVE-2024-57912, CVE-2024-56531, CVE-2024-56369, CVE-2024-26928, CVE-2024-53171) Update Instructions: Run `sudo pro fix USN-7459-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-gcp-5.15-headers-5.15.0-1081 - 5.15.0-1081.90~20.04.1 linux-gcp-5.15-tools-5.15.0-1081 - 5.15.0-1081.90~20.04.1 linux-headers-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-image-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-image-unsigned-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-modules-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-modules-extra-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-modules-iwlwifi-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 linux-tools-5.15.0-1081-gcp - 5.15.0-1081.90~20.04.1 No subscription required linux-gcp - 5.15.0.1081.90~20.04.1 linux-gcp-edge - 5.15.0.1081.90~20.04.1 linux-headers-gcp - 5.15.0.1081.90~20.04.1 linux-headers-gcp-edge - 5.15.0.1081.90~20.04.1 linux-image-gcp - 5.15.0.1081.90~20.04.1 linux-image-gcp-edge - 5.15.0.1081.90~20.04.1 linux-modules-extra-gcp - 5.15.0.1081.90~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1081.90~20.04.1 linux-tools-gcp - 5.15.0.1081.90~20.04.1 linux-tools-gcp-edge - 5.15.0.1081.90~20.04.1 No subscription required High CVE-2022-0995 CVE-2022-49034 CVE-2024-26837 CVE-2024-26928 CVE-2024-35864 CVE-2024-36476 CVE-2024-36899 CVE-2024-42315 CVE-2024-43098 CVE-2024-43900 CVE-2024-44938 CVE-2024-45828 CVE-2024-46784 CVE-2024-46809 CVE-2024-46826 CVE-2024-46841 CVE-2024-46871 CVE-2024-47143 CVE-2024-47408 CVE-2024-47707 CVE-2024-47730 CVE-2024-48881 CVE-2024-49571 CVE-2024-49925 CVE-2024-49950 CVE-2024-49974 CVE-2024-49996 CVE-2024-49998 CVE-2024-50051 CVE-2024-50055 CVE-2024-50121 CVE-2024-50242 CVE-2024-50248 CVE-2024-50256 CVE-2024-50275 CVE-2024-50283 CVE-2024-50304 CVE-2024-52332 CVE-2024-53096 CVE-2024-53099 CVE-2024-53112 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53124 CVE-2024-53125 CVE-2024-53127 CVE-2024-53129 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53136 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53151 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53180 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53206 CVE-2024-53214 CVE-2024-53215 CVE-2024-53217 CVE-2024-53226 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53685 CVE-2024-53690 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56568 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56575 CVE-2024-56576 CVE-2024-56578 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56589 CVE-2024-56590 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56610 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56619 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625 CVE-2024-56626 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56636 CVE-2024-56637 CVE-2024-56640 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650 CVE-2024-56651 CVE-2024-56658 CVE-2024-56659 CVE-2024-56662 CVE-2024-56670 CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694 CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705 CVE-2024-56708 CVE-2024-56715 CVE-2024-56716 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56726 CVE-2024-56728 CVE-2024-56739 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759 CVE-2024-56763 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56774 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-56785 CVE-2024-56787 CVE-2024-57791 CVE-2024-57792 CVE-2024-57798 CVE-2024-57802 CVE-2024-57807 CVE-2024-57838 CVE-2024-57841 CVE-2024-57849 CVE-2024-57850 CVE-2024-57874 CVE-2024-57882 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57896 CVE-2024-57897 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57917 CVE-2024-57922 CVE-2024-57925 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57939 CVE-2024-57940 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-58087 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646 CVE-2025-21648 CVE-2025-21653 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21669 CVE-2025-21678 CVE-2025-21680 CVE-2025-21683 CVE-2025-21687 CVE-2025-21689 CVE-2025-21690 CVE-2025-21692 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 CVE-2025-21700 CVE-2025-21701 CVE-2025-21702 CVE-2025-21703 CVE-2025-21756 CVE-2025-21993 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - Bluetooth subsystem; - IPv6 networking; - Network traffic control; (CVE-2024-53237, CVE-2024-50256, CVE-2021-47119, CVE-2024-35958, CVE-2025-21700, CVE-2025-21703, CVE-2024-56651, CVE-2024-49974, CVE-2025-21702, CVE-2024-26915, CVE-2024-46826) Update Instructions: Run `sudo pro fix USN-7461-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1090-ibm - 5.4.0-1090.95 linux-headers-5.4.0-1090-ibm - 5.4.0-1090.95 linux-ibm-cloud-tools-common - 5.4.0-1090.95 linux-ibm-headers-5.4.0-1090 - 5.4.0-1090.95 linux-ibm-source-5.4.0 - 5.4.0-1090.95 linux-ibm-tools-5.4.0-1090 - 5.4.0-1090.95 linux-ibm-tools-common - 5.4.0-1090.95 linux-image-5.4.0-1090-ibm - 5.4.0-1090.95 linux-image-unsigned-5.4.0-1090-ibm - 5.4.0-1090.95 linux-modules-5.4.0-1090-ibm - 5.4.0-1090.95 linux-modules-extra-5.4.0-1090-ibm - 5.4.0-1090.95 linux-tools-5.4.0-1090-ibm - 5.4.0-1090.95 No subscription required linux-bluefield-headers-5.4.0-1103 - 5.4.0-1103.110 linux-bluefield-tools-5.4.0-1103 - 5.4.0-1103.110 linux-buildinfo-5.4.0-1103-bluefield - 5.4.0-1103.110 linux-headers-5.4.0-1103-bluefield - 5.4.0-1103.110 linux-image-5.4.0-1103-bluefield - 5.4.0-1103.110 linux-image-unsigned-5.4.0-1103-bluefield - 5.4.0-1103.110 linux-modules-5.4.0-1103-bluefield - 5.4.0-1103.110 linux-tools-5.4.0-1103-bluefield - 5.4.0-1103.110 No subscription required linux-buildinfo-5.4.0-1131-kvm - 5.4.0-1131.140 linux-headers-5.4.0-1131-kvm - 5.4.0-1131.140 linux-image-5.4.0-1131-kvm - 5.4.0-1131.140 linux-image-unsigned-5.4.0-1131-kvm - 5.4.0-1131.140 linux-kvm-headers-5.4.0-1131 - 5.4.0-1131.140 linux-kvm-tools-5.4.0-1131 - 5.4.0-1131.140 linux-modules-5.4.0-1131-kvm - 5.4.0-1131.140 linux-tools-5.4.0-1131-kvm - 5.4.0-1131.140 No subscription required linux-buildinfo-5.4.0-1142-oracle - 5.4.0-1142.152 linux-headers-5.4.0-1142-oracle - 5.4.0-1142.152 linux-image-5.4.0-1142-oracle - 5.4.0-1142.152 linux-image-unsigned-5.4.0-1142-oracle - 5.4.0-1142.152 linux-modules-5.4.0-1142-oracle - 5.4.0-1142.152 linux-modules-extra-5.4.0-1142-oracle - 5.4.0-1142.152 linux-oracle-headers-5.4.0-1142 - 5.4.0-1142.152 linux-oracle-tools-5.4.0-1142 - 5.4.0-1142.152 linux-tools-5.4.0-1142-oracle - 5.4.0-1142.152 No subscription required linux-buildinfo-5.4.0-1147-gcp - 5.4.0-1147.156 linux-gcp-headers-5.4.0-1147 - 5.4.0-1147.156 linux-gcp-tools-5.4.0-1147 - 5.4.0-1147.156 linux-headers-5.4.0-1147-gcp - 5.4.0-1147.156 linux-image-5.4.0-1147-gcp - 5.4.0-1147.156 linux-image-unsigned-5.4.0-1147-gcp - 5.4.0-1147.156 linux-modules-5.4.0-1147-gcp - 5.4.0-1147.156 linux-modules-extra-5.4.0-1147-gcp - 5.4.0-1147.156 linux-tools-5.4.0-1147-gcp - 5.4.0-1147.156 No subscription required linux-azure-cloud-tools-5.4.0-1149 - 5.4.0-1149.156 linux-azure-headers-5.4.0-1149 - 5.4.0-1149.156 linux-azure-tools-5.4.0-1149 - 5.4.0-1149.156 linux-buildinfo-5.4.0-1149-azure - 5.4.0-1149.156 linux-cloud-tools-5.4.0-1149-azure - 5.4.0-1149.156 linux-headers-5.4.0-1149-azure - 5.4.0-1149.156 linux-image-5.4.0-1149-azure - 5.4.0-1149.156 linux-image-unsigned-5.4.0-1149-azure - 5.4.0-1149.156 linux-modules-5.4.0-1149-azure - 5.4.0-1149.156 linux-modules-extra-5.4.0-1149-azure - 5.4.0-1149.156 linux-tools-5.4.0-1149-azure - 5.4.0-1149.156 No subscription required linux-buildinfo-5.4.0-214-generic - 5.4.0-214.234 linux-buildinfo-5.4.0-214-generic-lpae - 5.4.0-214.234 linux-buildinfo-5.4.0-214-lowlatency - 5.4.0-214.234 linux-cloud-tools-5.4.0-214 - 5.4.0-214.234 linux-cloud-tools-5.4.0-214-generic - 5.4.0-214.234 linux-cloud-tools-5.4.0-214-lowlatency - 5.4.0-214.234 linux-cloud-tools-common - 5.4.0-214.234 linux-doc - 5.4.0-214.234 linux-headers-5.4.0-214 - 5.4.0-214.234 linux-headers-5.4.0-214-generic - 5.4.0-214.234 linux-headers-5.4.0-214-generic-lpae - 5.4.0-214.234 linux-headers-5.4.0-214-lowlatency - 5.4.0-214.234 linux-image-5.4.0-214-generic - 5.4.0-214.234 linux-image-5.4.0-214-generic-lpae - 5.4.0-214.234 linux-image-5.4.0-214-lowlatency - 5.4.0-214.234 linux-image-unsigned-5.4.0-214-generic - 5.4.0-214.234 linux-image-unsigned-5.4.0-214-lowlatency - 5.4.0-214.234 linux-libc-dev - 5.4.0-214.234 linux-modules-5.4.0-214-generic - 5.4.0-214.234 linux-modules-5.4.0-214-generic-lpae - 5.4.0-214.234 linux-modules-5.4.0-214-lowlatency - 5.4.0-214.234 linux-modules-extra-5.4.0-214-generic - 5.4.0-214.234 linux-source-5.4.0 - 5.4.0-214.234 linux-tools-5.4.0-214 - 5.4.0-214.234 linux-tools-5.4.0-214-generic - 5.4.0-214.234 linux-tools-5.4.0-214-generic-lpae - 5.4.0-214.234 linux-tools-5.4.0-214-lowlatency - 5.4.0-214.234 linux-tools-common - 5.4.0-214.234 linux-tools-host - 5.4.0-214.234 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1090.119 linux-ibm-lts-20.04 - 5.4.0.1090.119 linux-image-ibm-lts-20.04 - 5.4.0.1090.119 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1090.119 linux-tools-ibm-lts-20.04 - 5.4.0.1090.119 No subscription required linux-bluefield - 5.4.0.1103.99 linux-headers-bluefield - 5.4.0.1103.99 linux-image-bluefield - 5.4.0.1103.99 linux-tools-bluefield - 5.4.0.1103.99 No subscription required linux-headers-kvm - 5.4.0.1131.127 linux-image-kvm - 5.4.0.1131.127 linux-kvm - 5.4.0.1131.127 linux-tools-kvm - 5.4.0.1131.127 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1142.136 linux-image-oracle-lts-20.04 - 5.4.0.1142.136 linux-oracle-lts-20.04 - 5.4.0.1142.136 linux-tools-oracle-lts-20.04 - 5.4.0.1142.136 No subscription required linux-gcp-lts-20.04 - 5.4.0.1147.149 linux-headers-gcp-lts-20.04 - 5.4.0.1147.149 linux-image-gcp-lts-20.04 - 5.4.0.1147.149 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1147.149 linux-tools-gcp-lts-20.04 - 5.4.0.1147.149 No subscription required linux-azure-lts-20.04 - 5.4.0.1149.143 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1149.143 linux-headers-azure-lts-20.04 - 5.4.0.1149.143 linux-image-azure-lts-20.04 - 5.4.0.1149.143 linux-modules-extra-azure-lts-20.04 - 5.4.0.1149.143 linux-tools-azure-lts-20.04 - 5.4.0.1149.143 No subscription required linux-cloud-tools-generic - 5.4.0.214.207 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.214.207 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.214.207 linux-cloud-tools-lowlatency - 5.4.0.214.207 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.214.207 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.214.207 linux-cloud-tools-virtual - 5.4.0.214.207 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.214.207 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.214.207 linux-crashdump - 5.4.0.214.207 linux-generic - 5.4.0.214.207 linux-generic-hwe-18.04 - 5.4.0.214.207 linux-generic-hwe-18.04-edge - 5.4.0.214.207 linux-generic-lpae - 5.4.0.214.207 linux-generic-lpae-hwe-18.04 - 5.4.0.214.207 linux-generic-lpae-hwe-18.04-edge - 5.4.0.214.207 linux-headers-generic - 5.4.0.214.207 linux-headers-generic-hwe-18.04 - 5.4.0.214.207 linux-headers-generic-hwe-18.04-edge - 5.4.0.214.207 linux-headers-generic-lpae - 5.4.0.214.207 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.214.207 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.214.207 linux-headers-lowlatency - 5.4.0.214.207 linux-headers-lowlatency-hwe-18.04 - 5.4.0.214.207 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.214.207 linux-headers-oem - 5.4.0.214.207 linux-headers-oem-osp1 - 5.4.0.214.207 linux-headers-virtual - 5.4.0.214.207 linux-headers-virtual-hwe-18.04 - 5.4.0.214.207 linux-headers-virtual-hwe-18.04-edge - 5.4.0.214.207 linux-image-extra-virtual - 5.4.0.214.207 linux-image-extra-virtual-hwe-18.04 - 5.4.0.214.207 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.214.207 linux-image-generic - 5.4.0.214.207 linux-image-generic-hwe-18.04 - 5.4.0.214.207 linux-image-generic-hwe-18.04-edge - 5.4.0.214.207 linux-image-generic-lpae - 5.4.0.214.207 linux-image-generic-lpae-hwe-18.04 - 5.4.0.214.207 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.214.207 linux-image-lowlatency - 5.4.0.214.207 linux-image-lowlatency-hwe-18.04 - 5.4.0.214.207 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.214.207 linux-image-oem - 5.4.0.214.207 linux-image-oem-osp1 - 5.4.0.214.207 linux-image-virtual - 5.4.0.214.207 linux-image-virtual-hwe-18.04 - 5.4.0.214.207 linux-image-virtual-hwe-18.04-edge - 5.4.0.214.207 linux-lowlatency - 5.4.0.214.207 linux-lowlatency-hwe-18.04 - 5.4.0.214.207 linux-lowlatency-hwe-18.04-edge - 5.4.0.214.207 linux-oem - 5.4.0.214.207 linux-oem-osp1 - 5.4.0.214.207 linux-oem-osp1-tools-host - 5.4.0.214.207 linux-oem-tools-host - 5.4.0.214.207 linux-source - 5.4.0.214.207 linux-tools-generic - 5.4.0.214.207 linux-tools-generic-hwe-18.04 - 5.4.0.214.207 linux-tools-generic-hwe-18.04-edge - 5.4.0.214.207 linux-tools-generic-lpae - 5.4.0.214.207 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.214.207 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.214.207 linux-tools-lowlatency - 5.4.0.214.207 linux-tools-lowlatency-hwe-18.04 - 5.4.0.214.207 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.214.207 linux-tools-oem - 5.4.0.214.207 linux-tools-oem-osp1 - 5.4.0.214.207 linux-tools-virtual - 5.4.0.214.207 linux-tools-virtual-hwe-18.04 - 5.4.0.214.207 linux-tools-virtual-hwe-18.04-edge - 5.4.0.214.207 linux-virtual - 5.4.0.214.207 linux-virtual-hwe-18.04 - 5.4.0.214.207 linux-virtual-hwe-18.04-edge - 5.4.0.214.207 No subscription required Medium CVE-2021-47119 CVE-2024-26915 CVE-2024-35958 CVE-2024-46826 CVE-2024-49974 CVE-2024-50256 CVE-2024-53237 CVE-2024-56651 CVE-2025-21700 CVE-2025-21702 CVE-2025-21703 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - Bluetooth subsystem; - IPv6 networking; - Network traffic control; (CVE-2021-47119, CVE-2024-35958, CVE-2025-21700, CVE-2024-53237, CVE-2024-46826, CVE-2025-21703, CVE-2024-49974, CVE-2025-21702, CVE-2024-56651, CVE-2024-26915, CVE-2024-50256) Update Instructions: Run `sudo pro fix USN-7461-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1118-fips - 5.4.0-1118.128 linux-fips-headers-5.4.0-1118 - 5.4.0-1118.128 linux-fips-tools-5.4.0-1118 - 5.4.0-1118.128 linux-fips-tools-host - 5.4.0-1118.128 linux-headers-5.4.0-1118-fips - 5.4.0-1118.128 linux-image-5.4.0-1118-fips - 5.4.0-1118.128 linux-image-hmac-5.4.0-1118-fips - 5.4.0-1118.128 linux-image-unsigned-5.4.0-1118-fips - 5.4.0-1118.128 linux-image-unsigned-hmac-5.4.0-1118-fips - 5.4.0-1118.128 linux-modules-5.4.0-1118-fips - 5.4.0-1118.128 linux-modules-extra-5.4.0-1118-fips - 5.4.0-1118.128 linux-tools-5.4.0-1118-fips - 5.4.0-1118.128 Available with Ubuntu Pro: https://ubuntu.com/pro linux-buildinfo-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-gcp-fips-headers-5.4.0-1147 - 5.4.0-1147.156+fips1 linux-gcp-fips-tools-5.4.0-1147 - 5.4.0-1147.156+fips1 linux-headers-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-image-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-image-hmac-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-image-unsigned-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-image-unsigned-hmac-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-modules-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-modules-extra-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 linux-tools-5.4.0-1147-gcp-fips - 5.4.0-1147.156+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips-cloud-tools-5.4.0-1149 - 5.4.0-1149.157+fips1 linux-azure-fips-headers-5.4.0-1149 - 5.4.0-1149.157+fips1 linux-azure-fips-tools-5.4.0-1149 - 5.4.0-1149.157+fips1 linux-buildinfo-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-cloud-tools-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-headers-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-image-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-image-hmac-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-image-unsigned-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-image-unsigned-hmac-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-modules-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-modules-extra-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 linux-tools-5.4.0-1149-azure-fips - 5.4.0-1149.157+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-fips - 5.4.0.1118.115 linux-headers-fips - 5.4.0.1118.115 linux-image-fips - 5.4.0.1118.115 linux-signed-fips - 5.4.0.1118.115 linux-signed-image-fips - 5.4.0.1118.115 linux-tools-fips - 5.4.0.1118.115 Available with Ubuntu Pro: https://ubuntu.com/pro linux-gcp-fips - 5.4.0.1147.89 linux-headers-gcp-fips - 5.4.0.1147.89 linux-image-gcp-fips - 5.4.0.1147.89 linux-modules-extra-gcp-fips - 5.4.0.1147.89 linux-tools-gcp-fips - 5.4.0.1147.89 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips - 5.4.0.1149.87 linux-cloud-tools-azure-fips - 5.4.0.1149.87 linux-headers-azure-fips - 5.4.0.1149.87 linux-image-azure-fips - 5.4.0.1149.87 linux-modules-extra-azure-fips - 5.4.0.1149.87 linux-tools-azure-fips - 5.4.0.1149.87 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-47119 CVE-2024-26915 CVE-2024-35958 CVE-2024-46826 CVE-2024-49974 CVE-2024-50256 CVE-2024-53237 CVE-2024-56651 CVE-2025-21700 CVE-2025-21702 CVE-2025-21703 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - Bluetooth subsystem; - IPv6 networking; - Network traffic control; (CVE-2025-21703, CVE-2024-53237, CVE-2024-50256, CVE-2024-56651, CVE-2024-46826, CVE-2025-21700, CVE-2021-47119, CVE-2024-26915, CVE-2025-21702, CVE-2024-49974, CVE-2024-35958) Update Instructions: Run `sudo pro fix USN-7461-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1062-xilinx-zynqmp - 5.4.0-1062.66 linux-headers-5.4.0-1062-xilinx-zynqmp - 5.4.0-1062.66 linux-image-5.4.0-1062-xilinx-zynqmp - 5.4.0-1062.66 linux-modules-5.4.0-1062-xilinx-zynqmp - 5.4.0-1062.66 linux-tools-5.4.0-1062-xilinx-zynqmp - 5.4.0-1062.66 linux-xilinx-zynqmp-headers-5.4.0-1062 - 5.4.0-1062.66 linux-xilinx-zynqmp-tools-5.4.0-1062 - 5.4.0-1062.66 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1062.62 linux-image-xilinx-zynqmp - 5.4.0.1062.62 linux-tools-xilinx-zynqmp - 5.4.0.1062.62 linux-xilinx-zynqmp - 5.4.0.1062.62 No subscription required Medium CVE-2021-47119 CVE-2024-26915 CVE-2024-35958 CVE-2024-46826 CVE-2024-49974 CVE-2024-50256 CVE-2024-53237 CVE-2024-56651 CVE-2025-21700 CVE-2025-21702 CVE-2025-21703 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - SMB network file system; - Network namespace; - Bluetooth subsystem; - Networking core; - IPv6 networking; - Network traffic control; (CVE-2024-56658, CVE-2025-21700, CVE-2025-21703, CVE-2024-35864, CVE-2024-26915, CVE-2021-47119, CVE-2025-21702, CVE-2024-50256, CVE-2024-35958, CVE-2024-26928, CVE-2024-49974, CVE-2024-46826, CVE-2024-53237, CVE-2024-56651) Update Instructions: Run `sudo pro fix USN-7462-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1049-iot - 5.4.0-1049.52 linux-headers-5.4.0-1049-iot - 5.4.0-1049.52 linux-image-5.4.0-1049-iot - 5.4.0-1049.52 linux-image-unsigned-5.4.0-1049-iot - 5.4.0-1049.52 linux-iot-headers-5.4.0-1049 - 5.4.0-1049.52 linux-iot-tools-5.4.0-1049 - 5.4.0-1049.52 linux-modules-5.4.0-1049-iot - 5.4.0-1049.52 linux-tools-5.4.0-1049-iot - 5.4.0-1049.52 No subscription required linux-aws-cloud-tools-5.4.0-1144 - 5.4.0-1144.154 linux-aws-headers-5.4.0-1144 - 5.4.0-1144.154 linux-aws-tools-5.4.0-1144 - 5.4.0-1144.154 linux-buildinfo-5.4.0-1144-aws - 5.4.0-1144.154 linux-cloud-tools-5.4.0-1144-aws - 5.4.0-1144.154 linux-headers-5.4.0-1144-aws - 5.4.0-1144.154 linux-image-5.4.0-1144-aws - 5.4.0-1144.154 linux-image-unsigned-5.4.0-1144-aws - 5.4.0-1144.154 linux-modules-5.4.0-1144-aws - 5.4.0-1144.154 linux-modules-extra-5.4.0-1144-aws - 5.4.0-1144.154 linux-tools-5.4.0-1144-aws - 5.4.0-1144.154 No subscription required linux-headers-iot - 5.4.0.1049.47 linux-image-iot - 5.4.0.1049.47 linux-iot - 5.4.0.1049.47 linux-tools-iot - 5.4.0.1049.47 No subscription required linux-aws-lts-20.04 - 5.4.0.1144.141 linux-headers-aws-lts-20.04 - 5.4.0.1144.141 linux-image-aws-lts-20.04 - 5.4.0.1144.141 linux-modules-extra-aws-lts-20.04 - 5.4.0.1144.141 linux-tools-aws-lts-20.04 - 5.4.0.1144.141 No subscription required High CVE-2021-47119 CVE-2024-26915 CVE-2024-26928 CVE-2024-35864 CVE-2024-35958 CVE-2024-46826 CVE-2024-49974 CVE-2024-50256 CVE-2024-53237 CVE-2024-56651 CVE-2024-56658 CVE-2025-21700 CVE-2025-21702 CVE-2025-21703 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - SMB network file system; - Network namespace; - Bluetooth subsystem; - Networking core; - IPv6 networking; - Network traffic control; (CVE-2024-56651, CVE-2021-47119, CVE-2025-21700, CVE-2025-21702, CVE-2024-49974, CVE-2024-56658, CVE-2024-53237, CVE-2025-21703, CVE-2024-26928, CVE-2024-26915, CVE-2024-35958, CVE-2024-50256, CVE-2024-35864, CVE-2024-46826) Update Instructions: Run `sudo pro fix USN-7462-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-fips-headers-5.4.0-1144 - 5.4.0-1144.155+fips1 linux-aws-fips-tools-5.4.0-1144 - 5.4.0-1144.155+fips1 linux-buildinfo-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-headers-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-image-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-image-hmac-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-image-unsigned-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-image-unsigned-hmac-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-modules-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-modules-extra-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 linux-tools-5.4.0-1144-aws-fips - 5.4.0-1144.155+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-aws-fips - 5.4.0.1144.91 linux-headers-aws-fips - 5.4.0.1144.91 linux-image-aws-fips - 5.4.0.1144.91 linux-modules-extra-aws-fips - 5.4.0.1144.91 linux-tools-aws-fips - 5.4.0.1144.91 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-47119 CVE-2024-26915 CVE-2024-26928 CVE-2024-35864 CVE-2024-35958 CVE-2024-46826 CVE-2024-49974 CVE-2024-50256 CVE-2024-53237 CVE-2024-56651 CVE-2024-56658 CVE-2025-21700 CVE-2025-21702 CVE-2025-21703 Ubuntu 20.04 LTS It was discovered that KiCad incorrectly handled memory when opening malicious files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands. Update Instructions: Run `sudo pro fix USN-7466-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: kicad - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-common - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-demos - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-ca - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-de - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-en - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-es - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-fr - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-id - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-it - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-ja - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-pl - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-ru - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-doc-zh - 5.1.5+dfsg1-2ubuntu0.1~esm1 kicad-libraries - 5.1.5+dfsg1-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-23803 CVE-2022-23804 CVE-2022-23946 CVE-2022-23947 Ubuntu 20.04 LTS It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service. (CVE-2025-32414) It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service. (CVE-2025-32415) Update Instructions: Run `sudo pro fix USN-7467-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.10 libxml2-dev - 2.9.10+dfsg-5ubuntu0.20.04.10 libxml2-doc - 2.9.10+dfsg-5ubuntu0.20.04.10 libxml2-utils - 2.9.10+dfsg-5ubuntu0.20.04.10 python-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.10 python3-libxml2 - 2.9.10+dfsg-5ubuntu0.20.04.10 No subscription required Medium CVE-2025-32414 CVE-2025-32415 Ubuntu 20.04 LTS It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause Apache Traffic Server to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7469-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: trafficserver - 8.0.5+ds-3ubuntu0.1~esm1 trafficserver-dev - 8.0.5+ds-3ubuntu0.1~esm1 trafficserver-experimental-plugins - 8.0.5+ds-3ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-44487 Ubuntu 20.04 LTS USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for Node.js. Original advisory details: It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause Apache Traffic Server to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7469-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libnode-dev - 10.19.0~dfsg-3ubuntu1.6+esm2 libnode64 - 10.19.0~dfsg-3ubuntu1.6+esm2 nodejs - 10.19.0~dfsg-3ubuntu1.6+esm2 nodejs-doc - 10.19.0~dfsg-3ubuntu1.6+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-44487 Ubuntu 20.04 LTS It was discovered that poppler did not properly verify adbe.pkcs7.sha1 signatures in PDF documents. An attacker could possibly use this issue to create documents with forged signatures that are treated as legitimately signed. Update Instructions: Run `sudo pro fix USN-7471-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-poppler-0.18 - 0.86.1-0ubuntu1.7 libpoppler-cpp-dev - 0.86.1-0ubuntu1.7 libpoppler-cpp0v5 - 0.86.1-0ubuntu1.7 libpoppler-dev - 0.86.1-0ubuntu1.7 libpoppler-glib-dev - 0.86.1-0ubuntu1.7 libpoppler-glib-doc - 0.86.1-0ubuntu1.7 libpoppler-glib8 - 0.86.1-0ubuntu1.7 libpoppler-private-dev - 0.86.1-0ubuntu1.7 libpoppler-qt5-1 - 0.86.1-0ubuntu1.7 libpoppler-qt5-dev - 0.86.1-0ubuntu1.7 libpoppler97 - 0.86.1-0ubuntu1.7 poppler-utils - 0.86.1-0ubuntu1.7 No subscription required Medium CVE-2025-43903 Ubuntu 20.04 LTS Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled the length of a buffer in mp_vfs_umount, leading to a heap-based buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-8946) Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled memory, leading to a use-after-free vulnerability under certain circumstances. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-8947) It was discovered that Middleware USB Host MCU Component incorrectly handled memory, leading to a buffer overflow vulnerability, If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2021-42553) Update Instructions: Run `sudo pro fix USN-7472-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: micropython - 1.12-1ubuntu0.1~esm1 micropython-doc - 1.12-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-42553 CVE-2024-8946 CVE-2024-8947 Ubuntu 20.04 LTS Cory Snider discovered that Docker incorrectly handled networking packet encapsulation. An attacker could use this issue to inject internet packets in established connection, possibly causing a denial of service or bypassing firewall protections. This issue only affected Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. (CVE-2023-28840, CVE-2023-28841, CVE-2023-28842) Rory McNamara discovered that Docker incorrectly handled cache in the BuildKit toolkit. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-23651) It was discovered that Docker incorrectly handled parallel operations in some circumstances, which could possibly lead to undefined behavior. (CVE-2024-36621, CVE-2024-36623) Rory McNamara discovered that Docker incorrectly verified file paths during a certain command in the BuildKit toolkit. An attacker could possibly use this issue to delete arbitrary files from the system. (CVE-2024-23652) Update Instructions: Run `sudo pro fix USN-7474-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: golang-docker-dev - 20.10.21-0ubuntu1~20.04.6+esm2 golang-github-docker-docker-dev - 20.10.21-0ubuntu1~20.04.6+esm2 vim-syntax-docker - 20.10.21-0ubuntu1~20.04.6+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 CVE-2024-23651 CVE-2024-23652 CVE-2024-36621 CVE-2024-36623 Ubuntu 20.04 LTS It was discovered that Scrapy improperly exposed HTTP authentication credentials to request targets, including during redirects. An attacker could use this issue to gain unauthorized access to user accounts. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-41125) It was discovered that Scrapy did not remove the cookie header during cross-domain redirects. An attacker could possibly use this issue to gain unauthorized access to user accounts. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-0577) It was discovered that Scrapy inefficiently parsed XML content. An attacker could use this issue to cause a denial of service by sending a crafted XML response. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2024-1892) It was discovered that Scrapy did not properly check response size during decompression. An attacker could send a crafted response that would exhaust memory and cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2024-3572) It was discovered that Scrapy did not remove the authorization header during cross-domain redirects. An attacker could possibly use this issue to gain unauthorized access to user accounts. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2024-3574) It was discovered that Scrapy did not remove the authorization header during redirects that change scheme but remain in the same domain. This issue could possibly be used by an attacker to expose sensitive information or to gain unauthorized access to user accounts. (CVE-2024-1968) Update Instructions: Run `sudo pro fix USN-7476-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-scrapy-doc - 1.7.3-1ubuntu0.1~esm1 python3-scrapy - 1.7.3-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-41125 CVE-2022-0577 CVE-2024-1892 CVE-2024-1968 CVE-2024-3572 CVE-2024-3574 Ubuntu 20.04 LTS It was discovered that Corosync incorrectly handled certain large UDP packets. If encryption is disabled, or an attacker knows the encryption key, this issue could be used to cause Corosync to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7478-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: corosync - 3.0.3-2ubuntu2.2 corosync-doc - 3.0.3-2ubuntu2.2 corosync-notifyd - 3.0.3-2ubuntu2.2 corosync-vqsim - 3.0.3-2ubuntu2.2 libcfg-dev - 3.0.3-2ubuntu2.2 libcfg7 - 3.0.3-2ubuntu2.2 libcmap-dev - 3.0.3-2ubuntu2.2 libcmap4 - 3.0.3-2ubuntu2.2 libcorosync-common-dev - 3.0.3-2ubuntu2.2 libcorosync-common4 - 3.0.3-2ubuntu2.2 libcpg-dev - 3.0.3-2ubuntu2.2 libcpg4 - 3.0.3-2ubuntu2.2 libquorum-dev - 3.0.3-2ubuntu2.2 libquorum5 - 3.0.3-2ubuntu2.2 libsam-dev - 3.0.3-2ubuntu2.2 libsam4 - 3.0.3-2ubuntu2.2 libvotequorum-dev - 3.0.3-2ubuntu2.2 libvotequorum8 - 3.0.3-2ubuntu2.2 No subscription required Medium CVE-2025-30472 Ubuntu 20.04 LTS Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.42 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. Ubuntu 25.04 has been updated to MySQL 8.4.5. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-42.html https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-5.html https://www.oracle.com/security-alerts/cpuapr2025.html Update Instructions: Run `sudo pro fix USN-7479-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libmysqlclient-dev - 8.0.42-0ubuntu0.20.04.1 libmysqlclient21 - 8.0.42-0ubuntu0.20.04.1 mysql-client - 8.0.42-0ubuntu0.20.04.1 mysql-client-8.0 - 8.0.42-0ubuntu0.20.04.1 mysql-client-core-8.0 - 8.0.42-0ubuntu0.20.04.1 mysql-router - 8.0.42-0ubuntu0.20.04.1 mysql-server - 8.0.42-0ubuntu0.20.04.1 mysql-server-8.0 - 8.0.42-0ubuntu0.20.04.1 mysql-server-core-8.0 - 8.0.42-0ubuntu0.20.04.1 mysql-source-8.0 - 8.0.42-0ubuntu0.20.04.1 mysql-testsuite - 8.0.42-0ubuntu0.20.04.1 mysql-testsuite-8.0 - 8.0.42-0ubuntu0.20.04.1 No subscription required Medium CVE-2025-21574 CVE-2025-21575 CVE-2025-21577 CVE-2025-21579 CVE-2025-21580 CVE-2025-21581 CVE-2025-21584 CVE-2025-21585 CVE-2025-21588 CVE-2025-30681 CVE-2025-30682 CVE-2025-30683 CVE-2025-30684 CVE-2025-30685 CVE-2025-30687 CVE-2025-30688 CVE-2025-30689 CVE-2025-30693 CVE-2025-30695 CVE-2025-30696 CVE-2025-30699 CVE-2025-30703 CVE-2025-30704 CVE-2025-30705 CVE-2025-30715 CVE-2025-30721 CVE-2025-30722 Ubuntu 20.04 LTS Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. (CVE-2025-21587) It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30691) It was discovered that the 2D component of OpenJDK 8 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30698) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-04-15 Update Instructions: Run `sudo pro fix USN-7480-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-8-demo - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-doc - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-jdk - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-jdk-headless - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-jre - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-jre-headless - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-jre-zero - 8u452-ga~us1-0ubuntu1~20.04 openjdk-8-source - 8u452-ga~us1-0ubuntu1~20.04 No subscription required Medium CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Ubuntu 20.04 LTS Alicja Kario discovered that the JSSE component of OpenJDK 11 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. (CVE-2025-21587) It was discovered that the Compiler component of OpenJDK 11 incorrectly handled compiler transformations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30691) It was discovered that the 2D component of OpenJDK 11 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30698) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-04-15 Update Instructions: Run `sudo pro fix USN-7481-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-11-demo - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-doc - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-jdk - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-jdk-headless - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-jre - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-jre-headless - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-jre-zero - 11.0.27+6~us1-0ubuntu1~20.04 openjdk-11-source - 11.0.27+6~us1-0ubuntu1~20.04 No subscription required Medium CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Ubuntu 20.04 LTS Alicja Kario discovered that the JSSE component of OpenJDK 17 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. (CVE-2025-21587) It was discovered that the Compiler component of OpenJDK 17 incorrectly handled compiler transformations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30691) It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30698) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-04-15 Update Instructions: Run `sudo pro fix USN-7482-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-17-demo - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-doc - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-jdk - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-jdk-headless - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-jre - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-jre-headless - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-jre-zero - 17.0.15+6~us1-0ubuntu1~20.04 openjdk-17-source - 17.0.15+6~us1-0ubuntu1~20.04 No subscription required Medium CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Ubuntu 20.04 LTS Alicja Kario discovered that the JSSE component of OpenJDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. (CVE-2025-21587) It was discovered that the Compiler component of OpenJDK 21 incorrectly handled compiler transformations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30691) It was discovered that the 2D component of OpenJDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30698) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2025-04-15 Update Instructions: Run `sudo pro fix USN-7483-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: openjdk-21-demo - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-doc - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-jdk - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-jdk-headless - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-jre - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-jre-headless - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-jre-zero - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-source - 21.0.7+6~us1-0ubuntu1~20.04 openjdk-21-testsupport - 21.0.7+6~us1-0ubuntu1~20.04 No subscription required Medium CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Ubuntu 20.04 LTS It was discovered that LibRaw could be made to read out of bounds. An attacker could possibly use this issue to cause applications using LibRaw to crash, resulting in a denial of service. (CVE-2025-43961, CVE-2025-43962, CVE-2025-43963, CVE-2025-43964) Update Instructions: Run `sudo pro fix USN-7485-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libraw-bin - 0.19.5-1ubuntu1.4 libraw-dev - 0.19.5-1ubuntu1.4 libraw-doc - 0.19.5-1ubuntu1.4 libraw19 - 0.19.5-1ubuntu1.4 No subscription required Medium CVE-2025-43961 CVE-2025-43962 CVE-2025-43963 CVE-2025-43964 Ubuntu 20.04 LTS It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. This issue only affected python 2.7 and python3.4 on Ubuntu 14.04 LTS; python2.7 on Ubuntu 16.04 LTS; python2.7, python3.6, python3.7, and python3.8 on Ubuntu 18.04 LTS; python2.7 and python3.9 on Ubuntu 20.04 LTS; and python2.7 and python3.11 on Ubuntu 22.04 LTS. (CVE-2024-11168) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume excessive resources, leading to a denial of service. This issue only affected python3.4 on Ubuntu 14.04 LTS; python3.6, python3.7, and python3.8 on Ubuntu 18.04 LTS; python3.9 on Ubuntu 20.04 LTS; and python3.11 on Ubuntu 22.04 LTS. (CVE-2024-6232) It was discovered that Python incorrectly handled quoted path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated. This issue only affected python3.4 on Ubuntu 14.04 LTS; python3.6, python3.7, and python3.8 on Ubuntu 18.04 LTS; python3.9 on Ubuntu 20.04 LTS; python3.11 on Ubuntu 22.04 LTS; and python3.13 on Ubuntu 24.10. (CVE-2024-9287) Update Instructions: Run `sudo pro fix USN-7488-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: idle-python2.7 - 2.7.18-1~20.04.7+esm6 libpython2.7 - 2.7.18-1~20.04.7+esm6 libpython2.7-dev - 2.7.18-1~20.04.7+esm6 libpython2.7-minimal - 2.7.18-1~20.04.7+esm6 libpython2.7-stdlib - 2.7.18-1~20.04.7+esm6 libpython2.7-testsuite - 2.7.18-1~20.04.7+esm6 python2.7 - 2.7.18-1~20.04.7+esm6 python2.7-dev - 2.7.18-1~20.04.7+esm6 python2.7-doc - 2.7.18-1~20.04.7+esm6 python2.7-examples - 2.7.18-1~20.04.7+esm6 python2.7-minimal - 2.7.18-1~20.04.7+esm6 Available with Ubuntu Pro: https://ubuntu.com/pro idle-python3.9 - 3.9.5-3ubuntu0~20.04.1+esm3 libpython3.9 - 3.9.5-3ubuntu0~20.04.1+esm3 libpython3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm3 libpython3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm3 libpython3.9-stdlib - 3.9.5-3ubuntu0~20.04.1+esm3 libpython3.9-testsuite - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9 - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9-dev - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9-doc - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9-examples - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9-full - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9-minimal - 3.9.5-3ubuntu0~20.04.1+esm3 python3.9-venv - 3.9.5-3ubuntu0~20.04.1+esm3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-11168 CVE-2024-6232 CVE-2024-9287 Ubuntu 20.04 LTS Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. (CVE-2025-32906) Alon Zahavi discovered that libsoup incorrectly parsed video files. An attacker could possibly use this issue to send a maliciously crafted HTTP response back to the client, causing a denial of service, or leading to undefined behavior. (CVE-2025-32909) Jan Różański discovered that libsoup incorrectly handled memory when parsing authentication headers. An attacker could possibly use this issue to send a maliciously crafted HTTP response back to the client, causing a denial of service. (CVE-2025-32910, CVE-2025-32912) It was discovered that libsoup incorrectly handled data in the hash table data type. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service or remote code execution. (CVE-2025-32911) Jan Różański discovered that libsoup incorrectly handled memory when parsing the content disposition HTTP header. An attacker could possibly use this issue to send maliciously crafted data to a client or server, causing a denial of service. (CVE-2025-32913) Alon Zahavi discovered that libsoup incorrectly handled memory when parsing HTTP requests. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service or obtaining sensitive information. (CVE-2025-32914) It was discovered that libsoup incorrectly handled memory when parsing quality-list headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. (CVE-2025-46420) Jan Różański discovered that libsoup did not strip authorization information upon redirects. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-46421) Update Instructions: Run `sudo pro fix USN-7490-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-soup-2.4 - 2.70.0-1ubuntu0.3 libsoup-gnome2.4-1 - 2.70.0-1ubuntu0.3 libsoup-gnome2.4-dev - 2.70.0-1ubuntu0.3 libsoup2.4-1 - 2.70.0-1ubuntu0.3 libsoup2.4-dev - 2.70.0-1ubuntu0.3 libsoup2.4-doc - 2.70.0-1ubuntu0.3 libsoup2.4-tests - 2.70.0-1ubuntu0.3 No subscription required Medium CVE-2025-32906 CVE-2025-32909 CVE-2025-32910 CVE-2025-32911 CVE-2025-32912 CVE-2025-32913 CVE-2025-32914 CVE-2025-46420 CVE-2025-46421 Ubuntu 20.04 LTS USN-7490-1 fixed vulnerabilities in libsoup. It was discovered that the fix for CVE-2025-32912 was incomplete. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. (CVE-2025-32906) Alon Zahavi discovered that libsoup incorrectly parsed video files. An attacker could possibly use this issue to send a maliciously crafted HTTP response back to the client, causing a denial of service, or leading to undefined behavior. (CVE-2025-32909) Jan Różański discovered that libsoup incorrectly handled memory when parsing authentication headers. An attacker could possibly use this issue to send a maliciously crafted HTTP response back to the client, causing a denial of service. (CVE-2025-32910, CVE-2025-32912) It was discovered that libsoup incorrectly handled data in the hash table data type. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service or remote code execution. (CVE-2025-32911) Jan Różański discovered that libsoup incorrectly handled memory when parsing the content disposition HTTP header. An attacker could possibly use this issue to send maliciously crafted data to a client or server, causing a denial of service. (CVE-2025-32913) Alon Zahavi discovered that libsoup incorrectly handled memory when parsing HTTP requests. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service or obtaining sensitive information. (CVE-2025-32914) It was discovered that libsoup incorrectly handled memory when parsing quality-list headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. (CVE-2025-46420) Jan Różański discovered that libsoup did not strip authorization information upon redirects. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-46421) Update Instructions: Run `sudo pro fix USN-7490-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-soup-2.4 - 2.70.0-1ubuntu0.4 libsoup-gnome2.4-1 - 2.70.0-1ubuntu0.4 libsoup-gnome2.4-dev - 2.70.0-1ubuntu0.4 libsoup2.4-1 - 2.70.0-1ubuntu0.4 libsoup2.4-dev - 2.70.0-1ubuntu0.4 libsoup2.4-doc - 2.70.0-1ubuntu0.4 libsoup2.4-tests - 2.70.0-1ubuntu0.4 No subscription required Medium CVE-2025-32912 https://launchpad.net/bugs/2110056 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; (CVE-2023-52664, CVE-2023-52927) Update Instructions: Run `sudo pro fix USN-7494-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 linux-headers-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 linux-ibm-5.15-headers-5.15.0-1075 - 5.15.0-1075.78~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1075.78~20.04.1 linux-ibm-5.15-tools-5.15.0-1075 - 5.15.0-1075.78~20.04.1 linux-image-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 linux-image-unsigned-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 linux-modules-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 linux-modules-extra-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 linux-tools-5.15.0-1075-ibm - 5.15.0-1075.78~20.04.1 No subscription required linux-buildinfo-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-cloud-tools-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-headers-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-image-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-image-unsigned-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1078 - 5.15.0-1078.84~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1078.84~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1078 - 5.15.0-1078.84~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1078 - 5.15.0-1078.84~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1078.84~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1078.84~20.04.1 linux-modules-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-modules-extra-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-modules-iwlwifi-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 linux-tools-5.15.0-1078-intel-iotg - 5.15.0-1078.84~20.04.1 No subscription required linux-buildinfo-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 linux-headers-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 linux-image-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 linux-image-unsigned-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 linux-modules-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 linux-modules-extra-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 linux-oracle-5.15-headers-5.15.0-1080 - 5.15.0-1080.86~20.04.1 linux-oracle-5.15-tools-5.15.0-1080 - 5.15.0-1080.86~20.04.1 linux-tools-5.15.0-1080-oracle - 5.15.0-1080.86~20.04.1 No subscription required linux-aws-5.15-cloud-tools-5.15.0-1083 - 5.15.0-1083.90~20.04.1 linux-aws-5.15-headers-5.15.0-1083 - 5.15.0-1083.90~20.04.1 linux-aws-5.15-tools-5.15.0-1083 - 5.15.0-1083.90~20.04.1 linux-buildinfo-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-cloud-tools-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-headers-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-image-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-image-unsigned-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-modules-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-modules-extra-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 linux-tools-5.15.0-1083-aws - 5.15.0-1083.90~20.04.1 No subscription required linux-buildinfo-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-buildinfo-5.15.0-139-generic-64k - 5.15.0-139.149~20.04.1 linux-buildinfo-5.15.0-139-generic-lpae - 5.15.0-139.149~20.04.1 linux-buildinfo-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-buildinfo-5.15.0-139-lowlatency-64k - 5.15.0-139.149~20.04.1 linux-cloud-tools-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-cloud-tools-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-headers-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-headers-5.15.0-139-generic-64k - 5.15.0-139.149~20.04.1 linux-headers-5.15.0-139-generic-lpae - 5.15.0-139.149~20.04.1 linux-headers-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-headers-5.15.0-139-lowlatency-64k - 5.15.0-139.149~20.04.1 linux-hwe-5.15-cloud-tools-5.15.0-139 - 5.15.0-139.149~20.04.1 linux-hwe-5.15-headers-5.15.0-139 - 5.15.0-139.149~20.04.1 linux-hwe-5.15-tools-5.15.0-139 - 5.15.0-139.149~20.04.1 linux-image-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-image-5.15.0-139-generic-64k - 5.15.0-139.149~20.04.1 linux-image-5.15.0-139-generic-lpae - 5.15.0-139.149~20.04.1 linux-image-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-image-5.15.0-139-lowlatency-64k - 5.15.0-139.149~20.04.1 linux-image-unsigned-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-image-unsigned-5.15.0-139-generic-64k - 5.15.0-139.149~20.04.1 linux-image-unsigned-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-image-unsigned-5.15.0-139-lowlatency-64k - 5.15.0-139.149~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-139 - 5.15.0-139.149~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-139 - 5.15.0-139.149~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-139 - 5.15.0-139.149~20.04.1 linux-modules-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-modules-5.15.0-139-generic-64k - 5.15.0-139.149~20.04.1 linux-modules-5.15.0-139-generic-lpae - 5.15.0-139.149~20.04.1 linux-modules-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-modules-5.15.0-139-lowlatency-64k - 5.15.0-139.149~20.04.1 linux-modules-extra-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-modules-iwlwifi-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-modules-iwlwifi-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-tools-5.15.0-139-generic - 5.15.0-139.149~20.04.1 linux-tools-5.15.0-139-generic-64k - 5.15.0-139.149~20.04.1 linux-tools-5.15.0-139-generic-lpae - 5.15.0-139.149~20.04.1 linux-tools-5.15.0-139-lowlatency - 5.15.0-139.149~20.04.1 linux-tools-5.15.0-139-lowlatency-64k - 5.15.0-139.149~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1075.78~20.04.1 linux-headers-ibm-edge - 5.15.0.1075.78~20.04.1 linux-ibm - 5.15.0.1075.78~20.04.1 linux-ibm-edge - 5.15.0.1075.78~20.04.1 linux-image-ibm - 5.15.0.1075.78~20.04.1 linux-image-ibm-edge - 5.15.0.1075.78~20.04.1 linux-tools-ibm - 5.15.0.1075.78~20.04.1 linux-tools-ibm-edge - 5.15.0.1075.78~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1078.84~20.04.1 linux-headers-intel - 5.15.0.1078.84~20.04.1 linux-headers-intel-iotg - 5.15.0.1078.84~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1078.84~20.04.1 linux-image-intel - 5.15.0.1078.84~20.04.1 linux-image-intel-iotg - 5.15.0.1078.84~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1078.84~20.04.1 linux-intel - 5.15.0.1078.84~20.04.1 linux-intel-iotg - 5.15.0.1078.84~20.04.1 linux-intel-iotg-edge - 5.15.0.1078.84~20.04.1 linux-tools-intel - 5.15.0.1078.84~20.04.1 linux-tools-intel-iotg - 5.15.0.1078.84~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1078.84~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1080.86~20.04.1 linux-headers-oracle-edge - 5.15.0.1080.86~20.04.1 linux-image-oracle - 5.15.0.1080.86~20.04.1 linux-image-oracle-edge - 5.15.0.1080.86~20.04.1 linux-oracle - 5.15.0.1080.86~20.04.1 linux-oracle-edge - 5.15.0.1080.86~20.04.1 linux-tools-oracle - 5.15.0.1080.86~20.04.1 linux-tools-oracle-edge - 5.15.0.1080.86~20.04.1 No subscription required linux-aws - 5.15.0.1083.90~20.04.1 linux-aws-edge - 5.15.0.1083.90~20.04.1 linux-headers-aws - 5.15.0.1083.90~20.04.1 linux-headers-aws-edge - 5.15.0.1083.90~20.04.1 linux-image-aws - 5.15.0.1083.90~20.04.1 linux-image-aws-edge - 5.15.0.1083.90~20.04.1 linux-modules-extra-aws - 5.15.0.1083.90~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1083.90~20.04.1 linux-tools-aws - 5.15.0.1083.90~20.04.1 linux-tools-aws-edge - 5.15.0.1083.90~20.04.1 No subscription required linux-cloud-tools-generic-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-cloud-tools-generic-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-cloud-tools-virtual-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-cloud-tools-virtual-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-generic-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-generic-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-generic-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-generic-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-generic-lpae-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-generic-lpae-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-headers-generic-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-headers-generic-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-headers-generic-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-headers-generic-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-headers-generic-lpae-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-headers-generic-lpae-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-headers-oem-20.04 - 5.15.0.139.149~20.04.1 linux-headers-oem-20.04b - 5.15.0.139.149~20.04.1 linux-headers-oem-20.04c - 5.15.0.139.149~20.04.1 linux-headers-oem-20.04d - 5.15.0.139.149~20.04.1 linux-headers-virtual-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-headers-virtual-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-extra-virtual-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-extra-virtual-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-generic-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-generic-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-generic-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-generic-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-generic-lpae-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-generic-lpae-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-image-oem-20.04 - 5.15.0.139.149~20.04.1 linux-image-oem-20.04b - 5.15.0.139.149~20.04.1 linux-image-oem-20.04c - 5.15.0.139.149~20.04.1 linux-image-oem-20.04d - 5.15.0.139.149~20.04.1 linux-image-virtual-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-image-virtual-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-modules-iwlwifi-generic-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-modules-iwlwifi-oem-20.04 - 5.15.0.139.149~20.04.1 linux-modules-iwlwifi-oem-20.04d - 5.15.0.139.149~20.04.1 linux-oem-20.04 - 5.15.0.139.149~20.04.1 linux-oem-20.04b - 5.15.0.139.149~20.04.1 linux-oem-20.04c - 5.15.0.139.149~20.04.1 linux-oem-20.04d - 5.15.0.139.149~20.04.1 linux-tools-generic-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-tools-generic-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-tools-generic-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-tools-generic-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-tools-generic-lpae-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-tools-generic-lpae-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-tools-oem-20.04 - 5.15.0.139.149~20.04.1 linux-tools-oem-20.04b - 5.15.0.139.149~20.04.1 linux-tools-oem-20.04c - 5.15.0.139.149~20.04.1 linux-tools-oem-20.04d - 5.15.0.139.149~20.04.1 linux-tools-virtual-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-tools-virtual-hwe-20.04-edge - 5.15.0.139.149~20.04.1 linux-virtual-hwe-20.04 - 5.15.0.139.149~20.04.1 linux-virtual-hwe-20.04-edge - 5.15.0.139.149~20.04.1 No subscription required High CVE-2023-52664 CVE-2023-52927 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; (CVE-2023-52927, CVE-2023-52664) Update Instructions: Run `sudo pro fix USN-7494-4` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1088 - 5.15.0-1088.97~20.04.1 linux-azure-5.15-headers-5.15.0-1088 - 5.15.0-1088.97~20.04.1 linux-azure-5.15-tools-5.15.0-1088 - 5.15.0-1088.97~20.04.1 linux-buildinfo-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-cloud-tools-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-headers-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-image-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-image-unsigned-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-modules-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-modules-extra-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-modules-involflt-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 linux-tools-5.15.0-1088-azure - 5.15.0-1088.97~20.04.1 No subscription required linux-image-5.15.0-1088-azure-fde - 5.15.0-1088.97~20.04.1.1 linux-image-unsigned-5.15.0-1088-azure-fde - 5.15.0-1088.97~20.04.1.1 No subscription required linux-azure - 5.15.0.1088.97~20.04.1 linux-azure-cvm - 5.15.0.1088.97~20.04.1 linux-azure-edge - 5.15.0.1088.97~20.04.1 linux-cloud-tools-azure - 5.15.0.1088.97~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1088.97~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1088.97~20.04.1 linux-headers-azure - 5.15.0.1088.97~20.04.1 linux-headers-azure-cvm - 5.15.0.1088.97~20.04.1 linux-headers-azure-edge - 5.15.0.1088.97~20.04.1 linux-image-azure - 5.15.0.1088.97~20.04.1 linux-image-azure-cvm - 5.15.0.1088.97~20.04.1 linux-image-azure-edge - 5.15.0.1088.97~20.04.1 linux-modules-extra-azure - 5.15.0.1088.97~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1088.97~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1088.97~20.04.1 linux-modules-involflt-azure - 5.15.0.1088.97~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1088.97~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1088.97~20.04.1 linux-tools-azure - 5.15.0.1088.97~20.04.1 linux-tools-azure-cvm - 5.15.0.1088.97~20.04.1 linux-tools-azure-edge - 5.15.0.1088.97~20.04.1 No subscription required linux-azure-fde - 5.15.0.1088.97~20.04.1.63 linux-azure-fde-edge - 5.15.0.1088.97~20.04.1.63 linux-cloud-tools-azure-fde - 5.15.0.1088.97~20.04.1.63 linux-cloud-tools-azure-fde-edge - 5.15.0.1088.97~20.04.1.63 linux-headers-azure-fde - 5.15.0.1088.97~20.04.1.63 linux-headers-azure-fde-edge - 5.15.0.1088.97~20.04.1.63 linux-image-azure-fde - 5.15.0.1088.97~20.04.1.63 linux-image-azure-fde-edge - 5.15.0.1088.97~20.04.1.63 linux-modules-extra-azure-fde - 5.15.0.1088.97~20.04.1.63 linux-modules-extra-azure-fde-edge - 5.15.0.1088.97~20.04.1.63 linux-tools-azure-fde - 5.15.0.1088.97~20.04.1.63 linux-tools-azure-fde-edge - 5.15.0.1088.97~20.04.1.63 No subscription required High CVE-2023-52664 CVE-2023-52927 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; (CVE-2023-52927, CVE-2023-52664, CVE-2024-26689) Update Instructions: Run `sudo pro fix USN-7495-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1091-ibm - 5.4.0-1091.96 linux-headers-5.4.0-1091-ibm - 5.4.0-1091.96 linux-ibm-cloud-tools-common - 5.4.0-1091.96 linux-ibm-headers-5.4.0-1091 - 5.4.0-1091.96 linux-ibm-source-5.4.0 - 5.4.0-1091.96 linux-ibm-tools-5.4.0-1091 - 5.4.0-1091.96 linux-ibm-tools-common - 5.4.0-1091.96 linux-image-5.4.0-1091-ibm - 5.4.0-1091.96 linux-image-unsigned-5.4.0-1091-ibm - 5.4.0-1091.96 linux-modules-5.4.0-1091-ibm - 5.4.0-1091.96 linux-modules-extra-5.4.0-1091-ibm - 5.4.0-1091.96 linux-tools-5.4.0-1091-ibm - 5.4.0-1091.96 No subscription required linux-buildinfo-5.4.0-1132-kvm - 5.4.0-1132.141 linux-headers-5.4.0-1132-kvm - 5.4.0-1132.141 linux-image-5.4.0-1132-kvm - 5.4.0-1132.141 linux-image-unsigned-5.4.0-1132-kvm - 5.4.0-1132.141 linux-kvm-headers-5.4.0-1132 - 5.4.0-1132.141 linux-kvm-tools-5.4.0-1132 - 5.4.0-1132.141 linux-modules-5.4.0-1132-kvm - 5.4.0-1132.141 linux-tools-5.4.0-1132-kvm - 5.4.0-1132.141 No subscription required linux-buildinfo-5.4.0-1143-oracle - 5.4.0-1143.153 linux-headers-5.4.0-1143-oracle - 5.4.0-1143.153 linux-image-5.4.0-1143-oracle - 5.4.0-1143.153 linux-image-unsigned-5.4.0-1143-oracle - 5.4.0-1143.153 linux-modules-5.4.0-1143-oracle - 5.4.0-1143.153 linux-modules-extra-5.4.0-1143-oracle - 5.4.0-1143.153 linux-oracle-headers-5.4.0-1143 - 5.4.0-1143.153 linux-oracle-tools-5.4.0-1143 - 5.4.0-1143.153 linux-tools-5.4.0-1143-oracle - 5.4.0-1143.153 No subscription required linux-aws-cloud-tools-5.4.0-1145 - 5.4.0-1145.155 linux-aws-headers-5.4.0-1145 - 5.4.0-1145.155 linux-aws-tools-5.4.0-1145 - 5.4.0-1145.155 linux-buildinfo-5.4.0-1145-aws - 5.4.0-1145.155 linux-cloud-tools-5.4.0-1145-aws - 5.4.0-1145.155 linux-headers-5.4.0-1145-aws - 5.4.0-1145.155 linux-image-5.4.0-1145-aws - 5.4.0-1145.155 linux-image-unsigned-5.4.0-1145-aws - 5.4.0-1145.155 linux-modules-5.4.0-1145-aws - 5.4.0-1145.155 linux-modules-extra-5.4.0-1145-aws - 5.4.0-1145.155 linux-tools-5.4.0-1145-aws - 5.4.0-1145.155 No subscription required linux-buildinfo-5.4.0-1148-gcp - 5.4.0-1148.157 linux-gcp-headers-5.4.0-1148 - 5.4.0-1148.157 linux-gcp-tools-5.4.0-1148 - 5.4.0-1148.157 linux-headers-5.4.0-1148-gcp - 5.4.0-1148.157 linux-image-5.4.0-1148-gcp - 5.4.0-1148.157 linux-image-unsigned-5.4.0-1148-gcp - 5.4.0-1148.157 linux-modules-5.4.0-1148-gcp - 5.4.0-1148.157 linux-modules-extra-5.4.0-1148-gcp - 5.4.0-1148.157 linux-tools-5.4.0-1148-gcp - 5.4.0-1148.157 No subscription required linux-buildinfo-5.4.0-215-generic - 5.4.0-215.235 linux-buildinfo-5.4.0-215-generic-lpae - 5.4.0-215.235 linux-buildinfo-5.4.0-215-lowlatency - 5.4.0-215.235 linux-cloud-tools-5.4.0-215 - 5.4.0-215.235 linux-cloud-tools-5.4.0-215-generic - 5.4.0-215.235 linux-cloud-tools-5.4.0-215-lowlatency - 5.4.0-215.235 linux-cloud-tools-common - 5.4.0-215.235 linux-doc - 5.4.0-215.235 linux-headers-5.4.0-215 - 5.4.0-215.235 linux-headers-5.4.0-215-generic - 5.4.0-215.235 linux-headers-5.4.0-215-generic-lpae - 5.4.0-215.235 linux-headers-5.4.0-215-lowlatency - 5.4.0-215.235 linux-image-5.4.0-215-generic - 5.4.0-215.235 linux-image-5.4.0-215-generic-lpae - 5.4.0-215.235 linux-image-5.4.0-215-lowlatency - 5.4.0-215.235 linux-image-unsigned-5.4.0-215-generic - 5.4.0-215.235 linux-image-unsigned-5.4.0-215-lowlatency - 5.4.0-215.235 linux-libc-dev - 5.4.0-215.235 linux-modules-5.4.0-215-generic - 5.4.0-215.235 linux-modules-5.4.0-215-generic-lpae - 5.4.0-215.235 linux-modules-5.4.0-215-lowlatency - 5.4.0-215.235 linux-modules-extra-5.4.0-215-generic - 5.4.0-215.235 linux-source-5.4.0 - 5.4.0-215.235 linux-tools-5.4.0-215 - 5.4.0-215.235 linux-tools-5.4.0-215-generic - 5.4.0-215.235 linux-tools-5.4.0-215-generic-lpae - 5.4.0-215.235 linux-tools-5.4.0-215-lowlatency - 5.4.0-215.235 linux-tools-common - 5.4.0-215.235 linux-tools-host - 5.4.0-215.235 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1091.120 linux-ibm-lts-20.04 - 5.4.0.1091.120 linux-image-ibm-lts-20.04 - 5.4.0.1091.120 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1091.120 linux-tools-ibm-lts-20.04 - 5.4.0.1091.120 No subscription required linux-headers-kvm - 5.4.0.1132.128 linux-image-kvm - 5.4.0.1132.128 linux-kvm - 5.4.0.1132.128 linux-tools-kvm - 5.4.0.1132.128 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1143.137 linux-image-oracle-lts-20.04 - 5.4.0.1143.137 linux-oracle-lts-20.04 - 5.4.0.1143.137 linux-tools-oracle-lts-20.04 - 5.4.0.1143.137 No subscription required linux-aws-lts-20.04 - 5.4.0.1145.142 linux-headers-aws-lts-20.04 - 5.4.0.1145.142 linux-image-aws-lts-20.04 - 5.4.0.1145.142 linux-modules-extra-aws-lts-20.04 - 5.4.0.1145.142 linux-tools-aws-lts-20.04 - 5.4.0.1145.142 No subscription required linux-gcp-lts-20.04 - 5.4.0.1148.150 linux-headers-gcp-lts-20.04 - 5.4.0.1148.150 linux-image-gcp-lts-20.04 - 5.4.0.1148.150 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1148.150 linux-tools-gcp-lts-20.04 - 5.4.0.1148.150 No subscription required linux-cloud-tools-generic - 5.4.0.215.208 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.215.208 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.215.208 linux-cloud-tools-lowlatency - 5.4.0.215.208 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.215.208 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.215.208 linux-cloud-tools-virtual - 5.4.0.215.208 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.215.208 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.215.208 linux-crashdump - 5.4.0.215.208 linux-generic - 5.4.0.215.208 linux-generic-hwe-18.04 - 5.4.0.215.208 linux-generic-hwe-18.04-edge - 5.4.0.215.208 linux-generic-lpae - 5.4.0.215.208 linux-generic-lpae-hwe-18.04 - 5.4.0.215.208 linux-generic-lpae-hwe-18.04-edge - 5.4.0.215.208 linux-headers-generic - 5.4.0.215.208 linux-headers-generic-hwe-18.04 - 5.4.0.215.208 linux-headers-generic-hwe-18.04-edge - 5.4.0.215.208 linux-headers-generic-lpae - 5.4.0.215.208 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.215.208 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.215.208 linux-headers-lowlatency - 5.4.0.215.208 linux-headers-lowlatency-hwe-18.04 - 5.4.0.215.208 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.215.208 linux-headers-oem - 5.4.0.215.208 linux-headers-oem-osp1 - 5.4.0.215.208 linux-headers-virtual - 5.4.0.215.208 linux-headers-virtual-hwe-18.04 - 5.4.0.215.208 linux-headers-virtual-hwe-18.04-edge - 5.4.0.215.208 linux-image-extra-virtual - 5.4.0.215.208 linux-image-extra-virtual-hwe-18.04 - 5.4.0.215.208 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.215.208 linux-image-generic - 5.4.0.215.208 linux-image-generic-hwe-18.04 - 5.4.0.215.208 linux-image-generic-hwe-18.04-edge - 5.4.0.215.208 linux-image-generic-lpae - 5.4.0.215.208 linux-image-generic-lpae-hwe-18.04 - 5.4.0.215.208 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.215.208 linux-image-lowlatency - 5.4.0.215.208 linux-image-lowlatency-hwe-18.04 - 5.4.0.215.208 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.215.208 linux-image-oem - 5.4.0.215.208 linux-image-oem-osp1 - 5.4.0.215.208 linux-image-virtual - 5.4.0.215.208 linux-image-virtual-hwe-18.04 - 5.4.0.215.208 linux-image-virtual-hwe-18.04-edge - 5.4.0.215.208 linux-lowlatency - 5.4.0.215.208 linux-lowlatency-hwe-18.04 - 5.4.0.215.208 linux-lowlatency-hwe-18.04-edge - 5.4.0.215.208 linux-oem - 5.4.0.215.208 linux-oem-osp1 - 5.4.0.215.208 linux-oem-osp1-tools-host - 5.4.0.215.208 linux-oem-tools-host - 5.4.0.215.208 linux-source - 5.4.0.215.208 linux-tools-generic - 5.4.0.215.208 linux-tools-generic-hwe-18.04 - 5.4.0.215.208 linux-tools-generic-hwe-18.04-edge - 5.4.0.215.208 linux-tools-generic-lpae - 5.4.0.215.208 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.215.208 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.215.208 linux-tools-lowlatency - 5.4.0.215.208 linux-tools-lowlatency-hwe-18.04 - 5.4.0.215.208 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.215.208 linux-tools-oem - 5.4.0.215.208 linux-tools-oem-osp1 - 5.4.0.215.208 linux-tools-virtual - 5.4.0.215.208 linux-tools-virtual-hwe-18.04 - 5.4.0.215.208 linux-tools-virtual-hwe-18.04-edge - 5.4.0.215.208 linux-virtual - 5.4.0.215.208 linux-virtual-hwe-18.04 - 5.4.0.215.208 linux-virtual-hwe-18.04-edge - 5.4.0.215.208 No subscription required High CVE-2023-52664 CVE-2023-52927 CVE-2024-26689 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; (CVE-2023-52664, CVE-2024-26689, CVE-2023-52927) Update Instructions: Run `sudo pro fix USN-7495-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1119-fips - 5.4.0-1119.129 linux-fips-headers-5.4.0-1119 - 5.4.0-1119.129 linux-fips-tools-5.4.0-1119 - 5.4.0-1119.129 linux-fips-tools-host - 5.4.0-1119.129 linux-headers-5.4.0-1119-fips - 5.4.0-1119.129 linux-image-5.4.0-1119-fips - 5.4.0-1119.129 linux-image-hmac-5.4.0-1119-fips - 5.4.0-1119.129 linux-image-unsigned-5.4.0-1119-fips - 5.4.0-1119.129 linux-image-unsigned-hmac-5.4.0-1119-fips - 5.4.0-1119.129 linux-modules-5.4.0-1119-fips - 5.4.0-1119.129 linux-modules-extra-5.4.0-1119-fips - 5.4.0-1119.129 linux-tools-5.4.0-1119-fips - 5.4.0-1119.129 Available with Ubuntu Pro: https://ubuntu.com/pro linux-aws-fips-headers-5.4.0-1145 - 5.4.0-1145.156+fips1 linux-aws-fips-tools-5.4.0-1145 - 5.4.0-1145.156+fips1 linux-buildinfo-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-headers-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-image-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-image-hmac-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-image-unsigned-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-image-unsigned-hmac-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-modules-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-modules-extra-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 linux-tools-5.4.0-1145-aws-fips - 5.4.0-1145.156+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-buildinfo-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-gcp-fips-headers-5.4.0-1148 - 5.4.0-1148.157+fips1 linux-gcp-fips-tools-5.4.0-1148 - 5.4.0-1148.157+fips1 linux-headers-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-image-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-image-hmac-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-image-unsigned-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-image-unsigned-hmac-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-modules-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-modules-extra-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 linux-tools-5.4.0-1148-gcp-fips - 5.4.0-1148.157+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-fips - 5.4.0.1119.116 linux-headers-fips - 5.4.0.1119.116 linux-image-fips - 5.4.0.1119.116 linux-signed-fips - 5.4.0.1119.116 linux-signed-image-fips - 5.4.0.1119.116 linux-tools-fips - 5.4.0.1119.116 Available with Ubuntu Pro: https://ubuntu.com/pro linux-aws-fips - 5.4.0.1145.92 linux-headers-aws-fips - 5.4.0.1145.92 linux-image-aws-fips - 5.4.0.1145.92 linux-modules-extra-aws-fips - 5.4.0.1145.92 linux-tools-aws-fips - 5.4.0.1145.92 Available with Ubuntu Pro: https://ubuntu.com/pro linux-gcp-fips - 5.4.0.1148.90 linux-headers-gcp-fips - 5.4.0.1148.90 linux-image-gcp-fips - 5.4.0.1148.90 linux-modules-extra-gcp-fips - 5.4.0.1148.90 linux-tools-gcp-fips - 5.4.0.1148.90 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-52664 CVE-2023-52927 CVE-2024-26689 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; (CVE-2023-52664, CVE-2024-26689, CVE-2023-52927) Update Instructions: Run `sudo pro fix USN-7495-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-cloud-tools-5.4.0-1150 - 5.4.0-1150.157 linux-azure-headers-5.4.0-1150 - 5.4.0-1150.157 linux-azure-tools-5.4.0-1150 - 5.4.0-1150.157 linux-buildinfo-5.4.0-1150-azure - 5.4.0-1150.157 linux-cloud-tools-5.4.0-1150-azure - 5.4.0-1150.157 linux-headers-5.4.0-1150-azure - 5.4.0-1150.157 linux-image-5.4.0-1150-azure - 5.4.0-1150.157 linux-image-unsigned-5.4.0-1150-azure - 5.4.0-1150.157 linux-modules-5.4.0-1150-azure - 5.4.0-1150.157 linux-modules-extra-5.4.0-1150-azure - 5.4.0-1150.157 linux-tools-5.4.0-1150-azure - 5.4.0-1150.157 No subscription required linux-azure-lts-20.04 - 5.4.0.1150.144 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1150.144 linux-headers-azure-lts-20.04 - 5.4.0.1150.144 linux-image-azure-lts-20.04 - 5.4.0.1150.144 linux-modules-extra-azure-lts-20.04 - 5.4.0.1150.144 linux-tools-azure-lts-20.04 - 5.4.0.1150.144 No subscription required High CVE-2023-52664 CVE-2023-52927 CVE-2024-26689 Ubuntu 20.04 LTS Rikita Ishikawa discovered that CarrierWave did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-21305) Norihide Saito discovered that CarrierWave did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2023-49090) Update Instructions: Run `sudo pro fix USN-7497-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-carrierwave - 1.3.1-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-21305 CVE-2023-49090 Ubuntu 20.04 LTS Elias Myllymäki discovered that Django incorrectly handled stripping large sequences of incomplete HTML tags. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update Instructions: Run `sudo pro fix USN-7501-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.29 python3-django - 2:2.2.12-1ubuntu0.29 No subscription required Medium CVE-2025-32873 Ubuntu 20.04 LTS Juraj Šarinay discovered that LibreOffice incorrectly handled verifying PDF signatures. A remote attacker could possibly use this issue to generate PDF files that appear to have a valid signature. Update Instructions: Run `sudo pro fix USN-7504-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libreoffice-nlpsolver - 0.9+LibO6.4.7-0ubuntu0.20.04.15 No subscription required libreoffice-wiki-publisher - 1.2.0+LibO6.4.7-0ubuntu0.20.04.15 No subscription required gir1.2-lokdocview-0.1 - 1:6.4.7-0ubuntu0.20.04.15 libjuh-java - 1:6.4.7-0ubuntu0.20.04.15 libjurt-java - 1:6.4.7-0ubuntu0.20.04.15 liblibreofficekitgtk - 1:6.4.7-0ubuntu0.20.04.15 libofficebean-java - 1:6.4.7-0ubuntu0.20.04.15 libreoffice - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-avmedia-backend-gstreamer - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-base - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-base-core - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-base-drivers - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-base-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-calc - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-calc-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-common - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-core - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-core-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-dev - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-dev-common - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-dev-doc - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-draw - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-draw-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-evolution - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-gnome - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-gtk - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-gtk2 - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-gtk3 - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-ca - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-common - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-cs - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-da - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-de - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-dz - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-el - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-en-gb - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-en-us - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-es - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-et - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-eu - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-fi - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-fr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-gl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-hi - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-hu - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-id - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-it - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-ja - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-km - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-ko - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-nl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-om - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-pl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-pt - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-pt-br - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-ru - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-sk - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-sl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-sv - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-tr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-vi - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-zh-cn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-help-zh-tw - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-impress - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-impress-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-java-common - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-kde - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-kde4 - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-kde5 - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-kf5 - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-af - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-am - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ar - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-as - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ast - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-be - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-bg - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-bn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-br - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-bs - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ca - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-cs - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-cy - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-da - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-de - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-dz - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-el - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-en-gb - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-en-za - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-eo - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-es - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-et - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-eu - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-fa - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-fi - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-fr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ga - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-gd - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-gl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-gu - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-gug - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-he - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-hi - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-hr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-hu - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-id - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-in - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-is - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-it - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ja - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ka - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-kk - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-km - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-kmr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-kn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ko - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-lt - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-lv - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-mk - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ml - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-mn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-mr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-nb - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ne - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-nl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-nn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-nr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-nso - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-oc - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-om - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-or - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-pa-in - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-pl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-pt - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-pt-br - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ro - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ru - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-rw - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-si - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-sk - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-sl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-sr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ss - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-st - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-sv - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-szl - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ta - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-te - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-tg - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-th - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-tn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-tr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ts - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ug - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-uk - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-uz - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-ve - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-vi - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-xh - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-za - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-zh-cn - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-zh-tw - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-l10n-zu - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-librelogo - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-math - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-math-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-mysql-connector - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-officebean - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-ogltrans - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-pdfimport - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-plasma - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-qt5 - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-report-builder - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-report-builder-bin - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-report-builder-bin-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-script-provider-bsh - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-script-provider-js - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-script-provider-python - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-sdbc-firebird - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-sdbc-hsqldb - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-sdbc-mysql - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-sdbc-postgresql - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-smoketest-data - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-breeze - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-colibre - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-elementary - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-galaxy - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-hicontrast - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-human - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-karasa-jaga - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-oxygen - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-sifr - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-style-tango - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-subsequentcheckbase - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-systray - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-writer - 1:6.4.7-0ubuntu0.20.04.15 libreoffice-writer-nogui - 1:6.4.7-0ubuntu0.20.04.15 libreofficekit-data - 1:6.4.7-0ubuntu0.20.04.15 libreofficekit-dev - 1:6.4.7-0ubuntu0.20.04.15 libridl-java - 1:6.4.7-0ubuntu0.20.04.15 libuno-cppu3 - 1:6.4.7-0ubuntu0.20.04.15 libuno-cppuhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.15 libuno-purpenvhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.15 libuno-sal3 - 1:6.4.7-0ubuntu0.20.04.15 libuno-salhelpergcc3-3 - 1:6.4.7-0ubuntu0.20.04.15 libunoil-java - 1:6.4.7-0ubuntu0.20.04.15 libunoloader-java - 1:6.4.7-0ubuntu0.20.04.15 python3-access2base - 1:6.4.7-0ubuntu0.20.04.15 python3-uno - 1:6.4.7-0ubuntu0.20.04.15 uno-libs-private - 1:6.4.7-0ubuntu0.20.04.15 ure - 1:6.4.7-0ubuntu0.20.04.15 No subscription required fonts-opensymbol - 2:102.11+LibO6.4.7-0ubuntu0.20.04.15 No subscription required Medium CVE-2025-2866 Ubuntu 20.04 LTS It was discovered that Rack incorrectly handled deleted rack sessions. An attacker could possibly use this issue to expose sensitive information or to gain unauthorized access to user accounts. (CVE-2025-32441) It was discovered that Rack incorrectly limited the number of parameters in a web request. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-46727) Update Instructions: Run `sudo pro fix USN-7507-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ruby-rack - 2.0.7-2ubuntu0.1+esm7 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-46727 CVE-2025-32441 Ubuntu 20.04 LTS It was discovered that Open VM Tools incorrectly handled certain file operations. An attacker in a guest could use this issue to perform insecure file operations and possibly elevate privileges in the guest. Update Instructions: Run `sudo pro fix USN-7508-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: open-vm-tools - 2:11.3.0-2ubuntu0~ubuntu20.04.8 open-vm-tools-desktop - 2:11.3.0-2ubuntu0~ubuntu20.04.8 open-vm-tools-dev - 2:11.3.0-2ubuntu0~ubuntu20.04.8 open-vm-tools-sdmp - 2:11.3.0-2ubuntu0~ubuntu20.04.8 No subscription required Medium CVE-2025-22247 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21731, CVE-2025-21926, CVE-2025-21830, CVE-2024-58010, CVE-2025-21745, CVE-2025-21871, CVE-2024-57980, CVE-2025-21916, CVE-2025-21735, CVE-2025-21763, CVE-2025-21799, CVE-2025-21811, CVE-2025-21814, CVE-2024-58083, CVE-2025-21922, CVE-2025-21802, CVE-2024-58034, CVE-2025-21758, CVE-2024-58069, CVE-2025-21905, CVE-2024-57986, CVE-2025-21718, CVE-2024-58020, CVE-2025-21858, CVE-2025-21749, CVE-2025-21928, CVE-2024-58085, CVE-2025-21795, CVE-2025-21744, CVE-2025-21776, CVE-2025-21804, CVE-2024-57973, CVE-2025-21848, CVE-2025-21844, CVE-2024-56721, CVE-2024-58079, CVE-2025-21781, CVE-2025-21866, CVE-2024-58052, CVE-2024-58017, CVE-2024-58071, CVE-2025-21791, CVE-2024-26982, CVE-2025-21787, CVE-2024-58090, CVE-2025-21951, CVE-2025-21846, CVE-2025-21722, CVE-2024-58001, CVE-2025-21715, CVE-2025-21919, CVE-2025-21904, CVE-2024-57977, CVE-2025-21785, CVE-2025-21950, CVE-2025-21924, CVE-2024-57979, CVE-2025-21711, CVE-2024-47726, CVE-2024-58002, CVE-2025-21914, CVE-2024-58086, CVE-2024-58005, CVE-2025-21835, CVE-2024-58051, CVE-2025-21761, CVE-2025-21760, CVE-2025-21767, CVE-2025-21766, CVE-2025-21726, CVE-2025-21865, CVE-2024-58014, CVE-2025-21878, CVE-2025-21934, CVE-2024-58007, CVE-2025-21898, CVE-2025-21806, CVE-2024-58058, CVE-2025-21779, CVE-2024-58063, CVE-2025-21708, CVE-2025-21684, CVE-2024-57834, CVE-2025-21971, CVE-2025-21762, CVE-2025-21728, CVE-2024-58076, CVE-2025-21704, CVE-2025-21719, CVE-2025-21948, CVE-2025-21707, CVE-2025-21917, CVE-2025-21782, CVE-2025-21943, CVE-2025-21765, CVE-2025-21721, CVE-2024-58016, CVE-2025-21859, CVE-2025-21909, CVE-2025-21748, CVE-2025-21912, CVE-2025-21736, CVE-2025-21862, CVE-2024-57978, CVE-2025-21826, CVE-2025-21920, CVE-2025-21772, CVE-2025-21877, CVE-2025-21935, CVE-2024-56599, CVE-2025-21820, CVE-2025-21764, CVE-2025-21796, CVE-2025-21887, CVE-2025-21753, CVE-2025-21910, CVE-2024-57981, CVE-2025-21727, CVE-2025-21875, CVE-2024-58072, CVE-2024-58055, CVE-2025-21925, CVE-2025-21823, CVE-2025-21647) Update Instructions: Run `sudo pro fix USN-7510-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 linux-headers-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 linux-ibm-5.15-headers-5.15.0-1076 - 5.15.0-1076.79~20.04.1 linux-ibm-5.15-source-5.15.0 - 5.15.0-1076.79~20.04.1 linux-ibm-5.15-tools-5.15.0-1076 - 5.15.0-1076.79~20.04.1 linux-image-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 linux-image-unsigned-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 linux-modules-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 linux-modules-extra-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 linux-tools-5.15.0-1076-ibm - 5.15.0-1076.79~20.04.1 No subscription required linux-buildinfo-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 linux-headers-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 linux-image-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 linux-image-unsigned-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 linux-modules-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 linux-modules-extra-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 linux-oracle-5.15-headers-5.15.0-1081 - 5.15.0-1081.87~20.04.1 linux-oracle-5.15-tools-5.15.0-1081 - 5.15.0-1081.87~20.04.1 linux-tools-5.15.0-1081-oracle - 5.15.0-1081.87~20.04.1 No subscription required linux-buildinfo-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-buildinfo-5.15.0-140-lowlatency-64k - 5.15.0-140.150~20.04.1 linux-cloud-tools-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-headers-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-headers-5.15.0-140-lowlatency-64k - 5.15.0-140.150~20.04.1 linux-image-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-image-5.15.0-140-lowlatency-64k - 5.15.0-140.150~20.04.1 linux-image-unsigned-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-image-unsigned-5.15.0-140-lowlatency-64k - 5.15.0-140.150~20.04.1 linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-140 - 5.15.0-140.150~20.04.1 linux-lowlatency-hwe-5.15-headers-5.15.0-140 - 5.15.0-140.150~20.04.1 linux-lowlatency-hwe-5.15-tools-5.15.0-140 - 5.15.0-140.150~20.04.1 linux-modules-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-modules-5.15.0-140-lowlatency-64k - 5.15.0-140.150~20.04.1 linux-modules-iwlwifi-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-tools-5.15.0-140-lowlatency - 5.15.0-140.150~20.04.1 linux-tools-5.15.0-140-lowlatency-64k - 5.15.0-140.150~20.04.1 No subscription required linux-headers-ibm - 5.15.0.1076.79~20.04.1 linux-headers-ibm-edge - 5.15.0.1076.79~20.04.1 linux-ibm - 5.15.0.1076.79~20.04.1 linux-ibm-edge - 5.15.0.1076.79~20.04.1 linux-image-ibm - 5.15.0.1076.79~20.04.1 linux-image-ibm-edge - 5.15.0.1076.79~20.04.1 linux-tools-ibm - 5.15.0.1076.79~20.04.1 linux-tools-ibm-edge - 5.15.0.1076.79~20.04.1 No subscription required linux-headers-oracle - 5.15.0.1081.87~20.04.1 linux-headers-oracle-edge - 5.15.0.1081.87~20.04.1 linux-image-oracle - 5.15.0.1081.87~20.04.1 linux-image-oracle-edge - 5.15.0.1081.87~20.04.1 linux-oracle - 5.15.0.1081.87~20.04.1 linux-oracle-edge - 5.15.0.1081.87~20.04.1 linux-tools-oracle - 5.15.0.1081.87~20.04.1 linux-tools-oracle-edge - 5.15.0.1081.87~20.04.1 No subscription required linux-cloud-tools-lowlatency-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-cloud-tools-lowlatency-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-headers-lowlatency-64k-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-headers-lowlatency-64k-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-headers-lowlatency-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-headers-lowlatency-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-image-lowlatency-64k-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-image-lowlatency-64k-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-image-lowlatency-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-image-lowlatency-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-lowlatency-64k-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-lowlatency-64k-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-lowlatency-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-lowlatency-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-tools-lowlatency-64k-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-tools-lowlatency-64k-hwe-20.04-edge - 5.15.0.140.150~20.04.1 linux-tools-lowlatency-hwe-20.04 - 5.15.0.140.150~20.04.1 linux-tools-lowlatency-hwe-20.04-edge - 5.15.0.140.150~20.04.1 No subscription required Medium CVE-2024-26982 CVE-2024-47726 CVE-2024-56599 CVE-2024-56721 CVE-2024-57834 CVE-2024-57973 CVE-2024-57977 CVE-2024-57978 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58005 CVE-2024-58007 CVE-2024-58010 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017 CVE-2024-58020 CVE-2024-58034 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58076 CVE-2024-58079 CVE-2024-58083 CVE-2024-58085 CVE-2024-58086 CVE-2024-58090 CVE-2025-21647 CVE-2025-21684 CVE-2025-21704 CVE-2025-21707 CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21726 CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21745 CVE-2025-21748 CVE-2025-21749 CVE-2025-21753 CVE-2025-21758 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-21767 CVE-2025-21772 CVE-2025-21776 CVE-2025-21779 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799 CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21820 CVE-2025-21823 CVE-2025-21826 CVE-2025-21830 CVE-2025-21835 CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878 CVE-2025-21887 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21912 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21919 CVE-2025-21920 CVE-2025-21922 CVE-2025-21924 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21943 CVE-2025-21948 CVE-2025-21950 CVE-2025-21951 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2024-58069, CVE-2025-21912, CVE-2025-21922, CVE-2025-21765, CVE-2025-21823, CVE-2025-21971, CVE-2024-58010, CVE-2025-21767, CVE-2025-21727, CVE-2025-21916, CVE-2025-21859, CVE-2025-21844, CVE-2024-58063, CVE-2025-21704, CVE-2024-57986, CVE-2025-21846, CVE-2024-58007, CVE-2025-21708, CVE-2025-21731, CVE-2024-58058, CVE-2024-58090, CVE-2025-21791, CVE-2025-21917, CVE-2024-26982, CVE-2024-47726, CVE-2025-21848, CVE-2025-21948, CVE-2025-21796, CVE-2025-21919, CVE-2025-21950, CVE-2024-58085, CVE-2025-21766, CVE-2025-21764, CVE-2025-21781, CVE-2024-58071, CVE-2024-58072, CVE-2025-21726, CVE-2025-21858, CVE-2024-58005, CVE-2025-21866, CVE-2025-21935, CVE-2025-21753, CVE-2025-21904, CVE-2025-21877, CVE-2024-58002, CVE-2025-21776, CVE-2025-21926, CVE-2025-21865, CVE-2025-21898, CVE-2024-58076, CVE-2025-21707, CVE-2025-21735, CVE-2025-21905, CVE-2025-21928, CVE-2025-21647, CVE-2025-21718, CVE-2025-21814, CVE-2025-21925, CVE-2024-58001, CVE-2025-21811, CVE-2024-58055, CVE-2024-58086, CVE-2025-21736, CVE-2025-21871, CVE-2025-21878, CVE-2025-21684, CVE-2025-21763, CVE-2025-21782, CVE-2024-58052, CVE-2025-21820, CVE-2024-57979, CVE-2025-21787, CVE-2025-21749, CVE-2025-21779, CVE-2024-57981, CVE-2025-21719, CVE-2025-21785, CVE-2024-57973, CVE-2025-21745, CVE-2025-21943, CVE-2025-21875, CVE-2025-21795, CVE-2025-21748, CVE-2025-21862, CVE-2025-21744, CVE-2025-21835, CVE-2025-21762, CVE-2025-21760, CVE-2024-58051, CVE-2024-58020, CVE-2024-56721, CVE-2025-21772, CVE-2025-21914, CVE-2024-58014, CVE-2024-58017, CVE-2025-21920, CVE-2025-21711, CVE-2024-57834, CVE-2025-21910, CVE-2025-21909, CVE-2025-21887, CVE-2024-56599, CVE-2025-21806, CVE-2025-21826, CVE-2025-21722, CVE-2024-57977, CVE-2025-21951, CVE-2025-21721, CVE-2024-58034, CVE-2024-57980, CVE-2024-58079, CVE-2024-58083, CVE-2025-21758, CVE-2024-58016, CVE-2024-57978, CVE-2025-21799, CVE-2025-21715, CVE-2025-21761, CVE-2025-21934, CVE-2025-21924, CVE-2025-21830, CVE-2025-21728, CVE-2025-21802, CVE-2025-21804) Update Instructions: Run `sudo pro fix USN-7510-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-5.15-cloud-tools-5.15.0-1089 - 5.15.0-1089.98~20.04.1 linux-azure-5.15-headers-5.15.0-1089 - 5.15.0-1089.98~20.04.1 linux-azure-5.15-tools-5.15.0-1089 - 5.15.0-1089.98~20.04.1 linux-buildinfo-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-cloud-tools-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-headers-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-image-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-image-unsigned-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-modules-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-modules-extra-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-modules-involflt-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 linux-tools-5.15.0-1089-azure - 5.15.0-1089.98~20.04.1 No subscription required linux-azure - 5.15.0.1089.98~20.04.1 linux-azure-cvm - 5.15.0.1089.98~20.04.1 linux-azure-edge - 5.15.0.1089.98~20.04.1 linux-cloud-tools-azure - 5.15.0.1089.98~20.04.1 linux-cloud-tools-azure-cvm - 5.15.0.1089.98~20.04.1 linux-cloud-tools-azure-edge - 5.15.0.1089.98~20.04.1 linux-headers-azure - 5.15.0.1089.98~20.04.1 linux-headers-azure-cvm - 5.15.0.1089.98~20.04.1 linux-headers-azure-edge - 5.15.0.1089.98~20.04.1 linux-image-azure - 5.15.0.1089.98~20.04.1 linux-image-azure-cvm - 5.15.0.1089.98~20.04.1 linux-image-azure-edge - 5.15.0.1089.98~20.04.1 linux-modules-extra-azure - 5.15.0.1089.98~20.04.1 linux-modules-extra-azure-cvm - 5.15.0.1089.98~20.04.1 linux-modules-extra-azure-edge - 5.15.0.1089.98~20.04.1 linux-modules-involflt-azure - 5.15.0.1089.98~20.04.1 linux-modules-involflt-azure-cvm - 5.15.0.1089.98~20.04.1 linux-modules-involflt-azure-edge - 5.15.0.1089.98~20.04.1 linux-tools-azure - 5.15.0.1089.98~20.04.1 linux-tools-azure-cvm - 5.15.0.1089.98~20.04.1 linux-tools-azure-edge - 5.15.0.1089.98~20.04.1 No subscription required Medium CVE-2024-26982 CVE-2024-47726 CVE-2024-56599 CVE-2024-56721 CVE-2024-57834 CVE-2024-57973 CVE-2024-57977 CVE-2024-57978 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58005 CVE-2024-58007 CVE-2024-58010 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017 CVE-2024-58020 CVE-2024-58034 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58076 CVE-2024-58079 CVE-2024-58083 CVE-2024-58085 CVE-2024-58086 CVE-2024-58090 CVE-2025-21647 CVE-2025-21684 CVE-2025-21704 CVE-2025-21707 CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21726 CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21745 CVE-2025-21748 CVE-2025-21749 CVE-2025-21753 CVE-2025-21758 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-21767 CVE-2025-21772 CVE-2025-21776 CVE-2025-21779 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799 CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21820 CVE-2025-21823 CVE-2025-21826 CVE-2025-21830 CVE-2025-21835 CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878 CVE-2025-21887 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21912 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21919 CVE-2025-21920 CVE-2025-21922 CVE-2025-21924 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21943 CVE-2025-21948 CVE-2025-21950 CVE-2025-21951 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21767, CVE-2025-21875, CVE-2025-21719, CVE-2025-21760, CVE-2025-21704, CVE-2025-21749, CVE-2024-56721, CVE-2025-21731, CVE-2025-21910, CVE-2024-58063, CVE-2025-21835, CVE-2025-21726, CVE-2024-58086, CVE-2025-21934, CVE-2024-58014, CVE-2025-21904, CVE-2024-56599, CVE-2025-21727, CVE-2025-21877, CVE-2025-21799, CVE-2024-58071, CVE-2025-21776, CVE-2025-21905, CVE-2025-21926, CVE-2025-21922, CVE-2025-21858, CVE-2024-47726, CVE-2025-21647, CVE-2025-21764, CVE-2025-21862, CVE-2025-21846, CVE-2025-21848, CVE-2024-57973, CVE-2025-21796, CVE-2025-21814, CVE-2025-21878, CVE-2025-21898, CVE-2025-21795, CVE-2025-21735, CVE-2025-21785, CVE-2025-21950, CVE-2024-26982, CVE-2024-57986, CVE-2025-21948, CVE-2024-58072, CVE-2025-21766, CVE-2025-21715, CVE-2025-21920, CVE-2025-21823, CVE-2024-58020, CVE-2024-58017, CVE-2024-58069, CVE-2025-21871, CVE-2024-58085, CVE-2025-21791, CVE-2025-21765, CVE-2025-21782, CVE-2024-58001, CVE-2025-21909, CVE-2024-58079, CVE-2025-21811, CVE-2025-21943, CVE-2025-21924, CVE-2025-21928, CVE-2025-21826, CVE-2025-21708, CVE-2025-21802, CVE-2025-21951, CVE-2025-21744, CVE-2025-21925, CVE-2025-21971, CVE-2024-58076, CVE-2025-21761, CVE-2025-21914, CVE-2025-21684, CVE-2024-58083, CVE-2025-21830, CVE-2025-21887, CVE-2025-21748, CVE-2025-21721, CVE-2024-57980, CVE-2024-58034, CVE-2025-21935, CVE-2025-21859, CVE-2024-58052, CVE-2025-21912, CVE-2025-21753, CVE-2025-21787, CVE-2025-21806, CVE-2025-21917, CVE-2025-21718, CVE-2024-57979, CVE-2025-21866, CVE-2025-21758, CVE-2025-21781, CVE-2025-21711, CVE-2025-21745, CVE-2024-58051, CVE-2024-58016, CVE-2024-58002, CVE-2025-21844, CVE-2024-57977, CVE-2024-57981, CVE-2025-21728, CVE-2024-58090, CVE-2024-58007, CVE-2025-21763, CVE-2025-21762, CVE-2024-58005, CVE-2025-21916, CVE-2024-57834, CVE-2025-21707, CVE-2025-21865, CVE-2025-21736, CVE-2024-57978, CVE-2025-21919, CVE-2025-21820, CVE-2025-21804, CVE-2025-21722, CVE-2024-58055, CVE-2025-21779, CVE-2025-21772, CVE-2024-58010, CVE-2024-58058) Update Instructions: Run `sudo pro fix USN-7510-7` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-cloud-tools-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-headers-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-image-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-image-unsigned-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-intel-iotg-5.15-cloud-tools-5.15.0-1079 - 5.15.0-1079.85~20.04.1 linux-intel-iotg-5.15-cloud-tools-common - 5.15.0-1079.85~20.04.1 linux-intel-iotg-5.15-headers-5.15.0-1079 - 5.15.0-1079.85~20.04.1 linux-intel-iotg-5.15-tools-5.15.0-1079 - 5.15.0-1079.85~20.04.1 linux-intel-iotg-5.15-tools-common - 5.15.0-1079.85~20.04.1 linux-intel-iotg-5.15-tools-host - 5.15.0-1079.85~20.04.1 linux-modules-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-modules-extra-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-modules-iwlwifi-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 linux-tools-5.15.0-1079-intel-iotg - 5.15.0-1079.85~20.04.1 No subscription required linux-cloud-tools-intel - 5.15.0.1079.85~20.04.1 linux-headers-intel - 5.15.0.1079.85~20.04.1 linux-headers-intel-iotg - 5.15.0.1079.85~20.04.1 linux-headers-intel-iotg-edge - 5.15.0.1079.85~20.04.1 linux-image-intel - 5.15.0.1079.85~20.04.1 linux-image-intel-iotg - 5.15.0.1079.85~20.04.1 linux-image-intel-iotg-edge - 5.15.0.1079.85~20.04.1 linux-intel - 5.15.0.1079.85~20.04.1 linux-intel-iotg - 5.15.0.1079.85~20.04.1 linux-intel-iotg-edge - 5.15.0.1079.85~20.04.1 linux-tools-intel - 5.15.0.1079.85~20.04.1 linux-tools-intel-iotg - 5.15.0.1079.85~20.04.1 linux-tools-intel-iotg-edge - 5.15.0.1079.85~20.04.1 No subscription required Medium CVE-2024-26982 CVE-2024-47726 CVE-2024-56599 CVE-2024-56721 CVE-2024-57834 CVE-2024-57973 CVE-2024-57977 CVE-2024-57978 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58005 CVE-2024-58007 CVE-2024-58010 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017 CVE-2024-58020 CVE-2024-58034 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58076 CVE-2024-58079 CVE-2024-58083 CVE-2024-58085 CVE-2024-58086 CVE-2024-58090 CVE-2025-21647 CVE-2025-21684 CVE-2025-21704 CVE-2025-21707 CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21726 CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21745 CVE-2025-21748 CVE-2025-21749 CVE-2025-21753 CVE-2025-21758 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-21767 CVE-2025-21772 CVE-2025-21776 CVE-2025-21779 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799 CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21820 CVE-2025-21823 CVE-2025-21826 CVE-2025-21830 CVE-2025-21835 CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878 CVE-2025-21887 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21912 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21919 CVE-2025-21920 CVE-2025-21922 CVE-2025-21924 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21943 CVE-2025-21948 CVE-2025-21950 CVE-2025-21951 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21804, CVE-2025-21779, CVE-2025-21878, CVE-2025-21735, CVE-2024-57977, CVE-2025-21951, CVE-2025-21704, CVE-2025-21859, CVE-2025-21760, CVE-2025-21862, CVE-2024-57834, CVE-2025-21745, CVE-2025-21762, CVE-2024-58005, CVE-2025-21846, CVE-2025-21914, CVE-2025-21736, CVE-2025-21928, CVE-2024-57986, CVE-2025-21761, CVE-2024-58086, CVE-2025-21731, CVE-2025-21766, CVE-2025-21844, CVE-2024-58072, CVE-2024-58069, CVE-2025-21924, CVE-2025-21848, CVE-2025-21950, CVE-2025-21934, CVE-2025-21647, CVE-2024-58076, CVE-2025-21726, CVE-2025-21791, CVE-2025-21722, CVE-2025-21971, CVE-2025-21719, CVE-2025-21904, CVE-2025-21875, CVE-2025-21877, CVE-2025-21758, CVE-2024-58001, CVE-2024-58007, CVE-2024-58010, CVE-2025-21787, CVE-2025-21905, CVE-2024-58055, CVE-2025-21782, CVE-2024-58090, CVE-2025-21910, CVE-2025-21708, CVE-2025-21826, CVE-2024-57980, CVE-2024-58051, CVE-2024-56721, CVE-2025-21909, CVE-2025-21802, CVE-2025-21744, CVE-2024-58058, CVE-2025-21728, CVE-2024-47726, CVE-2024-58079, CVE-2024-58002, CVE-2024-58014, CVE-2025-21898, CVE-2025-21811, CVE-2024-57979, CVE-2025-21865, CVE-2025-21748, CVE-2025-21749, CVE-2025-21920, CVE-2025-21763, CVE-2025-21764, CVE-2025-21887, CVE-2025-21858, CVE-2024-58034, CVE-2025-21820, CVE-2024-57978, CVE-2025-21866, CVE-2025-21922, CVE-2025-21926, CVE-2025-21753, CVE-2024-58052, CVE-2025-21684, CVE-2025-21823, CVE-2024-58016, CVE-2025-21835, CVE-2025-21925, CVE-2025-21707, CVE-2025-21785, CVE-2025-21795, CVE-2025-21718, CVE-2025-21935, CVE-2025-21765, CVE-2025-21715, CVE-2025-21916, CVE-2025-21727, CVE-2025-21912, CVE-2024-58071, CVE-2024-58083, CVE-2025-21948, CVE-2024-56599, CVE-2025-21721, CVE-2024-58063, CVE-2025-21806, CVE-2025-21772, CVE-2025-21776, CVE-2025-21830, CVE-2025-21917, CVE-2024-58020, CVE-2025-21871, CVE-2025-21796, CVE-2025-21711, CVE-2024-58017, CVE-2024-58085, CVE-2024-57981, CVE-2024-57973, CVE-2025-21919, CVE-2025-21814, CVE-2024-26982, CVE-2025-21781, CVE-2025-21943, CVE-2025-21799, CVE-2025-21767) Update Instructions: Run `sudo pro fix USN-7510-8` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-5.15-cloud-tools-5.15.0-1084 - 5.15.0-1084.91~20.04.1 linux-aws-5.15-headers-5.15.0-1084 - 5.15.0-1084.91~20.04.1 linux-aws-5.15-tools-5.15.0-1084 - 5.15.0-1084.91~20.04.1 linux-buildinfo-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-cloud-tools-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-headers-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-image-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-image-unsigned-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-modules-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-modules-extra-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 linux-tools-5.15.0-1084-aws - 5.15.0-1084.91~20.04.1 No subscription required linux-aws - 5.15.0.1084.91~20.04.1 linux-aws-edge - 5.15.0.1084.91~20.04.1 linux-headers-aws - 5.15.0.1084.91~20.04.1 linux-headers-aws-edge - 5.15.0.1084.91~20.04.1 linux-image-aws - 5.15.0.1084.91~20.04.1 linux-image-aws-edge - 5.15.0.1084.91~20.04.1 linux-modules-extra-aws - 5.15.0.1084.91~20.04.1 linux-modules-extra-aws-edge - 5.15.0.1084.91~20.04.1 linux-tools-aws - 5.15.0.1084.91~20.04.1 linux-tools-aws-edge - 5.15.0.1084.91~20.04.1 No subscription required Medium CVE-2024-26982 CVE-2024-47726 CVE-2024-56599 CVE-2024-56721 CVE-2024-57834 CVE-2024-57973 CVE-2024-57977 CVE-2024-57978 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58005 CVE-2024-58007 CVE-2024-58010 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017 CVE-2024-58020 CVE-2024-58034 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58076 CVE-2024-58079 CVE-2024-58083 CVE-2024-58085 CVE-2024-58086 CVE-2024-58090 CVE-2025-21647 CVE-2025-21684 CVE-2025-21704 CVE-2025-21707 CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21726 CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21745 CVE-2025-21748 CVE-2025-21749 CVE-2025-21753 CVE-2025-21758 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-21767 CVE-2025-21772 CVE-2025-21776 CVE-2025-21779 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799 CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21820 CVE-2025-21823 CVE-2025-21826 CVE-2025-21830 CVE-2025-21835 CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878 CVE-2025-21887 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21912 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21919 CVE-2025-21920 CVE-2025-21922 CVE-2025-21924 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21943 CVE-2025-21948 CVE-2025-21950 CVE-2025-21951 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Netfilter; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21914, CVE-2024-58090, CVE-2024-58017, CVE-2024-58069, CVE-2025-21920, CVE-2025-21935, CVE-2024-57977, CVE-2025-21763, CVE-2025-21684, CVE-2025-21721, CVE-2025-21736, CVE-2024-58020, CVE-2025-21799, CVE-2025-21904, CVE-2025-21934, CVE-2025-21719, CVE-2025-21811, CVE-2025-21727, CVE-2024-58071, CVE-2025-21905, CVE-2024-26982, CVE-2025-21820, CVE-2024-58052, CVE-2025-21925, CVE-2025-21796, CVE-2025-21779, CVE-2025-21823, CVE-2024-58063, CVE-2025-21772, CVE-2025-21924, CVE-2025-21765, CVE-2024-56721, CVE-2025-21859, CVE-2025-21760, CVE-2025-21753, CVE-2025-21835, CVE-2025-21887, CVE-2024-58002, CVE-2024-58086, CVE-2025-21744, CVE-2025-21848, CVE-2024-57986, CVE-2025-21865, CVE-2025-21766, CVE-2025-21715, CVE-2023-52664, CVE-2025-21764, CVE-2024-58085, CVE-2025-21704, CVE-2024-58072, CVE-2024-58079, CVE-2025-21846, CVE-2025-21647, CVE-2025-21726, CVE-2024-58034, CVE-2025-21943, CVE-2025-21875, CVE-2025-21871, CVE-2025-21898, CVE-2024-58083, CVE-2025-21748, CVE-2024-57834, CVE-2024-58051, CVE-2025-21862, CVE-2025-21722, CVE-2025-21912, CVE-2025-21950, CVE-2025-21917, CVE-2024-57973, CVE-2024-56599, CVE-2025-21922, CVE-2025-21787, CVE-2025-21919, CVE-2025-21971, CVE-2024-57979, CVE-2024-35889, CVE-2025-21804, CVE-2025-21782, CVE-2025-21910, CVE-2025-21909, CVE-2025-21708, CVE-2025-21830, CVE-2025-21791, CVE-2024-58016, CVE-2025-21711, CVE-2025-21928, CVE-2024-58007, CVE-2024-58005, CVE-2023-52927, CVE-2025-21802, CVE-2024-58010, CVE-2024-58001, CVE-2024-47726, CVE-2024-57978, CVE-2024-58055, CVE-2025-21735, CVE-2025-21795, CVE-2025-21745, CVE-2025-21878, CVE-2025-21877, CVE-2025-21826, CVE-2024-58076, CVE-2025-21806, CVE-2025-21858, CVE-2025-21866, CVE-2025-21776, CVE-2025-21785, CVE-2025-21758, CVE-2024-57980, CVE-2025-21728, CVE-2024-58014, CVE-2025-21814, CVE-2025-21762, CVE-2025-21951, CVE-2025-21767, CVE-2025-21844, CVE-2025-21781, CVE-2024-58058, CVE-2025-21761, CVE-2025-21707, CVE-2025-21731, CVE-2024-44964, CVE-2025-21749, CVE-2024-57981, CVE-2025-21948, CVE-2025-21926, CVE-2025-21916, CVE-2025-21718) Update Instructions: Run `sudo pro fix USN-7512-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-gcp-5.15-headers-5.15.0-1083 - 5.15.0-1083.92~20.04.1 linux-gcp-5.15-tools-5.15.0-1083 - 5.15.0-1083.92~20.04.1 linux-headers-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-image-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-image-unsigned-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-modules-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-modules-extra-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-modules-iwlwifi-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 linux-tools-5.15.0-1083-gcp - 5.15.0-1083.92~20.04.1 No subscription required linux-gcp - 5.15.0.1083.92~20.04.1 linux-gcp-edge - 5.15.0.1083.92~20.04.1 linux-headers-gcp - 5.15.0.1083.92~20.04.1 linux-headers-gcp-edge - 5.15.0.1083.92~20.04.1 linux-image-gcp - 5.15.0.1083.92~20.04.1 linux-image-gcp-edge - 5.15.0.1083.92~20.04.1 linux-modules-extra-gcp - 5.15.0.1083.92~20.04.1 linux-modules-extra-gcp-edge - 5.15.0.1083.92~20.04.1 linux-tools-gcp - 5.15.0.1083.92~20.04.1 linux-tools-gcp-edge - 5.15.0.1083.92~20.04.1 No subscription required High CVE-2023-52664 CVE-2023-52927 CVE-2024-26982 CVE-2024-35889 CVE-2024-44964 CVE-2024-47726 CVE-2024-56599 CVE-2024-56721 CVE-2024-57834 CVE-2024-57973 CVE-2024-57977 CVE-2024-57978 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58005 CVE-2024-58007 CVE-2024-58010 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017 CVE-2024-58020 CVE-2024-58034 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58076 CVE-2024-58079 CVE-2024-58083 CVE-2024-58085 CVE-2024-58086 CVE-2024-58090 CVE-2025-21647 CVE-2025-21684 CVE-2025-21704 CVE-2025-21707 CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21726 CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21745 CVE-2025-21748 CVE-2025-21749 CVE-2025-21753 CVE-2025-21758 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-21767 CVE-2025-21772 CVE-2025-21776 CVE-2025-21779 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799 CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21820 CVE-2025-21823 CVE-2025-21826 CVE-2025-21830 CVE-2025-21835 CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878 CVE-2025-21887 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21912 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21919 CVE-2025-21920 CVE-2025-21922 CVE-2025-21924 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21943 CVE-2025-21948 CVE-2025-21950 CVE-2025-21951 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21866, CVE-2025-21846, CVE-2025-21971, CVE-2025-21909, CVE-2024-58083, CVE-2025-21811, CVE-2025-21776, CVE-2024-58051, CVE-2025-21917, CVE-2025-21935, CVE-2025-21785, CVE-2021-47191, CVE-2025-21765, CVE-2025-21704, CVE-2025-21647, CVE-2024-58069, CVE-2025-21877, CVE-2025-21948, CVE-2024-58007, CVE-2024-58001, CVE-2025-21871, CVE-2024-58055, CVE-2025-21848, CVE-2025-21925, CVE-2024-58058, CVE-2025-21814, CVE-2025-21905, CVE-2025-21898, CVE-2025-21926, CVE-2025-21760, CVE-2024-57973, CVE-2025-21806, CVE-2024-58071, CVE-2025-21761, CVE-2025-21762, CVE-2024-57986, CVE-2025-21708, CVE-2025-21744, CVE-2024-26996, CVE-2024-50055, CVE-2024-58020, CVE-2025-21858, CVE-2025-21715, CVE-2025-21904, CVE-2025-21920, CVE-2024-56599, CVE-2025-21781, CVE-2025-21764, CVE-2025-21865, CVE-2025-21772, CVE-2024-58072, CVE-2025-21928, CVE-2025-21859, CVE-2025-21721, CVE-2025-21719, CVE-2025-21914, CVE-2025-21753, CVE-2024-58009, CVE-2024-57981, CVE-2024-58063, CVE-2024-58052, CVE-2025-21722, CVE-2024-57977, CVE-2025-21736, CVE-2025-21922, CVE-2024-26982, CVE-2025-21718, CVE-2025-21916, CVE-2025-21749, CVE-2025-21787, CVE-2024-58085, CVE-2024-58010, CVE-2024-57979, CVE-2024-57980, CVE-2025-21782, CVE-2025-21791, CVE-2025-21728, CVE-2023-52741, CVE-2025-21934, CVE-2024-58002, CVE-2025-21735, CVE-2025-21910, CVE-2025-21823, CVE-2024-58090, CVE-2025-21862, CVE-2025-21731, CVE-2025-21835, CVE-2024-58017, CVE-2024-58014, CVE-2025-21763) Update Instructions: Run `sudo pro fix USN-7516-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1144-oracle - 5.4.0-1144.154 linux-headers-5.4.0-1144-oracle - 5.4.0-1144.154 linux-image-5.4.0-1144-oracle - 5.4.0-1144.154 linux-image-unsigned-5.4.0-1144-oracle - 5.4.0-1144.154 linux-modules-5.4.0-1144-oracle - 5.4.0-1144.154 linux-modules-extra-5.4.0-1144-oracle - 5.4.0-1144.154 linux-oracle-headers-5.4.0-1144 - 5.4.0-1144.154 linux-oracle-tools-5.4.0-1144 - 5.4.0-1144.154 linux-tools-5.4.0-1144-oracle - 5.4.0-1144.154 No subscription required linux-buildinfo-5.4.0-1149-gcp - 5.4.0-1149.158 linux-gcp-headers-5.4.0-1149 - 5.4.0-1149.158 linux-gcp-tools-5.4.0-1149 - 5.4.0-1149.158 linux-headers-5.4.0-1149-gcp - 5.4.0-1149.158 linux-image-5.4.0-1149-gcp - 5.4.0-1149.158 linux-image-unsigned-5.4.0-1149-gcp - 5.4.0-1149.158 linux-modules-5.4.0-1149-gcp - 5.4.0-1149.158 linux-modules-extra-5.4.0-1149-gcp - 5.4.0-1149.158 linux-tools-5.4.0-1149-gcp - 5.4.0-1149.158 No subscription required linux-buildinfo-5.4.0-216-generic - 5.4.0-216.236 linux-buildinfo-5.4.0-216-generic-lpae - 5.4.0-216.236 linux-buildinfo-5.4.0-216-lowlatency - 5.4.0-216.236 linux-cloud-tools-5.4.0-216 - 5.4.0-216.236 linux-cloud-tools-5.4.0-216-generic - 5.4.0-216.236 linux-cloud-tools-5.4.0-216-lowlatency - 5.4.0-216.236 linux-cloud-tools-common - 5.4.0-216.236 linux-doc - 5.4.0-216.236 linux-headers-5.4.0-216 - 5.4.0-216.236 linux-headers-5.4.0-216-generic - 5.4.0-216.236 linux-headers-5.4.0-216-generic-lpae - 5.4.0-216.236 linux-headers-5.4.0-216-lowlatency - 5.4.0-216.236 linux-image-5.4.0-216-generic - 5.4.0-216.236 linux-image-5.4.0-216-generic-lpae - 5.4.0-216.236 linux-image-5.4.0-216-lowlatency - 5.4.0-216.236 linux-image-unsigned-5.4.0-216-generic - 5.4.0-216.236 linux-image-unsigned-5.4.0-216-lowlatency - 5.4.0-216.236 linux-libc-dev - 5.4.0-216.236 linux-modules-5.4.0-216-generic - 5.4.0-216.236 linux-modules-5.4.0-216-generic-lpae - 5.4.0-216.236 linux-modules-5.4.0-216-lowlatency - 5.4.0-216.236 linux-modules-extra-5.4.0-216-generic - 5.4.0-216.236 linux-source-5.4.0 - 5.4.0-216.236 linux-tools-5.4.0-216 - 5.4.0-216.236 linux-tools-5.4.0-216-generic - 5.4.0-216.236 linux-tools-5.4.0-216-generic-lpae - 5.4.0-216.236 linux-tools-5.4.0-216-lowlatency - 5.4.0-216.236 linux-tools-common - 5.4.0-216.236 linux-tools-host - 5.4.0-216.236 No subscription required linux-headers-oracle-lts-20.04 - 5.4.0.1144.138 linux-image-oracle-lts-20.04 - 5.4.0.1144.138 linux-oracle-lts-20.04 - 5.4.0.1144.138 linux-tools-oracle-lts-20.04 - 5.4.0.1144.138 No subscription required linux-gcp-lts-20.04 - 5.4.0.1149.151 linux-headers-gcp-lts-20.04 - 5.4.0.1149.151 linux-image-gcp-lts-20.04 - 5.4.0.1149.151 linux-modules-extra-gcp-lts-20.04 - 5.4.0.1149.151 linux-tools-gcp-lts-20.04 - 5.4.0.1149.151 No subscription required linux-cloud-tools-generic - 5.4.0.216.208 linux-cloud-tools-generic-hwe-18.04 - 5.4.0.216.208 linux-cloud-tools-generic-hwe-18.04-edge - 5.4.0.216.208 linux-cloud-tools-lowlatency - 5.4.0.216.208 linux-cloud-tools-lowlatency-hwe-18.04 - 5.4.0.216.208 linux-cloud-tools-lowlatency-hwe-18.04-edge - 5.4.0.216.208 linux-cloud-tools-virtual - 5.4.0.216.208 linux-cloud-tools-virtual-hwe-18.04 - 5.4.0.216.208 linux-cloud-tools-virtual-hwe-18.04-edge - 5.4.0.216.208 linux-crashdump - 5.4.0.216.208 linux-generic - 5.4.0.216.208 linux-generic-hwe-18.04 - 5.4.0.216.208 linux-generic-hwe-18.04-edge - 5.4.0.216.208 linux-generic-lpae - 5.4.0.216.208 linux-generic-lpae-hwe-18.04 - 5.4.0.216.208 linux-generic-lpae-hwe-18.04-edge - 5.4.0.216.208 linux-headers-generic - 5.4.0.216.208 linux-headers-generic-hwe-18.04 - 5.4.0.216.208 linux-headers-generic-hwe-18.04-edge - 5.4.0.216.208 linux-headers-generic-lpae - 5.4.0.216.208 linux-headers-generic-lpae-hwe-18.04 - 5.4.0.216.208 linux-headers-generic-lpae-hwe-18.04-edge - 5.4.0.216.208 linux-headers-lowlatency - 5.4.0.216.208 linux-headers-lowlatency-hwe-18.04 - 5.4.0.216.208 linux-headers-lowlatency-hwe-18.04-edge - 5.4.0.216.208 linux-headers-oem - 5.4.0.216.208 linux-headers-oem-osp1 - 5.4.0.216.208 linux-headers-virtual - 5.4.0.216.208 linux-headers-virtual-hwe-18.04 - 5.4.0.216.208 linux-headers-virtual-hwe-18.04-edge - 5.4.0.216.208 linux-image-extra-virtual - 5.4.0.216.208 linux-image-extra-virtual-hwe-18.04 - 5.4.0.216.208 linux-image-extra-virtual-hwe-18.04-edge - 5.4.0.216.208 linux-image-generic - 5.4.0.216.208 linux-image-generic-hwe-18.04 - 5.4.0.216.208 linux-image-generic-hwe-18.04-edge - 5.4.0.216.208 linux-image-generic-lpae - 5.4.0.216.208 linux-image-generic-lpae-hwe-18.04 - 5.4.0.216.208 linux-image-generic-lpae-hwe-18.04-edge - 5.4.0.216.208 linux-image-lowlatency - 5.4.0.216.208 linux-image-lowlatency-hwe-18.04 - 5.4.0.216.208 linux-image-lowlatency-hwe-18.04-edge - 5.4.0.216.208 linux-image-oem - 5.4.0.216.208 linux-image-oem-osp1 - 5.4.0.216.208 linux-image-virtual - 5.4.0.216.208 linux-image-virtual-hwe-18.04 - 5.4.0.216.208 linux-image-virtual-hwe-18.04-edge - 5.4.0.216.208 linux-lowlatency - 5.4.0.216.208 linux-lowlatency-hwe-18.04 - 5.4.0.216.208 linux-lowlatency-hwe-18.04-edge - 5.4.0.216.208 linux-oem - 5.4.0.216.208 linux-oem-osp1 - 5.4.0.216.208 linux-oem-osp1-tools-host - 5.4.0.216.208 linux-oem-tools-host - 5.4.0.216.208 linux-source - 5.4.0.216.208 linux-tools-generic - 5.4.0.216.208 linux-tools-generic-hwe-18.04 - 5.4.0.216.208 linux-tools-generic-hwe-18.04-edge - 5.4.0.216.208 linux-tools-generic-lpae - 5.4.0.216.208 linux-tools-generic-lpae-hwe-18.04 - 5.4.0.216.208 linux-tools-generic-lpae-hwe-18.04-edge - 5.4.0.216.208 linux-tools-lowlatency - 5.4.0.216.208 linux-tools-lowlatency-hwe-18.04 - 5.4.0.216.208 linux-tools-lowlatency-hwe-18.04-edge - 5.4.0.216.208 linux-tools-oem - 5.4.0.216.208 linux-tools-oem-osp1 - 5.4.0.216.208 linux-tools-virtual - 5.4.0.216.208 linux-tools-virtual-hwe-18.04 - 5.4.0.216.208 linux-tools-virtual-hwe-18.04-edge - 5.4.0.216.208 linux-virtual - 5.4.0.216.208 linux-virtual-hwe-18.04 - 5.4.0.216.208 linux-virtual-hwe-18.04-edge - 5.4.0.216.208 No subscription required Medium CVE-2021-47191 CVE-2023-52741 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21866, CVE-2025-21846, CVE-2025-21971, CVE-2025-21909, CVE-2024-58083, CVE-2025-21811, CVE-2025-21776, CVE-2024-58051, CVE-2025-21917, CVE-2025-21935, CVE-2025-21785, CVE-2021-47191, CVE-2025-21765, CVE-2025-21704, CVE-2025-21647, CVE-2024-58069, CVE-2025-21877, CVE-2025-21948, CVE-2024-58007, CVE-2024-58001, CVE-2025-21871, CVE-2024-58055, CVE-2025-21848, CVE-2025-21925, CVE-2024-58058, CVE-2025-21814, CVE-2025-21905, CVE-2025-21898, CVE-2025-21926, CVE-2025-21760, CVE-2024-57973, CVE-2025-21806, CVE-2024-58071, CVE-2025-21761, CVE-2025-21762, CVE-2024-57986, CVE-2025-21708, CVE-2025-21744, CVE-2024-26996, CVE-2024-50055, CVE-2024-58020, CVE-2025-21858, CVE-2025-21715, CVE-2025-21904, CVE-2025-21920, CVE-2024-56599, CVE-2025-21781, CVE-2025-21764, CVE-2025-21865, CVE-2025-21772, CVE-2024-58072, CVE-2025-21928, CVE-2025-21859, CVE-2025-21721, CVE-2025-21719, CVE-2025-21914, CVE-2025-21753, CVE-2024-58009, CVE-2024-57981, CVE-2024-58063, CVE-2024-58052, CVE-2025-21722, CVE-2024-57977, CVE-2025-21736, CVE-2025-21922, CVE-2024-26982, CVE-2025-21718, CVE-2025-21916, CVE-2025-21749, CVE-2025-21787, CVE-2024-58085, CVE-2024-58010, CVE-2024-57979, CVE-2024-57980, CVE-2025-21782, CVE-2025-21791, CVE-2025-21728, CVE-2023-52741, CVE-2025-21934, CVE-2024-58002, CVE-2025-21735, CVE-2025-21910, CVE-2025-21823, CVE-2024-58090, CVE-2025-21862, CVE-2025-21731, CVE-2025-21835, CVE-2024-58017, CVE-2024-58014, CVE-2025-21763) Update Instructions: Run `sudo pro fix USN-7516-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-gcp-fips-headers-5.4.0-1149 - 5.4.0-1149.158+fips1 linux-gcp-fips-tools-5.4.0-1149 - 5.4.0-1149.158+fips1 linux-headers-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-image-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-image-hmac-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-image-unsigned-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-image-unsigned-hmac-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-modules-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-modules-extra-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 linux-tools-5.4.0-1149-gcp-fips - 5.4.0-1149.158+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-gcp-fips - 5.4.0.1149.91 linux-headers-gcp-fips - 5.4.0.1149.91 linux-image-gcp-fips - 5.4.0.1149.91 linux-modules-extra-gcp-fips - 5.4.0.1149.91 linux-tools-gcp-fips - 5.4.0.1149.91 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-47191 CVE-2023-52741 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21719, CVE-2024-58069, CVE-2025-21914, CVE-2025-21928, CVE-2025-21909, CVE-2025-21772, CVE-2025-21814, CVE-2025-21721, CVE-2024-50055, CVE-2025-21917, CVE-2025-21862, CVE-2025-21806, CVE-2025-21647, CVE-2024-58051, CVE-2024-57986, CVE-2024-57981, CVE-2025-21904, CVE-2025-21925, CVE-2025-21859, CVE-2025-21948, CVE-2024-58052, CVE-2025-21922, CVE-2024-26996, CVE-2024-26982, CVE-2025-21858, CVE-2024-58090, CVE-2024-58085, CVE-2025-21718, CVE-2025-21762, CVE-2025-21753, CVE-2025-21763, CVE-2025-21760, CVE-2024-58010, CVE-2025-21920, CVE-2025-21916, CVE-2025-21776, CVE-2025-21728, CVE-2024-58002, CVE-2025-21781, CVE-2024-58072, CVE-2025-21735, CVE-2025-21749, CVE-2025-21731, CVE-2025-21835, CVE-2024-56599, CVE-2025-21877, CVE-2025-21785, CVE-2025-21704, CVE-2024-57979, CVE-2024-58007, CVE-2024-57977, CVE-2025-21761, CVE-2025-21787, CVE-2025-21846, CVE-2024-58063, CVE-2025-21898, CVE-2025-21791, CVE-2025-21934, CVE-2025-21926, CVE-2025-21764, CVE-2025-21811, CVE-2025-21722, CVE-2025-21715, CVE-2024-58020, CVE-2024-58001, CVE-2024-58071, CVE-2025-21905, CVE-2024-58014, CVE-2025-21736, CVE-2025-21865, CVE-2023-52741, CVE-2025-21935, CVE-2025-21910, CVE-2024-57980, CVE-2025-21744, CVE-2024-58055, CVE-2025-21823, CVE-2021-47191, CVE-2025-21866, CVE-2024-58083, CVE-2025-21871, CVE-2025-21782, CVE-2025-21848, CVE-2024-58009, CVE-2025-21971, CVE-2024-58058, CVE-2024-58017, CVE-2025-21765, CVE-2024-57973, CVE-2025-21708) Update Instructions: Run `sudo pro fix USN-7516-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1133-kvm - 5.4.0-1133.142 linux-headers-5.4.0-1133-kvm - 5.4.0-1133.142 linux-image-5.4.0-1133-kvm - 5.4.0-1133.142 linux-image-unsigned-5.4.0-1133-kvm - 5.4.0-1133.142 linux-kvm-headers-5.4.0-1133 - 5.4.0-1133.142 linux-kvm-tools-5.4.0-1133 - 5.4.0-1133.142 linux-modules-5.4.0-1133-kvm - 5.4.0-1133.142 linux-tools-5.4.0-1133-kvm - 5.4.0-1133.142 No subscription required linux-azure-cloud-tools-5.4.0-1151 - 5.4.0-1151.158 linux-azure-headers-5.4.0-1151 - 5.4.0-1151.158 linux-azure-tools-5.4.0-1151 - 5.4.0-1151.158 linux-buildinfo-5.4.0-1151-azure - 5.4.0-1151.158 linux-cloud-tools-5.4.0-1151-azure - 5.4.0-1151.158 linux-headers-5.4.0-1151-azure - 5.4.0-1151.158 linux-image-5.4.0-1151-azure - 5.4.0-1151.158 linux-image-unsigned-5.4.0-1151-azure - 5.4.0-1151.158 linux-modules-5.4.0-1151-azure - 5.4.0-1151.158 linux-modules-extra-5.4.0-1151-azure - 5.4.0-1151.158 linux-tools-5.4.0-1151-azure - 5.4.0-1151.158 No subscription required linux-headers-kvm - 5.4.0.1133.129 linux-image-kvm - 5.4.0.1133.129 linux-kvm - 5.4.0.1133.129 linux-tools-kvm - 5.4.0.1133.129 No subscription required linux-azure-lts-20.04 - 5.4.0.1151.145 linux-cloud-tools-azure-lts-20.04 - 5.4.0.1151.145 linux-headers-azure-lts-20.04 - 5.4.0.1151.145 linux-image-azure-lts-20.04 - 5.4.0.1151.145 linux-modules-extra-azure-lts-20.04 - 5.4.0.1151.145 linux-tools-azure-lts-20.04 - 5.4.0.1151.145 No subscription required Medium CVE-2021-47191 CVE-2023-52741 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21814, CVE-2025-21917, CVE-2025-21871, CVE-2024-57973, CVE-2025-21862, CVE-2025-21877, CVE-2024-26982, CVE-2024-58090, CVE-2025-21925, CVE-2025-21787, CVE-2025-21763, CVE-2024-58083, CVE-2025-21719, CVE-2025-21715, CVE-2025-21704, CVE-2025-21865, CVE-2025-21781, CVE-2025-21762, CVE-2023-52741, CVE-2025-21761, CVE-2025-21764, CVE-2025-21811, CVE-2025-21846, CVE-2024-57981, CVE-2024-58051, CVE-2025-21772, CVE-2024-56599, CVE-2024-58014, CVE-2024-58007, CVE-2025-21760, CVE-2021-47191, CVE-2025-21909, CVE-2025-21791, CVE-2025-21916, CVE-2024-57979, CVE-2024-26996, CVE-2024-58085, CVE-2024-58072, CVE-2025-21914, CVE-2025-21848, CVE-2025-21736, CVE-2025-21785, CVE-2024-58002, CVE-2024-58058, CVE-2025-21776, CVE-2025-21935, CVE-2025-21722, CVE-2024-58071, CVE-2025-21721, CVE-2025-21708, CVE-2024-58055, CVE-2025-21782, CVE-2025-21806, CVE-2025-21922, CVE-2025-21835, CVE-2025-21749, CVE-2025-21858, CVE-2024-58020, CVE-2024-58069, CVE-2024-57980, CVE-2025-21735, CVE-2025-21905, CVE-2025-21823, CVE-2024-58052, CVE-2025-21971, CVE-2024-58063, CVE-2025-21728, CVE-2025-21910, CVE-2024-58017, CVE-2025-21647, CVE-2025-21934, CVE-2025-21926, CVE-2024-57986, CVE-2025-21948, CVE-2024-58009, CVE-2025-21765, CVE-2025-21904, CVE-2025-21866, CVE-2025-21928, CVE-2025-21859, CVE-2024-58010, CVE-2025-21753, CVE-2025-21718, CVE-2024-58001, CVE-2025-21731, CVE-2024-50055, CVE-2025-21744, CVE-2025-21920, CVE-2024-57977, CVE-2025-21898) Update Instructions: Run `sudo pro fix USN-7516-6` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1092-ibm - 5.4.0-1092.97 linux-headers-5.4.0-1092-ibm - 5.4.0-1092.97 linux-ibm-cloud-tools-common - 5.4.0-1092.97 linux-ibm-headers-5.4.0-1092 - 5.4.0-1092.97 linux-ibm-source-5.4.0 - 5.4.0-1092.97 linux-ibm-tools-5.4.0-1092 - 5.4.0-1092.97 linux-ibm-tools-common - 5.4.0-1092.97 linux-image-5.4.0-1092-ibm - 5.4.0-1092.97 linux-image-unsigned-5.4.0-1092-ibm - 5.4.0-1092.97 linux-modules-5.4.0-1092-ibm - 5.4.0-1092.97 linux-modules-extra-5.4.0-1092-ibm - 5.4.0-1092.97 linux-tools-5.4.0-1092-ibm - 5.4.0-1092.97 No subscription required linux-headers-ibm-lts-20.04 - 5.4.0.1092.121 linux-ibm-lts-20.04 - 5.4.0.1092.121 linux-image-ibm-lts-20.04 - 5.4.0.1092.121 linux-modules-extra-ibm-lts-20.04 - 5.4.0.1092.121 linux-tools-ibm-lts-20.04 - 5.4.0.1092.121 No subscription required Medium CVE-2021-47191 CVE-2023-52741 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2024-58072, CVE-2024-58051, CVE-2024-58058, CVE-2024-57977, CVE-2024-58007, CVE-2025-21753, CVE-2025-21647, CVE-2025-21787, CVE-2025-21791, CVE-2025-21782, CVE-2024-56599, CVE-2024-58063, CVE-2025-21806, CVE-2021-47191, CVE-2025-21823, CVE-2025-21776, CVE-2025-21948, CVE-2024-58017, CVE-2024-57981, CVE-2025-21925, CVE-2024-58069, CVE-2024-58085, CVE-2025-21704, CVE-2025-21811, CVE-2025-21858, CVE-2025-21862, CVE-2024-58010, CVE-2025-21926, CVE-2025-21920, CVE-2025-21762, CVE-2025-21914, CVE-2025-21916, CVE-2023-52741, CVE-2025-21835, CVE-2025-21761, CVE-2025-21905, CVE-2024-50055, CVE-2024-57980, CVE-2025-21728, CVE-2025-21910, CVE-2025-21785, CVE-2025-21848, CVE-2024-58090, CVE-2025-21971, CVE-2024-58071, CVE-2025-21909, CVE-2025-21722, CVE-2025-21765, CVE-2025-21859, CVE-2025-21744, CVE-2025-21781, CVE-2025-21922, CVE-2024-57979, CVE-2024-58052, CVE-2025-21718, CVE-2024-58014, CVE-2024-58020, CVE-2025-21772, CVE-2025-21904, CVE-2025-21708, CVE-2025-21846, CVE-2025-21935, CVE-2025-21763, CVE-2025-21934, CVE-2024-57973, CVE-2025-21877, CVE-2025-21760, CVE-2024-58002, CVE-2025-21721, CVE-2025-21719, CVE-2024-58083, CVE-2025-21928, CVE-2025-21871, CVE-2024-58009, CVE-2025-21749, CVE-2025-21866, CVE-2024-58055, CVE-2025-21814, CVE-2024-26996, CVE-2025-21898, CVE-2025-21715, CVE-2024-57986, CVE-2024-58001, CVE-2025-21731, CVE-2025-21764, CVE-2025-21917, CVE-2024-26982, CVE-2025-21736, CVE-2025-21865, CVE-2025-21735) Update Instructions: Run `sudo pro fix USN-7516-8` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1120-fips - 5.4.0-1120.130 linux-fips-headers-5.4.0-1120 - 5.4.0-1120.130 linux-fips-tools-5.4.0-1120 - 5.4.0-1120.130 linux-fips-tools-host - 5.4.0-1120.130 linux-headers-5.4.0-1120-fips - 5.4.0-1120.130 linux-image-5.4.0-1120-fips - 5.4.0-1120.130 linux-image-hmac-5.4.0-1120-fips - 5.4.0-1120.130 linux-image-unsigned-5.4.0-1120-fips - 5.4.0-1120.130 linux-image-unsigned-hmac-5.4.0-1120-fips - 5.4.0-1120.130 linux-modules-5.4.0-1120-fips - 5.4.0-1120.130 linux-modules-extra-5.4.0-1120-fips - 5.4.0-1120.130 linux-tools-5.4.0-1120-fips - 5.4.0-1120.130 Available with Ubuntu Pro: https://ubuntu.com/pro linux-aws-fips-headers-5.4.0-1146 - 5.4.0-1146.156+fips1 linux-aws-fips-tools-5.4.0-1146 - 5.4.0-1146.156+fips1 linux-buildinfo-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-headers-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-image-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-image-hmac-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-image-unsigned-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-image-unsigned-hmac-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-modules-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-modules-extra-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 linux-tools-5.4.0-1146-aws-fips - 5.4.0-1146.156+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-fips - 5.4.0.1120.117 linux-headers-fips - 5.4.0.1120.117 linux-image-fips - 5.4.0.1120.117 linux-signed-fips - 5.4.0.1120.117 linux-signed-image-fips - 5.4.0.1120.117 linux-tools-fips - 5.4.0.1120.117 Available with Ubuntu Pro: https://ubuntu.com/pro linux-aws-fips - 5.4.0.1146.93 linux-headers-aws-fips - 5.4.0.1146.93 linux-image-aws-fips - 5.4.0.1146.93 linux-modules-extra-aws-fips - 5.4.0.1146.93 linux-tools-aws-fips - 5.4.0.1146.93 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-47191 CVE-2023-52741 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21835, CVE-2025-21760, CVE-2025-21914, CVE-2025-21744, CVE-2024-57977, CVE-2024-58001, CVE-2025-21848, CVE-2024-57981, CVE-2024-58055, CVE-2025-21721, CVE-2025-21925, CVE-2025-21764, CVE-2025-21909, CVE-2024-26996, CVE-2024-56599, CVE-2025-21728, CVE-2025-21782, CVE-2025-21866, CVE-2024-58069, CVE-2025-21859, CVE-2024-58007, CVE-2024-58009, CVE-2025-21904, CVE-2024-58085, CVE-2025-21920, CVE-2024-58058, CVE-2025-21811, CVE-2025-21922, CVE-2025-21948, CVE-2024-58090, CVE-2024-57980, CVE-2025-21823, CVE-2024-58052, CVE-2025-21736, CVE-2025-21917, CVE-2021-47191, CVE-2024-58051, CVE-2024-58017, CVE-2025-21846, CVE-2025-21862, CVE-2025-21722, CVE-2024-57986, CVE-2025-21871, CVE-2025-21865, CVE-2023-52741, CVE-2025-21971, CVE-2025-21718, CVE-2025-21814, CVE-2025-21704, CVE-2025-21934, CVE-2025-21781, CVE-2025-21791, CVE-2025-21708, CVE-2025-21935, CVE-2025-21761, CVE-2025-21719, CVE-2025-21763, CVE-2025-21772, CVE-2025-21905, CVE-2025-21731, CVE-2024-58002, CVE-2024-58083, CVE-2025-21858, CVE-2025-21776, CVE-2025-21762, CVE-2025-21928, CVE-2025-21877, CVE-2025-21910, CVE-2024-58010, CVE-2025-21735, CVE-2024-50055, CVE-2025-21785, CVE-2024-57973, CVE-2025-21806, CVE-2025-21749, CVE-2024-58063, CVE-2024-57979, CVE-2025-21753, CVE-2024-26982, CVE-2025-21647, CVE-2025-21898, CVE-2024-58020, CVE-2024-58071, CVE-2025-21926, CVE-2025-21715, CVE-2025-21765, CVE-2025-21787, CVE-2025-21916, CVE-2024-58014, CVE-2024-58072) Update Instructions: Run `sudo pro fix USN-7516-9` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-aws-cloud-tools-5.4.0-1146 - 5.4.0-1146.156 linux-aws-headers-5.4.0-1146 - 5.4.0-1146.156 linux-aws-tools-5.4.0-1146 - 5.4.0-1146.156 linux-buildinfo-5.4.0-1146-aws - 5.4.0-1146.156 linux-cloud-tools-5.4.0-1146-aws - 5.4.0-1146.156 linux-headers-5.4.0-1146-aws - 5.4.0-1146.156 linux-image-5.4.0-1146-aws - 5.4.0-1146.156 linux-image-unsigned-5.4.0-1146-aws - 5.4.0-1146.156 linux-modules-5.4.0-1146-aws - 5.4.0-1146.156 linux-modules-extra-5.4.0-1146-aws - 5.4.0-1146.156 linux-tools-5.4.0-1146-aws - 5.4.0-1146.156 No subscription required linux-aws-lts-20.04 - 5.4.0.1146.143 linux-headers-aws-lts-20.04 - 5.4.0.1146.143 linux-image-aws-lts-20.04 - 5.4.0.1146.143 linux-modules-extra-aws-lts-20.04 - 5.4.0.1146.143 linux-tools-aws-lts-20.04 - 5.4.0.1146.143 No subscription required Medium CVE-2021-47191 CVE-2023-52741 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Netfilter; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2024-58051, CVE-2025-21731, CVE-2025-21782, CVE-2025-21785, CVE-2025-21917, CVE-2025-21914, CVE-2025-21744, CVE-2025-21948, CVE-2025-21708, CVE-2024-58072, CVE-2024-57977, CVE-2024-26996, CVE-2025-21787, CVE-2025-21859, CVE-2024-58007, CVE-2023-52664, CVE-2025-21722, CVE-2025-21971, CVE-2025-21928, CVE-2025-21791, CVE-2024-58090, CVE-2024-57981, CVE-2025-21865, CVE-2024-58001, CVE-2025-21926, CVE-2024-58071, CVE-2025-21721, CVE-2025-21772, CVE-2025-21764, CVE-2024-58017, CVE-2024-57973, CVE-2025-21761, CVE-2025-21866, CVE-2025-21920, CVE-2025-21704, CVE-2024-58055, CVE-2024-56599, CVE-2025-21935, CVE-2023-52927, CVE-2025-21811, CVE-2024-50055, CVE-2025-21781, CVE-2025-21760, CVE-2025-21922, CVE-2024-58009, CVE-2024-58069, CVE-2025-21877, CVE-2024-58058, CVE-2024-57980, CVE-2025-21905, CVE-2024-26982, CVE-2025-21916, CVE-2024-58020, CVE-2025-21835, CVE-2025-21719, CVE-2025-21858, CVE-2024-58085, CVE-2025-21814, CVE-2025-21762, CVE-2025-21862, CVE-2024-58014, CVE-2025-21898, CVE-2025-21904, CVE-2025-21736, CVE-2025-21765, CVE-2025-21647, CVE-2024-58010, CVE-2025-21763, CVE-2025-21718, CVE-2021-47191, CVE-2024-58052, CVE-2025-21846, CVE-2024-58063, CVE-2024-26689, CVE-2025-21806, CVE-2025-21753, CVE-2025-21910, CVE-2025-21848, CVE-2025-21749, CVE-2025-21871, CVE-2024-57979, CVE-2025-21728, CVE-2025-21925, CVE-2024-58002, CVE-2025-21909, CVE-2025-21715, CVE-2024-58083, CVE-2025-21735, CVE-2025-21776, CVE-2025-21823, CVE-2025-21934, CVE-2023-52741, CVE-2024-57986) Update Instructions: Run `sudo pro fix USN-7517-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1064-xilinx-zynqmp - 5.4.0-1064.68 linux-headers-5.4.0-1064-xilinx-zynqmp - 5.4.0-1064.68 linux-image-5.4.0-1064-xilinx-zynqmp - 5.4.0-1064.68 linux-modules-5.4.0-1064-xilinx-zynqmp - 5.4.0-1064.68 linux-tools-5.4.0-1064-xilinx-zynqmp - 5.4.0-1064.68 linux-xilinx-zynqmp-headers-5.4.0-1064 - 5.4.0-1064.68 linux-xilinx-zynqmp-tools-5.4.0-1064 - 5.4.0-1064.68 No subscription required linux-headers-xilinx-zynqmp - 5.4.0.1064.64 linux-image-xilinx-zynqmp - 5.4.0.1064.64 linux-tools-xilinx-zynqmp - 5.4.0.1064.64 linux-xilinx-zynqmp - 5.4.0.1064.64 No subscription required High CVE-2021-47191 CVE-2023-52664 CVE-2023-52741 CVE-2023-52927 CVE-2024-26689 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Netfilter; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2024-58055, CVE-2025-21715, CVE-2024-26982, CVE-2025-21806, CVE-2024-58052, CVE-2024-57981, CVE-2025-21935, CVE-2025-21763, CVE-2024-58002, CVE-2025-21736, CVE-2025-21704, CVE-2024-57986, CVE-2025-21761, CVE-2024-58069, CVE-2025-21934, CVE-2024-58017, CVE-2025-21862, CVE-2024-26689, CVE-2025-21744, CVE-2025-21776, CVE-2024-56599, CVE-2025-21858, CVE-2025-21722, CVE-2025-21791, CVE-2025-21735, CVE-2025-21926, CVE-2025-21904, CVE-2024-58009, CVE-2024-58010, CVE-2024-58063, CVE-2025-21765, CVE-2025-21914, CVE-2025-21866, CVE-2025-21760, CVE-2024-57979, CVE-2024-58071, CVE-2025-21781, CVE-2025-21772, CVE-2025-21928, CVE-2025-21762, CVE-2024-58014, CVE-2024-57980, CVE-2024-26996, CVE-2025-21708, CVE-2025-21922, CVE-2024-58051, CVE-2023-52927, CVE-2024-58085, CVE-2025-21721, CVE-2025-21782, CVE-2025-21871, CVE-2024-50055, CVE-2025-21749, CVE-2025-21835, CVE-2024-58007, CVE-2025-21971, CVE-2024-58083, CVE-2025-21731, CVE-2024-57973, CVE-2025-21811, CVE-2025-21728, CVE-2023-52741, CVE-2025-21865, CVE-2025-21859, CVE-2025-21823, CVE-2025-21877, CVE-2024-57977, CVE-2025-21917, CVE-2025-21909, CVE-2025-21846, CVE-2024-58072, CVE-2025-21848, CVE-2023-52664, CVE-2025-21785, CVE-2021-47191, CVE-2025-21910, CVE-2025-21925, CVE-2025-21814, CVE-2024-58020, CVE-2025-21764, CVE-2024-58058, CVE-2025-21905, CVE-2025-21787, CVE-2024-58001, CVE-2025-21647, CVE-2025-21719, CVE-2024-58090, CVE-2025-21753, CVE-2025-21718, CVE-2025-21948, CVE-2025-21898, CVE-2025-21920, CVE-2025-21916) Update Instructions: Run `sudo pro fix USN-7517-3` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-bluefield-headers-5.4.0-1105 - 5.4.0-1105.112 linux-bluefield-tools-5.4.0-1105 - 5.4.0-1105.112 linux-buildinfo-5.4.0-1105-bluefield - 5.4.0-1105.112 linux-headers-5.4.0-1105-bluefield - 5.4.0-1105.112 linux-image-5.4.0-1105-bluefield - 5.4.0-1105.112 linux-image-unsigned-5.4.0-1105-bluefield - 5.4.0-1105.112 linux-modules-5.4.0-1105-bluefield - 5.4.0-1105.112 linux-tools-5.4.0-1105-bluefield - 5.4.0-1105.112 No subscription required linux-bluefield - 5.4.0.1105.101 linux-headers-bluefield - 5.4.0.1105.101 linux-image-bluefield - 5.4.0.1105.101 linux-tools-bluefield - 5.4.0.1105.101 No subscription required High CVE-2021-47191 CVE-2023-52664 CVE-2023-52741 CVE-2023-52927 CVE-2024-26689 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu Pro FIPS-updates 20.04 LTS Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver; - Character device driver; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - NILFS2 file system; - UBI file system; - KVM subsystem; - L3 Master device support module; - Netfilter; - Process Accounting mechanism; - printk logging mechanism; - Scheduler infrastructure; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Tomoyo security module; (CVE-2025-21760, CVE-2025-21928, CVE-2025-21877, CVE-2024-58069, CVE-2025-21909, CVE-2025-21926, CVE-2025-21731, CVE-2025-21718, CVE-2025-21763, CVE-2025-21866, CVE-2024-58009, CVE-2025-21971, CVE-2025-21787, CVE-2025-21721, CVE-2024-58072, CVE-2025-21791, CVE-2021-47191, CVE-2025-21865, CVE-2025-21762, CVE-2024-58063, CVE-2025-21910, CVE-2025-21823, CVE-2025-21905, CVE-2025-21708, CVE-2024-58090, CVE-2025-21917, CVE-2024-58051, CVE-2025-21781, CVE-2025-21898, CVE-2025-21922, CVE-2024-58002, CVE-2024-58017, CVE-2024-57986, CVE-2024-58052, CVE-2024-26982, CVE-2025-21848, CVE-2025-21835, CVE-2025-21749, CVE-2024-58014, CVE-2024-58007, CVE-2024-57980, CVE-2025-21715, CVE-2025-21858, CVE-2025-21916, CVE-2025-21811, CVE-2025-21765, CVE-2025-21736, CVE-2025-21647, CVE-2025-21934, CVE-2025-21776, CVE-2025-21761, CVE-2025-21904, CVE-2024-57979, CVE-2024-58020, CVE-2025-21935, CVE-2025-21871, CVE-2025-21704, CVE-2024-57977, CVE-2024-58083, CVE-2025-21764, CVE-2025-21814, CVE-2025-21772, CVE-2025-21719, CVE-2024-58055, CVE-2023-52664, CVE-2024-56599, CVE-2024-58001, CVE-2025-21744, CVE-2024-58085, CVE-2025-21753, CVE-2025-21846, CVE-2024-58010, CVE-2024-26996, CVE-2023-52927, CVE-2024-50055, CVE-2025-21925, CVE-2025-21782, CVE-2024-57973, CVE-2024-58071, CVE-2025-21785, CVE-2025-21859, CVE-2025-21920, CVE-2024-26689, CVE-2023-52741, CVE-2025-21806, CVE-2024-58058, CVE-2025-21722, CVE-2025-21728, CVE-2024-57981, CVE-2025-21948, CVE-2025-21914, CVE-2025-21862, CVE-2025-21735) Update Instructions: Run `sudo pro fix USN-7518-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-azure-fips-cloud-tools-5.4.0-1151 - 5.4.0-1151.158+fips1 linux-azure-fips-headers-5.4.0-1151 - 5.4.0-1151.158+fips1 linux-azure-fips-tools-5.4.0-1151 - 5.4.0-1151.158+fips1 linux-buildinfo-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-cloud-tools-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-headers-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-image-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-image-hmac-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-image-unsigned-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-image-unsigned-hmac-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-modules-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-modules-extra-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 linux-tools-5.4.0-1151-azure-fips - 5.4.0-1151.158+fips1 Available with Ubuntu Pro: https://ubuntu.com/pro linux-azure-fips - 5.4.0.1151.88 linux-cloud-tools-azure-fips - 5.4.0.1151.88 linux-headers-azure-fips - 5.4.0.1151.88 linux-image-azure-fips - 5.4.0.1151.88 linux-modules-extra-azure-fips - 5.4.0.1151.88 linux-tools-azure-fips - 5.4.0.1151.88 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2021-47191 CVE-2023-52664 CVE-2023-52741 CVE-2023-52927 CVE-2024-26689 CVE-2024-26982 CVE-2024-26996 CVE-2024-50055 CVE-2024-56599 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-21647 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS It was discovered that PostgreSQL incorrectly handled the GB18030 encoding. An attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. Update Instructions: Run `sudo pro fix USN-7520-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libecpg-compat3 - 12.22-0ubuntu0.20.04.4 libecpg-dev - 12.22-0ubuntu0.20.04.4 libecpg6 - 12.22-0ubuntu0.20.04.4 libpgtypes3 - 12.22-0ubuntu0.20.04.4 libpq-dev - 12.22-0ubuntu0.20.04.4 libpq5 - 12.22-0ubuntu0.20.04.4 postgresql-12 - 12.22-0ubuntu0.20.04.4 postgresql-client-12 - 12.22-0ubuntu0.20.04.4 postgresql-doc-12 - 12.22-0ubuntu0.20.04.4 postgresql-plperl-12 - 12.22-0ubuntu0.20.04.4 postgresql-plpython3-12 - 12.22-0ubuntu0.20.04.4 postgresql-pltcl-12 - 12.22-0ubuntu0.20.04.4 postgresql-server-dev-12 - 12.22-0ubuntu0.20.04.4 No subscription required Medium CVE-2025-4207 Ubuntu 20.04 LTS It was discovered that Apache Tomcat incorrectly implemented partial PUT functionality by replacing path separators with dots in temporary files. A remote attacker could possibly use this issue to access sensitive files, inject malicious content, or execute remote code. Update Instructions: Run `sudo pro fix USN-7525-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtomcat9-embed-java - 9.0.31-1ubuntu0.9+esm1 libtomcat9-java - 9.0.31-1ubuntu0.9+esm1 tomcat9 - 9.0.31-1ubuntu0.9+esm1 tomcat9-admin - 9.0.31-1ubuntu0.9+esm1 tomcat9-common - 9.0.31-1ubuntu0.9+esm1 tomcat9-docs - 9.0.31-1ubuntu0.9+esm1 tomcat9-examples - 9.0.31-1ubuntu0.9+esm1 tomcat9-user - 9.0.31-1ubuntu0.9+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2025-24813 Ubuntu 20.04 LTS It was discovered that libfcgi-perl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7527-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libfcgi-perl - 0.79-1ubuntu0.1 No subscription required Medium CVE-2025-40907 Ubuntu 20.04 LTS It was discovered that SQLite incorrectly handled the concat_ws() function. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-29087, CVE-2025-3277) It was discovered that SQLite incorrectly handled certain argument values to sqlite3_db_config(). An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-29088) Update Instructions: Run `sudo pro fix USN-7528-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: lemon - 3.31.1-4ubuntu0.7 libsqlite3-0 - 3.31.1-4ubuntu0.7 libsqlite3-dev - 3.31.1-4ubuntu0.7 libsqlite3-tcl - 3.31.1-4ubuntu0.7 sqlite3 - 3.31.1-4ubuntu0.7 sqlite3-doc - 3.31.1-4ubuntu0.7 No subscription required Medium CVE-2025-29087 CVE-2025-29088 CVE-2025-3277 Ubuntu 20.04 LTS It was discovered that Apache Tika can have an excessive memory usage by using a crafted or corrupt PSD file. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-1950, CVE-2020-1951) It was discovered that Apache Tika incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-30126, CVE-2022-30973, CVE-2022-33879) Update Instructions: Run `sudo pro fix USN-7529-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libtika-java - 1.22-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2022-33879 CVE-2022-30126 CVE-2022-30973 CVE-2020-1950 CVE-2020-1951 Ubuntu 20.04 LTS It was discovered that Glib incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7532-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libglib2.0-0 - 2.64.6-1~ubuntu20.04.9 libglib2.0-bin - 2.64.6-1~ubuntu20.04.9 libglib2.0-data - 2.64.6-1~ubuntu20.04.9 libglib2.0-dev - 2.64.6-1~ubuntu20.04.9 libglib2.0-dev-bin - 2.64.6-1~ubuntu20.04.9 libglib2.0-doc - 2.64.6-1~ubuntu20.04.9 libglib2.0-tests - 2.64.6-1~ubuntu20.04.9 No subscription required Medium CVE-2025-4373 Ubuntu 20.04 LTS Sander Wiebing and Cristiano Giuffrida discovered that some Intel® Processors did not properly handle data in Shared Microarchitectural Structures during Transient Execution. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2024-28956) It was discovered that some Intel® Processors did not properly handle prediction calculations. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2024-43420, CVE-2024-45332, CVE-2025-20623) It was discovered that some Intel® Processors did not properly initialize resources in the branch prediction unit. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2025-20012, CVE-2025-24495) Michal Raviv and Jeff Gilbert discovered that some Intel® Processors did not properly handle resources and exceptions in the core management mechanism. An authenticated attacker could possibly use this issue to cause a denial of service. (CVE-2025-20054, CVE-2025-20103) Update Instructions: Run `sudo pro fix USN-7535-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: intel-microcode - 3.20250512.0ubuntu0.20.04.1 No subscription required Medium CVE-2024-28956 CVE-2024-43420 CVE-2024-45332 CVE-2025-20012 CVE-2025-20054 CVE-2025-20103 CVE-2025-20623 CVE-2025-24495 Ubuntu 20.04 LTS It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information. Update Instructions: Run `sudo pro fix USN-7536-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: cifs-utils - 2:6.9-1ubuntu0.3 No subscription required Medium CVE-2025-2312 Ubuntu 20.04 LTS It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7537-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: net-tools - 1.60+git20180626.aebd88e-1ubuntu1.1 No subscription required Medium CVE-2025-46836 Ubuntu 20.04 LTS USN-7537-1 fixed a vulnerability in net-tools that caused a regression. This update fixes the problem. Original advisory details: It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7537-2` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: net-tools - 1.60+git20180626.aebd88e-1ubuntu1.3 No subscription required None https://launchpad.net/bugs/2111912 Ubuntu 20.04 LTS Simcha Kosman discovered that FFmpeg did not correctly handle certain return values. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-0518) It was discovered that FFmpeg did not correctly handle certain memory operations. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.10. (CVE-2025-1816) It was discovered that FFmpeg contained a reachable assertion, which could lead to a failure when processing certain AAC files. If a user or automated system were tricked into opening a specially crafted AAC file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-22919) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-22921) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-25473) Update Instructions: Run `sudo pro fix USN-7538-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ffmpeg - 7:4.2.7-0ubuntu0.1+esm8 ffmpeg-doc - 7:4.2.7-0ubuntu0.1+esm8 libavcodec-dev - 7:4.2.7-0ubuntu0.1+esm8 libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm8 libavcodec-extra58 - 7:4.2.7-0ubuntu0.1+esm8 libavcodec58 - 7:4.2.7-0ubuntu0.1+esm8 libavdevice-dev - 7:4.2.7-0ubuntu0.1+esm8 libavdevice58 - 7:4.2.7-0ubuntu0.1+esm8 libavfilter-dev - 7:4.2.7-0ubuntu0.1+esm8 libavfilter-extra - 7:4.2.7-0ubuntu0.1+esm8 libavfilter-extra7 - 7:4.2.7-0ubuntu0.1+esm8 libavfilter7 - 7:4.2.7-0ubuntu0.1+esm8 libavformat-dev - 7:4.2.7-0ubuntu0.1+esm8 libavformat58 - 7:4.2.7-0ubuntu0.1+esm8 libavresample-dev - 7:4.2.7-0ubuntu0.1+esm8 libavresample4 - 7:4.2.7-0ubuntu0.1+esm8 libavutil-dev - 7:4.2.7-0ubuntu0.1+esm8 libavutil56 - 7:4.2.7-0ubuntu0.1+esm8 libpostproc-dev - 7:4.2.7-0ubuntu0.1+esm8 libpostproc55 - 7:4.2.7-0ubuntu0.1+esm8 libswresample-dev - 7:4.2.7-0ubuntu0.1+esm8 libswresample3 - 7:4.2.7-0ubuntu0.1+esm8 libswscale-dev - 7:4.2.7-0ubuntu0.1+esm8 libswscale5 - 7:4.2.7-0ubuntu0.1+esm8 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-22919 CVE-2025-0518 CVE-2025-22921 CVE-2025-25473 CVE-2025-1816 Ubuntu 20.04 LTS Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Virtio block driver; - Character device driver; - TPM device driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I2C subsystem; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - NTB driver; - Virtio pmem driver; - NVME drivers; - Parport drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - SLIMbus drivers; - QCOM SoC drivers; - SPI subsystem; - Direct Digital Synthesis drivers; - Trusted Execution Environment drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - USB Dual Role (OTG-ready) Controller drivers; - Renesas USBHS Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - KVM subsystem; - L3 Master device support module; - LAPB network protocol; - Network namespace; - Netfilter; - Network traffic control; - Network sockets; - TCP network protocol; - Kernel init infrastructure; - Process Accounting mechanism; - BPF subsystem; - Kernel CPU control infrastructure; - Perf events; - printk logging mechanism; - Arbitrary resource management; - Scheduler infrastructure; - Tracing infrastructure; - Closures library; - Memory management; - 802.1Q VLAN protocol; - 9P file system network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - Logical Link layer; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - Netlink; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - Rose network layer; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Key management; - SELinux security module; - Tomoyo security module; - FireWire sound drivers; - AudioScience HPI driver; - Amlogic Meson SoC drivers; - USB sound devices; (CVE-2025-21814, CVE-2024-57938, CVE-2024-56605, CVE-2024-47747, CVE-2024-50251, CVE-2021-47191, CVE-2024-49973, CVE-2024-53171, CVE-2024-50167, CVE-2024-53066, CVE-2024-57980, CVE-2024-56558, CVE-2024-57906, CVE-2025-21846, CVE-2024-56576, CVE-2024-56593, CVE-2024-57850, CVE-2024-56594, CVE-2024-50256, CVE-2024-49948, CVE-2024-38544, CVE-2024-58071, CVE-2024-58017, CVE-2024-50282, CVE-2024-47737, CVE-2024-47740, CVE-2024-56548, CVE-2025-21925, CVE-2025-21689, CVE-2024-46826, CVE-2024-26982, CVE-2024-53121, CVE-2024-50171, CVE-2024-50278, CVE-2024-50290, CVE-2024-56597, CVE-2025-21708, CVE-2024-49867, CVE-2024-57849, CVE-2024-56769, CVE-2024-58010, CVE-2025-21848, CVE-2024-50218, CVE-2024-53063, CVE-2025-21697, CVE-2023-52664, CVE-2024-50302, CVE-2024-58014, CVE-2024-53112, CVE-2024-50099, CVE-2024-49884, CVE-2024-53138, CVE-2024-53183, CVE-2024-56658, CVE-2024-57884, CVE-2024-50229, CVE-2024-53174, CVE-2024-47756, CVE-2024-49851, CVE-2024-47699, CVE-2024-58072, CVE-2024-49878, CVE-2024-50148, CVE-2024-57904, CVE-2024-50045, CVE-2024-53157, CVE-2024-53146, CVE-2024-50287, CVE-2024-49883, CVE-2024-56724, CVE-2024-58090, CVE-2025-21722, CVE-2024-53061, CVE-2025-21664, CVE-2024-50265, CVE-2024-50168, CVE-2024-49894, CVE-2024-50035, CVE-2024-57913, CVE-2024-57929, CVE-2024-48881, CVE-2024-58058, CVE-2024-56633, CVE-2024-56756, CVE-2024-49925, CVE-2024-50233, CVE-2025-21639, CVE-2024-49944, CVE-2024-53194, CVE-2025-21904, CVE-2024-56581, CVE-2025-21877, CVE-2025-21811, CVE-2024-53156, CVE-2024-57912, CVE-2025-21653, CVE-2024-50024, CVE-2024-57931, CVE-2024-26928, CVE-2024-49949, CVE-2024-56688, CVE-2024-47757, CVE-2024-56601, CVE-2024-56562, CVE-2025-21749, CVE-2024-47709, CVE-2025-21934, CVE-2024-47674, CVE-2024-49879, CVE-2024-49924, CVE-2024-46731, CVE-2024-53214, CVE-2024-56659, CVE-2024-50236, CVE-2025-21694, CVE-2024-47707, CVE-2024-53680, CVE-2024-41066, CVE-2024-56651, CVE-2025-21718, CVE-2024-50279, CVE-2024-50040, CVE-2024-56598, CVE-2023-52927, CVE-2025-21862, CVE-2024-49981, CVE-2024-50273, CVE-2024-50180, CVE-2025-21753, CVE-2024-49957, CVE-2024-56615, CVE-2024-46854, CVE-2025-21721, CVE-2024-49962, CVE-2024-49974, CVE-2024-53217, CVE-2024-35887, CVE-2024-53172, CVE-2024-58069, CVE-2024-53124, CVE-2024-50131, CVE-2024-53158, CVE-2024-57901, CVE-2024-46849, CVE-2025-21917, CVE-2024-57892, CVE-2024-53131, CVE-2024-56587, CVE-2024-50151, CVE-2024-49860, CVE-2024-53184, CVE-2025-21687, CVE-2024-56690, CVE-2025-21926, CVE-2024-47723, CVE-2024-50195, CVE-2025-21760, CVE-2024-50142, CVE-2025-21910, CVE-2024-49997, CVE-2024-58083, CVE-2024-52332, CVE-2025-21806, CVE-2025-21640, CVE-2025-21922, CVE-2024-58051, CVE-2024-56606, CVE-2024-47698, CVE-2024-50044, CVE-2024-56574, CVE-2025-21785, CVE-2024-56532, CVE-2024-53165, CVE-2024-56779, CVE-2024-50269, CVE-2024-47684, CVE-2024-50006, CVE-2024-47749, CVE-2024-56595, CVE-2025-21736, CVE-2024-53198, CVE-2024-49952, CVE-2024-53104, CVE-2025-21772, CVE-2025-21914, CVE-2024-53127, CVE-2024-50301, CVE-2024-53239, CVE-2024-47670, CVE-2021-47119, CVE-2025-21702, CVE-2024-50296, CVE-2024-50033, CVE-2024-49975, CVE-2024-57900, CVE-2024-56596, CVE-2024-56569, CVE-2024-47692, CVE-2024-56567, CVE-2024-56746, CVE-2024-47672, CVE-2025-21866, CVE-2024-58001, CVE-2024-50202, CVE-2024-49955, CVE-2024-38588, CVE-2024-47706, CVE-2025-21700, CVE-2025-21763, CVE-2024-47696, CVE-2024-53150, CVE-2024-53237, CVE-2024-40953, CVE-2024-53197, CVE-2024-49892, CVE-2024-40965, CVE-2024-49903, CVE-2024-42252, CVE-2024-56642, CVE-2024-56739, CVE-2024-43098, CVE-2024-57973, CVE-2023-52741, CVE-2024-50096, CVE-2025-21835, CVE-2024-49882, CVE-2025-21765, CVE-2024-57889, CVE-2022-49034, CVE-2024-57946, CVE-2025-21735, CVE-2024-56720, CVE-2024-57890, CVE-2024-50267, CVE-2025-21920, CVE-2024-56634, CVE-2024-56599, CVE-2024-47701, CVE-2024-56780, CVE-2024-49900, CVE-2024-26689, CVE-2025-21638, CVE-2024-50150, CVE-2024-47679, CVE-2025-21776, CVE-2024-49996, CVE-2024-49896, CVE-2024-53140, CVE-2024-50127, CVE-2024-53148, CVE-2024-49963, CVE-2024-56645, CVE-2025-21859, CVE-2024-53135, CVE-2024-56614, CVE-2024-49985, CVE-2024-57948, CVE-2024-50230, CVE-2024-57986, CVE-2024-56767, CVE-2024-50199, CVE-2024-53181, CVE-2024-49936, CVE-2024-58052, CVE-2024-57910, CVE-2024-47671, CVE-2024-50134, CVE-2024-55916, CVE-2024-50184, CVE-2024-56691, CVE-2024-26915, CVE-2024-58085, CVE-2025-21909, CVE-2024-44938, CVE-2024-41016, CVE-2025-21761, CVE-2024-35958, CVE-2024-49982, CVE-2024-57911, CVE-2025-21858, CVE-2024-57981, CVE-2024-53059, CVE-2024-26996, CVE-2025-21916, CVE-2025-21871, CVE-2021-47219, CVE-2024-50059, CVE-2024-58020, CVE-2025-21744, CVE-2024-47710, CVE-2025-21699, CVE-2024-49958, CVE-2024-53155, CVE-2024-53161, CVE-2024-56572, CVE-2024-49938, CVE-2024-53142, CVE-2024-53145, CVE-2024-50205, CVE-2024-47712, CVE-2024-56704, CVE-2024-56619, CVE-2024-56603, CVE-2024-56650, CVE-2024-50007, CVE-2024-56586, CVE-2025-21898, CVE-2024-49877, CVE-2024-56723, CVE-2024-50237, CVE-2025-21781, CVE-2025-21762, CVE-2024-53130, CVE-2024-57802, CVE-2024-56602, CVE-2024-53101, CVE-2024-57977, CVE-2025-21948, CVE-2024-47685, CVE-2024-35896, CVE-2024-58002, CVE-2024-49902, CVE-2024-50116, CVE-2024-56531, CVE-2024-56600, CVE-2025-21787, CVE-2024-56630, CVE-2024-50055, CVE-2024-47713, CVE-2024-56570, CVE-2024-46853, CVE-2024-57807, CVE-2023-52458, CVE-2024-44931, CVE-2025-21728, CVE-2024-43900, CVE-2024-57951, CVE-2025-21782, CVE-2024-43863, CVE-2024-56781, CVE-2025-21971, CVE-2024-56539, CVE-2024-57979, CVE-2024-50179, CVE-2024-56643, CVE-2025-21647, CVE-2024-50262, CVE-2024-56629, CVE-2024-50234, CVE-2024-57922, CVE-2024-58063, CVE-2024-53690, CVE-2024-50082, CVE-2024-57908, CVE-2024-53227, CVE-2024-58009, CVE-2024-56644, CVE-2024-56681, CVE-2024-58007, CVE-2024-56637, CVE-2024-50074, CVE-2025-21731, CVE-2024-49965, CVE-2025-21823, CVE-2024-56747, CVE-2025-21935, CVE-2025-21905, CVE-2024-47742, CVE-2024-56670, CVE-2024-50143, CVE-2025-21715, CVE-2024-35864, CVE-2024-50039, CVE-2024-56694, CVE-2025-21678, CVE-2024-58055, CVE-2024-50117, CVE-2024-49868, CVE-2024-56748, CVE-2025-21764, CVE-2024-49959, CVE-2025-21704, CVE-2024-57902, CVE-2025-21928, CVE-2024-50299, CVE-2025-21719, CVE-2025-21865, CVE-2024-50051, CVE-2024-47697, CVE-2024-56631, CVE-2024-56770, CVE-2024-49966, CVE-2024-40911, CVE-2024-50194, CVE-2024-50008, CVE-2024-53173, CVE-2025-21791, CVE-2024-56700) Update Instructions: Run `sudo pro fix USN-7539-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: linux-buildinfo-5.4.0-1129-raspi - 5.4.0-1129.142 linux-headers-5.4.0-1129-raspi - 5.4.0-1129.142 linux-image-5.4.0-1129-raspi - 5.4.0-1129.142 linux-modules-5.4.0-1129-raspi - 5.4.0-1129.142 linux-raspi-headers-5.4.0-1129 - 5.4.0-1129.142 linux-raspi-tools-5.4.0-1129 - 5.4.0-1129.142 linux-tools-5.4.0-1129-raspi - 5.4.0-1129.142 No subscription required linux-headers-raspi - 5.4.0.1129.160 linux-headers-raspi-hwe-18.04 - 5.4.0.1129.160 linux-headers-raspi-hwe-18.04-edge - 5.4.0.1129.160 linux-headers-raspi2 - 5.4.0.1129.160 linux-headers-raspi2-hwe-18.04 - 5.4.0.1129.160 linux-headers-raspi2-hwe-18.04-edge - 5.4.0.1129.160 linux-image-raspi - 5.4.0.1129.160 linux-image-raspi-hwe-18.04 - 5.4.0.1129.160 linux-image-raspi-hwe-18.04-edge - 5.4.0.1129.160 linux-image-raspi2 - 5.4.0.1129.160 linux-image-raspi2-hwe-18.04 - 5.4.0.1129.160 linux-image-raspi2-hwe-18.04-edge - 5.4.0.1129.160 linux-raspi - 5.4.0.1129.160 linux-raspi-hwe-18.04 - 5.4.0.1129.160 linux-raspi-hwe-18.04-edge - 5.4.0.1129.160 linux-raspi2 - 5.4.0.1129.160 linux-raspi2-hwe-18.04 - 5.4.0.1129.160 linux-raspi2-hwe-18.04-edge - 5.4.0.1129.160 linux-tools-raspi - 5.4.0.1129.160 linux-tools-raspi-hwe-18.04 - 5.4.0.1129.160 linux-tools-raspi-hwe-18.04-edge - 5.4.0.1129.160 linux-tools-raspi2 - 5.4.0.1129.160 linux-tools-raspi2-hwe-18.04 - 5.4.0.1129.160 linux-tools-raspi2-hwe-18.04-edge - 5.4.0.1129.160 No subscription required High CVE-2021-47119 CVE-2021-47191 CVE-2021-47219 CVE-2021-47469 CVE-2022-49034 CVE-2023-52458 CVE-2023-52664 CVE-2023-52741 CVE-2023-52927 CVE-2024-23848 CVE-2024-26689 CVE-2024-26915 CVE-2024-26928 CVE-2024-26982 CVE-2024-26996 CVE-2024-35864 CVE-2024-35887 CVE-2024-35896 CVE-2024-35958 CVE-2024-38544 CVE-2024-38588 CVE-2024-40911 CVE-2024-40953 CVE-2024-40965 CVE-2024-41016 CVE-2024-41066 CVE-2024-42252 CVE-2024-43098 CVE-2024-43863 CVE-2024-43900 CVE-2024-44931 CVE-2024-44938 CVE-2024-46731 CVE-2024-46826 CVE-2024-46849 CVE-2024-46853 CVE-2024-46854 CVE-2024-47670 CVE-2024-47671 CVE-2024-47672 CVE-2024-47674 CVE-2024-47679 CVE-2024-47684 CVE-2024-47685 CVE-2024-47692 CVE-2024-47696 CVE-2024-47697 CVE-2024-47698 CVE-2024-47699 CVE-2024-47701 CVE-2024-47706 CVE-2024-47707 CVE-2024-47709 CVE-2024-47710 CVE-2024-47712 CVE-2024-47713 CVE-2024-47723 CVE-2024-47737 CVE-2024-47740 CVE-2024-47742 CVE-2024-47747 CVE-2024-47749 CVE-2024-47756 CVE-2024-47757 CVE-2024-48881 CVE-2024-49851 CVE-2024-49860 CVE-2024-49867 CVE-2024-49868 CVE-2024-49877 CVE-2024-49878 CVE-2024-49879 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49892 CVE-2024-49894 CVE-2024-49896 CVE-2024-49900 CVE-2024-49902 CVE-2024-49903 CVE-2024-49924 CVE-2024-49925 CVE-2024-49936 CVE-2024-49938 CVE-2024-49944 CVE-2024-49948 CVE-2024-49949 CVE-2024-49952 CVE-2024-49955 CVE-2024-49957 CVE-2024-49958 CVE-2024-49959 CVE-2024-49962 CVE-2024-49963 CVE-2024-49965 CVE-2024-49966 CVE-2024-49973 CVE-2024-49974 CVE-2024-49975 CVE-2024-49981 CVE-2024-49982 CVE-2024-49985 CVE-2024-49996 CVE-2024-49997 CVE-2024-50006 CVE-2024-50007 CVE-2024-50008 CVE-2024-50024 CVE-2024-50033 CVE-2024-50035 CVE-2024-50039 CVE-2024-50040 CVE-2024-50044 CVE-2024-50045 CVE-2024-50051 CVE-2024-50055 CVE-2024-50059 CVE-2024-50074 CVE-2024-50082 CVE-2024-50096 CVE-2024-50099 CVE-2024-50116 CVE-2024-50117 CVE-2024-50127 CVE-2024-50131 CVE-2024-50134 CVE-2024-50142 CVE-2024-50143 CVE-2024-50148 CVE-2024-50150 CVE-2024-50151 CVE-2024-50167 CVE-2024-50168 CVE-2024-50171 CVE-2024-50179 CVE-2024-50180 CVE-2024-50184 CVE-2024-50194 CVE-2024-50195 CVE-2024-50199 CVE-2024-50202 CVE-2024-50205 CVE-2024-50218 CVE-2024-50229 CVE-2024-50230 CVE-2024-50233 CVE-2024-50234 CVE-2024-50236 CVE-2024-50237 CVE-2024-50251 CVE-2024-50256 CVE-2024-50262 CVE-2024-50265 CVE-2024-50267 CVE-2024-50269 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50282 CVE-2024-50287 CVE-2024-50290 CVE-2024-50296 CVE-2024-50299 CVE-2024-50301 CVE-2024-50302 CVE-2024-52332 CVE-2024-53059 CVE-2024-53061 CVE-2024-53063 CVE-2024-53066 CVE-2024-53101 CVE-2024-53104 CVE-2024-53112 CVE-2024-53121 CVE-2024-53124 CVE-2024-53127 CVE-2024-53130 CVE-2024-53131 CVE-2024-53135 CVE-2024-53138 CVE-2024-53140 CVE-2024-53142 CVE-2024-53145 CVE-2024-53146 CVE-2024-53148 CVE-2024-53150 CVE-2024-53155 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53171 CVE-2024-53172 CVE-2024-53173 CVE-2024-53174 CVE-2024-53181 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53198 CVE-2024-53214 CVE-2024-53217 CVE-2024-53227 CVE-2024-53237 CVE-2024-53239 CVE-2024-53680 CVE-2024-53690 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56548 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56574 CVE-2024-56576 CVE-2024-56581 CVE-2024-56586 CVE-2024-56587 CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56598 CVE-2024-56599 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56614 CVE-2024-56615 CVE-2024-56619 CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56633 CVE-2024-56634 CVE-2024-56637 CVE-2024-56642 CVE-2024-56643 CVE-2024-56644 CVE-2024-56645 CVE-2024-56650 CVE-2024-56651 CVE-2024-56658 CVE-2024-56659 CVE-2024-56670 CVE-2024-56681 CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56694 CVE-2024-56700 CVE-2024-56704 CVE-2024-56720 CVE-2024-56723 CVE-2024-56724 CVE-2024-56739 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56767 CVE-2024-56769 CVE-2024-56770 CVE-2024-56779 CVE-2024-56780 CVE-2024-56781 CVE-2024-57802 CVE-2024-57807 CVE-2024-57849 CVE-2024-57850 CVE-2024-57884 CVE-2024-57889 CVE-2024-57890 CVE-2024-57892 CVE-2024-57900 CVE-2024-57901 CVE-2024-57902 CVE-2024-57904 CVE-2024-57906 CVE-2024-57908 CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57922 CVE-2024-57929 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2024-57948 CVE-2024-57951 CVE-2024-57973 CVE-2024-57977 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-58001 CVE-2024-58002 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58014 CVE-2024-58017 CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055 CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090 CVE-2025-0927 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21647 CVE-2025-21653 CVE-2025-21664 CVE-2025-21678 CVE-2025-21687 CVE-2025-21689 CVE-2025-21694 CVE-2025-21697 CVE-2025-21699 CVE-2025-21700 CVE-2025-21702 CVE-2025-21704 CVE-2025-21708 CVE-2025-21715 CVE-2025-21718 CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735 CVE-2025-21736 CVE-2025-21744 CVE-2025-21749 CVE-2025-21753 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21772 CVE-2025-21776 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21806 CVE-2025-21811 CVE-2025-21814 CVE-2025-21823 CVE-2025-21835 CVE-2025-21846 CVE-2025-21848 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21865 CVE-2025-21866 CVE-2025-21871 CVE-2025-21877 CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21948 CVE-2025-21971 Ubuntu 20.04 LTS It was discovered that the GNU C Library incorrectly search LD_LIBRARY_PATH to determine which library to load when statically linked setuid binary calls dlopen. A local attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7541-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: glibc-doc - 2.31-0ubuntu9.18 glibc-source - 2.31-0ubuntu9.18 libc-bin - 2.31-0ubuntu9.18 libc-dev-bin - 2.31-0ubuntu9.18 libc6 - 2.31-0ubuntu9.18 libc6-amd64 - 2.31-0ubuntu9.18 libc6-armel - 2.31-0ubuntu9.18 libc6-dev - 2.31-0ubuntu9.18 libc6-dev-amd64 - 2.31-0ubuntu9.18 libc6-dev-armel - 2.31-0ubuntu9.18 libc6-dev-i386 - 2.31-0ubuntu9.18 libc6-dev-s390 - 2.31-0ubuntu9.18 libc6-dev-x32 - 2.31-0ubuntu9.18 libc6-i386 - 2.31-0ubuntu9.18 libc6-lse - 2.31-0ubuntu9.18 libc6-pic - 2.31-0ubuntu9.18 libc6-prof - 2.31-0ubuntu9.18 libc6-s390 - 2.31-0ubuntu9.18 libc6-x32 - 2.31-0ubuntu9.18 locales - 2.31-0ubuntu9.18 locales-all - 2.31-0ubuntu9.18 nscd - 2.31-0ubuntu9.18 No subscription required Medium CVE-2025-4802 Ubuntu 20.04 LTS It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. This update introduces the allow_rc4 and allow_des3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users are advised to discontinue their usage and upgrade to stronger encryption protocols. If the use of the insecure RC4 and 3DES algorithms is necessary, they can be enabled with the aforementioned configuration options. Update Instructions: Run `sudo pro fix USN-7542-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: krb5-admin-server - 1.17-6ubuntu4.11 krb5-doc - 1.17-6ubuntu4.11 krb5-gss-samples - 1.17-6ubuntu4.11 krb5-k5tls - 1.17-6ubuntu4.11 krb5-kdc - 1.17-6ubuntu4.11 krb5-kdc-ldap - 1.17-6ubuntu4.11 krb5-kpropd - 1.17-6ubuntu4.11 krb5-locales - 1.17-6ubuntu4.11 krb5-multidev - 1.17-6ubuntu4.11 krb5-otp - 1.17-6ubuntu4.11 krb5-pkinit - 1.17-6ubuntu4.11 krb5-user - 1.17-6ubuntu4.11 libgssapi-krb5-2 - 1.17-6ubuntu4.11 libgssrpc4 - 1.17-6ubuntu4.11 libk5crypto3 - 1.17-6ubuntu4.11 libkadm5clnt-mit11 - 1.17-6ubuntu4.11 libkadm5srv-mit11 - 1.17-6ubuntu4.11 libkdb5-9 - 1.17-6ubuntu4.11 libkrad-dev - 1.17-6ubuntu4.11 libkrad0 - 1.17-6ubuntu4.11 libkrb5-3 - 1.17-6ubuntu4.11 libkrb5-dev - 1.17-6ubuntu4.11 libkrb5support0 - 1.17-6ubuntu4.11 No subscription required Medium CVE-2025-3576 Ubuntu 20.04 LTS Jan Różański discovered that libsoup incorrectly handled certain headers when sending HTTP/2 requests over TLS. An attacker could possibly use this issue to cause a denial of service. This issue only affected libsoup3 in Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2025-32908) Jan Różański discovered that libsoup incorrectly parsed certain response headers. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-4476) Update Instructions: Run `sudo pro fix USN-7543-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-soup-2.4 - 2.70.0-1ubuntu0.5 libsoup-gnome2.4-1 - 2.70.0-1ubuntu0.5 libsoup-gnome2.4-dev - 2.70.0-1ubuntu0.5 libsoup2.4-1 - 2.70.0-1ubuntu0.5 libsoup2.4-dev - 2.70.0-1ubuntu0.5 libsoup2.4-doc - 2.70.0-1ubuntu0.5 libsoup2.4-tests - 2.70.0-1ubuntu0.5 No subscription required Medium CVE-2025-4476 CVE-2025-32908 Ubuntu 20.04 LTS It was discovered that setuptools did not properly sanitize paths. An attacker could possibly use this issue to write files to arbitrary locations on the filesystem. Update Instructions: Run `sudo pro fix USN-7544-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: pypy-pkg-resources - 44.0.0-2ubuntu0.1+esm2 pypy-setuptools - 44.0.0-2ubuntu0.1+esm2 python-pkg-resources - 44.0.0-2ubuntu0.1+esm2 python-setuptools - 44.0.0-2ubuntu0.1+esm2 Available with Ubuntu Pro: https://ubuntu.com/pro python-setuptools-doc - 45.2.0-1ubuntu0.3 python3-pkg-resources - 45.2.0-1ubuntu0.3 python3-setuptools - 45.2.0-1ubuntu0.3 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2025-47273 Ubuntu 20.04 LTS Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information. Update Instructions: Run `sudo pro fix USN-7545-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: apport - 2.20.11-0ubuntu27.28 apport-gtk - 2.20.11-0ubuntu27.28 apport-kde - 2.20.11-0ubuntu27.28 apport-noui - 2.20.11-0ubuntu27.28 apport-retrace - 2.20.11-0ubuntu27.28 apport-valgrind - 2.20.11-0ubuntu27.28 dh-apport - 2.20.11-0ubuntu27.28 python3-apport - 2.20.11-0ubuntu27.28 python3-problem-report - 2.20.11-0ubuntu27.28 No subscription required Medium CVE-2025-5054 Ubuntu 20.04 LTS It was discovered that libvpx did not properly manage memory. An attacker could possibly use this issue to cause applications using libvpx to crash, resulting in a denial of service, or possibly execute arbitrary code. Update Instructions: Run `sudo pro fix USN-7551-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libvpx-dev - 1.8.2-1ubuntu0.4 libvpx-doc - 1.8.2-1ubuntu0.4 libvpx6 - 1.8.2-1ubuntu0.4 vpx-tools - 1.8.2-1ubuntu0.4 No subscription required Medium CVE-2025-5283 Ubuntu 20.04 LTS It was discovered that Wireshark did not correctly handle recursion. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-39929) Roman Donchenko discovered that Wireshark did not correctly handle parsing certain files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-4182) It was discovered that Wireshark did not correctly handle parsing certain files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4185, CVE-2022-0581) It was discovered that Wireshark did not correctly handle parsing certain files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-4186) Sharon Brizinov discovered that Wireshark did not correctly handle parsing certain files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-0582, CVE-2022-0583, CVE-2022-0586) Sharon Brizinov discovered that Wireshark did not correctly handle parsing certain files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-0585) Jason Cohen discovered that Wireshark did not correctly handle parsing certain files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3190) Update Instructions: Run `sudo pro fix USN-7552-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libwireshark-data - 3.2.3-1ubuntu0.1~esm2 libwireshark-dev - 3.2.3-1ubuntu0.1~esm2 libwireshark13 - 3.2.3-1ubuntu0.1~esm2 libwiretap-dev - 3.2.3-1ubuntu0.1~esm2 libwiretap10 - 3.2.3-1ubuntu0.1~esm2 libwsutil-dev - 3.2.3-1ubuntu0.1~esm2 libwsutil11 - 3.2.3-1ubuntu0.1~esm2 tshark - 3.2.3-1ubuntu0.1~esm2 wireshark - 3.2.3-1ubuntu0.1~esm2 wireshark-common - 3.2.3-1ubuntu0.1~esm2 wireshark-dev - 3.2.3-1ubuntu0.1~esm2 wireshark-doc - 3.2.3-1ubuntu0.1~esm2 wireshark-gtk - 3.2.3-1ubuntu0.1~esm2 wireshark-qt - 3.2.3-1ubuntu0.1~esm2 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2021-4185 CVE-2022-0582 CVE-2022-0586 CVE-2022-3190 CVE-2021-4182 CVE-2022-0585 CVE-2021-39929 CVE-2021-4186 CVE-2022-0581 CVE-2022-0583 Ubuntu 20.04 LTS It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log injection. Update Instructions: Run `sudo pro fix USN-7555-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-django-doc - 2:2.2.12-1ubuntu0.29+esm1 python3-django - 2:2.2.12-1ubuntu0.29+esm1 Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro Low CVE-2025-48432 Ubuntu 20.04 LTS It was discovered that Bootstrap did not correctly sanitize certain input in the carousel component. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2024-6484, CVE-2024-6531) It was discovered that Bootstrap did not correctly sanitize certain input in the button plugin. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2024-6485) Update Instructions: Run `sudo pro fix USN-7556-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: fonts-glyphicons-halflings - 1.009~3.4.1+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro libjs-bootstrap - 3.4.1+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro libjs-bootstrap4 - 4.4.1+dfsg1-2ubuntu0.1~esm1 Available with Ubuntu Pro: https://ubuntu.com/pro Medium CVE-2024-6484 CVE-2024-6531 CVE-2024-6485 Ubuntu 20.04 LTS It was discovered that the AV1 codec plugin in GStreamer could be made to write out of bounds. An attacker could possibly use this issue to cause applications using the plugin to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-50186, CVE-2024-0444) It was discovered that the H265 codec plugin in GStreamer could be made to write out of bounds. An attacker could possibly use this issue to cause applications using the plugin to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-3887) Update Instructions: Run `sudo pro fix USN-7558-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: gir1.2-gst-plugins-bad-1.0 - 1.16.3-0ubuntu1.1+esm1 gstreamer1.0-opencv - 1.16.3-0ubuntu1.1+esm1 gstreamer1.0-plugins-bad - 1.16.3-0ubuntu1.1+esm1 gstreamer1.0-plugins-bad-doc - 1.16.3-0ubuntu1.1+esm1 libgstreamer-opencv1.0-0 - 1.16.3-0ubuntu1.1+esm1 libgstreamer-plugins-bad1.0-0 - 1.16.3-0ubuntu1.1+esm1 libgstreamer-plugins-bad1.0-dev - 1.16.3-0ubuntu1.1+esm1 Available with Ubuntu Pro: https://ubuntu.com/pro High CVE-2023-50186 CVE-2024-0444 CVE-2025-3887 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 . manifest 1 2.20.11-0ubuntu27.12 7.4.3-4ubuntu1.1 3.36.1-1ubuntu0.1 3.8.2-1ubuntu1.1 1.3-1ubuntu0.1 2.3.0-6ubuntu0.1 2.3.1-9ubuntu1.1 2:4.11.6+dfsg-0ubuntu1.1 5.4.0-28.32 2.28.2-0ubuntu0.20.04.1 8.0.20-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.2 76.0+build2-0ubuntu0.20.04.1 76.0.1+build1-0ubuntu0.20.04.1 1:13.99.1-1ubuntu3.2 4.10-1ubuntu1.1 0.6.21-6ubuntu0.1 2.0.2ubuntu0.1 0.13.1+dfsg-7ubuntu0.1 0.13.1+dfsg-7ubuntu0.2 0.13.1+dfsg-7ubuntu0.3 1:2.3.7.2-1ubuntu3.1 19.11.1-0ubuntu1.1 1:9.16.1-0ubuntu2.1 4.93-13ubuntu1.1 5.4.0-1011.11 5.4.0-1012.12 5.4.0-26.30 5.4.0-31.35 5.4.0-33.37 0.102.3+dfsg-0ubuntu0.20.04.1 1:4.2-3ubuntu6.1 1:68.8.0+build2-0ubuntu0.20.04.2 1.9.4-2ubuntu1.1 7.4.3-4ubuntu2.2 20190110ubuntu1.1 2.1.1+dfsg1-0ubuntu0.20.04.1 2:2.2.12-1ubuntu0.1 77.0.1+build1-0ubuntu0.20.04.1 3.6.13-2ubuntu1.1 3.20200609.0ubuntu0.20.04.0 3.20200609.0ubuntu0.20.04.2 2.0.3-0ubuntu1.20.04.1 5.4.0-1012.12 5.4.0-1015.15 5.4.0-1016.16 5.4.0-27.31 5.4.0-37.41 3.31.1-4ubuntu0.1 1.3.9-4ubuntu0.1 0.6.21-6ubuntu0.3 2:3.49.1-1ubuntu1.1 1.12.16-2ubuntu2.1 1:9.16.1-0ubuntu2.2 1:1.3.4-2.5ubuntu3.3 1.13.2-1ubuntu0.1 7.68.0-1ubuntu2.1 1.13.2-1ubuntu0.2 390.138-0ubuntu0.20.04.1 440.100-0ubuntu0.20.04.1 5.4.0-1017.17 5.4.0-1018.18 5.4.0-1019.19 5.4.0-39.43 2.64.2-1ubuntu0.1 0.9.12+dfsg-9ubuntu0.1 78.0.1+build1-0ubuntu0.20.04.1 2:4.11.6+dfsg-0ubuntu1.3 5.8+dfsg-2ubuntu2.1 5.4.0-1013.13 5.4.0-1018.18 5.4.0-1019.19 5.4.0-1020.20 5.4.0-28.32 5.4.0-40.44 4.5.1.1-1.1ubuntu0.20.04.1 2:3.49.1-1ubuntu1.2 2.3.0-6ubuntu0.2 2:16.1.0-0ubuntu1 3.0.1-0ubuntu1.2 1:68.10.0+build1-0ubuntu0.20.04.1 2.28.3-0ubuntu0.20.04.1 78.0.2+build2-0ubuntu0.20.04.1 2.45.1+20.04.2 5.4.0-1015.15 5.4.0-1020.20 5.4.0-1021.21 5.4.0-1022.22 5.4.0-30.34 5.4.0-42.46 3.8.2-1ubuntu1.2 3.36.3-0ubuntu1.1 7.0.0-4ubuntu0.1 7:4.2.4-1ubuntu0.1 1.142.3+2.04-1ubuntu26.1 2.04-1ubuntu26.1 1.142.4+2.04-1ubuntu26.2 2.04-1ubuntu26.2 11.0.8+10-0ubuntu1~20.04 0.9.12+dfsg-9ubuntu0.2 0.102.4+dfsg-0ubuntu0.20.04.1 4.1.0-2ubuntu2.1 3.31.1-4ubuntu0.2 8.0.21-0ubuntu0.20.04.3 8.0.21-0ubuntu0.20.04.4 6.2.40~dfsg-4ubuntu0.20.04.1~esm1 79.0+build1-0ubuntu0.20.04.1 2.28.4-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.1 0.9.3-2ubuntu2.1 2.20.11-0ubuntu27.6 0.2.69ubuntu0.1 2.4.7-2+4.1ubuntu5.1 6.0.0-0ubuntu8.3 8u265-b01-0ubuntu2~20.04 2:4.11.6+dfsg-0ubuntu1.4 2:3.49.1-1ubuntu1.4 1:2.3.7.2-1ubuntu3.2 0.98.9.2 2.4.41-4ubuntu3.1 4:19.12.3-0ubuntu1.1 3.36.4-1ubuntu1~20.04.2 7.68.0-1ubuntu2.2 1:4.2-3ubuntu6.4 1:4.2-3ubuntu6.14 1:9.16.1-0ubuntu2.3 9.50~dfsg-5ubuntu4.2 1.0.29-0ubuntu5.1 5.8+dfsg-2ubuntu2.3 12.4-0ubuntu0.20.04.1 80.0+build2-0ubuntu0.20.04.1 80.0.1+build1-0ubuntu0.20.04.1 3.5-6ubuntu6.2 2:3.49.1-1ubuntu1.5 4.10-1ubuntu1.2 4.0-3ubuntu0.1~esm1 2:2.2.12-1ubuntu0.2 2.2.0+dfsg1-0ubuntu0.20.04.1 4:19.12.3-0ubuntu1.2 5.4.0-1016.17 5.4.0-1022.22 5.4.0-1023.23 5.4.0-45.49 2:1.6.9-2ubuntu1.1 2:1.20.8-2ubuntu2.3 5.4.0-1018.20 5.4.0-1024.24 5.4.0-1025.25 5.4.0-47.51 2:1.20.8-2ubuntu2.4 3.6.13-2ubuntu1.3 2:2.2.2-3ubuntu2.2 1.2.3-0ubuntu0.20.04.1 0.1.2-1+deb9u1build0.20.04.1 3.2.1-1+deb8u1build0.20.04.1 1:4.2-3ubuntu6.6 0.4.15-10ubuntu1.1 1.3.8-2+deb8u1build0.20.04.1 5.4.0-1019.21 5.4.0-1024.24 5.4.0-1025.25 5.4.0-1026.26 5.4.0-48.52 1:1.30.1-4ubuntu6.2 2:2.18.06-1+deb10u1build0.20.04.1 1.1.1+bzr982-0ubuntu32.2 1.1.13-2ubuntu1.1 0.60-1+deb10u1ubuntu1 4.6.6-2.1~0.20.04.1 81.0+build2-0ubuntu0.20.04.1 81.0.2+build1-0ubuntu0.20.04.1 1.34.2-1ubuntu1.1 8:6.9.10.23+dfsg-2.1ubuntu11.1 19.11.3-0ubuntu0.2 0.7.2-5ubuntu1.1 1.06-6.2~deb10u1build0.20.04.1 2:4.11.6+dfsg-0ubuntu1.5 2.0.7-2ubuntu0.1 1.17.0-4ubuntu0.1 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 1.0.7-6ubuntu0.1 1.25.8-2ubuntu0.1 0.14.2-4ubuntu3.1 3.22.0-5ubuntu2.1 5.4.0-1021.24 5.4.0-1026.27 5.4.0-1028.29 5.4.0-1031.32 5.4.0-51.56 7.4.3-4ubuntu2.4 19.03.8-0ubuntu1.20.04.1 5.4.0-1022.25 5.4.0-52.57 2.10.1-2ubuntu0.1 9.0.31-1ubuntu0.1 82.0+build2-0ubuntu0.20.04.1 82.0.2+build1-0ubuntu0.20.04.1 5.30.0-9ubuntu0.2 1:10.3.25-0ubuntu0.20.04.1 8.0.22-0ubuntu0.20.04.2 2.1.2-1ubuntu0.1 2.1.2-1ubuntu0.2 11.0.9+11-0ubuntu1~20.04 8u272-b10-0ubuntu1~20.04 11.0.9.1+1-0ubuntu1~20.04 8u275-b01-0ubuntu1~20.04 20201027ubuntu0.20.04.1 18-3ubuntu0.1 2:4.11.6+dfsg-0ubuntu1.6 2.8-3ubuntu0.1 3.36.3-0ubuntu0.20.04.2 0.6.55-0ubuntu12~20.04.4 0.19.0-2ubuntu0.2 3.0a-2ubuntu0.2 2.4.49+dfsg-2ubuntu1.4 2.0.3-3ubuntu4.1 0.6.21-6ubuntu0.4 82.0.3+build1-0ubuntu0.20.04.1 5.4.0-1029.31 5.4.0-53.59 3.20201110.0ubuntu0.20.04.1 3.20201110.0ubuntu0.20.04.2 3.20210216.0ubuntu0.20.04.1 2.0.15-0ubuntu1.20.04.1 1.4.2-0ubuntu1.20.04.1 12.5-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.5 1.17-6ubuntu4.1 0.9.12+dfsg-9ubuntu0.3 3.22.0-5ubuntu2.2 83.0+build2-0ubuntu0.20.04.1 1:13.99.1-1ubuntu3.8 1.13.2-1ubuntu0.3 2.30.3-0ubuntu0.20.04.1 1.1.3-2ubuntu1.20.04.1 1.1.3-2ubuntu1.20.04.2 1:4.2-3ubuntu6.10 8.0.22-0ubuntu0.20.04.3 1.3.3-0ubuntu2.1 1.3.3-0ubuntu2.2 1:1.10.9+submodules+notgz-1ubuntu0.20.04.1 2:1.20.8-2ubuntu2.6 5.4.0-1023.26 5.4.0-1028.29 5.4.0-1030.31 5.4.0-1030.32 5.4.0-1032.33 5.4.0-56.62 5.4.0-1025.28 5.4.0-1030.31 5.4.0-1032.33 5.4.0-1032.34 5.4.0-1034.35 5.4.0-58.64 1.1.1f-1ubuntu2.1 2.40.0+dfsg-3ubuntu0.1 1.1.1+bzr982-0ubuntu32.3 7.68.0-1ubuntu2.4 4.5.0-1ubuntu0.1 4.5.0-1ubuntu0.2 2.0.2ubuntu0.2 2.0.0ubuntu0.20.04.2 2.0.0ubuntu0.20.04.3 8:6.9.10.23+dfsg-2.1ubuntu11.2 84.0+build3-0ubuntu0.20.04.1 0.4.15-10ubuntu1.2 1:2.3.7.2-1ubuntu3.3 3:18.3.2-0ubuntu0.20.04.4 2.3.0-6ubuntu0.3 0.23.20-1ubuntu0.1 5.8.0-34.37~20.04.2 5.4.0-1026.29 5.4.0-1031.32 5.4.0-1033.35 5.4.0-1034.35 5.4.0-1034.36 5.4.0-1035.36 5.4.0-59.65 5.2.0-1ubuntu0.1 5.6.0-1039.43 0~20191122.bd85bf54-2ubuntu3.1 2.3.1-1ubuntu4.20.04.1 84.0.2+build1-0ubuntu0.20.04.1 390.141-0ubuntu0.20.04.1 450.102.04-0ubuntu0.20.04.1 460.32.03-0ubuntu0.20.04.1 5.4.0-1034.37 5.4.0-1035.37 5.4.0-1035.38 5.4.0-1036.38 5.4.0-60.67 5.6.0-1042.46 5.8.0-36.40~20.04.1 418.181.07-0ubuntu0.20.04.1 450.102.04-0ubuntu0.20.04.1 5.4.0-64.72 5.8.0-40.45~20.04.1 4.5.1.1-1.1ubuntu0.20.04.2 2.13.1-0ubuntu0.20.04.3 1.30+dfsg-7ubuntu0.20.04.1 5.4.0-62.70 5.8.0-38.43~20.04.1 7.0.0-4ubuntu0.2 2.80-1.1ubuntu1.2 2.80-1.1ubuntu1.3 1.2.10+dfsg-7ubuntu0.20.04.1 1.13.2-1ubuntu0.4 1.8.31-1ubuntu1.2 15.2.7-0ubuntu0.20.04.2 1.5.2-5ubuntu0.20.04.1 5.4.0-65.73 5.8.0-41.46~20.04.1 5.4.0-1028.31 5.4.0-1032.33 5.4.0-1036.39 5.4.0-1037.39 5.4.0-1037.40 5.4.0-1039.41 1.4.11.1-1ubuntu0.1 2:2.2.12-1ubuntu0.3 8.0.23-0ubuntu0.20.04.1 85.0+build1-0ubuntu0.20.04.1 85.0.1+build1-0ubuntu0.20.04.1 20210119~20.04.1 2.20.11-0ubuntu27.16 1.6.5-0ubuntu0.2 1.2.1+dfsg-1ubuntu0.20.04.1 1:1.10.9+submodules+notgz-1ubuntu0.20.04.2 2.4.49+dfsg-2ubuntu1.6 1:4.2-3ubuntu6.12 11.0.10+9-0ubuntu1~20.04 8u282-b08-0ubuntu1~20.04 5.6.0-1047.51 5.8.0-43.49~20.04.1 2.48.3+20.04 2.13.1-0ubuntu0.20.04.4 4.12-8ubuntu0.20.04.1 0.2.3-2ubuntu0.1 0.2.3-2ubuntu0.2 2:2.9-1ubuntu4.2 12.6-0ubuntu0.20.04.1 1:9.16.1-0ubuntu2.6 1.1.1f-1ubuntu2.2 2.30.5-0ubuntu0.20.04.1 1.3.2-4ubuntu0.1 2:2.2.12-1ubuntu0.4 2.40.0+dfsg-3ubuntu0.2 2.4.49+dfsg-2ubuntu1.7 353-1ubuntu1.20.04.2 4.8.0-1ubuntu0.1 5.4.0-1010.11 5.4.0-1029.32 5.4.0-1033.34 5.4.0-1037.40 5.4.0-1038.40 5.4.0-1038.41 5.4.0-1040.42 5.4.0-66.74 5.8.0-44.50~20.04.1 5.6.0-1048.52 5.10.0-1014.15 3.8.5-1~20.04.2 2.7.18-1~20.04.1 4.1.0+git191117-2ubuntu0.20.04.1 86.0+build3-0ubuntu0.20.04.1 2:2.9-1ubuntu4.3 1.14.3-2ubuntu2~20.04.2 2.64.6-1~ubuntu20.04.2 1.4.4+dfsg-3ubuntu0.1 1:2.25.1-1ubuntu3.1 1:8.2p1-4ubuntu0.2 7.0.0-4ubuntu0.3 2.64.6-1~ubuntu20.04.3 1:4.0.17+dfsg-1ubuntu0.1~esm1 19.05.5-1ubuntu0.1~esm1 2.9.0dev.5-1ubuntu0.1~esm1 4:4.9.5+dfsg1-2ubuntu0.1~esm1 1:2.1.51-0ubuntu1+esm1 2.17.5-1ubuntu1+esm1 1.10.7-1ubuntu0.1~esm1 5.4.0-1011.12 5.4.0-1030.33 5.4.0-1034.35 5.4.0-1038.41 5.4.0-1039.41 5.4.0-1039.42 5.4.0-1041.43 5.4.0-67.75 5.8.0-45.51~20.04.1 1.3.3-0ubuntu2.3 2.7.0-5ubuntu1.3 5.10.0-1017.18 2.3.1+dfsg-1ubuntu2.1 3.0.28-2ubuntu0.1 5.10.0-1019.20 5.4.0-1012.13 5.4.0-1032.35 5.4.0-1036.37 5.4.0-1040.43 5.4.0-1041.43 5.4.0-1041.44 5.4.0-1043.45 5.4.0-70.78 5.6.0-1052.56 5.8.0-48.54~20.04.1 2:2.0.10-0ubuntu0.20.04.3 1.1.1f-1ubuntu2.3 11.0.11+9-0ubuntu2~20.04 8u292-b10-0ubuntu1~20.04 87.0+build3-0ubuntu0.20.04.2 2.30.6-0ubuntu0.20.04.1 4.10-1ubuntu1.3 4.5.0-1ubuntu0.3 2.3.1+dfsg-1ubuntu2.2 7.68.0-1ubuntu2.5 3.4.4-1ubuntu1.1 2.3.0-6ubuntu0.5 2:2.2.12-1ubuntu0.5 2:1.20.9-2ubuntu1.2~20.04.2 3.5.1+really3.5.1-2ubuntu0.1 5.4.0-1013.14 5.4.0-1033.36 5.4.0-1037.38 5.4.0-1041.44 5.4.0-1042.45 5.4.0-1043.45 5.4.0-1044.46 5.4.0-71.79 5.8.0-49.55~20.04.1 5.10.0-1021.22 5.6.0-1053.57 1.9.1~dfsg-1ubuntu0.20.04.1 5.6.0-1054.58 5.6.0-1055.59 5.10.0-1022.23 5.4.0-1014.15 5.4.0-1034.37 5.4.0-1038.39 5.4.0-1042.45 5.4.0-1043.46 5.4.0-1045.47 5.4.0-1046.48 5.4.0-72.80 5.8.0-50.56~20.04.1 0.103.2+dfsg-0ubuntu0.20.04.1 0.103.2+dfsg-0ubuntu0.20.04.2 4.3.2-2ubuntu1.20.04.1~esm2 0.99.beta19-2.1ubuntu1.20.04.1 2.7.0-5ubuntu1.4 0~20191122.bd85bf54-2ubuntu3.2 3.0.4+dfsg1-1ubuntu0.1 88.0+build2-0ubuntu0.20.04.1 3.36.3-0ubuntu1.1 1.16.2-1ubuntu2.1 1:9.16.1-0ubuntu2.8 2:4.11.6+dfsg-0ubuntu1.8 2:2.2.12-1ubuntu0.6 2.4.7-1ubuntu2.20.04.2 4.93-13ubuntu1.5 390.143-0ubuntu0.20.04.1 418.197.02-0ubuntu0.20.04.1 450.119.03-0ubuntu0.20.04.1 460.73.01-0ubuntu0.20.04.1 1:78.8.1+build1-0ubuntu0.20.04.1 0.2.3-2ubuntu0.3 0.2.3-2ubuntu0.4 1.9.4-2ubuntu1.2 2.32.0-0ubuntu0.20.04.1 5.3.1-1ubuntu0.1 0.27.2-8ubuntu2.2 88.0.1+build1-0ubuntu0.20.04.2 1.4.11.1-1ubuntu0.2 1:10.3.29-0ubuntu0.20.04.1 1:10.3.30-0ubuntu0.20.04.1 5.4.0-1015.16 5.4.0-1039.40 5.4.0-1043.45 5.4.0-1043.46 5.4.0-1045.49+1 5.4.0-1047.49 5.4.0-1048.50 5.4.0-73.82 5.4.0-1035.38 5.6.0-1056.60 5.10.0-1026.27 5.8.0-53.60~20.04.1 1.6.5-0ubuntu0.3 8.0.25-0ubuntu0.20.04.1 7.6+dfsg-2ubuntu0.20.04.1 0.25.1-2ubuntu1.1 3.5.27.1-14ubuntu0.1 0.4.21-7ubuntu0.20.04.1 1.16.2-4ubuntu0.1 1.0.0~rc93-0ubuntu1~20.04.2 20.0.2-5ubuntu1.5 2.6.0+dfsg.1-1ubuntu2.2 7.0.0-4ubuntu0.4 0.27.2-8ubuntu2.4 2.20.11-0ubuntu27.18 2:1.6.9-2ubuntu1.2 1.18.0-0ubuntu1.2 1.9.2-2ubuntu0.20.04.1 4.4.1-2.1ubuntu5.20.04.2 1.2.3-0ubuntu0.20.04.2 0.6.1-2ubuntu0.20.04.1 12.7-0ubuntu0.20.04.1 3.8.5-1~20.04.3 3.8.10-0ubuntu1~20.04.1 2.6.0-7ubuntu1.2 2:2.2.12-1ubuntu0.7 2.80-1.1ubuntu1.4 89.0+build2-0ubuntu0.20.04.2 0.105-26ubuntu1.1 4.10-1ubuntu1.4 5.4.0-1016.17 5.4.0-1036.39 5.4.0-1040.41 5.4.0-1044.46 5.4.0-1044.47 5.4.0-1046.50 5.4.0-1048.50 5.4.0-1049.51 5.4.0-74.83 5.10.0-1029.30 5.8.0-55.62~20.04.1 3.20210608.0ubuntu0.20.04.1 11.88-1ubuntu0.1 8:6.9.10.23+dfsg-2.1ubuntu11.4 5.53-0ubuntu3.2 3.5.1+really3.5.1-2ubuntu0.2 2.9.10+dfsg-5ubuntu0.20.04.1 1.167.2+2.04-1ubuntu44.2 2.04-1ubuntu44.2 1:2.3.7.2-1ubuntu3.4 2.4.41-4ubuntu3.3 1:78.11.0+build1-0ubuntu0.20.04.2 15.2.12-0ubuntu0.20.04.1 5.8.0-1033.34~20.04.1 5.8.0-1035.37~20.04.1 5.8.0-1036.38~20.04.1 5.8.0-1038.40~20.04.1 5.8.0-59.66~20.04.1 5.4.0-1018.19 5.4.0-1038.41 5.4.0-1046.48 5.4.0-1046.49 5.4.0-1048.52 5.4.0-1051.53 5.4.0-77.86 5.4.0-1041.42 5.10.0-1033.34 3.8.2-0ubuntu1.3 7.4.3-4ubuntu2.5 1.34.2-1ubuntu1.3 0.7-4ubuntu7.1 4.1.0-2ubuntu2.2 1:4.2-3ubuntu6.17 90.0+build1-0ubuntu0.20.04.1 1.5.2-0ubuntu1~20.04.2 245.4-4ubuntu3.10 5.10.0-1038.40 5.8.0-1037.38~20.04.1 5.8.0-1038.40~20.04.1 5.8.0-1039.42~20.04.1 5.8.0-1041.43~20.04.1 5.8.0-63.71~20.04.1 5.4.0-1021.22 5.4.0-1041.45 5.4.0-1044.46 5.4.0-1049.52 5.4.0-1049.53 5.4.0-1052.56 5.4.0-1054.57 5.4.0-1055.57 5.4.0-80.90 390.144-0ubuntu0.20.04.1 418.211.00-0ubuntu0.20.04.1 450.142.00-0ubuntu0.20.04.1 460.91.03-0ubuntu0.20.04.1 470.57.02-0ubuntu0.20.04.1 2.7.0-5ubuntu1.5 7.68.0-1ubuntu2.6 8.0.26-0ubuntu0.20.04.2 1:10.3.31-0ubuntu0.20.04.1 0.60.8-1ubuntu0.1 2.32.3-0ubuntu0.20.04.1 1.0.28-7ubuntu0.1 9.1.1-1ubuntu0.1 1:1.10.9+submodules+notgz-1ubuntu0.20.04.3 0.27.2-8ubuntu2.5 3.6.13-2ubuntu1.6 1.643-1ubuntu0.1 20.10.7-0ubuntu1~20.04.1 1.15.0-1ubuntu0.1 3.20-8ubuntu0.4 0.4.2.7-1ubuntu0.1~esm1 91.0+build2-0ubuntu0.20.04.1 91.0.2+build1-0ubuntu0.20.04.1 12.8-0ubuntu0.20.04.1 2.0.13-2ubuntu0.2 0.27.2-8ubuntu2.6 0.27.2-8ubuntu2.7 5.4.0-1022.23 5.4.0-1042.46 5.4.0-1045.47 5.4.0-1051.54 5.4.0-1051.55 5.4.0-1053.57 5.4.0-1055.58 5.4.0-1056.58 5.4.0-81.91 5.11.0-27.29~20.04.1 91.0.1+build1-0ubuntu0.20.04.1 2:1.9.4-11ubuntu0.1 5.8.0-1038.39~20.04.1 5.8.0-1039.41 5.8.0-1040.43~20.04.1 5.8.0-1042.44~20.04.1 1.1.1f-1ubuntu2.8 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2 0.9.3-2ubuntu2.2 0.3.12-1ubuntu0.1 1:4.4-1ubuntu0.1 1:78.13.0+build1-0ubuntu0.20.04.2 1:2017.3.23AR.3-3ubuntu1.1 2.0.13-2ubuntu0.3 2.13+dfsg-2ubuntu0.3 2.13.3-0ubuntu0.20.04.2 4.9.0-0ubuntu3.1 2.2.3-3ubuntu0.7 2.2.5-5.2ubuntu2.1 0.16.0-1ubuntu0.1 5.11.0-1015.16~20.04.1 5.11.0-1017.18~20.04.1 5.11.0-34.36~20.04.1 5.4.0-1023.24 5.4.0-1046.48 5.4.0-1052.55 5.4.0-1052.56 5.4.0-1054.58 5.4.0-1056.59 5.4.0-1058.60 5.4.0-84.94 5.4.0-1043.47 5.10.0-1045.47 5.8.0-1041.44~20.04.1 92.0+build3-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.3 1:2.25.1-1ubuntu3.2 2.20.11-0ubuntu27.20 1:4.4-1ubuntu0.2 1:4.4-1ubuntu0.3 7.68.0-1ubuntu2.7 1.8.5-5ubuntu1.1 5.13.0-1012.16 4.1.0+git191117-2ubuntu0.20.04.2 5.11.0-36.40~20.04.1 5.4.0-86.97 2.32.4-0ubuntu0.20.04.1 0~20191122.bd85bf54-2ubuntu3.3 20210119~20.04.2 2.4.41-4ubuntu3.5 2.4.41-4ubuntu3.6 5.4.0-1024.25 5.4.0-1047.49 5.4.0-1053.56 5.4.0-1053.57 5.4.0-1055.59 5.4.0-1057.60 5.4.0-1059.62 5.4.0-88.99 5.4.0-1044.48 5.4.0-1061.64 5.11.0-1019.20~20.04.1 5.11.0-1017.18~20.04.1 5.11.0-1019.20~20.04.1 5.11.0-37.41~20.04.2 5.11.0-1019.20~20.04.1 2:8.1.2269-1ubuntu5.3 2.6-2ubuntu0.20.04.1 5.13.0-1014.18 1.6.9+ds-1ubuntu0.1 1.6.1-1ubuntu0.1 1.5.2-0ubuntu1~20.04.3 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3 20.10.7-0ubuntu1~20.04.2 4.10-1ubuntu1.5 0.12.15-2.1ubuntu0.1 5.10.0-1049.51 93.0+build1-0ubuntu0.20.04.1 1.5-2ubuntu0.1 1:5.12.0-3ubuntu4.1 5.8.2-1ubuntu3.3 5.11.0-1020.21~20.04.1 5.11.0-1020.21~20.04.2 5.11.0-1021.23~20.04.1 5.11.0-38.42~20.04.1 5.10.0-1050.52 5.4.0-1020.23 5.4.0-1048.50 5.4.0-89.100 5.4.0-1006.7 5.4.0-1025.26 5.4.0-1045.49 5.4.0-1054.57 5.4.0-1056.60 5.4.0-1058.61 5.4.0-1062.65 5.13.0-1017.21 0.99.beta19-2.1ubuntu1.20.04.2 5.8.0-1043.46~20.04.1 1:2.1.29-1ubuntu3.1 2.20.11-0ubuntu27.21 8.0.27-0ubuntu0.20.04.1 2.34-6ubuntu1.3 7.4.3-4ubuntu2.7 1:9.16.1-0ubuntu2.9 2.34.1-0ubuntu0.20.04.1 94.0+build3-0ubuntu0.20.04.1 20.10.7-0ubuntu5~20.04.2 5.11.0-1021.22~20.04.1 5.11.0-1021.22~20.04.2 5.11.0-1022.24~20.04.1 5.11.0-40.44~20.04.2 5.13.0-1019.23 5.4.0-1007.8 5.4.0-1026.27 5.4.0-1049.51 5.4.0-1055.58 5.4.0-1057.61 5.4.0-1059.62 5.4.0-1063.66 5.4.0-90.101 5.4.0-1021.24 5.4.0-1046.50 5.4.0-1057.61 1.8.1-1ubuntu0.1 5.10.0-1051.53 5.14.0-1007.7 0.9.62-3ubuntu0.1 2:4.13.14+dfsg-0ubuntu0.20.04.1 2:4.13.14+dfsg-0ubuntu0.20.04.3 2:4.13.14+dfsg-0ubuntu0.20.04.4 12.9-0ubuntu0.20.04.1 1:78.14.0+build1-0ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.4 1.3.18-2ubuntu0.1 0.6.55-0ubuntu12~20.04.5 1:2.1.29-1ubuntu3.1+esm1 0.9+LibO6.4.7-0ubuntu0.20.04.2 1.2.0+LibO6.4.7-0ubuntu0.20.04.2 1:6.4.7-0ubuntu0.20.04.2 2:102.11+LibO6.4.7-0ubuntu0.20.04.2 2.2.0+dfsg1-0ubuntu0.20.04.2 5.53-0ubuntu3.4 66.1-2ubuntu2.1 1.2.4-1ubuntu0.1 3:4.8.24-2ubuntu1+esm1 5.11.0-1022.23~20.04.1 5.11.0-1023.25~20.04.1 5.11.0-41.45~20.04.1 5.13.0-1020.24 5.4.0-1008.9 5.4.0-1022.25 5.4.0-1027.28 5.4.0-1047.52 5.4.0-1050.52 5.4.0-1056.59 5.4.0-1058.62 5.4.0-1060.63 5.4.0-1064.67 5.4.0-91.102 5.14.0-1008.8 2:3.49.1-1ubuntu1.6 1:78.14.0+build1-0ubuntu0.20.04.2 0.34.4-1ubuntu0.1~esm1 1:10.3.32-0ubuntu0.20.04.1 1:4.2.8p12+dfsg-3ubuntu4.20.04.1+esm1 2:1.9.4-11ubuntu0.1+esm1 2:2.2.12-1ubuntu0.8 1:1.30.1-4ubuntu6.4 1.12.1+dfsg-5ubuntu0.20.04.1~esm3 1.4.3+dfsg.1-1ubuntu0.1~esm2 1.0~dfsg0-1ubuntu0.1~esm1 1.5.17-3ubuntu0.1~esm1 95.0+build1-0ubuntu0.20.04.1 95.0.1+build2-0ubuntu0.20.04.1 3.1.3-1ubuntu0.1~esm1 1:2.0.19-2ubuntu0.1 1.4+really1.3.35-1ubuntu0.1~esm1 1.6.5-0ubuntu0.4 2.15.0-0.20.04.1 2:1.20.13-1ubuntu1~20.04.2 3.1.3+dfsg-2ubuntu0.1~esm1 1.3.0+dfsg-1ubuntu0.1 2.16.0-0.20.04.1 1.9.7-1ubuntu0.2 3.8.10-0ubuntu1~20.04.2 3.9.5-3ubuntu0~20.04.1 11.0.13+8-0ubuntu1~20.04 8u312-b07-0ubuntu1~20.04 2.17.0-0.20.04.1 2:2.2.12-1ubuntu0.9 4.3.2-1ubuntu0.1~esm2 5.14.0-1013.13 5.10.0-1053.55 5.11.0-1023.24~20.04.1 5.11.0-1024.26~20.04.1 5.11.0-44.48~20.04.2 5.4.0-1010.11 5.4.0-1023.26 5.4.0-1029.30 5.4.0-1048.53 5.4.0-1051.53 5.4.0-1057.60 5.4.0-1059.63 5.4.0-1061.64 5.4.0-1065.68 5.4.0-92.103 5.4.0-1060.64 5.4.0-94.106 2.4.41-4ubuntu3.9 2.34.3-0ubuntu0.20.04.1 1.2.10+ds1-1ubuntu1+esm1 3.4.5-2ubuntu0.1~esm1 2.8.5-1ubuntu0.1~esm1 5.14.0-1018.19 5.13.0-1026.32 5.10.0-1055.58 5.11.0-1025.27~20.04.1 5.11.0-1026.29~20.04.1 5.11.0-46.51~20.04.1 1.10.1-1ubuntu0.1~esm1 5:5.0.7-2ubuntu0.1+esm1 2.17.1-0.20.04.1 1.2.17-9ubuntu0.1 9.50~dfsg-5ubuntu4.5 4.5.0-1ubuntu0.5 245.4-4ubuntu3.15 7.0.0-4ubuntu0.5 7.0.0-4ubuntu0.6 96.0+build2-0ubuntu0.20.04.1 1.7044-1ubuntu0.1~esm1 1.4.3.6-2ubuntu0.1~esm1 0.11.1-1ubuntu0.1~esm1 0.103.5+dfsg-1~20.04.1 2.7.0-5ubuntu1.6 19.09+dfsg-2ubuntu0.1~esm1 42.2.10-1ubuntu0.1~esm1 4.5.11-1ubuntu0.1~esm1 5.10.0-1057.61 5.11.0-1027.30~20.04.1 5.11.0-1028.32~20.04.1 5.13.0-1028.35 5.14.0-1020.22 5.4.0-1012.13 5.4.0-1025.28 5.4.0-1031.32 5.4.0-1050.56 5.4.0-1053.55 5.4.0-1059.62 5.4.0-1061.65 5.4.0-1062.66 5.4.0-1063.66 5.4.0-1067.70 5.4.0-96.109 0.16.1-1ubuntu0.1 1.12.16-2ubuntu2.2 3.6.3-1ubuntu0.1~esm1 2:8.1.2269-1ubuntu5.6 1:91.5.0+build1-0ubuntu0.20.04.1 2.0-21-g6fe2f4f-2ubuntu0.20.04.1 5.8.2-1ubuntu3.4 0.4.22-3ubuntu0.1~esm1 0.105-26ubuntu1.2 2.0.7-2ubuntu0.1+esm1 2.34.4-0ubuntu0.20.04.1 0.9.3-2ubuntu0.1~esm2 1.7.0-4.1ubuntu1+esm1 2.8-1ubuntu0.1~esm1 2:4.13.17~dfsg-0ubuntu0.21.04.1 5.11.0-1028.31~20.04.1 5.11.0-1028.31~20.04.2 5.11.0-1029.33~20.04.3 5.13.0-1012.13~20.04.1 5.13.0-1029.36 5.13.0-28.31~20.04.1 5.4.0-1061.64 5.4.0-1013.14 5.4.0-1026.29 5.4.0-1032.33 5.4.0-1054.56 5.4.0-1062.66 5.4.0-1063.67 5.4.0-1064.67 5.4.0-1068.71 5.4.0-97.110 5.4.0-1014.15 5.4.0-1033.34 5.4.0-1055.57 5.4.0-1062.65 5.4.0-1063.67 5.4.0-1064.68 5.4.0-1065.68 5.4.0-1069.72 5.4.0-99.112 5.4.0-1052.58 2:2.2.12-1ubuntu0.10 8.0.28-0ubuntu0.20.04.3 4.7.6-1ubuntu0.1~esm1 1.10.4+repack-11ubuntu1+esm1 4.14.2.1+dfsg1-1ubuntu0.1~esm1 2.0.10+dfsg1-3ubuntu0.1~esm1 5.53-0ubuntu3.5 450.172.01-0ubuntu0.20.04.1 470.103.01-0ubuntu0.20.04.1 510.47.03-0ubuntu0.20.04.1 5.14.0-1022.24 1:2.34-0.1ubuntu9.3 2.34-0.1ubuntu9.3 1.2~rc1.2-1.1ubuntu1.20.04.1 0.20.0-3ubuntu0.1~esm1 0.19-1ubuntu0.1~esm1 4.4.10+ds1-2ubuntu1+esm1 97.0+build2-0ubuntu0.20.04.1 2:2.2.2-3ubuntu2.4 2.2.9-1ubuntu0.2 4.3.8+dfsg-1ubuntu1+esm1 3.4.0-2ubuntu1.1 2.54.3+20.04 2.54.3+20.04.1 2.54.3+20.04.1ubuntu0.2 0.9.1.2-10ubuntu0.20.04.1 5.4.0-100.113 5.4.0-1015.16 5.4.0-1028.31 5.4.0-1034.35 5.4.0-1053.60 5.4.0-1056.58 5.4.0-1064.68 5.4.0-1065.69 5.4.0-1066.69 5.4.0-1070.73 5.4.0-1070.73+cvm1.1 5.13.0-30.33~20.04.1 5.13.0-1014.15~20.04.1 5.13.0-1018.22~20.04.1 5.4.0-1063.66 7.4.3-4ubuntu2.10 2.1.27+dfsg-2ubuntu0.1 5.14.0-1024.26 7.4.3-4ubuntu2.9 0.105-26ubuntu1.3 1:10.3.34-0ubuntu0.20.04.1 2.34.6-0ubuntu0.20.04.1 1:4.2-3ubuntu6.21 0.8.2-1ubuntu1.1 2.31-0ubuntu9.7 1.5.5-0ubuntu3~20.04.2 1.5.9-0ubuntu1~20.04.4 2.0.13-2ubuntu0.5 11.0.14+9-0ubuntu2~20.04 17.0.2+8-1~20.04 11.0.14.1+1-0ubuntu1~20.04 97.0.2+build1-0ubuntu0.20.04.1 2.9.6+dfsg-1ubuntu0.1~esm1 5:5.0.7-2ubuntu0.1 5.13.0-1017.19~20.04.1 5.13.0-1019.23~20.04.1 5.13.0-1021.26~20.04.1 5.13.0-35.40~20.04.1 5.14.0-1027.30 5.4.0-1017.19 5.4.0-1030.33 5.4.0-1036.37 5.4.0-104.118 5.4.0-1055.62 5.4.0-1058.61 5.4.0-1065.68 5.4.0-1066.71 5.4.0-1067.71 5.4.0-1068.72 5.4.0-1072.75 5.4.0-1072.75+cvm1.1 2.2.9-1ubuntu0.4 98.0+build3-0ubuntu0.20.04.2 98.0.1+build2-0ubuntu0.20.04.1 98.0.2+build1-0ubuntu0.20.04.1 1:3.20-1ubuntu0.1 2.9.10+dfsg-5ubuntu0.20.04.2 5.8-3ubuntu1.1 1.1.1f-1ubuntu2.12 1.30+dfsg-7ubuntu0.20.04.2 0.9+LibO6.4.7-0ubuntu0.20.04.4 1.2.0+LibO6.4.7-0ubuntu0.20.04.4 1:6.4.7-0ubuntu0.20.04.4 2:102.11+LibO6.4.7-0ubuntu0.20.04.4 4.9.3-4ubuntu0.1 1:9.16.1-0ubuntu2.10 2.4.41-4ubuntu3.10 5.13.0-1019.21~20.04.1 5.13.0-1021.25~20.04.1 5.13.0-37.42~20.04.1 5.4.0-1018.20 5.4.0-1037.38 5.4.0-105.119 5.4.0-1056.63 5.4.0-1059.62 5.4.0-1066.69 5.4.0-1067.72 5.4.0-1068.72 5.4.0-1069.73 5.4.0-1073.76 5.4.0-1073.76+cvm1.1 4.12.1+dfsg-1ubuntu0.1 3.8.10-0ubuntu1~20.04.4 2.7.18-1~20.04.3+esm1 1:91.7.0+build2-0ubuntu0.20.04.1 5.14.0-1029.32 2.4.7-1ubuntu2.20.04.4 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1 2.6.0-2ubuntu0.1 5.14.0-1031.34 18.9.0-11ubuntu0.20.04.2 1:1.2.11.dfsg-2ubuntu1.3 5.13.0-39.44~20.04.1 5.4.0-1061.64 5.4.0-1069.75 5.4.0-107.121 5.4.0-1071.76 5.4.0-1074.77 5.13.0-1021.23~20.04.2 5.13.0-1023.28~20.04.1 5.4.0-1019.21 5.4.0-1038.39 5.4.0-1058.65 5.4.0-1067.70 5.4.0-1069.73 5.4.0-1074.77+cvm1.1 3.1.3-8ubuntu0.3 9.0.31-1ubuntu0.2 5.13.0-1010.10 1.4.1-1ubuntu0.1 1.4.197-4+deb10u1build0.20.04.1 1.0.8-2ubuntu0.1 3.1.0-1.2ubuntu0.1~esm1 5.13.0-1021.24~20.04.1 5.13.0-1025.30~20.04.1 4.1.1-0ubuntu1.1 99.0+build2-0ubuntu0.20.04.2 1.18.0-0ubuntu1.3 1.13.0-3ubuntu0.1 2:2.2.12-1ubuntu0.11 3.4.0-2ubuntu1.2 1:2.25.1-1ubuntu3.3 1:2.25.1-1ubuntu3.4 5.4.0-1032.35 1.10-0ubuntu4.1 5.2.4-1ubuntu1.1 2.0.7-1ubuntu5.1 5.0-6ubuntu1.2 5.14.0-1033.36 1.15.5-1ubuntu0.3 5.13.0-1011.11 5.13.0-1022.24~20.04.1 5.13.0-1022.26~20.04.1 5.13.0-1024.29~20.04.1 5.13.0-1027.32~20.04.1 5.13.0-40.45~20.04.1 5.4.0-1020.22 5.4.0-1039.40 5.4.0-1059.67 5.4.0-1062.65 5.4.0-1068.71 5.4.0-1070.76 5.4.0-1072.77 5.4.0-1076.79+cvm1.1 5.4.0-1077.80 5.4.0-109.123 3.6.2-1ubuntu0.1~esm1 1:10.1.0-0ubuntu2.1 11.0.15+10-0ubuntu0.20.04.1 17.0.3+7-0ubuntu0.20.04.1 3.0-1ubuntu0.1 1.13.2-1ubuntu0.5 1:91.8.1+build1-0ubuntu0.20.04.1 2.36.0-0ubuntu0.20.04.3 2.1-2~ubuntu20.04.2 2.1-2~ubuntu20.04.3 7.68.0-1ubuntu2.10 6.0.0-0ubuntu8.16 8.0.29-0ubuntu0.20.04.2 8.0.29-0ubuntu0.20.04.3 19.11.12-0ubuntu0.20.04.1 1.1.1f-1ubuntu2.13 3.31.1-4ubuntu0.3 8.2001.0-1ubuntu1.3 2.80-1.1ubuntu1.5 2:3.49.1-1ubuntu1.7 100.0+build2-0ubuntu0.20.04.1 7.68.0-1ubuntu2.11 5.4.0-1021.23 5.4.0-1040.41 5.4.0-1060.68 5.4.0-1063.66 5.4.0-1071.76 5.4.0-1071.77 5.4.0-1073.78 5.4.0-1078.81 5.4.0-1078.81+cvm1.1 5.4.0-110.124 5.14.0-1036.40 5.13.0-1023.25~20.04.1 5.13.0-1023.27~20.04.1 5.13.0-1025.30~20.04.1 5.13.0-41.46~20.04.1 4.1.0+git191117-2ubuntu0.20.04.3 2.9.10+dfsg-5ubuntu0.20.04.3 0.103.6+dfsg-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.9 2:8.39-12ubuntu0.1 3.4-6ubuntu0.1 2.20.11-0ubuntu27.24 100.0.2+build1-0ubuntu0.20.04.1 1:91.9.1+build1-0ubuntu0.20.04.1 1.9.7-1ubuntu0.3 12.11-0ubuntu0.20.04.1 2.36.2-0ubuntu0.20.04.1 5.4.0-1023.25 5.4.0-1065.68 5.4.0-1072.77 5.4.0-1075.80 5.4.0-1080.83 5.4.0-1080.83+cvm1.1 5.4.0-113.127 5.4.0-1036.39 5.4.0-1043.44 5.4.0-1062.70 5.4.0-1073.79 5.13.0-1025.27~20.04.1 5.13.0-1025.29~20.04.1 5.13.0-44.49~20.04.1 5.13.0-1027.32~20.04.1 5.13.0-1030.35~20.04.1 5.14.0-1038.42 1.13.0-3ubuntu0.2 1.19.7ubuntu3.2 1.6.4-1+deb10u1build0.20.04.1 2.3.1-9ubuntu1.2 1.2-4ubuntu0.20.04.1~esm1 2.36.3-0ubuntu0.20.04.1 2:6.9-1ubuntu0.2 2.2.0+dfsg1-0ubuntu0.20.04.3 2.7.0-5ubuntu1.7 1:2017.3.23AR.3-3ubuntu1.2 1.45.5-2ubuntu1.1 2.0-1.45.5-2ubuntu1.1 2.1-1.45.5-2ubuntu1.1 5.4.0-1026.29 5.4.0-1046.48 5.4.0-1065.75 5.4.0-1068.72 5.4.0-1074.79 5.4.0-1076.83 5.4.0-1078.84 5.4.0-1083.87 5.4.0-1083.87+cvm1.1 5.4.0-117.132 5.13.0-1014.15 5.13.0-1028.31~20.04.1 5.13.0-1028.33~20.04.1 5.13.0-1030.36~20.04.1 5.13.0-1033.39~20.04.1 5.13.0-48.54~20.04.1 5.14.0-1042.47 7:4.2.7-0ubuntu0.1 20211016~20.04.1 6.2.1-2ubuntu0.1 6.2.1-2ubuntu0.2 101.0.1+build1-0ubuntu0.20.04.1 3.12.0-3ubuntu0.1 7.4.3-4ubuntu2.12 5.53-0ubuntu3.6 3.2.7-1ubuntu0.1 2.5.1-1ubuntu0.1 5.13.0-1017.19 5.13.0-1031.35~20.04.1 5.13.0-1031.37~20.04.1 5.13.0-1033.40~20.04.1 5.13.0-1036.43~20.04.1 5.13.0-51.58~20.04.1 5.4.0-1028.32 5.4.0-1048.51 5.4.0-1070.75 5.4.0-1076.82 5.4.0-1078.86 5.4.0-1080.87 5.4.0-1085.90 5.4.0-1085.90+cvm1.1 5.4.0-120.136 5.14.0-1044.49 3.20220510.0ubuntu0.20.04.1 2.4.41-4ubuntu3.12 1.1.1f-1ubuntu2.15 1:4.2-3ubuntu6.23 4.10-1ubuntu1.6 5.4.0-121.137 5.13.0-52.59~20.04.1 7.68.0-1ubuntu2.12 22.2-0ubuntu1~20.04.3 2:2.2.12-1ubuntu0.12 1.1.1f-1ubuntu2.16 2.2.19-3ubuntu2.2 102.0+build2-0ubuntu0.20.04.1 2:3.49.1-1ubuntu1.8 3.2.0-4ubuntu2.1 1:2.3.7.2-1ubuntu3.6 2:1.20.13-1ubuntu1~20.04.3 1:2.25.1-1ubuntu3.5 1:91.11.0+build2-0ubuntu0.20.04.1 5.4.0-1029.33 5.4.0-1049.52 5.4.0-1066.76 5.4.0-1071.76 5.4.0-1078.84 5.4.0-1079.87 5.4.0-1081.88 5.4.0-1084.92 5.4.0-1086.91 5.4.0-1086.91+cvm1.1 5.4.0-122.138 5.14.0-1045.51 2.7.18-1~20.04.3 3.8.10-0ubuntu1~20.04.5 6.06-1ubuntu0.1 2.36.4-0ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.4 2.6.4-1ubuntu4.2 2.0.10-2+deb11u1build0.20.04.1 1.7.1-2ubuntu2.1 2.10.1-2ubuntu0.2 1.3.3-1ubuntu0.1 0.12.15-2.1ubuntu0.2 103.0+build1-0ubuntu0.20.04.1 8.0.30-0ubuntu0.20.04.2 1.2.5-1ubuntu0.1 5.4.0-1042.47 2:4.13.17~dfsg-0ubuntu1.20.04.1 5.8+dfsg-2ubuntu2.4 5.15.0-43.46~20.04.1 5.14.0-1046.53 11.0.16+8-0ubuntu1~20.04 17.0.4+8-1~20.04 8u342-b07-0ubuntu1~20.04 390.154-0ubuntu0.20.04.1 450.203.03-0ubuntu0.20.04.1 470.141.03-0ubuntu0.20.04.1 510.85.02-0ubuntu0.20.04.1 515.65.01-0ubuntu0.20.04.1 2.9.10+dfsg-5ubuntu0.20.04.4 2:2.2.12-1ubuntu0.13 3.6.13-2ubuntu1.7 4.6.8-1ubuntu3.1 1.9.8.2-1ubuntu0.20.04.1 2.40.0+dfsg-3ubuntu0.3 1.16.3-0ubuntu1.1 1.0-174-gce9f821-1ubuntu0.2 2.24.0+ds-2ubuntu0.1 3.36.4-0ubuntu2 5.4.0-1031.35 5.4.0-1044.49 5.4.0-1051.54 5.4.0-1068.78 5.4.0-1073.78 5.4.0-1080.86 5.4.0-1081.89 5.4.0-1083.90 5.4.0-1086.94 5.4.0-1089.94 5.4.0-124.140 5.15.0-46.49~20.04.1 5.15.0-1014.17~20.04.1 5.15.0-1016.21~20.04.1 5.15.0-1017.20~20.04.1 5.15.0-1017.21~20.04.1 5.14.0-1048.55 2.36.6-0ubuntu0.20.04.1 1.9.4-2ubuntu1.3 1:1.2.11.dfsg-2ubuntu1.5 12.12-0ubuntu0.20.04.1 3.1.3-8ubuntu0.4 4.93-13ubuntu1.6 1.1.34-4ubuntu0.20.04.1 5.14.0-1049.56 2:11.3.0-2ubuntu0~ubuntu20.04.3 104.0+build3-0ubuntu0.20.04.1 5.4.0-1089.94+cvm1.2 1.6.10-9ubuntu0.1 6.0.3-2ubuntu0.1 7.68.0-1ubuntu2.13 5.4.0-1069.79 5.4.0-125.141 5.14.0-1050.57 5.4.0-1032.36 5.4.0-1045.50 5.4.0-1052.55 5.4.0-1074.79 5.4.0-1081.87 5.4.0-1082.90 5.4.0-1084.91 5.4.0-1087.95 5.4.0-1090.95 5.15.0-1015.18~20.04.1 5.15.0-1017.23~20.04.2 5.15.0-1019.23~20.04.1 5.15.0-1019.24~20.04.1 5.4.0-1090.95+cvm1.1 0.86.1-0ubuntu1.1 2.40.0+dfsg-3ubuntu0.4 19.11.13-0ubuntu0.20.04.1 1.2.1-3ubuntu0.1 2.36.7-0ubuntu0.20.04.1 3.20220809.0ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.8 2:8.1.2269-1ubuntu5.9 1.18.0-1ubuntu0.1 3.31.1-4ubuntu0.4 4.11.3+24-g14b62ab3e5-1ubuntu2.3 4.1.0+git191117-2ubuntu0.20.04.5 2.3.0-6ubuntu0.5+esm1 5.4.0-1033.37 5.4.0-1046.51 5.4.0-1053.56 5.4.0-1070.80 5.4.0-1075.80 5.4.0-1083.91 5.4.0-1085.92 5.4.0-1091.96 5.4.0-126.142 5.15.0-48.54~20.04.1 5.15.0-1020.24~20.04.1 5.15.0-1020.25~20.04.1 1.1.0+ds1-1ubuntu2.1 1:9.16.1-0ubuntu2.11 10.34-7ubuntu0.1 3.2.26+dfsg-6ubuntu0.1 2.0.3-0ubuntu1.20.04.3 4.3-1ubuntu0.20.04.2 2.2.9-1ubuntu0.5 2.2.9-1ubuntu0.6 5.4.0-1091.96+cvm1.1 4.10-1ubuntu1.7 2.36.8-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.6 5.15.0-1018.24~20.04.1 5.4.0-1089.97 5.15.0-1016.19~20.04.1 105.0+build2-0ubuntu0.20.04.1 5.8.2-1ubuntu3.5 2:2.2.12-1ubuntu0.14 5.4.0-1083.89 4.4.1-2.1ubuntu5.20.04.4 0.15.0-1ubuntu0.2 0.9+LibO6.4.7-0ubuntu0.20.04.5 1.2.0+LibO6.4.7-0ubuntu0.20.04.5 1:6.4.7-0ubuntu0.20.04.5 2:102.11+LibO6.4.7-0ubuntu0.20.04.5 1:102.2.2+build1-0ubuntu0.20.04.1 5.15.0-1021.25~20.04.1 5.15.0-1021.26~20.04.1 5.15.0-50.56~20.04.1 5.4.0-1034.38 5.4.0-1047.52 5.4.0-1054.57 5.4.0-1076.81 5.4.0-1084.90 5.4.0-1084.92 5.4.0-1086.93 5.4.0-128.144 2:6.2.0+dfsg-4ubuntu0.1 6.0-25ubuntu1.1 7.7.0+dfsg-1ubuntu1.1 5.4.0-1071.81 5.4.0-1090.98 3:3.8.0-2.1ubuntu0.1 1:2.25.1-1ubuntu3.6 1.3.5-2ubuntu0.20.04.1 5.30.0-9ubuntu0.3 5.4.0-1036.41 5.4.0-1049.55 5.4.0-1056.60 5.4.0-1073.84 5.4.0-1078.84 5.4.0-1086.93 5.4.0-1086.95 5.4.0-1088.96 5.4.0-1092.101 5.4.0-1094.100 5.4.0-131.147 5.14.0-1054.61 5.15.0-1019.23~20.04.1 5.15.0-1021.28~20.04.1 5.15.0-1022.26~20.04.1 5.15.0-1022.27~20.04.1 5.15.0-52.58~20.04.1 0.9+LibO6.4.7-0ubuntu0.20.04.6 1.2.0+LibO6.4.7-0ubuntu0.20.04.6 1:6.4.7-0ubuntu0.20.04.6 2:102.11+LibO6.4.7-0ubuntu0.20.04.6 8.0.31-0ubuntu0.20.04.1 1:10.1.0-0ubuntu2.2 7.68.0-1ubuntu2.14 1.12.16-2ubuntu2.3 5.4.0-1092.97+cvm1.1 8324-0ubuntu3~20.04.5 106.0.2+build1-0ubuntu0.20.04.1 106.0.5+build1-0ubuntu0.20.04.1 1:2017.3.23AR.3-3ubuntu1.3 4.1.0+git191117-2ubuntu0.20.04.6 0.19.5-1ubuntu1.1 3.31.1-4ubuntu0.5 7.4.3-4ubuntu2.15 0.38.4-0ubuntu2.1 11.0.17+8-1ubuntu2~20.04 17.0.5+8-2ubuntu1~20.04 8u352-ga-1~20.04 1.18.0-0ubuntu1.4 1:102.4.2+build2-0ubuntu0.20.04.1 1.13.8-1ubuntu1.1 107.0+build2-0ubuntu0.20.04.1 5.4.0-1037.42 5.4.0-1050.56 5.4.0-1074.85 5.4.0-1079.85 5.4.0-1087.96 5.4.0-1089.97 5.4.0-1093.102 5.4.0-1095.101 5.4.0-132.148 5.4.0-1057.61 5.4.0-1087.94 5.4.0-1095.101+cvm1.1 5.15.0-1022.28~20.04.1 5.15.0-1023.27~20.04.1 5.15.0-1023.29~20.04.1 5.15.0-53.59~20.04.1 5.15.0-1020.25~20.04.1 5.15.0-1022.29~20.04.1 2.38.2-0ubuntu0.20.04.1 0.8.3-1ubuntu2.1 1.9.4-2ubuntu1.4 1.3.3-1ubuntu0.1 2.2.0+dfsg1-0ubuntu0.20.04.4 8:6.9.10.23+dfsg-2.1ubuntu11.4+esm1 1:10.3.37-0ubuntu0.20.04.1 1:10.3.38-0ubuntu0.20.04.1 2:1.20.13-1ubuntu1~20.04.4 4.93-13ubuntu1.7 2.1-3.1ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.7 1:4.8.1-1ubuntu5.20.04.3 1:4.8.1-1ubuntu5.20.04.4 12.2.0-2ubuntu0.2 2.57.5+20.04ubuntu0.1 5.15.0-1025.31~20.04.2 5.15.0-1026.30~20.04.2 5.15.0-56.62~20.04.1 5.15.0-1023.28~20.04.2 5.15.0-1025.32~20.04.2 5.4.0-1040.45 5.4.0-1060.64 5.4.0-1077.88 5.4.0-1082.88 5.4.0-1090.99 5.4.0-1092.100 5.4.0-1096.105 5.4.0-135.152 5.4.0-1090.97 5.4.0-1098.104 1:0.5.0-1~ubuntu20.04.1+esm1 2.9.10+dfsg-5ubuntu0.20.04.5 20211016ubuntu0.20.04.1 2.34-6ubuntu1.4 1:1.17.4-5ubuntu3.1 2021.01+dfsg-3ubuntu0~20.04.5 7.7.0+dfsg-1ubuntu1.2 3.8.10-0ubuntu1~20.04.6 1:4.2-3ubuntu6.24 1.5.9-0ubuntu1~20.04.6 7.0.0-4ubuntu0.7 6.2.1-3ubuntu0.1~esm1 2:1.20.13-1ubuntu1~20.04.5 5.15.0-1029.36~20.04.1 108.0+build2-0ubuntu0.20.04.1 108.0.1+build1-0ubuntu0.20.04.1 108.0.2+build1-0ubuntu0.20.04.1 0.8.0-1ubuntu0.1 3.0.20+dfsg-3ubuntu0.2 1:3.36.3-0ubuntu1.20.04.2 1.3.5-2ubuntu0.20.04.2 7.68.0-1ubuntu2.15 5.14.0-1055.62 5.4.0-1041.46 5.4.0-1061.65 5.4.0-1078.89 5.4.0-1083.89 5.4.0-1091.100 5.4.0-1091.98 5.4.0-1093.101 5.4.0-1097.106 5.4.0-136.153 5.4.0-1100.106 5.4.0-1100.106+cvm1.1 5.15.0-57.63~20.04.1 5.15.0-1027.31~20.04.1 5.15.0-1030.37~20.04.1 5.8+dfsg-2ubuntu2.6 0.5.3-37ubuntu0.1 2.38.3-0ubuntu0.20.04.1 7.7.0+dfsg-1ubuntu1.3 2:8.1.2269-1ubuntu5.11 5.15.0-1027.34~20.04.1 5.15.0-1028.32~20.04.1 5.15.0-1031.38~20.04.1 5.15.0-58.64~20.04.1 5.4.0-1042.47 5.4.0-1084.90 5.4.0-1092.101 5.4.0-1094.102 5.4.0-1098.107 5.4.0-137.154 2.7.0-5ubuntu1.8 1:3.5.12-1ubuntu0.20.04.1 5.14.0-1056.63 1:2.25.1-1ubuntu3.7 1:2.25.1-1ubuntu3.8 1.8.31-1ubuntu1.4 1.25.8-2ubuntu0.2 5.4.0-1062.66 5.15.0-1027.33~20.04.1 5.15.0-58.64~20.04.1 5.4.0-1054.60 109.0+build2-0ubuntu0.20.04.1 109.0.1+build1-0ubuntu0.20.04.2 44.0.0-2ubuntu0.1 45.2.0-1ubuntu0.1 7.4.3-4ubuntu2.17 2.0.29-0ubuntu1.1 1:5.9~svn20110310-12ubuntu0.1 0.34.2-1ubuntu0.1 20.0.2-5ubuntu1.8 2:4.13.17~dfsg-0ubuntu1.20.04.4 2:4.13.17~dfsg-0ubuntu1.20.04.5 8.0.32-0buntu0.20.04.1 8.0.32-0ubuntu0.20.04.2 1:102.7.1+build2-0ubuntu0.20.04.1 1.3.1-5ubuntu4.4 1.3.1-5ubuntu4.6 3.0.28-2ubuntu0.2 1:9.16.1-0ubuntu2.12 1.17-6ubuntu4.2 5.4.0-1079.90 5.4.0-1101.107 0.18.2-2ubuntu0.1 2:16.4.2-0ubuntu2.1 2:20.2.0-0ubuntu1.1 2:21.2.4-0ubuntu2.1 2:16.4.2-0ubuntu2.2 2:2.2.12-1ubuntu0.15 2.1-2.1ubuntu0.20.04.1 2.4.41-4ubuntu3.13 0.631+git180528-1+deb10u1build0.20.04.1 0.12.1-1.1ubuntu0.20.04.1~esm1 3.0a-2ubuntu0.4 1.1.1f-1ubuntu2.17 2:1.20.13-1ubuntu1~20.04.6 1.0.4-2ubuntu0.1~esm1 7.7.0+dfsg-1ubuntu1.4 5.15.0-1029.35~20.04.1 5.15.0-1033.40~20.04.1 5.15.0-60.66~20.04.1 2.25.2-0ubuntu1.1 5.4.0-1064.68 5.4.0-1080.91 5.4.0-1086.92 5.4.0-1093.102 5.4.0-1096.104 5.4.0-1103.109 5.4.0-139.156 8:6.9.10.23+dfsg-2.1ubuntu11.5 8:6.9.10.23+dfsg-2.1ubuntu11.7 5.14.0-1057.64 1:3.2.7a-7ubuntu0.1 2:21.2.4-0ubuntu2.2 2.38.4-0ubuntu0.20.04.2 2:2.2.12-1ubuntu0.16 2.0.29-0ubuntu1.3 1.6.1-4ubuntu2.1 1:2.25.1-1ubuntu3.10 0.3.2-4ubuntu0.1 5.4.0-1044.49 5.4.0-1100.109 5.4.0-1094.101 5.15.0-1029.36~20.04.1 5.15.0-1030.34~20.04.1 5.15.0-1027.32~20.04.1 110.0+build3-0ubuntu0.20.04.1 110.0.1+build2-0ubuntu0.20.04.1 3.6.4-2.1ubuntu0.1~esm1 3.20230214.0ubuntu0.20.04.1 0.103.8+dfsg-0ubuntu0.20.04.1 3.9.5-3ubuntu0~20.04.1+esm1 1.32.3-2ubuntu2+esm1 2.13.8-0ubuntu1.1 7.68.0-1ubuntu2.16 2:3.49.1-1ubuntu1.9 2.38.5-0ubuntu0.20.04.1 2:1.3.0-8+deb10u1build0.20.04.1 2.0.7-2ubuntu0.1+esm2 11.0.18+10-0ubuntu1~20.04.1 17.0.6+10-0ubuntu1~20.04.1 8u362-ga-0ubuntu1~20.04.1 7.6+dfsg-2ubuntu0.20.04.2 1.30+dfsg-7ubuntu0.20.04.3 3.6.13-2ubuntu1.8 7.4.3-4ubuntu2.18 1.4.55-1ubuntu1.20.04.2 14.4.2+git20190427-2+deb11u1build0.20.04.1 14.4.2+git20190427-2+deb11u2build0.20.04.1 12.14-0ubuntu0.20.04.1 1.15.0-1ubuntu0.2 5.4.0-1103.109+cvm1.1 2.0.7-2ubuntu0.1+esm3 5.15.0-1028.33~20.04.1 5.15.0-1030.36~20.04.1 5.15.0-1030.37~20.04.1 5.15.0-1031.35~20.04.1 5.15.0-1034.41~20.04.1 5.15.0-67.74~20.04.1 5.14.0-1058.66 5.4.0-1065.69 5.4.0-1087.93 5.4.0-1094.103 5.4.0-1095.102 5.4.0-1097.105 5.4.0-1101.110 5.4.0-1104.110 5.4.0-144.161 5.4.0-1058.64 3.1.3-8ubuntu0.5 4.1.0+git191117-2ubuntu0.20.04.8 245.4-4ubuntu3.20 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.1 5.4.0-1081.92 2:4.15.13+dfsg-0ubuntu0.20.04.1 0.9+20170913-1ubuntu0.20.04.1~esm1 2.4.41-4ubuntu3.14 1:102.8.0+build2-0ubuntu0.20.04.1 1.25+ds-2ubuntu0.1 3.6.1.3-2ubuntu5.2 1.4.11.1-1ubuntu0.3 2.12.5-1ubuntu0.1~esm1 0.16.1+dfsg1-2ubuntu0.1 5.4.0-1045.50 7.13.0-1ubuntu0.1~esm1 111.0+build2-0ubuntu0.20.04.1 111.0.1+build2-0ubuntu0.20.04.1 6.0.6-0.1ubuntu0.1~esm1 2.1.3-1.2+deb10u1build0.20.04.1 7:4.2.7-0ubuntu0.1+esm1 1.17-6ubuntu4.3 3.8.10-0ubuntu1~20.04.7 8.14.6-0.1ubuntu0.1~esm1 2:8.1.2269-1ubuntu5.12 7.68.0-1ubuntu2.18 1.10.1+dfsg-3ubuntu0.1+esm2 1:3.5.1-2ubuntu0.1 1:3.5.1-2ubuntu0.2 1:3.5.1-2ubuntu0.3 0.11.4-2ubuntu0.1 3.0.7-1ubuntu0.1~esm1 1.9+srconly-3ubuntu0.1 2.42.2-3ubuntu0.1~esm1 1:102.9.0+build1-0ubuntu0.20.04.1 1.4.7-3ubuntu0.1 1.4+really1.3.35-1ubuntu0.1 5.14.0-1059.67 5.4.0-1046.51 5.4.0-1066.70 5.4.0-1082.93 5.4.0-1088.94 5.4.0-1096.103 5.4.0-1098.107 5.4.0-1099.107 5.4.0-1102.111 5.4.0-1105.111 5.4.0-146.163 5.15.0-1031.38~20.04.1 5.15.0-1032.38~20.04.1 5.15.0-1033.37~20.04.1 5.15.0-1035.42~20.04.1 5.15.0-69.76~20.04.1 2:1.20.13-1ubuntu1~20.04.8 5.15.0-1029.34~20.04.1 1.0.7-6ubuntu0.20.04.1 1.1.24-1ubuntu0.1~esm1 2:2.4.4-0ubuntu0.20.04.2 2:4.15.13+dfsg-0ubuntu0.20.04.2 2:8.1.2269-1ubuntu5.13 3.12.0-3ubuntu0.2 1.8.18-8ubuntu0.1 1.2.17-9ubuntu0.2 1.0.0-1ubuntu0.20.04.1 5.4.0-1059.65 1.8.31-1ubuntu1.5 0.12.11-1ubuntu1.20.04.1+esm1 112.0+build2-0ubuntu0.20.04.1 112.0.1+build1-0ubuntu0.20.04.1 112.0.2+build1-0ubuntu0.20.04.1 2.2-2ubuntu0.20.04.1 1:102.10.0+build2-0ubuntu0.20.04.1 3.3.0-1+deb10u1build0.20.04.1 9.50~dfsg-5ubuntu4.7 2.20.11-0ubuntu27.26 3.0.8-2ubuntu0.1 5.4.0-1060.66 5.3.2-1ubuntu0.1~esm1 0.9+LibO6.4.7-0ubuntu0.20.04.7 1.2.0+LibO6.4.7-0ubuntu0.20.04.7 1:6.4.7-0ubuntu0.20.04.7 2:102.11+LibO6.4.7-0ubuntu0.20.04.7 5.15.0-1031.36~20.04.1 5.15.0-1032.40~20.04.1 5.15.0-1033.39~20.04.1 5.15.0-1034.38~20.04.1 5.15.0-1036.43~20.04.1 5.15.0-70.77~20.04.1 2:8.1.2269-1ubuntu5.14 5.4.0-1047.52 5.4.0-1067.71 5.4.0-1083.94 5.4.0-1089.95 5.4.0-1097.104 5.4.0-1099.108 5.4.0-1100.108 5.4.0-1103.112 5.4.0-1106.112 5.4.0-147.164 2.9.10+dfsg-5ubuntu0.20.04.6 2.80-1.1ubuntu1.7 3.6-1+deb11u1build0.20.04.1 1.18.1-1ubuntu1~20.04.2 1.13.8-1ubuntu1.2 1.16.2-0ubuntu1~20.04.1 1.1.1f-1ubuntu2.18 5.15.0-70.77~20.04.1 23.1.2-0ubuntu0~20.04.1 23.1.2-0ubuntu0~20.04.2 5.15.0-1032.37~20.04.1 5.15.0-1034.40~20.04.1 5.15.0-1035.39~20.04.1 5.15.0-71.78~20.04.1 2.1.0-0ubuntu1.20.04.2 5.4.0-1048.53 5.4.0-1068.72 5.4.0-1090.96 5.4.0-1098.105 5.4.0-1100.109 5.4.0-1101.109 5.4.0-1104.113 5.4.0-1107.113 5.4.0-148.165 0.4.37-1ubuntu0.20.04.1 1:4.1.45-1ubuntu0.1~esm1 1:2.25.1-1ubuntu3.11 5.15.0-1037.44~20.04.1 2:2.2.12-1ubuntu0.17 2.7.0-5ubuntu1.9 2.7.0-5ubuntu1.10 1:22.2.7+dfsg-1ubuntu0.2 8.0.33-0ubuntu0.20.04.1 8.0.33-0ubuntu0.20.04.2 2.38.6-0ubuntu0.20.04.1 2.10.1-2ubuntu0.3 15.2.17-0ubuntu0.20.04.3 0.2.4-3ubuntu0.1 3.2.1-1ubuntu0.1~esm1 1:14.2.0-0ubuntu1.1 2:16.4.2-0ubuntu6.2 2.13.8-0ubuntu1.2 5.4.0-1084.95 5.15.0-1037.44~20.04.1.1 2:16.4.2-0ubuntu2.3 2.0.0-0ubuntu4.1 2:21.2.4-0ubuntu2.3 3.0.8-0ubuntu1.1 2:21.2.4-0ubuntu2.4 2:16.4.2-0ubuntu2.4 2.0.0-0ubuntu4.2 2:21.2.4-0ubuntu2.5 3.0.8-0ubuntu1.2 113.0+build2-0ubuntu0.20.04.1 113.0.1+build1-0ubuntu0.20.04.1 113.0.2+build1-0ubuntu0.20.04.1 1:102.11.0+build1-0ubuntu0.20.04.1 11.0.19+7~us1-0ubuntu1~20.04.1 17.0.7+7~us1-0ubuntu1~20.04 8u372-ga~us1-0ubuntu1~20.04 0.6.1-2ubuntu0.20.04.2 5.15.0-1036.40~20.04.1 5.15.0-1038.45~20.04.1 5.15.0-1038.45~20.04.1.1 5.15.0-72.79~20.04.1 0.2.1-1+deb10u1build0.20.04.1 1.27.4-1ubuntu0.2 3.0.4-4ubuntu0.1 2.7.0-5ubuntu1.11 1.1.4-0ubuntu1~20.04.3 5.15.0-1033.38~20.04.1 5.15.0-1034.42~20.04.1 5.15.0-1035.41~20.04.1 5.4.0-1062.68 5.4.0-1049.54 5.4.0-1069.73 5.4.0-1091.97 5.4.0-1099.106 5.4.0-1102.110 5.4.0-1105.114 5.4.0-1108.114 5.4.0-149.166 1.9.2-1ubuntu0.1 1:3.04-1ubuntu0.1 6.2-0ubuntu2.1 1.06-1ubuntu0.20.04.1 2.34-6ubuntu1.5 0.1.27+ds-1+deb10u2build0.20.04.1 0.2.3-1+deb10u1build0.20.04.1 12.15-0ubuntu0.20.04.1 20230311ubuntu0.20.04.1 5.15.0-1033.41~20.04.1 1:3.04-1ubuntu0.2 5.4.0-1085.96 1:3.04-1ubuntu0.2+esm1 1.1.1-2ubuntu0.1 5.30.0-9ubuntu0.4 1.0.1-1+deb10u1build0.20.04.1 2019.20190605.51237-3ubuntu0.1 7.1.2+dfsg-1ubuntu0.1 1.12-1ubuntu0.1 5.4.0-1101.110 1.1.1f-1ubuntu2.19 0.4.1-1ubuntu0.1~esm1 2.58+20.04.1 5.15.0-1034.39~20.04.1 5.15.0-1035.43~20.04.1 5.15.0-1036.42~20.04.1 5.15.0-1037.41~20.04.1 5.15.0-1039.46~20.04.1 5.15.0-73.80~20.04.1 2.3.1-9ubuntu1.3 0.7-4ubuntu7.2 5.4.0-1050.55 5.4.0-1070.74 5.4.0-1092.98 5.4.0-1100.107 5.4.0-1102.111 5.4.0-1103.111 5.4.0-1106.115 5.4.0-1109.115 5.4.0-150.167 5.4.0-1064.70 5.15.0-1030.35~20.04.1 5.15.0-1039.46~20.04.1.1 0.19.5-1ubuntu1.2 0.9.3-2ubuntu2.3 3.8.10-0ubuntu1~20.04.8 1.40.0-1ubuntu0.1 114.0+build3-0ubuntu0.20.04.1 114.0.1+build1-0ubuntu0.20.04.1 114.0.2+build1-0ubuntu0.20.04.1 0.9+LibO6.4.7-0ubuntu0.20.04.8 1.2.0+LibO6.4.7-0ubuntu0.20.04.8 1:6.4.7-0ubuntu0.20.04.8 2:102.11+LibO6.4.7-0ubuntu0.20.04.8 12.2.0-2ubuntu0.3 3.1.12~ds-4ubuntu0.20.04.1 0.6.0-1ubuntu0.1 5.4.0-1086.97 5.4.0-1023.27 5.4.0-1101.108 4.6.3-3ubuntu0.1~esm1 2:8.1.2269-1ubuntu5.15 2.22.0-2ubuntu1.1 2.2.3-3ubuntu0.11 2.2.3-3ubuntu0.12 1.7.3-2ubuntu0.1 2.34-6ubuntu1.6 5.15.0-1031.36~20.04.1 2.9.19+dfsg-3ubuntu0.20.04.1 1.15.0-1ubuntu0.3 2.64.6-1~ubuntu20.04.6 1:2.32-1ubuntu0.1 1:4.2-3ubuntu6.27 2:1.6.9-2ubuntu1.5 1.8.1-1ubuntu0.1~esm1 5.15.0-1036.41~20.04.1 5.15.0-1036.44~20.04.1 5.15.0-1037.43~20.04.1 5.15.0-1038.43~20.04.1 5.15.0-1040.47~20.04.1 5.15.0-1040.47~20.04.1.1 5.15.0-75.82~20.04.1 5.4.0-152.169 1.26.0-3ubuntu1.20.04.1 1.4.0-1ubuntu0.20.04.1 1.4.0-1ubuntu0.20.04.1+esm1 3.0.9.2-1ubuntu0.1~esm1 2.3.0-7ubuntu0.20.04.1 1:9.16.1-0ubuntu2.15 2.3.1-9ubuntu1.4 5.4.0-1051.56 5.4.0-1065.71 5.4.0-1071.75 5.4.0-1088.99 5.4.0-1093.99 5.4.0-1102.109 5.4.0-1103.112 5.4.0-1104.112 5.4.0-1107.116 5.4.0-1110.116 3.2.26+dfsg-6ubuntu0.2+esm1 0.6.55-0ubuntu12~20.04.6 5.15.0-1023.28~20.04.1 5.15.0-1037.42~20.04.1 5.15.0-1037.45~20.04.1 5.15.0-1038.44~20.04.1 5.15.0-1039.44~20.04.1 5.15.0-1041.48~20.04.1 5.15.0-1041.48~20.04.1.1 5.15.0-76.83~20.04.1 5.4.0-1052.57 5.4.0-1066.72 5.4.0-1072.76 5.4.0-1089.100 5.4.0-1094.100 5.4.0-1104.113 5.4.0-1105.113 5.4.0-1108.117 5.4.0-1111.117 5.4.0-153.170 3.5.34-1ubuntu1.1 7.4.3-4ubuntu2.19 8:6.9.10.23+dfsg-2.1ubuntu11.9 8:6.9.10.23+dfsg-2.1ubuntu11.10 115.0+build2-0ubuntu0.20.04.3 1.6.12-0ubuntu1~20.04.3 2:2.2.12-1ubuntu0.18 1.2.0-0ubuntu7.1 5.4.0-1103.110 5.15.0-1033.38~20.04.1 2.7.0-1ubuntu0.1 5.0.2-2ubuntu0.1 5.15.0-1034.39~20.04.1 9.50~dfsg-5ubuntu4.8 1:102.13.0+build1-0ubuntu0.20.04.1 1.21-0ubuntu1~20.04.1 1.8.1+ds-3ubuntu0.2 115.0.2+build1-0ubuntu0.20.04.1 2.7.0-5ubuntu1.12 5.4.0-1024.28 3.2.1-3ubuntu2.1 1.3.3-3ubuntu0.1~esm1 0.12.5-1ubuntu0.1 2.1.0-3ubuntu0.20.04.1 5.4.0-1025.29 1.36-2ubuntu0.1 7.68.0-1ubuntu2.19 2:4.15.13+dfsg-0ubuntu0.20.04.3 0.3.2+git20151018-2+deb10u1build0.20.04.1 1:8.2p1-4ubuntu0.8 1.1.4-5ubuntu0.1 3.20191218.1ubuntu1.1 5.15.0-1024.29~20.04.1 5.15.0-1038.43~20.04.1 5.15.0-1038.46~20.04.1 5.15.0-1039.45~20.04.1 5.15.0-1040.45~20.04.1 5.15.0-1042.49~20.04.1 5.15.0-1042.49~20.04.1.1 5.15.0-78.85~20.04.1 5.4.0-1026.30 5.4.0-1053.58 5.4.0-1073.77 5.4.0-1090.101 5.4.0-1095.101 5.4.0-1104.111 5.4.0-1105.114 5.4.0-1106.114 5.4.0-1109.118 5.4.0-1112.118 5.4.0-155.172 5.15.0-1036.41~20.04.1 5.4.0-1017.18 2:11.3.0-2ubuntu0~ubuntu20.04.5 2.0.874-7.1ubuntu6.4 5.4.0-1018.19 3.2.3-1ubuntu0.1~esm1 11.0.20+8-1ubuntu1~20.04 17.0.8+7-1~20.04.2 8u382-ga-1~20.04.1 11.0.20.1+1-0ubuntu1~20.04 17.0.8.1+1~us1-0ubuntu1~20.04 2.48.9-1ubuntu0.20.04.4 116.0+build2-0ubuntu0.20.04.2 116.0.2+build1-0ubuntu0.20.04.1 116.0.3+build2-0ubuntu0.20.04.1 1.16.3-0ubuntu1.2 1.16.3-0ubuntu1.2 2:8.1.2269-1ubuntu5.16 2.0.13-1.4+deb11u1build0.20.04.1 0.86.1-0ubuntu1.2 0.67.1+ds0ubuntu0.libgit2-0ubuntu0.20.04.2+esm1 0.6.2+dfsg-3ubuntu0.20.04.1 1:8.2p1-4ubuntu0.9 1.26.0-3ubuntu1.20.04.2 1.7-5+deb9u1build0.20.04.1 2.0-7ubuntu0.20.04.1 5.4.0-1019.20 5.4.0-1074.78 5.4.0-1091.102 5.4.0-1096.102 5.4.0-1106.115 5.4.0-1107.115 5.4.0-1110.119 5.4.0-156.173 3.20230808.0ubuntu0.20.04.1 2.2.2-1ubuntu0.1 8.0.34-0ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.9 2.0.31-0ubuntu0.2 12.16-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.9 0.13.62-3.2ubuntu1.1 0.86.1-0ubuntu1.3 5.15.0-1037.42~20.04.1 5.15.0-1040.46~20.04.1 5.15.0-1041.46~20.04.1 5.15.0-79.86~20.04.2 5.15.0-79.88~20.04.1 5.4.0-1027.31 2:8.1.2269-1ubuntu5.17 0.103.9+dfsg-0ubuntu0.20.04.1 2:1.9.4-11ubuntu0.2 7.4.3-4ubuntu2.20 0.6.1+dfsg1-1ubuntu0.1 5.15.0-1025.30~20.04.1 5.15.0-1039.44~20.04.1 5.15.0-1039.47~20.04.1 5.4.0-1105.112 2.9.1-1ubuntu0.1 5.4.0-1054.59 5.4.0-1068.74 5.15.0-1041.47~20.04.1 5.15.0-1043.48~20.04.1 5.15.0-82.91~20.04.1 5.4.0-1028.32 5.4.0-1097.103 5.4.0-1107.116 5.4.0-1108.116 5.4.0-1111.120 5.4.0-159.176 3.20191218.1ubuntu1.2 117.0+build2-0ubuntu0.20.04.1 0.176-1.1ubuntu0.1 5.4.0-1075.79 5.15.0-1026.31~20.04.1 3.0.7-1ubuntu0.1~esm2 5.15.0-1040.48~20.04.1 5.4.0-1114.120 5.15.0-1045.52~20.04.1 1:102.15.0+build1-0ubuntu0.20.04.1 0.7.git20120829-3.1ubuntu0.1 2.7.1+ds2-7ubuntu0.3 5.15.0-83.92~20.04.1 5.15.0-1027.32~20.04.1 5.15.0-1041.49~20.04.1 5.15.0-1046.53~20.04.1 5.15.0-1046.53~20.04.1.1 5.4.0-1021.22 5.4.0-1098.104 5.4.0-1108.117 5.4.0-1109.118 5.4.0-1112.121 5.4.0-162.179 5.4.0-1029.33 5.4.0-1076.80 5.4.0-1093.104 14.4.2+git20190427-2+deb11u2ubuntu0.20.04.1 5.4.0-1092.103 5.15.0-1043.50~20.04.1.1 5.15.0-1038.43~20.04.1 5.4.0-1115.122 5.15.0-1037.40~20.04.1 5.15.0-1042.48~20.04.1 5.15.0-1044.49~20.04.1 1.3.2-4ubuntu0.2 1.8.5-8ubuntu0.20.04.1 1.187.3~20.04.1+2.06-2ubuntu14.1 1.40.9+15.7-0ubuntu1 15.7-0ubuntu1 2.06-2ubuntu14.1 1.3.2-7ubuntu0.1 5.4.0-1056.61 4.3.2-3+deb10u1build0.20.04.1 1.3.3-1ubuntu0.2 2.3.1-9ubuntu1.5 9.50~dfsg-5ubuntu4.10 2:11.3.0-2ubuntu0~ubuntu20.04.6 117.0.1+build2-0ubuntu0.20.04.1 1:102.15.1+build1-0ubuntu0.20.04.1 0.6.1-2ubuntu0.20.04.3 2.9.3-1ubuntu0.1 1.8.0-2.1ubuntu0.1 1:5.0.1+dfsg-1ubuntu0.1 1.13.2-1ubuntu0.6 1.15.0-1ubuntu0.4 0.19.5-1ubuntu1.3 2:2.2.12-1ubuntu0.19 3.0.5-0ubuntu0.20.04.1 10.19.0~dfsg-3ubuntu1.1 1.5.22-2ubuntu0.3 5.15.0-1028.33~20.04.1 5.15.0-1038.41~20.04.1 5.15.0-1042.50~20.04.1 5.15.0-1045.50~20.04.1 5.15.0-1047.54~20.04.1 5.15.0-1047.54~20.04.1.1 5.15.0-84.93~20.04.1 5.15.0-1040.46~20.04.1 5.15.0-1044.50~20.04.1 5.4.0-1022.23 5.4.0-1030.34 5.4.0-1057.62 5.4.0-1077.81 5.4.0-1099.105 5.4.0-1109.118 5.4.0-1110.119 5.4.0-1113.122 5.4.0-1116.123 5.4.0-163.180 5.4.0-1071.77 5.4.0-1094.105 2.2.12-1ubuntu0.20.04.1 1:9.16.1-0ubuntu2.16 2.3.1-9ubuntu1.6 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm1 5.4.0-1070.76 1.2.1+dfsg-1ubuntu0.20.04.2 2.2.0+dfsg1-0ubuntu0.20.04.5 1.2.0-3ubuntu0.1 1.8.2-1ubuntu0.2 118.0.1+build1-0ubuntu0.20.04.1 118.0.2+build2-0ubuntu0.20.04.1 1:115.3.1+build1-0ubuntu0.20.04.1 2:1.6.9-2ubuntu1.6 1:3.5.12-1ubuntu0.20.04.2 1.187.6~20.04.1+2.06-2ubuntu14.4 4.93-13ubuntu1.8 2:2.2.12-1ubuntu0.20 5.15.0-1030.35~20.04.1 5.15.0-1040.43~20.04.1 5.15.0-1044.52~20.04.1 5.15.0-1047.52~20.04.1 5.15.0-1049.56~20.04.1 5.15.0-1049.56~20.04.1.1 5.15.0-86.95~20.04.1 5.15.0-1045.51~20.04.1 5.15.0-86.96~20.04.1 5.4.0-1023.24 5.4.0-1031.35 5.4.0-1058.63 5.4.0-1072.78 5.4.0-1078.82 5.4.0-1095.106 5.4.0-1100.106 5.4.0-1110.119 5.4.0-1111.120 5.4.0-1115.124 5.4.0-1117.124 5.4.0-164.181 10.19.0~dfsg-3ubuntu1.2 1.12.1+dfsg-5ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.18 20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1 2.2.1-2ubuntu0.1 1.17.0-4ubuntu0.2 2:4.15.13+dfsg-0ubuntu0.20.04.6 2:4.15.13+dfsg-0ubuntu0.20.04.7 4.1.0+git191117-2ubuntu0.20.04.10 7.68.0-1ubuntu2.20 7:4.2.7-0ubuntu0.1+esm2 3.7-3ubuntu0.1~esm1 1.2.4-4ubuntu0.1 9.50~dfsg-5ubuntu4.11 3.1.5-1ubuntu0.1~esm1 1.1.1f-1ubuntu2.20 7.2.1-1ubuntu0.2+esm1 5.4.0-1032.36 5.4.0-1059.64 5.4.0-1079.83 5.4.0-1101.107 5.4.0-1111.120 5.4.0-1112.121 5.4.0-1116.125 5.4.0-1118.125 5.4.0-165.182 5.4.0-1024.25 5.4.0-1096.107 5.4.0-1073.79 5.15.0-1043.49~20.04.1 5.15.0-1041.44~20.04.1 5.15.0-1048.53~20.04.1 5.15.0-1050.57~20.04.1 5.15.0-1050.57~20.04.1.1 5.15.0-87.96~20.04.1 5.15.0-87.97~20.04.1 5.15.0-1031.37~20.04.1 5.15.0-1045.53~20.04.2 5.15.0-1046.52~20.04.1 1.0.0.errata1-3+deb11u1build0.20.04.1 1.12.11+20110422.1-2.1+deb10u3ubuntu0.20.04.2 7:4.2.7-0ubuntu0.1+esm3 7:4.2.7-0ubuntu0.1+esm4 2:8.1.2269-1ubuntu5.20 2:1.20.13-1ubuntu1~20.04.9 4.93-13ubuntu1.9 119.0+build2-0ubuntu0.20.04.1 119.0.1+build1-0ubuntu0.20.04.1 19.05.5-1ubuntu0.1~esm2 8.0.35-0ubuntu0.20.04.1 5.4.0-1033.37 5.4.0-1060.65 5.4.0-1074.80 5.4.0-1080.84 5.4.0-1097.109 5.4.0-1102.108 5.4.0-1112.121 5.4.0-1113.123 5.4.0-1117.126 5.4.0-1119.126 5.4.0-166.183 5.4.0-1025.26 2:11.3.0-2ubuntu0~ubuntu20.04.7 5.15.0-1032.38~20.04.1 5.15.0-1042.45~20.04.1 5.15.0-1046.54~20.04.1 5.15.0-1047.53~20.04.1 5.15.0-1049.54~20.04.1 5.15.0-1051.59~20.04.1 5.15.0-1051.59~20.04.1.1 5.15.0-88.98~20.04.1 1.17-6ubuntu4.4 1:115.4.1+build1-0ubuntu0.20.04.1 0.9.12-1ubuntu0.1 1.4-28+deb10u1build0.20.04.1 1.0.28-7ubuntu0.2 2.5+dfsg-6+deb10u1build0.20.04.1 1.25.8-2ubuntu0.3 20.0.2-5ubuntu1.10 0.9.12-1ubuntu0.1+esm1 2:3.3.16-1ubuntu2.4 1:2.1.0-2ubuntu0.20.04.1~esm1 1.2.4-4ubuntu0.4 2:5.6.0-11ubuntu0.20.04.1 3.20231114.0ubuntu0.20.04.1 0.7-4ubuntu7.3 5.8.2-1ubuntu3.6 7-1ubuntu0.2 10.19.0~dfsg-3ubuntu1.3 1.6.9-1ubuntu0.1~esm1 1.0.1-0ubuntu1.20.04.2 5.4.0-1026.27 5.4.0-1034.38 5.4.0-1061.66 5.4.0-1075.81 5.4.0-1098.110 5.4.0-1103.110 5.4.0-1113.122 5.4.0-1114.124 5.4.0-167.184 5.4.0-1081.85 5.4.0-1118.127 5.4.0-1120.127 5.15.0-1043.46~20.04.1 5.15.0-1048.54~20.04.1 5.15.0-1050.55~20.04.1 5.15.0-89.99~20.04.1 5.15.0-1033.39~20.04.1 5.15.0-1047.55~20.04.1 5.15.0-1052.60~20.04.1 5.15.0-1052.60~20.04.1.1 3.6.13-2ubuntu1.9 4.10-1ubuntu1.8 3.8.2-0ubuntu1.5 1.40.0-1ubuntu0.2 2.4.41-4ubuntu3.15 0.86.1-0ubuntu1.4 120.0+build2-0ubuntu0.20.04.1 120.0.1+build1-0ubuntu0.20.04.1 0.8.3-1ubuntu12.16 4.1.0+git191117-2ubuntu0.20.04.11 3.8.10-0ubuntu1~20.04.9 2.13.8-0ubuntu1.3 1:115.5.0+build1-0ubuntu0.20.04.1 5.15.0-1045.51~20.04.1 5.30.0-9ubuntu0.5 2.10.18-1ubuntu0.1 2.2.0+dfsg1-0ubuntu0.20.04.6 7.3.1+dfsg-4ubuntu0.1 1.0.2-4ubuntu0.1 1.16.3-0ubuntu1.1 11.0.21+9-0ubuntu1~20.04 17.0.9+9-1~20.04 8u392-ga-1~20.04 4.4.3-2+deb10u3build0.20.04.1 2.0.31-0ubuntu0.3 5:5.0.7-2ubuntu0.1+esm2 7.68.0-1ubuntu2.21 12.17-0ubuntu0.20.04.1 2.8-3ubuntu0.2 5.53-0ubuntu3.7 2.31-0ubuntu9.14 2.6.2-4+deb10u1build0.20.04.1 1.30+dfsg-7ubuntu0.20.04.4 2.34-6ubuntu1.7 0.9+LibO6.4.7-0ubuntu0.20.04.9 1.2.0+LibO6.4.7-0ubuntu0.20.04.9 1:6.4.7-0ubuntu0.20.04.9 2:102.11+LibO6.4.7-0ubuntu0.20.04.9 5.4.0-1035.39 5.4.0-1063.68 5.4.0-1076.82 5.4.0-1104.111 5.4.0-1116.126 5.4.0-1120.129 5.4.0-1121.128 5.4.0-169.187 5.4.0-1100.112 5.4.0-1115.124 5.4.0-1083.87 5.4.0-1028.29 5.15.0-1044.47~20.04.1 5.15.0-1049.55~20.04.1 5.15.0-1051.56~20.04.1 5.15.0-1053.61~20.04.1 5.15.0-1053.61~20.04.1.1 5.15.0-91.101~20.04.1 5.15.0-1034.40~20.04.1 5.15.0-91.101~20.04.1 5.15.0-1046.52~20.04.1 5.15.0-1048.56~20.04.1 3.2.1-3ubuntu0.1~esm1 3.1.12~ds-4ubuntu0.20.04.3 1.2-1ubuntu0.1~esm1 1:3.36.5-0ubuntu4.1 2:1.20.13-1ubuntu1~20.04.12 2:8.1.2269-1ubuntu5.21 0.3.6-5+deb10u1build0.20.04.1 3.4.13-5ubuntu0.1 1:8.2p1-4ubuntu0.10 0.9.3-2ubuntu2.4 121.0+build1-0ubuntu0.20.04.1 121.0.1+build1-0ubuntu0.20.04.1 1:115.6.0+build2-0ubuntu0.20.04.1 1:8.2p1-4ubuntu0.11 3.31.1-4ubuntu0.6 1:4.2-3ubuntu6.28 1:4.2-3ubuntu6.29 0.103.11+dfsg-0ubuntu0.20.04.1 0.103.11-0ubuntu0.20.04.1 1:5.26.0-4ubuntu0.1~esm1 1.20.3-1ubuntu0.1~20.04.1 1.21.1-1~ubuntu20.04.2 18.9.0-11ubuntu0.20.04.3 3.2.2+debian-1ubuntu0.1 0.5.3-37ubuntu0.2 2.34-6ubuntu1.8 1.2.10-7+deb9u2build0.20.04.1 3.18.0+ds2-1ubuntu3.1 2:1.20.13-1ubuntu1~20.04.14 2:1.20.13-1ubuntu1~20.04.15 1.3.1-5ubuntu4.7 3.46.3-1ubuntu0.1 3.2.2+debian-1ubuntu0.2 3.4.13-0ubuntu1.3 3.4.13-0ubuntu1.4 0.9.3-2ubuntu2.5 3.6.13-2ubuntu1.10 4.10-1ubuntu1.9 0.4-1+deb10u1build0.20.04.1 2.6.0-2ubuntu0.3 2.10.1-2ubuntu0.2 1:10.3.39-0ubuntu0.20.04.2 5.4.0-1029.30 5.4.0-1036.40 5.4.0-1064.69 5.4.0-1077.83 5.4.0-1084.88 5.4.0-1101.113 5.4.0-1116.125 5.4.0-1117.127 5.4.0-1121.130 5.4.0-1122.129 5.4.0-170.188 5.4.0-1105.112 5.15.0-1054.62~20.04.1 5.15.0-1054.62~20.04.1.1 5.15.0-1035.41~20.04.1 5.15.0-1045.48~20.04.1 5.15.0-1049.57~20.04.1 5.15.0-1052.57~20.04.1 5.15.0-92.102~20.04.1 5.15.0-1050.56~20.04.1 122.0+build2-0ubuntu0.20.04.1 122.0.1+build1-0ubuntu0.20.04.1 4.93-13ubuntu1.10 2.6.2-4+deb10u2build0.20.04.1 15.2.17-0ubuntu0.20.04.6 1:3.5.1-2ubuntu0.4 8.0.36-0ubuntu0.20.04.1 2.4.49+dfsg-2ubuntu1.10 1.0.4-1ubuntu0.1 7.0.0-4ubuntu0.8 1.1.7-0ubuntu1~20.04.2 8:6.9.10.23+dfsg-2.1ubuntu11.9+esm2 1.1.1f-1ubuntu2.21 2:2.2.12-1ubuntu0.21 5.4.0-1030.31 5.4.0-1037.41 5.4.0-1065.70 5.4.0-1078.84 5.4.0-1085.89 5.4.0-1106.113 5.4.0-1117.126 5.4.0-1118.128 5.4.0-1123.130 5.4.0-171.189 5.4.0-1122.131 5.4.0-1102.114 5.15.0-1036.42~20.04.1 5.15.0-1046.49~20.04.1 5.15.0-1051.57~20.04.1 5.15.0-1051.59~20.04.1 5.15.0-1053.58~20.04.1 5.15.0-94.104~20.04.1 5.15.0-1056.64~20.04.1 5.15.0-1056.64~20.04.1.1 1.0.4-1ubuntu0.2 5.15.0-1048.54~20.04.1 1.35-4ubuntu0.1 1.35-4ubuntu0.1+esm1 2.0.0-0ubuntu4.3 0~20191122.bd85bf54-2ubuntu3.5 1:4.8.1-1ubuntu5.20.04.5 1:9.16.48-0ubuntu0.20.04.1 1.1.5-5ubuntu0.1~esm1 4.1.0+git191117-2ubuntu0.20.04.12 5.4.0-1031.32 5.4.0-1038.42 5.4.0-1066.71 5.4.0-1079.85 5.4.0-1086.90 5.4.0-1103.115 5.4.0-1107.114 5.4.0-1118.127 5.4.0-1119.129 5.4.0-1123.132 5.4.0-172.190 5.4.0-1124.131 123.0+build3-0ubuntu0.20.04.1 123.0.1+build1-0ubuntu0.20.04.1 5.15.0-1037.43~20.04.1 5.15.0-1047.50~20.04.1 5.15.0-1049.55~20.04.1 5.15.0-1052.58~20.04.1 5.15.0-1052.60~20.04.1 5.15.0-1057.65~20.04.1 5.15.0-1057.65~20.04.1.1 5.15.0-97.107~20.04.1 5.15.0-1055.60~20.04.1 1.4.3+dfsg.1-1ubuntu0.1~esm3 2.34-6ubuntu1.9 12.18-0ubuntu0.20.04.1 2.90-0ubuntu0.20.04.1 2.9.10+dfsg-5ubuntu0.20.04.7 1.0.4-1ubuntu0.3 11.0.22+7-0ubuntu2~20.04.1 17.0.10+7-1~20.04.1 21.0.2+13-1~20.04.1 1.1.1f-1ubuntu2.22 551-1ubuntu0.2 1.9.4-2ubuntu1.5 1.34.2-1ubuntu1.5 4.19-1ubuntu0.1 5.2.0-0ubuntu1.20.04.2 1:115.8.1+build1-0ubuntu0.20.04.1 1.4.2-0.1+deb10u2build0.20.04.1 10.19.0~dfsg-3ubuntu1.5 2.8-3ubuntu0.3 2:2.2.12-1ubuntu0.22 1.10.3-1ubuntu0.20.04.1 1.15.0-1ubuntu0.5 1.0.4-1ubuntu0.4 0.28.4+dfsg.1-2ubuntu0.1 5.4.0-1032.33 5.4.0-1087.91 5.4.0-1104.116 5.4.0-1108.115 5.4.0-1124.133 5.4.0-173.191 5.4.0-1039.43 5.4.0-1080.87 5.4.0-1067.72 5.4.0-1119.128 5.4.0-1120.130 3.12.4-1ubuntu2+esm1 2.23-1ubuntu0.1~esm1 1.14-1+deb10u1build0.20.04.1 5.15.0-100.110~20.04.1 5.15.0-1038.44~20.04.1 5.15.0-1048.51~20.04.1 5.15.0-1053.61~20.04.1 5.15.0-1058.66~20.04.2 5.15.0-1058.66~20.04.2.1 5.15.0-1053.59~20.04.1 5.15.0-1050.56~20.04.1 0.6.55-0ubuntu12~20.04.7 2.13.8-0ubuntu1.4 20.03.2-0ubuntu0.20.04.5 2.8.5-3+deb10u1build0.20.04.1 2019.20190605.51237-3ubuntu0.2 8u402-ga-2ubuntu1~20.04 2:8.1.2269-1ubuntu5.22 5.4.0-1033.34 5.4.0-1068.73 5.4.0-1081.88 5.4.0-1088.92 5.4.0-1109.116 5.4.0-1120.129 5.4.0-1125.134 5.4.0-174.193 5.4.0-1040.44 5.4.0-1105.117 5.4.0-1121.131 124.0+build1-0ubuntu0.20.04.1 5.15.0-101.111~20.04.1 5.15.0-1039.45~20.04.1 5.15.0-1049.52~20.04.1 5.15.0-1054.62~20.04.1 5.15.0-1059.67~20.04.1 5.15.0-1059.67~20.04.1.1 5.15.0-1054.60~20.04.1 5.15.0-1051.57~20.04.1 5.15.0-1056.61~20.04.1 2.42.2-3ubuntu0.1~esm2 124.0.1+build1-0ubuntu0.20.04.1 124.0.2+build1-0ubuntu0.20.04.1 4.2.0-2ubuntu1.1 0.21-2ubuntu0.1 0.84ubuntu0.1 2.3.6-0.1ubuntu0.1 5.4.0-1126.133 1:115.9.0+build1-0ubuntu0.20.04.1 7.68.0-1ubuntu2.22 1:2.34-0.1ubuntu9.5 2.34-0.1ubuntu9.5 1:2.34-0.1ubuntu9.6 2.34-0.1ubuntu9.6 2:1.20.13-1ubuntu1~20.04.16 2:1.20.13-1ubuntu1~20.04.17 5.15.0-102.112~20.04.1 5.15.0-1040.46~20.04.1 5.15.0-1050.53~20.04.1 5.15.0-1052.58~20.04.1 5.15.0-1055.61~20.04.1 5.15.0-1055.63~20.04.1 5.15.0-1060.69~20.04.1 5.15.0-1060.69~20.04.1.1 5.15.0-1057.63~20.04.1 5.4.0-1069.74 5.4.0-1082.89 5.4.0-1089.93 5.4.0-1106.118 5.4.0-1110.117 5.4.0-1121.130 5.4.0-1122.132 5.4.0-1126.135 5.4.0-1127.134 5.4.0-176.196 5.4.0-1034.35 5.4.0-1041.45 2:3.98-0ubuntu0.20.04.1 2:3.98-0ubuntu0.20.04.2 4.10-1ubuntu1.10 4.10-1ubuntu1.11 4.10-1ubuntu1.12 2.4.41-4ubuntu3.17 3.3.0-1ubuntu0.20.04.1 0.9.24-1+deb11u1build0.20.04.1 3.6.13-2ubuntu1.11 6.0.0-0ubuntu8.19 10.19.0~dfsg-3ubuntu1.6 2.0.7-1ubuntu5.2 2.31-0ubuntu9.15 5.4.0-1035.36 5.4.0-1042.46 5.4.0-1070.75 5.4.0-1083.90 5.4.0-1090.94 5.4.0-1107.119 5.4.0-1111.118 5.4.0-1122.131 5.4.0-1123.133 5.4.0-1127.136 5.4.0-1128.135 5.4.0-177.197 5.15.0-1043.50~20.04.1 5.15.0-105.115~20.04.1 5.15.0-1053.56~20.04.1 5.15.0-1055.61~20.04.1 5.15.0-1058.64~20.04.1 5.15.0-1058.66~20.04.1 5.15.0-1061.70~20.04.1 5.15.0-1061.70~20.04.1.1 7.0.0-4ubuntu0.9 6.2.1-3ubuntu0.1~esm2 125.0.2+build1-0ubuntu0.20.04.2 125.0.3+build1-0ubuntu0.20.04.1 4.6.6-2.1~0.20.04.2 2.6.1+dfsg1-0ubuntu0.20.04.1 1:115.10.1+build1-0ubuntu0.20.04.1 1:4.0.17+dfsg-1ubuntu0.1~esm2 2.6.1+dfsg1-0ubuntu0.20.04.2 3.1.2+dfsg-2ubuntu0.20.04.1 1.40.0-1ubuntu0.3 2.13+dfsg-2ubuntu0.4 551-1ubuntu0.3 7.4.3-4ubuntu2.21 7.4.3-4ubuntu2.22 0.5.1-3ubuntu0.1 2.7.0-1ubuntu0.2 2.0.6-1ubuntu0.1 1.0.4-1ubuntu0.4+esm1 5.15.0-1044.51~20.04.1 5.15.0-1054.57~20.04.1 5.15.0-1059.65~20.04.1 5.15.0-1059.67~20.04.1 5.15.0-106.116~20.04.1 5.15.0-1063.72~20.04.1 5.15.0-1063.72~20.04.1.1 5.15.0-106.116~20.04.1 5.15.0-1061.67~20.04.1 5.4.0-1036.37 5.4.0-1043.47 5.4.0-1071.76 5.4.0-1091.95 5.4.0-1108.120 5.4.0-1112.119 5.4.0-1123.132 5.4.0-1124.134 5.4.0-1128.137 5.4.0-1129.136 5.4.0-181.201 5.4.0-1084.91 2.64.6-1~ubuntu20.04.7 0.27-2+deb10u1build0.20.04.1 1:2.10-1ubuntu0.1 5.15.0-1045.52~20.04.1 5.15.0-1055.58~20.04.1 5.15.0-1060.68~20.04.1 5.15.0-1064.73~20.04.1 5.15.0-1064.73~20.04.1.1 5.15.0-107.117~20.04.1 5.15.0-1062.68~20.04.1 5.4.0-1037.38 5.4.0-1044.48 5.4.0-1072.77 5.4.0-1085.92 5.4.0-1092.96 5.4.0-1109.121 5.4.0-1113.120 5.4.0-1124.133 5.4.0-1125.135 5.4.0-1129.138 5.4.0-1130.137 5.4.0-182.202 126.0+build2-0ubuntu0.20.04.1 126.0.1+build1-0ubuntu0.20.04.1 2.8-1ubuntu0.1 0.6500-1ubuntu0.20.04.1 1:115.11.0+build2-0ubuntu0.20.04.1 3.0.9.2-1ubuntu0.1~esm2 3.1.12~ds-4ubuntu0.20.04.3+esm1 2.10.1-2ubuntu0.3 0.9+LibO6.4.7-0ubuntu0.20.04.10 1.2.0+LibO6.4.7-0ubuntu0.20.04.10 1:6.4.7-0ubuntu0.20.04.10 2:102.11+LibO6.4.7-0ubuntu0.20.04.10 1:2.11.0-6.1ubuntu1.1 1.9.4-2ubuntu1.6 1.7.5-2ubuntu0.20.04.1 1:2.25.1-1ubuntu3.12 1:2.25.1-1ubuntu3.13 2.3.2-1ubuntu0.20.04.2 3.20240514.0ubuntu0.20.04.1 1.16.3-0ubuntu1.3 0.16.1+dfsg1-2ubuntu0.2 4.0.4-2ubuntu0.20.04.1 0.9.3-2ubuntu3.1 7:4.2.7-0ubuntu0.1+esm5 2.31-0ubuntu9.16 2.40.0+dfsg-3ubuntu0.5 7.2.1-1ubuntu0.2+esm2 1.24.0-1ubuntu0.1 5.53-0ubuntu3.8 8u412-ga-1~20.04.1 11.0.23+9-1ubuntu1~20.04.2 17.0.11+9-1~20.04.2 21.0.3+9-1ubuntu1~20.04.1 1.8.2-1ubuntu0.3 5.15.0-1062.70~20.04.1 5.15.0-110.120~20.04.1 5.15.0-1046.53~20.04.1 5.15.0-1063.69~20.04.1 8.0.37-0ubuntu0.20.04.3 5.1.9-1ubuntu0.1 5.20.16-1ubuntu0.1~esm1 1:1.2.46-1ubuntu0.1 4.1.0+git191117-2ubuntu0.20.04.13 5.15.0-1058.64~20.04.1 1.5.17-3ubuntu0.1~esm2 1.7-0ubuntu1.1 5.4.0-1045.49 5.4.0-1073.78 5.4.0-1093.97 5.4.0-1110.122 5.4.0-1114.121 5.4.0-1125.134 5.4.0-1126.136 5.4.0-1130.139 5.4.0-1131.138 5.4.0-186.206 6.1.6+repack-0ubuntu10+esm1 0.60.3-0ubuntu1~20.5 9.50~dfsg-5ubuntu4.12 2.2.3-3ubuntu0.13 2.0.7-2ubuntu0.1+esm5 2.7.0-5ubuntu1.13 1:115.12.0+build3-0ubuntu0.20.04.1 7.4.3-4ubuntu2.23 9.2-0ubuntu1~20.04.2 4:5.18.8-0ubuntu0.2 2.3.1-9ubuntu1.7 2.3.1-9ubuntu1.8 3.6.10.Final-9+deb10u1build0.20.04.1 2.9.6+dfsg-1ubuntu0.1~esm2 1.6.1-1ubuntu0.1~esm1 1.4.3+dfsg.1-1ubuntu0.1~esm4 0.104-0ubuntu2~20.04.5 0.104-0ubuntu2~20.04.6 1.20.3-1ubuntu2.1 2.7.0-5ubuntu1.14 2.0.0-2ubuntu0.2 1:20190801~dfsg-4ubuntu0.1 1.50+dfsg-6ubuntu0.1 2.4.12-0ubuntu0.20.04.2 127.0.2+build1-0ubuntu0.20.04.1 5.4.0-1038.39 5.4.0-1086.93 5.4.0-1039.40 5.4.0-1046.50 5.4.0-1074.79 5.4.0-1087.94 5.4.0-1094.98 5.4.0-1111.123 5.4.0-1115.122 5.4.0-1126.135 5.4.0-1127.137 5.4.0-1131.140 5.4.0-1132.139 5.4.0-187.207 5.15.0-113.123~20.04.1 5.15.0-1047.54~20.04.1 5.15.0-1059.65~20.04.1 5.15.0-1062.68~20.04.1 5.15.0-1067.76~20.04.1 5.15.0-1067.76~20.04.1.1 5.15.0-1064.70~20.04.1 5.15.0-113.123~20.04.1 8.7.0-7ubuntu1.1 6.1.6+repack-0ubuntu10+esm2 9.0.31-1ubuntu0.5 4.93-13ubuntu1.11 2:16.4.2-0ubuntu2.8 2:16.4.2-0ubuntu2.9 2:20.2.0-0ubuntu1.2 2:21.2.4-0ubuntu2.8 2.4.41-4ubuntu3.19 2.4.41-4ubuntu3.20 2.4.41-4ubuntu3.23 1.21.1-1~ubuntu20.04.3 2:2.2.12-1ubuntu0.23 128.0+build2-0ubuntu0.20.04.1 3.8.10-0ubuntu1~20.04.10 3.9.5-3ubuntu0~20.04.1+esm2 5.15.0-1057.60~20.04.1 5.4.0-1075.80 5.4.0-1088.95 5.4.0-1095.99 5.4.0-1116.123 5.4.0-1132.141 5.4.0-1133.140 5.4.0-189.209 5.4.0-1047.51 5.4.0-1127.136 5.4.0-1112.124 5.4.0-1040.41 5.4.0-1128.138 9.50~dfsg-5ubuntu4.13 5.15.0-1048.55~20.04.1 5.15.0-1060.66~20.04.1 5.15.0-1058.61~20.04.1 5.15.0-1063.69~20.04.1 5.15.0-116.126~20.04.1 5.15.0-116.126~20.04.1 5.15.0-1065.71~20.04.1 2.24.32-4ubuntu4.1 3.24.20-0ubuntu1.2 3:5.56-1ubuntu0.2 2.4.41-4ubuntu3.21 1:115.13.0+build5-0ubuntu0.20.04.1 3.10.1-0ubuntu2.1 2.0.7-2ubuntu0.1+esm4 1.0.0-1ubuntu0.1 4.10-1ubuntu1.13 1:9.18.28-0ubuntu0.20.04.1 5.15.11-1ubuntu0.1~esm1 2:21.2.4-0ubuntu2.11 1.3.8-1ubuntu0.20.04.1 5.15.0-1068.77~20.04.1 5.15.0-1068.77~20.04.1.1 5.15.0-1049.56~20.04.1 5.15.0-1061.67~20.04.1 5.15.0-117.127~20.04.1 5.15.0-1059.62~20.04.1 5.15.0-1066.72~20.04.1 5.4.0-1041.42 5.4.0-1048.52 5.4.0-1076.81 5.4.0-1089.96 5.4.0-1096.100 5.4.0-1113.125 5.4.0-1117.124 5.4.0-1133.142 5.4.0-1134.141 5.4.0-190.210 5.4.0-1129.139 5.15.0-1065.73~20.04.1 3.8.10-0ubuntu1~20.04.11 8u422-b05-1~20.04 11.0.24+8-1ubuntu3~20.04 17.0.12+7-1ubuntu2~20.04 21.0.4+7-1ubuntu2~20.04 18.16.1+ds-7ubuntu0.1 8.0.39-0ubuntu0.20.04.1 0.15.3+ds-3ubuntu1.2 1.1.1f-1ubuntu2.23 4.93-13ubuntu1.12 2.63+20.04ubuntu0.1 1.0.2-4ubuntu0.20.04.1 9.0.31-1ubuntu0.6 7.68.0-1ubuntu2.23 2:2.9-1ubuntu4.4 2:2.2.12-1ubuntu0.24 1.17-6ubuntu4.6 5.15.0-1062.68~20.04.1 5.15.0-1066.74~20.04.1 5.15.0-118.128~20.04.1 5.15.0-1050.57~20.04.1 5.15.0-1060.63~20.04.1 5.15.0-1067.73~20.04.1 5.15.0-118.128~20.04.1 5.4.0-1042.43 5.4.0-1049.53 5.4.0-1077.82 5.4.0-1097.101 5.4.0-1114.126 5.4.0-1118.125 5.4.0-1130.140 5.4.0-1134.143 5.4.0-192.212 5.4.0-1135.142 5.4.0-1090.97 5.4.0-1129.138 5.15.0-1070.79~20.04.1 5.15.0-1070.79~20.04.1.1 5.15.0-1065.71~20.04.1 0.6.13-1ubuntu0.1 2.16.0-6ubuntu0.1 1:1.30.1-4ubuntu6.5 0.9+LibO6.4.7-0ubuntu0.20.04.11 1.2.0+LibO6.4.7-0ubuntu0.20.04.11 1:6.4.7-0ubuntu0.20.04.11 2:102.11+LibO6.4.7-0ubuntu0.20.04.11 3.36.9-0ubuntu0.20.04.4 1:0.4.31-1ubuntu0.1 129.0.1+build1-0ubuntu0.20.04.1 129.0.2+build1-0ubuntu0.20.04.1 3.20240813.0ubuntu0.20.04.2 12.20-0ubuntu0.20.04.1 1.2.10+ds1-1ubuntu1.1 5.4.0-1050.54 5.4.0-1078.83 5.4.0-1091.98 5.4.0-1098.102 5.4.0-1115.127 5.4.0-1119.127 5.4.0-1130.139 5.4.0-1131.141 5.4.0-1135.144 5.4.0-1136.143 5.4.0-193.213 5.15.0-1051.58~20.04.1 5.15.0-1061.64~20.04.1 5.15.0-1063.69~20.04.1 5.15.0-1067.75~20.04.1 5.15.0-1068.74~20.04.1 5.15.0-1071.80~20.04.1 5.15.0-1071.80~20.04.1.1 5.15.0-119.129~20.04.1 5.15.0-1066.72~20.04.1 7:4.2.7-0ubuntu0.1+esm6 1:1.8.5-2ubuntu0.1 2:2.2.12-1ubuntu0.25 18.9.0-11ubuntu0.20.04.4 18.9.0-11ubuntu0.20.04.5 0.20180824+1.7.5-4ubuntu0.1~esm2 1.0.0+git20190521.78d0385+1.7.5-4ubuntu0.1~esm2 1.7.5-4ubuntu0.1~esm2 3.6.2-1ubuntu1+esm3 130.0+build2-0ubuntu0.20.04.1 130.0.1+build1-0ubuntu0.20.04.1 2:8.1.2269-1ubuntu5.24 1:115.15.0+build1-0ubuntu0.20.04.1 4.1.0+git191117-2ubuntu0.20.04.14 1.9.4-2ubuntu1.8 2.2.9-1ubuntu0.7 1.2-4ubuntu0.20.04.1~esm3 44.0.0-2ubuntu0.1+esm1 45.2.0-1ubuntu0.2 5.4.0-1079.84 5.4.0-1092.99 5.4.0-1099.103 5.4.0-1120.128 5.4.0-1131.140 5.4.0-1132.142 5.4.0-1136.145 5.4.0-1137.144 5.4.0-195.215 5.4.0-1051.55 5.4.0-1116.128 5.4.0-1043.44 5.15.0-1052.59~20.04.1 5.15.0-1064.70~20.04.1 5.15.0-1064.70~20.04.1+1 5.15.0-1068.76~20.04.1 5.15.0-1069.75~20.04.1 5.15.0-121.131~20.04.1 5.15.0-1062.65~20.04.1 5.15.0-1067.73~20.04.1 5.15.0-121.131~20.04.1 5.15.0-1072.81~20.04.1 5.15.0-1072.81~20.04.1.1 3.6.4-2.1ubuntu0.1 0.103.12+dfsg-0ubuntu0.20.04.1 7.68.0-1ubuntu2.24 1:2.3.7.2-1ubuntu3.7 1.18.0-0ubuntu1.6 3.8.10-0ubuntu1~20.04.12 2.7.18-1~20.04.4+esm2 2.7.18-1~20.04.4+esm3 2.7.18-1~20.04.5 2.7.18-1~20.04.6 1.2.4-4ubuntu0.5 5.15.0-1053.60~20.04.1 5.15.0-1065.71~20.04.1 5.15.0-1069.77~20.04.1 5.15.0-1070.76~20.04.1 5.15.0-1073.82~20.04.1 5.15.0-122.132~20.04.1 5.15.0-1063.66~20.04.1 5.15.0-1068.74~20.04.1 5.15.0-122.132~20.04.1 5.15.0-1073.82~20.04.1.1 5.4.0-1052.56 5.4.0-1080.85 5.4.0-1093.100 5.4.0-1100.104 5.4.0-1121.129 5.4.0-1132.141 5.4.0-1133.143 5.4.0-1137.146 5.4.0-1138.145 5.4.0-196.216 5.4.0-1117.129 1:1.0.79-2ubuntu1.1 0.9+LibO6.4.7-0ubuntu0.20.04.12 1.2.0+LibO6.4.7-0ubuntu0.20.04.12 1:6.4.7-0ubuntu0.20.04.12 2:102.11+LibO6.4.7-0ubuntu0.20.04.12 1:26.3+1-1ubuntu2+esm1 3.12.4-1ubuntu2+esm2 9.0.31-1ubuntu0.7 3.20240910.0ubuntu0.20.04.1 20240203~20.04.1 2.13.3-7ubuntu5.4 2.3.1-1ubuntu4.20.04.2 1.6.5-1ubuntu1.1 5.0.6-4ubuntu0.1 2.3.1-9ubuntu1.9 1.27.4-1ubuntu0.3 1.27.4-1ubuntu0.4 0.4.0-1ubuntu4.1 1.6.5-0ubuntu0.5 3.2.1-3ubuntu2.2 2:8.1.2269-1ubuntu5.25 7.4.3-4ubuntu2.24 3.1.0-2ubuntu0.1~esm1 1.12.2-1ubuntu0.1 3.0.20+dfsg-3ubuntu0.4 131.0+build1.1-0ubuntu0.20.04.1 0~20191122.bd85bf54-2ubuntu3.6 1.14.46-1ubuntu0.1 1.10.ubuntu0.20.04.1 4.8-1ubuntu1.1 131.0.2+build1-0ubuntu0.20.04.1 1:115.16.0+build2-0ubuntu0.20.04.1 3.4.0-2ubuntu1.3 5.15.0-1054.61~20.04.1 5.15.0-1064.67~20.04.1 5.15.0-1066.72~20.04.1 5.15.0-1069.75~20.04.1 5.15.0-1070.78~20.04.1 5.15.0-1071.77~20.04.1 5.15.0-124.134~20.04.1 5.4.0-1053.57 5.4.0-1081.86 5.4.0-1094.101 5.4.0-1101.105 5.4.0-1118.130 5.4.0-1122.130 5.4.0-1133.142 5.4.0-1134.144 5.4.0-1138.147 5.4.0-198.218 5.4.0-1139.146 5.15.0-1074.83~20.04.1 5.15.0-1074.83~20.04.1.1 3.20191218.1ubuntu1.3 131.0.3+build1-0ubuntu0.20.04.1 1.9.4-2ubuntu1.9 1.22.2-2~20.04.2 2.3.1-1ubuntu4.20.04.3 1.25.8-2ubuntu0.4 20.0.2-5ubuntu1.11 2:1.20.13-1ubuntu1~20.04.18 132.0+build1-0ubuntu0.20.04.1 3.4.0-2ubuntu1.4 5.4.0-1082.87 5.4.0-1102.106 5.4.0-1139.148 5.4.0-200.220 5.4.0-1094.101 5.4.0-1095.102 5.4.0-1139.146 5.4.0-1140.147 5.4.0-1054.58 5.4.0-1123.131 5.4.0-1134.143 5.4.0-1135.145 5.4.0-1119.131 2.7.0-5ubuntu1.15 1.25.13-1ubuntu0.1 1.25.13-1ubuntu0.2 1:4.2-3ubuntu6.30 8u432-ga~us1-0ubuntu2~20.04 8u442-b06~us1-0ubuntu1~20.04 11.0.25+9-1ubuntu1~20.04 17.0.13+11-2ubuntu1~20.04 21.0.5+11-1ubuntu1~20.04 5.15.0-1055.62~20.04.1 5.15.0-1065.68~20.04.1 5.15.0-1070.76~20.04.1 5.15.0-1071.79~20.04.1 5.15.0-1072.78~20.04.1 5.15.0-125.135~20.04.1 1.2-1ubuntu0.1~esm3 8.0.40-0ubuntu0.20.04.1 9.50~dfsg-5ubuntu4.14 9.0.31-1ubuntu0.8 1.12.2-1ubuntu0.2 1.18.1-1ubuntu1~20.04.3 2.2.5-5.2ubuntu2.4 2.64.6-1~ubuntu20.04.8 1.4.1-1ubuntu0.2 3.8.10-0ubuntu1~20.04.13 1.27-1ubuntu0.1~esm1 3.4-6ubuntu0.1+esm1 3.4-6ubuntu0.1+esm2 3.4-6ubuntu0.1+esm3 0.23-1.3ubuntu0.1~esm1 5.4.0-1044.45 1.1.0+dfsg2-5ubuntu1+esm1 2.70.0-1ubuntu0.1 2:8.1.2269-1ubuntu5.29 12.22-0ubuntu0.20.04.1 133.0+build2-0ubuntu0.20.04.1 2:2.2.12-1ubuntu0.26 1.8-1ubuntu0.20.04.1~esm1 1.10.0-4ubuntu0.1 1.31-2ubuntu1+esm1 3.8.3-0ubuntu0.2 5.15.0-1067.73~20.04.1 2.2.9-1ubuntu0.8 3.20241112.0ubuntu0.20.04.1 6.0.3+really5.1.1-3ubuntu0.1~esm1 1.31-2ubuntu1+esm2 7.4.3-4ubuntu2.28 7.4.3-4ubuntu2.28 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1 5.4.0-1055.59 5.4.0-1083.88 5.4.0-1120.132 5.4.0-1124.132 5.4.0-1140.149 5.4.0-202.222 5.4.0-1136.146 5.4.0-1096.103 5.4.0-1135.144 5.4.0-1045.46 1.1.0-2ubuntu0.1~esm1 26.1.3-0ubuntu1~20.04.1+esm1 20.10.21-0ubuntu1~20.04.6+esm1 7.68.0-1ubuntu2.25 4.3.22-4ubuntu0.1~esm1 5.15.0-1066.69~20.04.1 5.15.0-1071.77~20.04.1 5.15.0-1072.80~20.04.1 5.15.0-127.137~20.04.1 5.15.0-1073.79~20.04.1 5.15.0-127.137~20.04.1 0.12.1-1.1+deb11u1build0.20.04.1 5.4.0-1121.133 5.4.0-1125.133 5.4.0-1141.150 5.4.0-204.224 5.4.0-1056.60 5.4.0-1084.89 5.4.0-1097.104 5.4.0-1136.145 5.4.0-1137.147 1.16.3-0ubuntu1.2 1.16.3-0ubuntu1.4 1.16.3-0ubuntu1.3 5.15.0-1067.70~20.04.1 5.15.0-1072.78~20.04.1 5.15.0-128.138~20.04.1 5.15.0-1074.83~20.04.1 5.15.0-1075.82~20.04.1 5.15.0-130.140~20.04.1 2.7.18-1~20.04.7 5.15.0-1071.77~20.04.1 7:4.2.7-0ubuntu0.1+esm7 1.9.7-1ubuntu0.3+esm1 1.10.0-4ubuntu0.2 134.0+build1-0ubuntu0.20.04.1 1:115.18.0+build1-0ubuntu0.20.04.1 5.15.0-1078.87~20.04.1 5.4.0-1142.149 0.9.2~20.04.2ubuntu0.1 1:0.0+git20190811.74dc4d7+dfsg-1ubuntu0.1~esm1 0~git20200305.a717479+dfsg-1ubuntu0.1~esm1 1.2-4ubuntu0.20.04.1~esm4 3.20.3+dfsg0-2ubuntu0.1 4.2.1-1ubuntu0.1~esm1 20191207+dfsg.1-1.1ubuntu0.1~esm1 2:2.2.12-1ubuntu0.27 3.1.3-8ubuntu0.8 3.1.3-8ubuntu0.9 1:2.25.1-1ubuntu3.14 6.4.1-1ubuntu0.1~esm1 3.0.1-1+deb10u1build0.20.04.1 2.3.3-1ubuntu0.1~esm1 2.7.18-1~20.04.7+esm4 0.86.1-0ubuntu1.5 0.9.6+dfsg-5ubuntu0.1~esm1 3.8.10-0ubuntu1~20.04.14 2:8.1.2269-1ubuntu5.30 5.53-0ubuntu3.9 2.3.1-1ubuntu4.20.04.4 3.0.13-5ubuntu0.1~esm1 1.9.7-1ubuntu0.3+esm2 1.2.10+ds1-1ubuntu1.1+esm2 1.10.0+dfsg-5ubuntu1+esm2 0.9+LibO6.4.7-0ubuntu0.20.04.13 1.2.0+LibO6.4.7-0ubuntu0.20.04.13 1:6.4.7-0ubuntu0.20.04.13 2:102.11+LibO6.4.7-0ubuntu0.20.04.13 7.2.1-1ubuntu0.2+esm3 4.3.2-1ubuntu0.1~esm3 5.4.0-1085.90 5.4.0-1098.105 5.4.0-1122.134 5.4.0-1126.134 5.4.0-1137.146 5.4.0-1142.151 5.4.0-205.225 5.4.0-1143.150 5.4.0-1139.149 5.15.0-1069.72~20.04.1 5.15.0-1072.78~20.04.1 5.15.0-1074.80~20.04.1 5.15.0-1075.84~20.04.1 5.15.0-131.141~20.04.1 5.15.0-1079.88~20.04.1 5.15.0-1077.84~20.04.1 2.9.10+dfsg-5ubuntu0.20.04.8 1:9.18.30-0ubuntu0.20.04.2 3.0.9.2-1ubuntu0.1~esm3 2.10.1-2ubuntu0.4 8.0.41-0ubuntu0.20.04.1 3.3.1~dfsg-3ubuntu0.1 1.19.0-3ubuntu1+esm1 2.6.4-1ubuntu4.3 11.0.26+4-1ubuntu1~20.04 17.0.14+7-1~20.04 21.0.6+7-1~20.04.1 2.7.0-5ubuntu1.16 2.7.0-5ubuntu1.17 1.17-6ubuntu4.8 4.12.1+dfsg-1ubuntu0.1+esm1 2.31-0ubuntu9.17 2:8.1.2269-1ubuntu5.31 135.0+build2-0ubuntu0.20.04.1 4:6.4.0+dfsg-3ubuntu0.1~esm1 3.20250211.0ubuntu0.20.04.1 1:8.2p1-4ubuntu0.12 20.0.17-1ubuntu0.4+esm1 4.3.8+dfsg-1ubuntu1+esm2 1.0.28-7ubuntu0.3 1.24.0-1ubuntu0.2 4.16.0-2ubuntu0.1 1.1.1f-1ubuntu2.24 3.8.10-0ubuntu1~20.04.15 2.7.18-1~20.04.7+esm7 3.9.5-3ubuntu0~20.04.1+esm4 3.6.13-2ubuntu1.12 1:4.1.45-1ubuntu0.1~esm2 1.18.0-0ubuntu1.7 1:2.32-1ubuntu0.2 5.15.0-133.143~20.04.1 5.15.0-1075.81~20.04.1 5.15.0-1081.90~20.04.1 5.15.0-1081.90~20.04.1.1 5.15.0-1073.79~20.04.2 2:5.2.3+dfsg-3ubuntu0.1~esm1 5.15.0-1077.86~20.04.1 2019.78-2ubuntu0.1~esm1 5.4.0-208.228 5.4.0-1099.106 5.4.0-1143.152 5.4.0-1145.152 5.4.0-1138.147 5.4.0-1140.150 5.4.0-1086.91 5.4.0-1127.136 5.4.0-1058.62 1.3.6c-2ubuntu0.1 2:1.20.13-1ubuntu1~20.04.19 2.9.10+dfsg-5ubuntu0.20.04.9 2.34-6ubuntu1.10 1.2-4ubuntu0.20.04.1~esm5 1.11.0-1ubuntu0.1 1:22.2.7+dfsg-1ubuntu0.3 1.17-6ubuntu4.9 12.22-0ubuntu0.20.04.2 2.0.15-0ubuntu1.20.04.2 2:2.9-1ubuntu4.6 3.2.7-1ubuntu0.1+esm2 0.29.0.gfm.0-4ubuntu0.1~esm1 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 5:5.0.7-2ubuntu0.1+esm3 5.15.0-134.145~20.04.1 5.15.0-1074.80~20.04.1 5.15.0-1076.82~20.04.1 5.15.0-1082.91~20.04.1 5.15.0-1082.91~20.04.1.1 5.15.0-1078.87~20.04.1 2.9.6+dfsg-1ubuntu0.1~esm3 5.15.0-134.145~20.04.1 136.0+build3-0ubuntu0.20.04.1 2:2.2.12-1ubuntu0.28 0.9+LibO6.4.7-0ubuntu0.20.04.14 1.2.0+LibO6.4.7-0ubuntu0.20.04.14 1:6.4.7-0ubuntu0.20.04.14 2:102.11+LibO6.4.7-0ubuntu0.20.04.14 2.10.1-2ubuntu0.5 2.10.1-2ubuntu0.6 0.20.0-3ubuntu0.1~esm2 0.20.0-3ubuntu0.1~esm3 0.20.0-3ubuntu0.1~esm4 3.1.12~ds-4ubuntu0.20.04.4 3.8.10-0ubuntu1~20.04.16 3.8.10-0ubuntu1~20.04.18 2:6.23-1~20.04.1 1:5.6.6-2ubuntu0.1 3.6.2-2ubuntu0.20.04.1~esm1 2.10.1-2ubuntu0.4 1:1.2018.13+ds-2ubuntu0.1~esm1 2.0.3-1ubuntu0.1~esm1 4.0~b3-2ubuntu0.1~esm1 0.9.3-2ubuntu0.1~esm3 1.1.34-4ubuntu0.20.04.2 2.22+dfsg1-1ubuntu0.1~esm1 1.1.34-4ubuntu0.20.04.3 0.6.11-2ubuntu0.1 3.0.1-1ubuntu0.1 3.4.5-2ubuntu0.1~esm2 2.0.7-2ubuntu0.1+esm6 0.2.35-17ubuntu0.1~esm1 1.25+ds-2ubuntu0.1+esm1 6.2.1-2ubuntu0.2+esm1 1.6.12-0ubuntu1~20.04.8 1.7.24-0ubuntu1~20.04.2 9.3.1+dfsg-1ubuntu0.1~esm1 9.50~dfsg-5ubuntu4.15 5.15.0-1077.83~20.04.1 5.15.0-135.146~20.04.1 5.15.0-1080.87~20.04.1 5.4.0-211.231 5.4.0-1060.64 5.4.0-1088.93 5.4.0-1101.108 5.4.0-1129.138 5.4.0-1140.150 5.4.0-1145.154 5.4.0-1147.154 5.4.0-1145.154+fips1 5.4.0-1147.154+fips1 5.4.0-1142.152 5.4.0-1142.153+fips1 5.4.0-1116.126 20.03.2-0ubuntu0.20.04.6 1.0.0.errata1-3+deb11u1ubuntu0.1 1.2.20-8ubuntu0.20.04.1 3.8.3-0ubuntu0.3 7.4.3-4ubuntu2.29 1.0.18-2ubuntu0.1~esm1 2.0.23-2ubuntu0.1~esm2 3.4.0-2ubuntu1+esm1 5.15.0-1078.84~20.04.1 5.15.0-1081.88~20.04.1 5.15.0-136.147~20.04.1 5.15.0-136.147~20.04.1 5.4.0-1061.65 5.4.0-1089.94 5.4.0-1102.109 5.4.0-1130.139 5.4.0-1141.151 5.4.0-1146.155 5.4.0-1148.155 5.4.0-212.232 5.4.0-1117.127 5.4.0-1146.155+fips1 5.4.0-1148.156+fips1 1.11.0-1ubuntu0.1+esm1 9.0.31-1ubuntu0.9 2.2.19-3ubuntu2.4 5.4.0-1048.51 5.3.2-1ubuntu0.1~esm2 2.7.0-5ubuntu1.18 2:8.1.2269-1ubuntu5.32 5.15.0-1086.95~20.04.1 5.15.0-1086.95~20.04.1.1 6.3-007-1ubuntu0.1~esm1 2.34-6ubuntu1.11 1:22.2.7+dfsg-1ubuntu0.4 0.86.1-0ubuntu1.6 0.1.0-1ubuntu0.1~esm1 2.70.0-1ubuntu0.2 8:6.9.10.23+dfsg-2.1ubuntu11.11 1.6.9-1ubuntu0.1~esm2 1:22.2.7+dfsg-1ubuntu0.5 1.11.0-1ubuntu0.1~esm2 3.36.0-1ubuntu0.1 3.36.2-0ubuntu1.1 3.4.0-2ubuntu1.5 5.15.0-1087.96~20.04.1 5.15.0-1087.96~20.04.1.1 5.15.0-138.148~20.04.1 5.15.0-1079.85~20.04.1 5.15.0-1082.89~20.04.1 2.12.5-1ubuntu0.1~esm2 1:8.2p1-4ubuntu0.13 5.15.0-1074.77~20.04.1 5.15.0-1077.83~20.04.1 5.15.0-1081.90~20.04.1 5.4.0-1090.95 5.4.0-1103.110 5.4.0-1131.140 5.4.0-1142.152 5.4.0-1147.156 5.4.0-1149.156 5.4.0-214.234 5.4.0-1118.128 5.4.0-1147.156+fips1 5.4.0-1149.157+fips1 5.4.0-1062.66 5.4.0-1049.52 5.4.0-1144.154 5.4.0-1144.155+fips1 5.1.5+dfsg1-2ubuntu0.1~esm1 2.9.10+dfsg-5ubuntu0.20.04.10 8.0.5+ds-3ubuntu0.1~esm1 10.19.0~dfsg-3ubuntu1.6+esm2 0.86.1-0ubuntu1.7 1.12-1ubuntu0.1~esm1 20.10.21-0ubuntu1~20.04.6+esm2 1.7.3-1ubuntu0.1~esm1 3.0.3-2ubuntu2.2 8.0.42-0ubuntu0.20.04.1 8u452-ga~us1-0ubuntu1~20.04 11.0.27+6~us1-0ubuntu1~20.04 17.0.15+6~us1-0ubuntu1~20.04 21.0.7+6~us1-0ubuntu1~20.04 0.19.5-1ubuntu1.4 2.7.18-1~20.04.7+esm6 3.9.5-3ubuntu0~20.04.1+esm3 2.70.0-1ubuntu0.3 2.70.0-1ubuntu0.4 5.15.0-1075.78~20.04.1 5.15.0-1078.84~20.04.1 5.15.0-1080.86~20.04.1 5.15.0-1083.90~20.04.1 5.15.0-139.149~20.04.1 5.15.0-1088.97~20.04.1 5.15.0-1088.97~20.04.1.1 5.4.0-1091.96 5.4.0-1132.141 5.4.0-1143.153 5.4.0-1145.155 5.4.0-1148.157 5.4.0-215.235 5.4.0-1119.129 5.4.0-1145.156+fips1 5.4.0-1148.157+fips1 5.4.0-1150.157 1.3.1-2ubuntu0.1~esm1 2:2.2.12-1ubuntu0.29 0.9+LibO6.4.7-0ubuntu0.20.04.15 1.2.0+LibO6.4.7-0ubuntu0.20.04.15 1:6.4.7-0ubuntu0.20.04.15 2:102.11+LibO6.4.7-0ubuntu0.20.04.15 2.0.7-2ubuntu0.1+esm7 2:11.3.0-2ubuntu0~ubuntu20.04.8 5.15.0-1076.79~20.04.1 5.15.0-1081.87~20.04.1 5.15.0-140.150~20.04.1 5.15.0-1089.98~20.04.1 5.15.0-1079.85~20.04.1 5.15.0-1084.91~20.04.1 5.15.0-1083.92~20.04.1 5.4.0-1144.154 5.4.0-1149.158 5.4.0-216.236 5.4.0-1149.158+fips1 5.4.0-1133.142 5.4.0-1151.158 5.4.0-1092.97 5.4.0-1120.130 5.4.0-1146.156+fips1 5.4.0-1146.156 5.4.0-1064.68 5.4.0-1105.112 5.4.0-1151.158+fips1 12.22-0ubuntu0.20.04.4 9.0.31-1ubuntu0.9+esm1 0.79-1ubuntu0.1 3.31.1-4ubuntu0.7 1.22-1ubuntu0.1~esm1 2.64.6-1~ubuntu20.04.9 3.20250512.0ubuntu0.20.04.1 2:6.9-1ubuntu0.3 1.60+git20180626.aebd88e-1ubuntu1.1 1.60+git20180626.aebd88e-1ubuntu1.3 7:4.2.7-0ubuntu0.1+esm8 5.4.0-1129.142 2.31-0ubuntu9.18 1.17-6ubuntu4.11 2.70.0-1ubuntu0.5 44.0.0-2ubuntu0.1+esm2 45.2.0-1ubuntu0.3 2.20.11-0ubuntu27.28 1.8.2-1ubuntu0.4 3.2.3-1ubuntu0.1~esm2 2:2.2.12-1ubuntu0.29+esm1 1.009~3.4.1+dfsg-1ubuntu0.1~esm1 3.4.1+dfsg-1ubuntu0.1~esm1 4.4.1+dfsg1-2ubuntu0.1~esm1 1.16.3-0ubuntu1.1+esm1 ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^file-roller(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^re2c(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libpulse0(?::\w+|)\s+(.*)$ ^pulseaudio-module-zeroconf(?::\w+|)\s+(.*)$ ^pulseaudio-module-gsettings(?::\w+|)\s+(.*)$ ^pulseaudio-module-bluetooth(?::\w+|)\s+(.*)$ ^libpulse-dev(?::\w+|)\s+(.*)$ ^pulseaudio-utils(?::\w+|)\s+(.*)$ ^pulseaudio-module-raop(?::\w+|)\s+(.*)$ ^pulseaudio(?::\w+|)\s+(.*)$ ^libpulsedsp(?::\w+|)\s+(.*)$ ^pulseaudio-equalizer(?::\w+|)\s+(.*)$ ^libpulse-mainloop-glib0(?::\w+|)\s+(.*)$ ^pulseaudio-module-lirc(?::\w+|)\s+(.*)$ ^pulseaudio-module-jack(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^libexif-doc(?::\w+|)\s+(.*)$ ^libexif-dev(?::\w+|)\s+(.*)$ ^libexif12(?::\w+|)\s+(.*)$ ^apt-doc(?::\w+|)\s+(.*)$ ^libapt-pkg6.0(?::\w+|)\s+(.*)$ ^apt-transport-https(?::\w+|)\s+(.*)$ ^libapt-pkg-doc(?::\w+|)\s+(.*)$ ^apt(?::\w+|)\s+(.*)$ ^apt-utils(?::\w+|)\s+(.*)$ ^libapt-pkg-dev(?::\w+|)\s+(.*)$ ^libjson-c4-udeb(?::\w+|)\s+(.*)$ ^libjson-c-doc(?::\w+|)\s+(.*)$ ^libjson-c-dev(?::\w+|)\s+(.*)$ ^libjson-c4(?::\w+|)\s+(.*)$ ^libjson-c4-udeb(?::\w+|)\s+(.*)$ ^libjson-c-doc(?::\w+|)\s+(.*)$ ^libjson-c-dev(?::\w+|)\s+(.*)$ ^libjson-c4(?::\w+|)\s+(.*)$ ^libjson-c4-udeb(?::\w+|)\s+(.*)$ ^libjson-c-doc(?::\w+|)\s+(.*)$ ^libjson-c-dev(?::\w+|)\s+(.*)$ ^libjson-c4(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-kvm|-oracle|-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^ca-certificates-udeb(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libturbojpeg0-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo8-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo-progs(?::\w+|)\s+(.*)$ ^libturbojpeg(?::\w+|)\s+(.*)$ ^libjpeg-turbo8(?::\w+|)\s+(.*)$ ^libjpeg-turbo-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-kvm|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^gir1.2-fwupdplugin-1.0(?::\w+|)\s+(.*)$ ^fwupd-amd64-signed-template(?::\w+|)\s+(.*)$ ^libfwupd-dev(?::\w+|)\s+(.*)$ ^fwupd-armhf-signed-template(?::\w+|)\s+(.*)$ ^gir1.2-fwupd-2.0(?::\w+|)\s+(.*)$ ^fwupd-tests(?::\w+|)\s+(.*)$ ^fwupd-doc(?::\w+|)\s+(.*)$ ^fwupd-arm64-signed-template(?::\w+|)\s+(.*)$ ^libfwupdplugin-dev(?::\w+|)\s+(.*)$ ^libfwupdplugin1(?::\w+|)\s+(.*)$ ^fwupd(?::\w+|)\s+(.*)$ ^libfwupd2(?::\w+|)\s+(.*)$ ^libexif-doc(?::\w+|)\s+(.*)$ ^libexif-dev(?::\w+|)\s+(.*)$ ^libexif12(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^dbus-1-doc(?::\w+|)\s+(.*)$ ^dbus(?::\w+|)\s+(.*)$ ^libdbus-1-dev(?::\w+|)\s+(.*)$ ^dbus-udeb(?::\w+|)\s+(.*)$ ^dbus-user-session(?::\w+|)\s+(.*)$ ^libdbus-1-3-udeb(?::\w+|)\s+(.*)$ ^dbus-x11(?::\w+|)\s+(.*)$ ^dbus-tests(?::\w+|)\s+(.*)$ ^libdbus-1-3(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^nfs-kernel-server(?::\w+|)\s+(.*)$ ^nfs-common(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-430(?::\w+|)\s+(.*)$ ^libnvidia-common-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-430(?::\w+|)\s+(.*)$ ^libnvidia-encode-440(?::\w+|)\s+(.*)$ ^nvidia-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-430(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-430(?::\w+|)\s+(.*)$ ^nvidia-utils-430(?::\w+|)\s+(.*)$ ^libnvidia-encode-430(?::\w+|)\s+(.*)$ ^nvidia-headless-440(?::\w+|)\s+(.*)$ ^libnvidia-extra-440(?::\w+|)\s+(.*)$ ^libnvidia-compute-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-430(?::\w+|)\s+(.*)$ ^nvidia-utils-440(?::\w+|)\s+(.*)$ ^nvidia-driver-440(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-430(?::\w+|)\s+(.*)$ ^nvidia-driver-430(?::\w+|)\s+(.*)$ ^libnvidia-common-430(?::\w+|)\s+(.*)$ ^libnvidia-decode-430(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-430(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-430(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440(?::\w+|)\s+(.*)$ ^libnvidia-compute-430(?::\w+|)\s+(.*)$ ^nvidia-dkms-430(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-430(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-440(?::\w+|)\s+(.*)$ ^nvidia-headless-430(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^glib-networking(?::\w+|)\s+(.*)$ ^glib-networking-services(?::\w+|)\s+(.*)$ ^glib-networking-tests(?::\w+|)\s+(.*)$ ^glib-networking-common(?::\w+|)\s+(.*)$ ^libvncserver1(?::\w+|)\s+(.*)$ ^libvncserver-dev(?::\w+|)\s+(.*)$ ^libvncclient1(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^coturn(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^os-brick-common(?::\w+|)\s+(.*)$ ^python-os-brick-doc(?::\w+|)\s+(.*)$ ^python3-os-brick(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libedataserver-1.2-24(?::\w+|)\s+(.*)$ ^libedata-cal2.0-dev(?::\w+|)\s+(.*)$ ^libebackend-1.2-10(?::\w+|)\s+(.*)$ ^libebook1.2-dev(?::\w+|)\s+(.*)$ ^evolution-data-server-tests(?::\w+|)\s+(.*)$ ^gir1.2-camel-1.2(?::\w+|)\s+(.*)$ ^libedata-cal-2.0-1(?::\w+|)\s+(.*)$ ^gir1.2-ecal-2.0(?::\w+|)\s+(.*)$ ^libebook-contacts-1.2-3(?::\w+|)\s+(.*)$ ^libedata-book1.2-dev(?::\w+|)\s+(.*)$ ^libebackend1.2-dev(?::\w+|)\s+(.*)$ ^libebook-1.2-20(?::\w+|)\s+(.*)$ ^libcamel1.2-dev(?::\w+|)\s+(.*)$ ^gir1.2-ebackend-1.2(?::\w+|)\s+(.*)$ ^gir1.2-edatacal-2.0(?::\w+|)\s+(.*)$ ^gir1.2-edatabook-1.2(?::\w+|)\s+(.*)$ ^gir1.2-edataserver-1.2(?::\w+|)\s+(.*)$ ^libecal2.0-dev(?::\w+|)\s+(.*)$ ^libedataserver1.2-dev(?::\w+|)\s+(.*)$ ^libebook-contacts1.2-dev(?::\w+|)\s+(.*)$ ^gir1.2-ebookcontacts-1.2(?::\w+|)\s+(.*)$ ^libedata-book-1.2-26(?::\w+|)\s+(.*)$ ^libedataserverui-1.2-2(?::\w+|)\s+(.*)$ ^libcamel-1.2-62(?::\w+|)\s+(.*)$ ^evolution-data-server(?::\w+|)\s+(.*)$ ^evolution-data-server-common(?::\w+|)\s+(.*)$ ^gir1.2-edataserverui-1.2(?::\w+|)\s+(.*)$ ^libedataserverui1.2-dev(?::\w+|)\s+(.*)$ ^libecal-2.0-1(?::\w+|)\s+(.*)$ ^evolution-data-server-doc(?::\w+|)\s+(.*)$ ^evolution-data-server-dev(?::\w+|)\s+(.*)$ ^gir1.2-ebook-1.2(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-ieee1275(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub2-common(?::\w+|)\s+(.*)$ ^grub-pc-bin(?::\w+|)\s+(.*)$ ^grub-uboot-bin(?::\w+|)\s+(.*)$ ^grub-common(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-firmware-qemu(?::\w+|)\s+(.*)$ ^grub-theme-starfield(?::\w+|)\s+(.*)$ ^grub-efi-arm(?::\w+|)\s+(.*)$ ^grub2(?::\w+|)\s+(.*)$ ^grub-xen-host(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^grub-pc(?::\w+|)\s+(.*)$ ^grub-emu(?::\w+|)\s+(.*)$ ^grub-efi-arm-bin(?::\w+|)\s+(.*)$ ^grub-linuxbios(?::\w+|)\s+(.*)$ ^grub-xen(?::\w+|)\s+(.*)$ ^grub-uboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32(?::\w+|)\s+(.*)$ ^grub-coreboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32-bin(?::\w+|)\s+(.*)$ ^grub-ieee1275-bin(?::\w+|)\s+(.*)$ ^grub-xen-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed-template(?::\w+|)\s+(.*)$ ^grub-rescue-pc(?::\w+|)\s+(.*)$ ^grub-mount-udeb(?::\w+|)\s+(.*)$ ^grub-coreboot-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed-template(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^grub-efi(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-ieee1275(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub2-common(?::\w+|)\s+(.*)$ ^grub-pc-bin(?::\w+|)\s+(.*)$ ^grub-uboot-bin(?::\w+|)\s+(.*)$ ^grub-common(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-firmware-qemu(?::\w+|)\s+(.*)$ ^grub-theme-starfield(?::\w+|)\s+(.*)$ ^grub-efi-arm(?::\w+|)\s+(.*)$ ^grub2(?::\w+|)\s+(.*)$ ^grub-xen-host(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^grub-pc(?::\w+|)\s+(.*)$ ^grub-emu(?::\w+|)\s+(.*)$ ^grub-efi-arm-bin(?::\w+|)\s+(.*)$ ^grub-linuxbios(?::\w+|)\s+(.*)$ ^grub-xen(?::\w+|)\s+(.*)$ ^grub-uboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32(?::\w+|)\s+(.*)$ ^grub-coreboot(?::\w+|)\s+(.*)$ ^grub-efi-ia32-bin(?::\w+|)\s+(.*)$ ^grub-ieee1275-bin(?::\w+|)\s+(.*)$ ^grub-xen-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed-template(?::\w+|)\s+(.*)$ ^grub-rescue-pc(?::\w+|)\s+(.*)$ ^grub-mount-udeb(?::\w+|)\s+(.*)$ ^grub-coreboot-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed-template(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^grub-efi(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^libvncserver1(?::\w+|)\s+(.*)$ ^libvncserver-dev(?::\w+|)\s+(.*)$ ^libvncclient1(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libslirp0(?::\w+|)\s+(.*)$ ^libslirp-dev(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^sympa(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^whoopsie(?::\w+|)\s+(.*)$ ^libwhoopsie0(?::\w+|)\s+(.*)$ ^libwhoopsie-dev(?::\w+|)\s+(.*)$ ^ppp-udeb(?::\w+|)\s+(.*)$ ^ppp(?::\w+|)\s+(.*)$ ^ppp-dev(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^software-properties-common(?::\w+|)\s+(.*)$ ^software-properties-gtk(?::\w+|)\s+(.*)$ ^python3-software-properties(?::\w+|)\s+(.*)$ ^software-properties-qt(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^ark(?::\w+|)\s+(.*)$ ^gnome-shell(?::\w+|)\s+(.*)$ ^gnome-shell-common(?::\w+|)\s+(.*)$ ^gnome-shell-extension-prefs(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libsane(?::\w+|)\s+(.*)$ ^libsane-common(?::\w+|)\s+(.*)$ ^libsane1(?::\w+|)\s+(.*)$ ^sane-utils(?::\w+|)\s+(.*)$ ^libsane-dev(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^chrony(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^python3-rsa(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^ark(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-6-udeb(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^cryptsetup(?::\w+|)\s+(.*)$ ^libcryptsetup12-udeb(?::\w+|)\s+(.*)$ ^cryptsetup-run(?::\w+|)\s+(.*)$ ^libcryptsetup12(?::\w+|)\s+(.*)$ ^libcryptsetup-dev(?::\w+|)\s+(.*)$ ^cryptsetup-udeb(?::\w+|)\s+(.*)$ ^cryptsetup-bin(?::\w+|)\s+(.*)$ ^cryptsetup-initramfs(?::\w+|)\s+(.*)$ ^gir1.2-gupnp-1.2(?::\w+|)\s+(.*)$ ^libgupnp-doc(?::\w+|)\s+(.*)$ ^libgupnp-1.2-dev(?::\w+|)\s+(.*)$ ^libgupnp-1.2-0(?::\w+|)\s+(.*)$ ^ruby-websocket-extensions(?::\w+|)\s+(.*)$ ^storebackup(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^libproxy-cil-dev(?::\w+|)\s+(.*)$ ^libproxy1v5(?::\w+|)\s+(.*)$ ^libproxy0.4-cil(?::\w+|)\s+(.*)$ ^libproxy1-plugin-gsettings(?::\w+|)\s+(.*)$ ^libproxy-dev(?::\w+|)\s+(.*)$ ^python3-libproxy(?::\w+|)\s+(.*)$ ^libproxy1-plugin-webkit(?::\w+|)\s+(.*)$ ^libproxy1-plugin-kconfig(?::\w+|)\s+(.*)$ ^libproxy1-plugin-mozjs(?::\w+|)\s+(.*)$ ^libproxy1-plugin-networkmanager(?::\w+|)\s+(.*)$ ^libproxy-tools(?::\w+|)\s+(.*)$ ^libpam-tacplus(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^busybox(?::\w+|)\s+(.*)$ ^udhcpc(?::\w+|)\s+(.*)$ ^busybox-syslogd(?::\w+|)\s+(.*)$ ^udhcpd(?::\w+|)\s+(.*)$ ^busybox-initramfs(?::\w+|)\s+(.*)$ ^busybox-udeb(?::\w+|)\s+(.*)$ ^busybox-static(?::\w+|)\s+(.*)$ ^ldm-server(?::\w+|)\s+(.*)$ ^ldm(?::\w+|)\s+(.*)$ ^aptdaemon(?::\w+|)\s+(.*)$ ^python3-aptdaemon.gtk3widgets(?::\w+|)\s+(.*)$ ^aptdaemon-data(?::\w+|)\s+(.*)$ ^python3-aptdaemon.test(?::\w+|)\s+(.*)$ ^python3-aptdaemon(?::\w+|)\s+(.*)$ ^packagekit-docs(?::\w+|)\s+(.*)$ ^libpackagekit-glib2-dev(?::\w+|)\s+(.*)$ ^packagekit(?::\w+|)\s+(.*)$ ^packagekit-tools(?::\w+|)\s+(.*)$ ^libpackagekit-glib2-18(?::\w+|)\s+(.*)$ ^packagekit-command-not-found(?::\w+|)\s+(.*)$ ^packagekit-gtk3-module(?::\w+|)\s+(.*)$ ^gir1.2-packagekitglib-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-packagekit(?::\w+|)\s+(.*)$ ^libawl-php(?::\w+|)\s+(.*)$ ^awl-doc(?::\w+|)\s+(.*)$ ^ruby-sanitize(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^teeworlds-data(?::\w+|)\s+(.*)$ ^teeworlds-server(?::\w+|)\s+(.*)$ ^teeworlds(?::\w+|)\s+(.*)$ ^qmail(?::\w+|)\s+(.*)$ ^qmail-uids-gids(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^kramdown(?::\w+|)\s+(.*)$ ^ruby-kramdown(?::\w+|)\s+(.*)$ ^ntp(?::\w+|)\s+(.*)$ ^sntp(?::\w+|)\s+(.*)$ ^ntp-doc(?::\w+|)\s+(.*)$ ^ntpdate(?::\w+|)\s+(.*)$ ^libbrotli1(?::\w+|)\s+(.*)$ ^python3-brotli(?::\w+|)\s+(.*)$ ^brotli(?::\w+|)\s+(.*)$ ^libbrotli-dev(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^libspice-server1(?::\w+|)\s+(.*)$ ^libspice-server-dev(?::\w+|)\s+(.*)$ ^vino(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libfreetype6-udeb(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^blueman(?::\w+|)\s+(.*)$ ^blueman(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^ca-certificates-udeb(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^fastd(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdm-1.0(?::\w+|)\s+(.*)$ ^libgdm-dev(?::\w+|)\s+(.*)$ ^gdm3(?::\w+|)\s+(.*)$ ^libgdm1(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^spice-vdagent(?::\w+|)\s+(.*)$ ^tmux(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^pacemaker-remote(?::\w+|)\s+(.*)$ ^libcrmcommon-dev(?::\w+|)\s+(.*)$ ^libcib27(?::\w+|)\s+(.*)$ ^pacemaker-resource-agents(?::\w+|)\s+(.*)$ ^pacemaker-cli-utils(?::\w+|)\s+(.*)$ ^libstonithd26(?::\w+|)\s+(.*)$ ^liblrmd28(?::\w+|)\s+(.*)$ ^libcrmservice28(?::\w+|)\s+(.*)$ ^pacemaker-common(?::\w+|)\s+(.*)$ ^libcrmcluster-dev(?::\w+|)\s+(.*)$ ^libstonithd-dev(?::\w+|)\s+(.*)$ ^libpe-rules26(?::\w+|)\s+(.*)$ ^pacemaker-dev(?::\w+|)\s+(.*)$ ^libcrmcluster29(?::\w+|)\s+(.*)$ ^libcib-dev(?::\w+|)\s+(.*)$ ^pacemaker(?::\w+|)\s+(.*)$ ^libcrmservice-dev(?::\w+|)\s+(.*)$ ^libcrmcommon34(?::\w+|)\s+(.*)$ ^liblrmd-dev(?::\w+|)\s+(.*)$ ^libpe-status28(?::\w+|)\s+(.*)$ ^libpacemaker1(?::\w+|)\s+(.*)$ ^libpengine-dev(?::\w+|)\s+(.*)$ ^pacemaker-doc(?::\w+|)\s+(.*)$ ^libexif-doc(?::\w+|)\s+(.*)$ ^libexif-dev(?::\w+|)\s+(.*)$ ^libexif12(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libraptor2-doc(?::\w+|)\s+(.*)$ ^raptor2-utils(?::\w+|)\s+(.*)$ ^libraptor2-dev(?::\w+|)\s+(.*)$ ^libraptor2-0(?::\w+|)\s+(.*)$ ^mmdb-bin(?::\w+|)\s+(.*)$ ^libmaxminddb-dev(?::\w+|)\s+(.*)$ ^libmaxminddb0(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^libvncserver1(?::\w+|)\s+(.*)$ ^libvncserver-dev(?::\w+|)\s+(.*)$ ^libvncclient1(?::\w+|)\s+(.*)$ ^vino(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libpulse0(?::\w+|)\s+(.*)$ ^pulseaudio-module-zeroconf(?::\w+|)\s+(.*)$ ^pulseaudio-module-gsettings(?::\w+|)\s+(.*)$ ^pulseaudio-module-bluetooth(?::\w+|)\s+(.*)$ ^libpulse-dev(?::\w+|)\s+(.*)$ ^pulseaudio-utils(?::\w+|)\s+(.*)$ ^pulseaudio-module-raop(?::\w+|)\s+(.*)$ ^pulseaudio(?::\w+|)\s+(.*)$ ^libpulsedsp(?::\w+|)\s+(.*)$ ^pulseaudio-equalizer(?::\w+|)\s+(.*)$ ^libpulse-mainloop-glib0(?::\w+|)\s+(.*)$ ^pulseaudio-module-lirc(?::\w+|)\s+(.*)$ ^pulseaudio-module-jack(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^xdg-utils(?::\w+|)\s+(.*)$ ^xdg-utils(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^php-pear(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libcrypto1.1-udeb(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1-udeb(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0-udeb(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^aptdaemon-data(?::\w+|)\s+(.*)$ ^python3-aptdaemon.gtk3widgets(?::\w+|)\s+(.*)$ ^aptdaemon(?::\w+|)\s+(.*)$ ^python3-aptdaemon.test(?::\w+|)\s+(.*)$ ^python3-aptdaemon(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^apt-doc(?::\w+|)\s+(.*)$ ^libapt-pkg6.0(?::\w+|)\s+(.*)$ ^apt-transport-https(?::\w+|)\s+(.*)$ ^libapt-pkg-doc(?::\w+|)\s+(.*)$ ^apt(?::\w+|)\s+(.*)$ ^apt-utils(?::\w+|)\s+(.*)$ ^libapt-pkg-dev(?::\w+|)\s+(.*)$ ^python3-apt(?::\w+|)\s+(.*)$ ^python-apt(?::\w+|)\s+(.*)$ ^python-apt-common(?::\w+|)\s+(.*)$ ^python-apt-dev(?::\w+|)\s+(.*)$ ^python-apt-doc(?::\w+|)\s+(.*)$ ^python3-apt(?::\w+|)\s+(.*)$ ^python-apt(?::\w+|)\s+(.*)$ ^python-apt-common(?::\w+|)\s+(.*)$ ^python-apt-dev(?::\w+|)\s+(.*)$ ^python-apt-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libproxy-cil-dev(?::\w+|)\s+(.*)$ ^libproxy1v5(?::\w+|)\s+(.*)$ ^libproxy0.4-cil(?::\w+|)\s+(.*)$ ^libproxy1-plugin-gsettings(?::\w+|)\s+(.*)$ ^libproxy-dev(?::\w+|)\s+(.*)$ ^python3-libproxy(?::\w+|)\s+(.*)$ ^libproxy1-plugin-webkit(?::\w+|)\s+(.*)$ ^libproxy1-plugin-kconfig(?::\w+|)\s+(.*)$ ^libproxy1-plugin-mozjs(?::\w+|)\s+(.*)$ ^libproxy1-plugin-networkmanager(?::\w+|)\s+(.*)$ ^libproxy-tools(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^openstack-dashboard(?::\w+|)\s+(.*)$ ^python3-django-horizon(?::\w+|)\s+(.*)$ ^openstack-dashboard-common(?::\w+|)\s+(.*)$ ^python3-django-openstack-auth(?::\w+|)\s+(.*)$ ^openstack-dashboard-ubuntu-theme(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^libp11-kit0(?::\w+|)\s+(.*)$ ^libp11-kit-dev(?::\w+|)\s+(.*)$ ^p11-kit-modules(?::\w+|)\s+(.*)$ ^p11-kit(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libwavpack1(?::\w+|)\s+(.*)$ ^libwavpack-dev(?::\w+|)\s+(.*)$ ^wavpack(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^libopenjp2-tools(?::\w+|)\s+(.*)$ ^libopenjpip-server(?::\w+|)\s+(.*)$ ^libopenjpip-viewer(?::\w+|)\s+(.*)$ ^libopenjp3d-tools(?::\w+|)\s+(.*)$ ^libopenjpip7(?::\w+|)\s+(.*)$ ^libopenjp2-7(?::\w+|)\s+(.*)$ ^libopenjp2-7-dev(?::\w+|)\s+(.*)$ ^libopenjp3d7(?::\w+|)\s+(.*)$ ^libopenjpip-dec-server(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^libnvidia-encode-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-440(?::\w+|)\s+(.*)$ ^libnvidia-common-450(?::\w+|)\s+(.*)$ ^libnvidia-encode-450(?::\w+|)\s+(.*)$ ^libnvidia-common-440(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450(?::\w+|)\s+(.*)$ ^nvidia-driver-450(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440(?::\w+|)\s+(.*)$ ^nvidia-driver-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-utils-440(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-450(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450(?::\w+|)\s+(.*)$ ^nvidia-headless-440(?::\w+|)\s+(.*)$ ^nvidia-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-extra-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-450(?::\w+|)\s+(.*)$ ^nvidia-utils-450(?::\w+|)\s+(.*)$ ^nvidia-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-headless-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-450(?::\w+|)\s+(.*)$ ^libnvidia-gl-440(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-455(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-common-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-455(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-455(?::\w+|)\s+(.*)$ ^nvidia-driver-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-455(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-455(?::\w+|)\s+(.*)$ ^libnvidia-decode-455(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-455(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^nvidia-utils-455(?::\w+|)\s+(.*)$ ^libnvidia-gl-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^nvidia-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-headless-455(?::\w+|)\s+(.*)$ ^libnvidia-extra-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-455(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^nvidia-headless-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-418-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-418-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-418-server(?::\w+|)\s+(.*)$ ^nvidia-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-418-server(?::\w+|)\s+(.*)$ ^libnvidia-common-418-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-418-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-418-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-418-server(?::\w+|)\s+(.*)$ ^nvidia-driver-418-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-418-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^coturn(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^liblog4net1.2-cil(?::\w+|)\s+(.*)$ ^liblog4net-cil-dev(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^sudo-ldap(?::\w+|)\s+(.*)$ ^sudo(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^tcmu-runner(?::\w+|)\s+(.*)$ ^libtcmu2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^libxstream-java(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ca-certificates-udeb(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^minidlna(?::\w+|)\s+(.*)$ ^php-pear(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^junit4(?::\w+|)\s+(.*)$ ^junit4-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^hostapd(?::\w+|)\s+(.*)$ ^wpagui(?::\w+|)\s+(.*)$ ^wpasupplicant(?::\w+|)\s+(.*)$ ^wpasupplicant-udeb(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libcrypto1.1-udeb(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1-udeb(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libshiro-java(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0-udeb(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^xterm(?::\w+|)\s+(.*)$ ^screen(?::\w+|)\s+(.*)$ ^screen-udeb(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^hostapd(?::\w+|)\s+(.*)$ ^wpagui(?::\w+|)\s+(.*)$ ^wpasupplicant(?::\w+|)\s+(.*)$ ^wpasupplicant-udeb(?::\w+|)\s+(.*)$ ^golang-1.14(?::\w+|)\s+(.*)$ ^golang-1.14-doc(?::\w+|)\s+(.*)$ ^golang-1.14-go(?::\w+|)\s+(.*)$ ^golang-1.14-src(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-udeb(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^zstd(?::\w+|)\s+(.*)$ ^libzstd-dev(?::\w+|)\s+(.*)$ ^libzstd1(?::\w+|)\s+(.*)$ ^libzstd1-udeb(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^openssh-server-udeb(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^openssh-client-udeb(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-udeb(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^zabbix-java-gateway(?::\w+|)\s+(.*)$ ^zabbix-frontend-php(?::\w+|)\s+(.*)$ ^zabbix-proxy-mysql(?::\w+|)\s+(.*)$ ^zabbix-server-pgsql(?::\w+|)\s+(.*)$ ^zabbix-server-mysql(?::\w+|)\s+(.*)$ ^zabbix-proxy-pgsql(?::\w+|)\s+(.*)$ ^zabbix-proxy-sqlite3(?::\w+|)\s+(.*)$ ^zabbix-agent(?::\w+|)\s+(.*)$ ^libpmi0-dev(?::\w+|)\s+(.*)$ ^slurmctld(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins-dev(?::\w+|)\s+(.*)$ ^libslurmdb-perl(?::\w+|)\s+(.*)$ ^libpmi0(?::\w+|)\s+(.*)$ ^slurm-wlm(?::\w+|)\s+(.*)$ ^libslurm-dev(?::\w+|)\s+(.*)$ ^slurm-client(?::\w+|)\s+(.*)$ ^libpam-slurm(?::\w+|)\s+(.*)$ ^slurmd(?::\w+|)\s+(.*)$ ^slurm-wlm-torque(?::\w+|)\s+(.*)$ ^slurm-client-emulator(?::\w+|)\s+(.*)$ ^libpam-slurm-adopt(?::\w+|)\s+(.*)$ ^slurm-wlm-emulator(?::\w+|)\s+(.*)$ ^libpmi2-0(?::\w+|)\s+(.*)$ ^slurmdbd(?::\w+|)\s+(.*)$ ^slurm-wlm-doc(?::\w+|)\s+(.*)$ ^libslurm34(?::\w+|)\s+(.*)$ ^libpmi2-0-dev(?::\w+|)\s+(.*)$ ^libslurm-perl(?::\w+|)\s+(.*)$ ^sview(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins(?::\w+|)\s+(.*)$ ^lynx-common(?::\w+|)\s+(.*)$ ^lynx(?::\w+|)\s+(.*)$ ^phpmyadmin(?::\w+|)\s+(.*)$ ^targetcli-fb(?::\w+|)\s+(.*)$ ^axel(?::\w+|)\s+(.*)$ ^ant(?::\w+|)\s+(.*)$ ^ant-doc(?::\w+|)\s+(.*)$ ^ant-optional(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^python-pygments-doc(?::\w+|)\s+(.*)$ ^python3-pygments(?::\w+|)\s+(.*)$ ^python-pygments(?::\w+|)\s+(.*)$ ^privoxy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^ldb-tools(?::\w+|)\s+(.*)$ ^libldb2(?::\w+|)\s+(.*)$ ^python3-ldb(?::\w+|)\s+(.*)$ ^libldb-dev(?::\w+|)\s+(.*)$ ^python3-ldb-dev(?::\w+|)\s+(.*)$ ^libcrypto1.1-udeb(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1-udeb(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^python-pygments-doc(?::\w+|)\s+(.*)$ ^python3-pygments(?::\w+|)\s+(.*)$ ^python-pygments(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^spamassassin(?::\w+|)\s+(.*)$ ^sa-compile(?::\w+|)\s+(.*)$ ^spamc(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core-udeb(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^libnettle7(?::\w+|)\s+(.*)$ ^nettle-bin(?::\w+|)\s+(.*)$ ^libhogweed5(?::\w+|)\s+(.*)$ ^nettle-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libjs-underscore(?::\w+|)\s+(.*)$ ^node-underscore(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libzmq5(?::\w+|)\s+(.*)$ ^libzmq3-dev(?::\w+|)\s+(.*)$ ^caca-utils(?::\w+|)\s+(.*)$ ^libcaca-dev(?::\w+|)\s+(.*)$ ^libcaca0(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^shibboleth-sp2-common(?::\w+|)\s+(.*)$ ^shibboleth-sp2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-shib2(?::\w+|)\s+(.*)$ ^libshibsp-plugins(?::\w+|)\s+(.*)$ ^libshibsp8(?::\w+|)\s+(.*)$ ^shibboleth-sp-utils(?::\w+|)\s+(.*)$ ^libshibsp-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-shib(?::\w+|)\s+(.*)$ ^libshibsp-dev(?::\w+|)\s+(.*)$ ^shibboleth-sp-common(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^file-roller(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^openvpn(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-418-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-418-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-418-server(?::\w+|)\s+(.*)$ ^nvidia-driver-418-server(?::\w+|)\s+(.*)$ ^nvidia-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-418-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-418-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-418-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450(?::\w+|)\s+(.*)$ ^nvidia-driver-450(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440(?::\w+|)\s+(.*)$ ^libnvidia-decode-440(?::\w+|)\s+(.*)$ ^nvidia-driver-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-450(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450(?::\w+|)\s+(.*)$ ^nvidia-headless-440(?::\w+|)\s+(.*)$ ^nvidia-dkms-440(?::\w+|)\s+(.*)$ ^libnvidia-extra-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-450(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-450(?::\w+|)\s+(.*)$ ^libnvidia-gl-440(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-455(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-common-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-455(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-455(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-455(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-455(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^nvidia-utils-455(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-headless-455(?::\w+|)\s+(.*)$ ^libnvidia-extra-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-455(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-dev(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-0(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoar-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-gtk-0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gnomeautoargtk-0.1(?::\w+|)\s+(.*)$ ^libgnome-autoar-doc(?::\w+|)\s+(.*)$ ^libgnome-autoar-0-0(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^python-yaml(?::\w+|)\s+(.*)$ ^python3-yaml(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libxstream-java(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.6.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^awstats(?::\w+|)\s+(.*)$ ^python-eventlet-doc(?::\w+|)\s+(.*)$ ^python3-eventlet(?::\w+|)\s+(.*)$ ^libdjvulibre21(?::\w+|)\s+(.*)$ ^libdjvulibre-text(?::\w+|)\s+(.*)$ ^djvulibre-desktop(?::\w+|)\s+(.*)$ ^djview3(?::\w+|)\s+(.*)$ ^djvuserve(?::\w+|)\s+(.*)$ ^libdjvulibre-dev(?::\w+|)\s+(.*)$ ^djview(?::\w+|)\s+(.*)$ ^djvulibre-bin(?::\w+|)\s+(.*)$ ^libcaribou-gtk3-module(?::\w+|)\s+(.*)$ ^libcaribou0(?::\w+|)\s+(.*)$ ^libcaribou-dev(?::\w+|)\s+(.*)$ ^gir1.2-caribou-1.0(?::\w+|)\s+(.*)$ ^libcaribou-gtk-module(?::\w+|)\s+(.*)$ ^caribou-antler(?::\w+|)\s+(.*)$ ^libcaribou-common(?::\w+|)\s+(.*)$ ^caribou(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-x(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-doc(?::\w+|)\s+(.*)$ ^libgstreamer-gl1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-gl(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-base-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-alsa(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-apps(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^python-babel-localedata(?::\w+|)\s+(.*)$ ^python-babel-doc(?::\w+|)\s+(.*)$ ^python-babel(?::\w+|)\s+(.*)$ ^python3-babel(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-6-udeb(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^liblz4-tool(?::\w+|)\s+(.*)$ ^lz4(?::\w+|)\s+(.*)$ ^liblz4-dev(?::\w+|)\s+(.*)$ ^liblz4-1(?::\w+|)\s+(.*)$ ^isc-dhcp-relay(?::\w+|)\s+(.*)$ ^isc-dhcp-client-ddns(?::\w+|)\s+(.*)$ ^isc-dhcp-dev(?::\w+|)\s+(.*)$ ^isc-dhcp-client(?::\w+|)\s+(.*)$ ^isc-dhcp-common(?::\w+|)\s+(.*)$ ^isc-dhcp-server(?::\w+|)\s+(.*)$ ^isc-dhcp-client-udeb(?::\w+|)\s+(.*)$ ^isc-dhcp-server-ldap(?::\w+|)\s+(.*)$ ^gir1.2-gupnp-1.2(?::\w+|)\s+(.*)$ ^libgupnp-doc(?::\w+|)\s+(.*)$ ^libgupnp-1.2-dev(?::\w+|)\s+(.*)$ ^libgupnp-1.2-0(?::\w+|)\s+(.*)$ ^webp(?::\w+|)\s+(.*)$ ^libwebp6(?::\w+|)\s+(.*)$ ^libwebpmux3(?::\w+|)\s+(.*)$ ^libwebp-dev(?::\w+|)\s+(.*)$ ^libwebpdemux2(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^liblasso-perl(?::\w+|)\s+(.*)$ ^liblasso3(?::\w+|)\s+(.*)$ ^python3-lasso(?::\w+|)\s+(.*)$ ^liblasso3-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^policykit-1-doc(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-dev(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-0(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-dev(?::\w+|)\s+(.*)$ ^policykit-1(?::\w+|)\s+(.*)$ ^gir1.2-polkit-1.0(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-0(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libimage-exiftool-perl(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libnettle7(?::\w+|)\s+(.*)$ ^nettle-bin(?::\w+|)\s+(.*)$ ^libhogweed5(?::\w+|)\s+(.*)$ ^nettle-dev(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-core7-udeb(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^libavahi-common3-udeb(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^python-avahi(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^libslirp0(?::\w+|)\s+(.*)$ ^libslirp-dev(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^systemd-tests(?::\w+|)\s+(.*)$ ^systemd-coredump(?::\w+|)\s+(.*)$ ^systemd(?::\w+|)\s+(.*)$ ^udev-udeb(?::\w+|)\s+(.*)$ ^libsystemd0(?::\w+|)\s+(.*)$ ^systemd-container(?::\w+|)\s+(.*)$ ^libnss-myhostname(?::\w+|)\s+(.*)$ ^libudev1-udeb(?::\w+|)\s+(.*)$ ^libudev1(?::\w+|)\s+(.*)$ ^systemd-timesyncd(?::\w+|)\s+(.*)$ ^libsystemd-dev(?::\w+|)\s+(.*)$ ^libnss-systemd(?::\w+|)\s+(.*)$ ^systemd-journal-remote(?::\w+|)\s+(.*)$ ^libpam-systemd(?::\w+|)\s+(.*)$ ^libnss-mymachines(?::\w+|)\s+(.*)$ ^libnss-resolve(?::\w+|)\s+(.*)$ ^systemd-sysv(?::\w+|)\s+(.*)$ ^udev(?::\w+|)\s+(.*)$ ^libudev-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-418-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-418-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-418-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-418-server(?::\w+|)\s+(.*)$ ^nvidia-driver-418-server(?::\w+|)\s+(.*)$ ^nvidia-utils-418-server(?::\w+|)\s+(.*)$ ^libnvidia-common-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-418-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-418-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-418-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-418-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-418-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-418-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-455(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-common-450(?::\w+|)\s+(.*)$ ^libnvidia-common-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-450(?::\w+|)\s+(.*)$ ^libnvidia-gl-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-455(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450(?::\w+|)\s+(.*)$ ^nvidia-driver-455(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-450(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-455(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-455(?::\w+|)\s+(.*)$ ^nvidia-utils-450(?::\w+|)\s+(.*)$ ^nvidia-utils-455(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-455(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^nvidia-dkms-450(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-455(?::\w+|)\s+(.*)$ ^nvidia-headless-450(?::\w+|)\s+(.*)$ ^nvidia-headless-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-450(?::\w+|)\s+(.*)$ ^libnvidia-extra-455(?::\w+|)\s+(.*)$ ^libnvidia-compute-455(?::\w+|)\s+(.*)$ ^libnvidia-extra-450(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^libnvidia-common-465(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-465(?::\w+|)\s+(.*)$ ^libnvidia-gl-470(?::\w+|)\s+(.*)$ ^libnvidia-gl-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-465(?::\w+|)\s+(.*)$ ^nvidia-headless-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-465(?::\w+|)\s+(.*)$ ^nvidia-utils-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470(?::\w+|)\s+(.*)$ ^nvidia-utils-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-465(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-465(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470(?::\w+|)\s+(.*)$ ^nvidia-driver-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-470(?::\w+|)\s+(.*)$ ^nvidia-driver-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470(?::\w+|)\s+(.*)$ ^libnvidia-common-470(?::\w+|)\s+(.*)$ ^libnvidia-decode-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-465(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^libaspell15(?::\w+|)\s+(.*)$ ^aspell-doc(?::\w+|)\s+(.*)$ ^aspell(?::\w+|)\s+(.*)$ ^libpspell-dev(?::\w+|)\s+(.*)$ ^libaspell-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libsndfile1(?::\w+|)\s+(.*)$ ^libsndfile1-dev(?::\w+|)\s+(.*)$ ^sndfile-programs(?::\w+|)\s+(.*)$ ^libqpdf-dev(?::\w+|)\s+(.*)$ ^qpdf(?::\w+|)\s+(.*)$ ^libqpdf26(?::\w+|)\s+(.*)$ ^php-pear(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libdbi-perl(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libgps26(?::\w+|)\s+(.*)$ ^libqgpsmm-dev(?::\w+|)\s+(.*)$ ^libgps-dev(?::\w+|)\s+(.*)$ ^gpsd(?::\w+|)\s+(.*)$ ^python3-gps(?::\w+|)\s+(.*)$ ^gpsd-clients(?::\w+|)\s+(.*)$ ^libqgpsmm26(?::\w+|)\s+(.*)$ ^tor(?::\w+|)\s+(.*)$ ^tor-geoipdb(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^exiv2(?::\w+|)\s+(.*)$ ^libexiv2-27(?::\w+|)\s+(.*)$ ^libexiv2-doc(?::\w+|)\s+(.*)$ ^libexiv2-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^inetutils-tools(?::\w+|)\s+(.*)$ ^inetutils-ftpd(?::\w+|)\s+(.*)$ ^inetutils-talkd(?::\w+|)\s+(.*)$ ^inetutils-traceroute(?::\w+|)\s+(.*)$ ^inetutils-talk(?::\w+|)\s+(.*)$ ^inetutils-telnetd(?::\w+|)\s+(.*)$ ^inetutils-inetd(?::\w+|)\s+(.*)$ ^inetutils-ping(?::\w+|)\s+(.*)$ ^inetutils-syslogd(?::\w+|)\s+(.*)$ ^inetutils-ftp(?::\w+|)\s+(.*)$ ^inetutils-telnet(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^mongodb-server(?::\w+|)\s+(.*)$ ^mongodb(?::\w+|)\s+(.*)$ ^mongodb-clients(?::\w+|)\s+(.*)$ ^mongodb-server-core(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^gir1.2-grilo-0.3(?::\w+|)\s+(.*)$ ^libgrilo-0.3-bin(?::\w+|)\s+(.*)$ ^libgrilo-0.3-0(?::\w+|)\s+(.*)$ ^libgrilo-0.3-dev(?::\w+|)\s+(.*)$ ^libgrilo-0.3-doc(?::\w+|)\s+(.*)$ ^squashfs-tools(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^ntfs-3g(?::\w+|)\s+(.*)$ ^libntfs-3g883(?::\w+|)\s+(.*)$ ^ntfs-3g-dev(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^cpio(?::\w+|)\s+(.*)$ ^cpio-win32(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^python-pysaml2-doc(?::\w+|)\s+(.*)$ ^python3-pysaml2(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^libgd3(?::\w+|)\s+(.*)$ ^libgd-tools(?::\w+|)\s+(.*)$ ^libgd-dev(?::\w+|)\s+(.*)$ ^libapache2-mod-auth-mellon(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^squashfs-tools(?::\w+|)\s+(.*)$ ^squashfs-tools(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libgcrypt20(?::\w+|)\s+(.*)$ ^libgcrypt-mingw-w64-dev(?::\w+|)\s+(.*)$ ^libgcrypt20-doc(?::\w+|)\s+(.*)$ ^libgcrypt20-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libcommons-io-java-doc(?::\w+|)\s+(.*)$ ^libcommons-io-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^ledgersmb(?::\w+|)\s+(.*)$ ^libimlib2-dev(?::\w+|)\s+(.*)$ ^libimlib2(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-docker-containerd-dev(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^mongodb-server(?::\w+|)\s+(.*)$ ^mongodb(?::\w+|)\s+(.*)$ ^mongodb-clients(?::\w+|)\s+(.*)$ ^mongodb-server-core(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^python3-bottle(?::\w+|)\s+(.*)$ ^python-bottle-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libntlm0(?::\w+|)\s+(.*)$ ^libntlm0-dev(?::\w+|)\s+(.*)$ ^ardour-video-timeline(?::\w+|)\s+(.*)$ ^ardour(?::\w+|)\s+(.*)$ ^ardour-data(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^caca-utils(?::\w+|)\s+(.*)$ ^libcaca-dev(?::\w+|)\s+(.*)$ ^libcaca0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.8.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^mailman(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^pypy-py(?::\w+|)\s+(.*)$ ^python3-py(?::\w+|)\s+(.*)$ ^python-py(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^firejail(?::\w+|)\s+(.*)$ ^firejail-profiles(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libhivex-bin(?::\w+|)\s+(.*)$ ^libhivex-ocaml-dev(?::\w+|)\s+(.*)$ ^libhivex-dev(?::\w+|)\s+(.*)$ ^libhivex0(?::\w+|)\s+(.*)$ ^python3-hivex(?::\w+|)\s+(.*)$ ^libwin-hivex-perl(?::\w+|)\s+(.*)$ ^libhivex-ocaml(?::\w+|)\s+(.*)$ ^ruby-hivex(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^mailman(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^icu-devtools(?::\w+|)\s+(.*)$ ^libicu66(?::\w+|)\s+(.*)$ ^libicu-dev(?::\w+|)\s+(.*)$ ^icu-doc(?::\w+|)\s+(.*)$ ^python3-django-postorius(?::\w+|)\s+(.*)$ ^mc-data(?::\w+|)\s+(.*)$ ^mc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^oddjob(?::\w+|)\s+(.*)$ ^oddjob-mkhomedir(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^ntp(?::\w+|)\s+(.*)$ ^sntp(?::\w+|)\s+(.*)$ ^ntp-doc(?::\w+|)\s+(.*)$ ^ntpdate(?::\w+|)\s+(.*)$ ^inetutils-tools(?::\w+|)\s+(.*)$ ^inetutils-ftpd(?::\w+|)\s+(.*)$ ^inetutils-talkd(?::\w+|)\s+(.*)$ ^inetutils-traceroute(?::\w+|)\s+(.*)$ ^inetutils-talk(?::\w+|)\s+(.*)$ ^inetutils-telnetd(?::\w+|)\s+(.*)$ ^inetutils-inetd(?::\w+|)\s+(.*)$ ^inetutils-ping(?::\w+|)\s+(.*)$ ^inetutils-syslogd(?::\w+|)\s+(.*)$ ^inetutils-ftp(?::\w+|)\s+(.*)$ ^inetutils-telnet(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^busybox(?::\w+|)\s+(.*)$ ^busybox-syslogd(?::\w+|)\s+(.*)$ ^udhcpd(?::\w+|)\s+(.*)$ ^busybox-initramfs(?::\w+|)\s+(.*)$ ^udhcpc(?::\w+|)\s+(.*)$ ^busybox-static(?::\w+|)\s+(.*)$ ^node-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui-docs(?::\w+|)\s+(.*)$ ^roundcube-pgsql(?::\w+|)\s+(.*)$ ^roundcube-mysql(?::\w+|)\s+(.*)$ ^roundcube-plugins(?::\w+|)\s+(.*)$ ^roundcube(?::\w+|)\s+(.*)$ ^roundcube-core(?::\w+|)\s+(.*)$ ^roundcube-sqlite3(?::\w+|)\s+(.*)$ ^libmysofa-utils(?::\w+|)\s+(.*)$ ^libmysofa-dev(?::\w+|)\s+(.*)$ ^libmysofa1(?::\w+|)\s+(.*)$ ^libmatio-doc(?::\w+|)\s+(.*)$ ^libmatio9(?::\w+|)\s+(.*)$ ^libmatio-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^glances(?::\w+|)\s+(.*)$ ^glances-doc(?::\w+|)\s+(.*)$ ^keepalived(?::\w+|)\s+(.*)$ ^libgraphics-magick-perl(?::\w+|)\s+(.*)$ ^libgraphicsmagick-q16-3(?::\w+|)\s+(.*)$ ^libgraphicsmagick1-dev(?::\w+|)\s+(.*)$ ^graphicsmagick(?::\w+|)\s+(.*)$ ^graphicsmagick-imagemagick-compat(?::\w+|)\s+(.*)$ ^graphicsmagick-libmagick-dev-compat(?::\w+|)\s+(.*)$ ^libgraphicsmagick++1-dev(?::\w+|)\s+(.*)$ ^libgraphicsmagick++-q16-12(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^libolm-dev(?::\w+|)\s+(.*)$ ^python3-olm(?::\w+|)\s+(.*)$ ^libolm3(?::\w+|)\s+(.*)$ ^mumble(?::\w+|)\s+(.*)$ ^mumble-server(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^htmldoc(?::\w+|)\s+(.*)$ ^htmldoc-common(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^tcpreplay(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^cacti(?::\w+|)\s+(.*)$ ^python3-nltk(?::\w+|)\s+(.*)$ ^node-hosted-git-info(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^composer(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^liblog4j2-java(?::\w+|)\s+(.*)$ ^liblog4j2-java-doc(?::\w+|)\s+(.*)$ ^liblog4j1.2-java-doc(?::\w+|)\s+(.*)$ ^liblog4j1.2-java(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^python3-lxml(?::\w+|)\s+(.*)$ ^python-lxml(?::\w+|)\s+(.*)$ ^python-lxml-doc(?::\w+|)\s+(.*)$ ^systemd-tests(?::\w+|)\s+(.*)$ ^systemd-coredump(?::\w+|)\s+(.*)$ ^systemd(?::\w+|)\s+(.*)$ ^libsystemd0(?::\w+|)\s+(.*)$ ^systemd-container(?::\w+|)\s+(.*)$ ^libnss-myhostname(?::\w+|)\s+(.*)$ ^libudev1(?::\w+|)\s+(.*)$ ^systemd-timesyncd(?::\w+|)\s+(.*)$ ^libsystemd-dev(?::\w+|)\s+(.*)$ ^libnss-systemd(?::\w+|)\s+(.*)$ ^systemd-journal-remote(?::\w+|)\s+(.*)$ ^libpam-systemd(?::\w+|)\s+(.*)$ ^libnss-mymachines(?::\w+|)\s+(.*)$ ^libnss-resolve(?::\w+|)\s+(.*)$ ^systemd-sysv(?::\w+|)\s+(.*)$ ^udev(?::\w+|)\s+(.*)$ ^libudev-dev(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^cpanminus(?::\w+|)\s+(.*)$ ^389-ds-base(?::\w+|)\s+(.*)$ ^cockpit-389-ds(?::\w+|)\s+(.*)$ ^389-ds-base-libs(?::\w+|)\s+(.*)$ ^python3-lib389(?::\w+|)\s+(.*)$ ^389-ds-base-dev(?::\w+|)\s+(.*)$ ^389-ds(?::\w+|)\s+(.*)$ ^fail2ban(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libmediainfo-dev(?::\w+|)\s+(.*)$ ^python3-mediainfodll(?::\w+|)\s+(.*)$ ^libmediainfo0v5(?::\w+|)\s+(.*)$ ^libmediainfo-doc(?::\w+|)\s+(.*)$ ^libpostgresql-jdbc-java(?::\w+|)\s+(.*)$ ^libpostgresql-jdbc-java-doc(?::\w+|)\s+(.*)$ ^libhttpmime-java(?::\w+|)\s+(.*)$ ^libhttpclient-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.10.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-azure|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^aide-dynamic(?::\w+|)\s+(.*)$ ^aide-common(?::\w+|)\s+(.*)$ ^aide-xen(?::\w+|)\s+(.*)$ ^aide(?::\w+|)\s+(.*)$ ^dbus-1-doc(?::\w+|)\s+(.*)$ ^dbus(?::\w+|)\s+(.*)$ ^libdbus-1-dev(?::\w+|)\s+(.*)$ ^dbus-user-session(?::\w+|)\s+(.*)$ ^dbus-x11(?::\w+|)\s+(.*)$ ^dbus-tests(?::\w+|)\s+(.*)$ ^libdbus-1-3(?::\w+|)\s+(.*)$ ^maven(?::\w+|)\s+(.*)$ ^libmaven3-core-java(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^usbview(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^libgegl-dev(?::\w+|)\s+(.*)$ ^gir1.2-gegl-0.4(?::\w+|)\s+(.*)$ ^gegl(?::\w+|)\s+(.*)$ ^libgegl-doc(?::\w+|)\s+(.*)$ ^libgegl-common(?::\w+|)\s+(.*)$ ^libgegl-0.4-0(?::\w+|)\s+(.*)$ ^policykit-1-doc(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-dev(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-0(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-dev(?::\w+|)\s+(.*)$ ^policykit-1(?::\w+|)\s+(.*)$ ^gir1.2-polkit-1.0(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-0(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^liburiparser-doc(?::\w+|)\s+(.*)$ ^liburiparser-dev(?::\w+|)\s+(.*)$ ^liburiparser1(?::\w+|)\s+(.*)$ ^libldns-dev(?::\w+|)\s+(.*)$ ^libldns2(?::\w+|)\s+(.*)$ ^python3-ldns(?::\w+|)\s+(.*)$ ^ldnsutils(?::\w+|)\s+(.*)$ ^python-ldns(?::\w+|)\s+(.*)$ ^weechat-python(?::\w+|)\s+(.*)$ ^weechat-dev(?::\w+|)\s+(.*)$ ^weechat-plugins(?::\w+|)\s+(.*)$ ^weechat-guile(?::\w+|)\s+(.*)$ ^weechat-core(?::\w+|)\s+(.*)$ ^weechat-tcl(?::\w+|)\s+(.*)$ ^weechat-ruby(?::\w+|)\s+(.*)$ ^weechat-curses(?::\w+|)\s+(.*)$ ^weechat-doc(?::\w+|)\s+(.*)$ ^weechat-php(?::\w+|)\s+(.*)$ ^weechat-perl(?::\w+|)\s+(.*)$ ^weechat(?::\w+|)\s+(.*)$ ^weechat-lua(?::\w+|)\s+(.*)$ ^weechat-headless(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-aws|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.11.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^adminer(?::\w+|)\s+(.*)$ ^libhdf5-103(?::\w+|)\s+(.*)$ ^libhdf5-doc(?::\w+|)\s+(.*)$ ^hdf5-helpers(?::\w+|)\s+(.*)$ ^libhdf5-cpp-103(?::\w+|)\s+(.*)$ ^libhdf5-jni(?::\w+|)\s+(.*)$ ^libhdf5-dev(?::\w+|)\s+(.*)$ ^libhdf5-mpich-103(?::\w+|)\s+(.*)$ ^libhdf5-openmpi-dev(?::\w+|)\s+(.*)$ ^libhdf5-mpich-dev(?::\w+|)\s+(.*)$ ^libhdf5-openmpi-103(?::\w+|)\s+(.*)$ ^libhdf5-java(?::\w+|)\s+(.*)$ ^libhdf5-mpi-dev(?::\w+|)\s+(.*)$ ^hdf5-tools(?::\w+|)\s+(.*)$ ^debugedit(?::\w+|)\s+(.*)$ ^rpm-i18n(?::\w+|)\s+(.*)$ ^python-rpm(?::\w+|)\s+(.*)$ ^rpm-common(?::\w+|)\s+(.*)$ ^rpm(?::\w+|)\s+(.*)$ ^librpm-dev(?::\w+|)\s+(.*)$ ^rpm2cpio(?::\w+|)\s+(.*)$ ^librpmio8(?::\w+|)\s+(.*)$ ^python3-rpm(?::\w+|)\s+(.*)$ ^librpm8(?::\w+|)\s+(.*)$ ^librpmsign8(?::\w+|)\s+(.*)$ ^librpmbuild8(?::\w+|)\s+(.*)$ ^libsdl2-dev(?::\w+|)\s+(.*)$ ^libsdl2-doc(?::\w+|)\s+(.*)$ ^libsdl2-2.0-0(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-465(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-465(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-470(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470(?::\w+|)\s+(.*)$ ^nvidia-utils-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^nvidia-headless-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-465(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-465(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^nvidia-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-470-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-470-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470(?::\w+|)\s+(.*)$ ^nvidia-driver-470-server(?::\w+|)\s+(.*)$ ^nvidia-driver-470(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-465(?::\w+|)\s+(.*)$ ^libnvidia-compute-470-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-470(?::\w+|)\s+(.*)$ ^nvidia-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-465(?::\w+|)\s+(.*)$ ^nvidia-driver-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-465(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-470-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-510(?::\w+|)\s+(.*)$ ^libnvidia-common-510(?::\w+|)\s+(.*)$ ^nvidia-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-decode-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-495(?::\w+|)\s+(.*)$ ^nvidia-headless-495(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-encode-510(?::\w+|)\s+(.*)$ ^libnvidia-extra-495(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-495(?::\w+|)\s+(.*)$ ^nvidia-driver-510(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-510(?::\w+|)\s+(.*)$ ^nvidia-utils-510(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-510(?::\w+|)\s+(.*)$ ^libnvidia-decode-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-510(?::\w+|)\s+(.*)$ ^libnvidia-gl-495(?::\w+|)\s+(.*)$ ^libnvidia-gl-510(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-510(?::\w+|)\s+(.*)$ ^libnvidia-common-495(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-encode-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-510(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-495(?::\w+|)\s+(.*)$ ^libnvidia-extra-510(?::\w+|)\s+(.*)$ ^nvidia-driver-495(?::\w+|)\s+(.*)$ ^nvidia-headless-510(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-495(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^speex(?::\w+|)\s+(.*)$ ^libspeexdsp-dev(?::\w+|)\s+(.*)$ ^libspeex-dev(?::\w+|)\s+(.*)$ ^libspeexdsp1(?::\w+|)\s+(.*)$ ^speex-doc(?::\w+|)\s+(.*)$ ^libspeex1(?::\w+|)\s+(.*)$ ^opensc-pkcs11(?::\w+|)\s+(.*)$ ^opensc(?::\w+|)\s+(.*)$ ^pdfresurrect(?::\w+|)\s+(.*)$ ^node-tar(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^cryptsetup(?::\w+|)\s+(.*)$ ^cryptsetup-run(?::\w+|)\s+(.*)$ ^libcryptsetup12(?::\w+|)\s+(.*)$ ^libcryptsetup-dev(?::\w+|)\s+(.*)$ ^cryptsetup-bin(?::\w+|)\s+(.*)$ ^cryptsetup-initramfs(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^php-symfony-framework-bundle(?::\w+|)\s+(.*)$ ^php-symfony-security-core(?::\w+|)\s+(.*)$ ^php-symfony-ldap(?::\w+|)\s+(.*)$ ^php-symfony-browser-kit(?::\w+|)\s+(.*)$ ^php-symfony-filesystem(?::\w+|)\s+(.*)$ ^php-symfony-twig-bundle(?::\w+|)\s+(.*)$ ^php-symfony-mailchimp-mailer(?::\w+|)\s+(.*)$ ^php-symfony-web-profiler-bundle(?::\w+|)\s+(.*)$ ^php-symfony-asset(?::\w+|)\s+(.*)$ ^php-symfony-var-exporter(?::\w+|)\s+(.*)$ ^php-symfony-sendgrid-mailer(?::\w+|)\s+(.*)$ ^php-symfony-security-http(?::\w+|)\s+(.*)$ ^php-symfony-phpunit-bridge(?::\w+|)\s+(.*)$ ^php-symfony-http-client(?::\w+|)\s+(.*)$ ^php-symfony-web-server-bundle(?::\w+|)\s+(.*)$ ^php-symfony-http-kernel(?::\w+|)\s+(.*)$ ^php-symfony-templating(?::\w+|)\s+(.*)$ ^php-symfony-property-access(?::\w+|)\s+(.*)$ ^php-symfony-amazon-mailer(?::\w+|)\s+(.*)$ ^php-symfony-doctrine-bridge(?::\w+|)\s+(.*)$ ^php-symfony-intl(?::\w+|)\s+(.*)$ ^php-symfony-twig-bridge(?::\w+|)\s+(.*)$ ^php-symfony-security-guard(?::\w+|)\s+(.*)$ ^php-symfony-mailer(?::\w+|)\s+(.*)$ ^php-symfony-postmark-mailer(?::\w+|)\s+(.*)$ ^php-symfony-serializer(?::\w+|)\s+(.*)$ ^php-symfony-translation(?::\w+|)\s+(.*)$ ^php-symfony-yaml(?::\w+|)\s+(.*)$ ^php-symfony-debug-bundle(?::\w+|)\s+(.*)$ ^php-symfony-css-selector(?::\w+|)\s+(.*)$ ^php-symfony-expression-language(?::\w+|)\s+(.*)$ ^php-symfony-process(?::\w+|)\s+(.*)$ ^php-symfony-var-dumper(?::\w+|)\s+(.*)$ ^php-symfony-property-info(?::\w+|)\s+(.*)$ ^php-symfony-routing(?::\w+|)\s+(.*)$ ^php-symfony-security-bundle(?::\w+|)\s+(.*)$ ^php-symfony-finder(?::\w+|)\s+(.*)$ ^php-symfony-google-mailer(?::\w+|)\s+(.*)$ ^php-symfony-lock(?::\w+|)\s+(.*)$ ^php-symfony-validator(?::\w+|)\s+(.*)$ ^php-symfony-debug(?::\w+|)\s+(.*)$ ^php-symfony-inflector(?::\w+|)\s+(.*)$ ^php-symfony-event-dispatcher(?::\w+|)\s+(.*)$ ^php-symfony-cache(?::\w+|)\s+(.*)$ ^php-symfony-monolog-bridge(?::\w+|)\s+(.*)$ ^php-symfony(?::\w+|)\s+(.*)$ ^php-symfony-mime(?::\w+|)\s+(.*)$ ^php-symfony-workflow(?::\w+|)\s+(.*)$ ^php-symfony-security-csrf(?::\w+|)\s+(.*)$ ^php-symfony-proxy-manager-bridge(?::\w+|)\s+(.*)$ ^php-symfony-http-foundation(?::\w+|)\s+(.*)$ ^php-symfony-form(?::\w+|)\s+(.*)$ ^php-symfony-options-resolver(?::\w+|)\s+(.*)$ ^php-symfony-dotenv(?::\w+|)\s+(.*)$ ^php-symfony-web-link(?::\w+|)\s+(.*)$ ^php-symfony-messenger(?::\w+|)\s+(.*)$ ^php-symfony-mailgun-mailer(?::\w+|)\s+(.*)$ ^php-symfony-dependency-injection(?::\w+|)\s+(.*)$ ^php-symfony-dom-crawler(?::\w+|)\s+(.*)$ ^php-symfony-security(?::\w+|)\s+(.*)$ ^php-symfony-console(?::\w+|)\s+(.*)$ ^php-symfony-config(?::\w+|)\s+(.*)$ ^php-symfony-stopwatch(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^libc3p0-java-doc(?::\w+|)\s+(.*)$ ^libc3p0-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libsasl2-2(?::\w+|)\s+(.*)$ ^libsasl2-modules-gssapi-heimdal(?::\w+|)\s+(.*)$ ^sasl2-bin(?::\w+|)\s+(.*)$ ^libsasl2-modules-db(?::\w+|)\s+(.*)$ ^libsasl2-modules-gssapi-mit(?::\w+|)\s+(.*)$ ^libsasl2-dev(?::\w+|)\s+(.*)$ ^libsasl2-modules-sql(?::\w+|)\s+(.*)$ ^libsasl2-modules(?::\w+|)\s+(.*)$ ^libsasl2-modules-otp(?::\w+|)\s+(.*)$ ^libsasl2-modules-ldap(?::\w+|)\s+(.*)$ ^cyrus-sasl2-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^policykit-1-doc(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-dev(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-0(?::\w+|)\s+(.*)$ ^libpolkit-agent-1-dev(?::\w+|)\s+(.*)$ ^policykit-1(?::\w+|)\s+(.*)$ ^gir1.2-polkit-1.0(?::\w+|)\s+(.*)$ ^libpolkit-gobject-1-0(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^libvirglrenderer1(?::\w+|)\s+(.*)$ ^virgl-server(?::\w+|)\s+(.*)$ ^libvirglrenderer-dev(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ansible(?::\w+|)\s+(.*)$ ^ansible-doc(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws|-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^nbd-server(?::\w+|)\s+(.*)$ ^nbd-client(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^zsh-static(?::\w+|)\s+(.*)$ ^zsh-common(?::\w+|)\s+(.*)$ ^zsh-dev(?::\w+|)\s+(.*)$ ^zsh(?::\w+|)\s+(.*)$ ^zsh-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^tcpdump(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^ckeditor(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^openvpn(?::\w+|)\s+(.*)$ ^smarty3(?::\w+|)\s+(.*)$ ^python3-paramiko(?::\w+|)\s+(.*)$ ^paramiko-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^python3-twisted-bin(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^libx32z1-dev(?::\w+|)\s+(.*)$ ^lib64z1(?::\w+|)\s+(.*)$ ^libx32z1(?::\w+|)\s+(.*)$ ^lib64z1-dev(?::\w+|)\s+(.*)$ ^lib32z1(?::\w+|)\s+(.*)$ ^zlib1g(?::\w+|)\s+(.*)$ ^lib32z1-dev(?::\w+|)\s+(.*)$ ^zlib1g-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^python-waitress-doc(?::\w+|)\s+(.*)$ ^python3-waitress(?::\w+|)\s+(.*)$ ^libh2-java(?::\w+|)\s+(.*)$ ^libh2-java-doc(?::\w+|)\s+(.*)$ ^libfribidi-bin(?::\w+|)\s+(.*)$ ^libfribidi0(?::\w+|)\s+(.*)$ ^libfribidi-dev(?::\w+|)\s+(.*)$ ^fish(?::\w+|)\s+(.*)$ ^fish-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^python-oslo.utils-doc(?::\w+|)\s+(.*)$ ^python3-oslo.utils(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^libsvn-dev(?::\w+|)\s+(.*)$ ^ruby-svn(?::\w+|)\s+(.*)$ ^subversion-tools(?::\w+|)\s+(.*)$ ^libapache2-mod-svn(?::\w+|)\s+(.*)$ ^python-subversion(?::\w+|)\s+(.*)$ ^libsvn1(?::\w+|)\s+(.*)$ ^subversion(?::\w+|)\s+(.*)$ ^libsvn-doc(?::\w+|)\s+(.*)$ ^libsvn-java(?::\w+|)\s+(.*)$ ^libsvn-perl(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^gzip(?::\w+|)\s+(.*)$ ^gzip-win32(?::\w+|)\s+(.*)$ ^liblzma5(?::\w+|)\s+(.*)$ ^liblzma-doc(?::\w+|)\s+(.*)$ ^liblzma-dev(?::\w+|)\s+(.*)$ ^xz-utils(?::\w+|)\s+(.*)$ ^xzdec(?::\w+|)\s+(.*)$ ^klibc-utils(?::\w+|)\s+(.*)$ ^libklibc(?::\w+|)\s+(.*)$ ^libklibc-dev(?::\w+|)\s+(.*)$ ^bash-builtins(?::\w+|)\s+(.*)$ ^bash-doc(?::\w+|)\s+(.*)$ ^bash(?::\w+|)\s+(.*)$ ^bash-static(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libinput-dev(?::\w+|)\s+(.*)$ ^libinput-bin(?::\w+|)\s+(.*)$ ^libinput10(?::\w+|)\s+(.*)$ ^libinput-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-aiohttp(?::\w+|)\s+(.*)$ ^barbican-keystone-listener(?::\w+|)\s+(.*)$ ^barbican-api(?::\w+|)\s+(.*)$ ^barbican-worker(?::\w+|)\s+(.*)$ ^barbican-common(?::\w+|)\s+(.*)$ ^python3-barbican(?::\w+|)\s+(.*)$ ^barbican-doc(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^libsepol1(?::\w+|)\s+(.*)$ ^libsepol1-dev(?::\w+|)\s+(.*)$ ^sepol-utils(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^networkd-dispatcher(?::\w+|)\s+(.*)$ ^networkd-dispatcher(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^rsyslog-gssapi(?::\w+|)\s+(.*)$ ^rsyslog-czmq(?::\w+|)\s+(.*)$ ^rsyslog-pgsql(?::\w+|)\s+(.*)$ ^rsyslog-hiredis(?::\w+|)\s+(.*)$ ^rsyslog-mysql(?::\w+|)\s+(.*)$ ^rsyslog-gnutls(?::\w+|)\s+(.*)$ ^rsyslog-openssl(?::\w+|)\s+(.*)$ ^rsyslog(?::\w+|)\s+(.*)$ ^rsyslog-relp(?::\w+|)\s+(.*)$ ^rsyslog-mongodb(?::\w+|)\s+(.*)$ ^rsyslog-elasticsearch(?::\w+|)\s+(.*)$ ^rsyslog-kafka(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^pcregrep(?::\w+|)\s+(.*)$ ^libpcre3-dev(?::\w+|)\s+(.*)$ ^libpcre3(?::\w+|)\s+(.*)$ ^libpcrecpp0v5(?::\w+|)\s+(.*)$ ^libpcre16-3(?::\w+|)\s+(.*)$ ^libpcre32-3(?::\w+|)\s+(.*)$ ^needrestart(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^htmldoc(?::\w+|)\s+(.*)$ ^htmldoc-common(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libsvn-dev(?::\w+|)\s+(.*)$ ^ruby-svn(?::\w+|)\s+(.*)$ ^subversion-tools(?::\w+|)\s+(.*)$ ^libapache2-mod-svn(?::\w+|)\s+(.*)$ ^python-subversion(?::\w+|)\s+(.*)$ ^libsvn1(?::\w+|)\s+(.*)$ ^subversion(?::\w+|)\s+(.*)$ ^libsvn-doc(?::\w+|)\s+(.*)$ ^libsvn-java(?::\w+|)\s+(.*)$ ^libsvn-perl(?::\w+|)\s+(.*)$ ^dpkg-dev(?::\w+|)\s+(.*)$ ^dselect(?::\w+|)\s+(.*)$ ^dpkg(?::\w+|)\s+(.*)$ ^libdpkg-dev(?::\w+|)\s+(.*)$ ^libdpkg-perl(?::\w+|)\s+(.*)$ ^golang-github-influxdb-influxdb-dev(?::\w+|)\s+(.*)$ ^influxdb(?::\w+|)\s+(.*)$ ^influxdb-client(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libxmltok1(?::\w+|)\s+(.*)$ ^libxmltok1-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^cifs-utils(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ntfs-3g(?::\w+|)\s+(.*)$ ^libntfs-3g883(?::\w+|)\s+(.*)$ ^ntfs-3g-dev(?::\w+|)\s+(.*)$ ^libss2(?::\w+|)\s+(.*)$ ^e2fslibs-dev(?::\w+|)\s+(.*)$ ^libcomerr2(?::\w+|)\s+(.*)$ ^libcom-err2(?::\w+|)\s+(.*)$ ^e2fsprogs(?::\w+|)\s+(.*)$ ^e2fsck-static(?::\w+|)\s+(.*)$ ^logsave(?::\w+|)\s+(.*)$ ^e2fslibs(?::\w+|)\s+(.*)$ ^e2fsprogs-l10n(?::\w+|)\s+(.*)$ ^libext2fs-dev(?::\w+|)\s+(.*)$ ^libext2fs2(?::\w+|)\s+(.*)$ ^fuse2fs(?::\w+|)\s+(.*)$ ^ss-dev(?::\w+|)\s+(.*)$ ^comerr-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^varnish(?::\w+|)\s+(.*)$ ^varnish-doc(?::\w+|)\s+(.*)$ ^libvarnishapi-dev(?::\w+|)\s+(.*)$ ^libvarnishapi2(?::\w+|)\s+(.*)$ ^varnish(?::\w+|)\s+(.*)$ ^varnish-doc(?::\w+|)\s+(.*)$ ^libvarnishapi-dev(?::\w+|)\s+(.*)$ ^libvarnishapi2(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^liblouis-dev(?::\w+|)\s+(.*)$ ^python3-louis(?::\w+|)\s+(.*)$ ^liblouis-data(?::\w+|)\s+(.*)$ ^liblouis20(?::\w+|)\s+(.*)$ ^liblouis-bin(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^spip(?::\w+|)\s+(.*)$ ^libexempi8(?::\w+|)\s+(.*)$ ^exempi(?::\w+|)\s+(.*)$ ^libexempi-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-intel)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws|-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.13.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^cloud-init(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^dirmngr(?::\w+|)\s+(.*)$ ^gpgv-static(?::\w+|)\s+(.*)$ ^gpgv-win32(?::\w+|)\s+(.*)$ ^scdaemon(?::\w+|)\s+(.*)$ ^gpgsm(?::\w+|)\s+(.*)$ ^gpgv(?::\w+|)\s+(.*)$ ^gpg(?::\w+|)\s+(.*)$ ^gnupg-agent(?::\w+|)\s+(.*)$ ^gnupg2(?::\w+|)\s+(.*)$ ^gnupg-l10n(?::\w+|)\s+(.*)$ ^gnupg-utils(?::\w+|)\s+(.*)$ ^gpgconf(?::\w+|)\s+(.*)$ ^gpg-wks-server(?::\w+|)\s+(.*)$ ^gpg-agent(?::\w+|)\s+(.*)$ ^gnupg(?::\w+|)\s+(.*)$ ^gpg-wks-client(?::\w+|)\s+(.*)$ ^gpgv2(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^python3-pyldap(?::\w+|)\s+(.*)$ ^python3-ldap(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libhttp-daemon-perl(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^gir1.2-harfbuzz-0.0(?::\w+|)\s+(.*)$ ^libharfbuzz-gobject0(?::\w+|)\s+(.*)$ ^libharfbuzz-dev(?::\w+|)\s+(.*)$ ^libharfbuzz-icu0(?::\w+|)\s+(.*)$ ^libharfbuzz0b(?::\w+|)\s+(.*)$ ^libharfbuzz-bin(?::\w+|)\s+(.*)$ ^libharfbuzz-doc(?::\w+|)\s+(.*)$ ^libxml-security-java-doc(?::\w+|)\s+(.*)$ ^libxml-security-java(?::\w+|)\s+(.*)$ ^python3-jwt(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^libprotobuf-c-dev(?::\w+|)\s+(.*)$ ^protobuf-c-compiler(?::\w+|)\s+(.*)$ ^libprotobuf-c1(?::\w+|)\s+(.*)$ ^python3-bottle(?::\w+|)\s+(.*)$ ^python-bottle-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libtirpc3(?::\w+|)\s+(.*)$ ^libtirpc-common(?::\w+|)\s+(.*)$ ^libtirpc-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-390(?::\w+|)\s+(.*)$ ^libnvidia-decode-390(?::\w+|)\s+(.*)$ ^nvidia-utils-390(?::\w+|)\s+(.*)$ ^libnvidia-gl-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-390(?::\w+|)\s+(.*)$ ^nvidia-384-dev(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-390(?::\w+|)\s+(.*)$ ^libcuda1-384(?::\w+|)\s+(.*)$ ^nvidia-384(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-390(?::\w+|)\s+(.*)$ ^libnvidia-encode-390(?::\w+|)\s+(.*)$ ^nvidia-opencl-icd-384(?::\w+|)\s+(.*)$ ^libnvidia-common-390(?::\w+|)\s+(.*)$ ^nvidia-dkms-390(?::\w+|)\s+(.*)$ ^nvidia-libopencl1-384(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-390(?::\w+|)\s+(.*)$ ^nvidia-driver-390(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-390(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-390(?::\w+|)\s+(.*)$ ^nvidia-headless-390(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-390(?::\w+|)\s+(.*)$ ^libnvidia-compute-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-450-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-450-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-common-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-450-server(?::\w+|)\s+(.*)$ ^nvidia-utils-440-server(?::\w+|)\s+(.*)$ ^nvidia-headless-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-450-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-440-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-450-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-450-server(?::\w+|)\s+(.*)$ ^nvidia-driver-440-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-440-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-440-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-450-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-440-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-440-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-450-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-450-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-450-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-440-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-450-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-440-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-440-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-450-server(?::\w+|)\s+(.*)$ ^libnvidia-common-465(?::\w+|)\s+(.*)$ ^nvidia-driver-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-460-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470-server(?::\w+|)\s+(.*)$ ^nvidia-utils-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-465(?::\w+|)\s+(.*)$ ^nvidia-headless-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-470(?::\w+|)\s+(.*)$ ^libnvidia-compute-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470-server(?::\w+|)\s+(.*)$ ^libnvidia-gl-460(?::\w+|)\s+(.*)$ ^libnvidia-gl-465(?::\w+|)\s+(.*)$ ^nvidia-utils-470-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-465(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-470(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-465(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-465(?::\w+|)\s+(.*)$ ^libnvidia-encode-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-460-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-460(?::\w+|)\s+(.*)$ ^libnvidia-compute-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470(?::\w+|)\s+(.*)$ ^nvidia-utils-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-470-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-470-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-470-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460-server(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-465(?::\w+|)\s+(.*)$ ^libnvidia-extra-460(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-460-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-470(?::\w+|)\s+(.*)$ ^nvidia-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-470(?::\w+|)\s+(.*)$ ^libnvidia-extra-460-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-470(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-465(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-460(?::\w+|)\s+(.*)$ ^libnvidia-extra-470(?::\w+|)\s+(.*)$ ^nvidia-utils-465(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-460-server(?::\w+|)\s+(.*)$ ^nvidia-driver-460(?::\w+|)\s+(.*)$ ^nvidia-utils-460(?::\w+|)\s+(.*)$ ^libnvidia-decode-465(?::\w+|)\s+(.*)$ ^nvidia-driver-465(?::\w+|)\s+(.*)$ ^libnvidia-decode-460(?::\w+|)\s+(.*)$ ^libnvidia-encode-460(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-470(?::\w+|)\s+(.*)$ ^nvidia-headless-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-470-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-470(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-465(?::\w+|)\s+(.*)$ ^libnvidia-common-470(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-460-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-470(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-460-server(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-460(?::\w+|)\s+(.*)$ ^libnvidia-ifr1-465(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-460-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-460-server(?::\w+|)\s+(.*)$ ^nvidia-headless-470-server(?::\w+|)\s+(.*)$ ^libnvidia-common-495(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-510(?::\w+|)\s+(.*)$ ^libnvidia-common-510(?::\w+|)\s+(.*)$ ^nvidia-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-decode-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-495(?::\w+|)\s+(.*)$ ^nvidia-headless-495(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-510-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-510(?::\w+|)\s+(.*)$ ^nvidia-driver-510-server(?::\w+|)\s+(.*)$ ^libnvidia-common-510-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-extra-495(?::\w+|)\s+(.*)$ ^libnvidia-gl-510-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-495(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-495(?::\w+|)\s+(.*)$ ^nvidia-driver-510(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-510-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-510-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-510(?::\w+|)\s+(.*)$ ^libnvidia-compute-510-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-510(?::\w+|)\s+(.*)$ ^libnvidia-gl-510(?::\w+|)\s+(.*)$ ^nvidia-utils-510(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-510-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-510-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-510-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-510(?::\w+|)\s+(.*)$ ^nvidia-headless-510-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-510(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-510(?::\w+|)\s+(.*)$ ^libnvidia-decode-510-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-495(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-510-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-510-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-510-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-510-server(?::\w+|)\s+(.*)$ ^nvidia-utils-510-server(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-495(?::\w+|)\s+(.*)$ ^libnvidia-compute-510(?::\w+|)\s+(.*)$ ^nvidia-dkms-510(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-495(?::\w+|)\s+(.*)$ ^libnvidia-extra-510(?::\w+|)\s+(.*)$ ^libnvidia-gl-495(?::\w+|)\s+(.*)$ ^nvidia-driver-495(?::\w+|)\s+(.*)$ ^nvidia-headless-510(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-495(?::\w+|)\s+(.*)$ ^nvidia-dkms-515-server(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-515(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-515(?::\w+|)\s+(.*)$ ^libnvidia-compute-515-server(?::\w+|)\s+(.*)$ ^nvidia-utils-515-server(?::\w+|)\s+(.*)$ ^libnvidia-common-515(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-515(?::\w+|)\s+(.*)$ ^libnvidia-encode-515-server(?::\w+|)\s+(.*)$ ^libnvidia-encode-515(?::\w+|)\s+(.*)$ ^libnvidia-decode-515-server(?::\w+|)\s+(.*)$ ^nvidia-driver-515(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-515-server(?::\w+|)\s+(.*)$ ^libnvidia-cfg1-515-server(?::\w+|)\s+(.*)$ ^nvidia-utils-515(?::\w+|)\s+(.*)$ ^libnvidia-extra-515-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-common-515(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-515-server(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-515-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-515-server(?::\w+|)\s+(.*)$ ^nvidia-dkms-515(?::\w+|)\s+(.*)$ ^nvidia-headless-515-server(?::\w+|)\s+(.*)$ ^nvidia-kernel-source-515(?::\w+|)\s+(.*)$ ^libnvidia-gl-515(?::\w+|)\s+(.*)$ ^nvidia-compute-utils-515(?::\w+|)\s+(.*)$ ^nvidia-headless-no-dkms-515-server(?::\w+|)\s+(.*)$ ^libnvidia-decode-515(?::\w+|)\s+(.*)$ ^xserver-xorg-video-nvidia-515(?::\w+|)\s+(.*)$ ^libnvidia-gl-515-server(?::\w+|)\s+(.*)$ ^libnvidia-compute-515(?::\w+|)\s+(.*)$ ^libnvidia-fbc1-515-server(?::\w+|)\s+(.*)$ ^libnvidia-common-515-server(?::\w+|)\s+(.*)$ ^nvidia-driver-515-server(?::\w+|)\s+(.*)$ ^libnvidia-extra-515(?::\w+|)\s+(.*)$ ^nvidia-headless-515(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libapache2-mod-wsgi(?::\w+|)\s+(.*)$ ^libapache2-mod-wsgi-py3(?::\w+|)\s+(.*)$ ^phpliteadmin-themes(?::\w+|)\s+(.*)$ ^phpliteadmin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^booth(?::\w+|)\s+(.*)$ ^booth-pacemaker(?::\w+|)\s+(.*)$ ^node-moment(?::\w+|)\s+(.*)$ ^libjs-moment(?::\w+|)\s+(.*)$ ^epiphany-browser(?::\w+|)\s+(.*)$ ^epiphany-browser-data(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libx32z1-dev(?::\w+|)\s+(.*)$ ^lib64z1(?::\w+|)\s+(.*)$ ^libx32z1(?::\w+|)\s+(.*)$ ^lib64z1-dev(?::\w+|)\s+(.*)$ ^lib32z1(?::\w+|)\s+(.*)$ ^zlib1g(?::\w+|)\s+(.*)$ ^lib32z1-dev(?::\w+|)\s+(.*)$ ^zlib1g-dev(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^libxslt1-dev(?::\w+|)\s+(.*)$ ^libxslt1.1(?::\w+|)\s+(.*)$ ^xsltproc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^schroot(?::\w+|)\s+(.*)$ ^schroot-common(?::\w+|)\s+(.*)$ ^python3-notebook(?::\w+|)\s+(.*)$ ^python-notebook-doc(?::\w+|)\s+(.*)$ ^jupyter-notebook(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-memif20.0(?::\w+|)\s+(.*)$ ^dpdk-igb-uio-dkms(?::\w+|)\s+(.*)$ ^librte-pmd-iavf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-af-packet20.0(?::\w+|)\s+(.*)$ ^librte-pmd-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-event20.0(?::\w+|)\s+(.*)$ ^librte-bus-ifpga20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-stack0.200(?::\w+|)\s+(.*)$ ^librte-pmd-e1000-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-null20.0(?::\w+|)\s+(.*)$ ^librte-pipeline20.0(?::\w+|)\s+(.*)$ ^librte-sched20.0(?::\w+|)\s+(.*)$ ^librte-distributor20.0(?::\w+|)\s+(.*)$ ^librte-efd20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ark20.0(?::\w+|)\s+(.*)$ ^librte-gro20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sfc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-failsafe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pcap20.0(?::\w+|)\s+(.*)$ ^librte-rawdev20.0(?::\w+|)\s+(.*)$ ^librte-meter20.0(?::\w+|)\s+(.*)$ ^librte-hash20.0(?::\w+|)\s+(.*)$ ^librte-ring20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-telemetry0.200(?::\w+|)\s+(.*)$ ^librte-rawdev-skeleton20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bond20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ioat20.0(?::\w+|)\s+(.*)$ ^librte-pmd-skeleton-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-mlx5-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-cmdif20.0(?::\w+|)\s+(.*)$ ^librte-pmd-fm10k20.0(?::\w+|)\s+(.*)$ ^librte-cryptodev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-i40e20.0(?::\w+|)\s+(.*)$ ^librte-cmdline20.0(?::\w+|)\s+(.*)$ ^librte-jobstats20.0(?::\w+|)\s+(.*)$ ^dpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-ccp20.0(?::\w+|)\s+(.*)$ ^librte-pmd-atlantic20.0(?::\w+|)\s+(.*)$ ^librte-pmd-sw-event20.0(?::\w+|)\s+(.*)$ ^librte-ip-frag20.0(?::\w+|)\s+(.*)$ ^librte-pmd-isal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dsw-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nitrox20.0(?::\w+|)\s+(.*)$ ^librte-pmd-kni20.0(?::\w+|)\s+(.*)$ ^librte-mempool-bucket20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-event20.0(?::\w+|)\s+(.*)$ ^librte-gso20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vdev-netvsc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-openssl20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnx2x20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-compress20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hinic20.0(?::\w+|)\s+(.*)$ ^librte-mempool-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-latencystats20.0(?::\w+|)\s+(.*)$ ^librte-mempool-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-kvargs20.0(?::\w+|)\s+(.*)$ ^librte-bus-fslmc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-avp20.0(?::\w+|)\s+(.*)$ ^librte-pdump20.0(?::\w+|)\s+(.*)$ ^librte-metrics20.0(?::\w+|)\s+(.*)$ ^librte-bbdev0.200(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-sec20.0(?::\w+|)\s+(.*)$ ^librte-bus-vmbus20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bnxt20.0(?::\w+|)\s+(.*)$ ^librte-timer20.0(?::\w+|)\s+(.*)$ ^librte-cfgfile20.0(?::\w+|)\s+(.*)$ ^librte-rcu0.200(?::\w+|)\s+(.*)$ ^librte-pmd-qat20.0(?::\w+|)\s+(.*)$ ^librte-mempool20.0(?::\w+|)\s+(.*)$ ^libdpdk-dev(?::\w+|)\s+(.*)$ ^librte-pmd-null20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio20.0(?::\w+|)\s+(.*)$ ^librte-pmd-axgbe20.0(?::\w+|)\s+(.*)$ ^librte-port20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-mb20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-ntb20.0(?::\w+|)\s+(.*)$ ^librte-pmd-softnic20.0(?::\w+|)\s+(.*)$ ^dpdk-doc(?::\w+|)\s+(.*)$ ^librte-pmd-mlx4-20.0(?::\w+|)\s+(.*)$ ^librte-net20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-fpga-lte-fec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-null-crypto20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ena20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ice20.0(?::\w+|)\s+(.*)$ ^librte-common-dpaax20.0(?::\w+|)\s+(.*)$ ^librte-member20.0(?::\w+|)\s+(.*)$ ^librte-bus-pci20.0(?::\w+|)\s+(.*)$ ^librte-kni20.0(?::\w+|)\s+(.*)$ ^librte-pmd-thunderx20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx20.0(?::\w+|)\s+(.*)$ ^dpdk(?::\w+|)\s+(.*)$ ^librte-pmd-ifc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-opdl-event20.0(?::\w+|)\s+(.*)$ ^librte-pci20.0(?::\w+|)\s+(.*)$ ^librte-eal20.0(?::\w+|)\s+(.*)$ ^librte-pmd-bbdev-turbo-sw20.0(?::\w+|)\s+(.*)$ ^librte-ethdev20.0(?::\w+|)\s+(.*)$ ^librte-table20.0(?::\w+|)\s+(.*)$ ^librte-pmd-hns3-20.0(?::\w+|)\s+(.*)$ ^librte-ipsec0.200(?::\w+|)\s+(.*)$ ^librte-pmd-zlib20.0(?::\w+|)\s+(.*)$ ^librte-bitratestats20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa2-sec20.0(?::\w+|)\s+(.*)$ ^librte-pmd-caam-jr20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-octeontx2-dma20.0(?::\w+|)\s+(.*)$ ^librte-mbuf20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx-event20.0(?::\w+|)\s+(.*)$ ^librte-mempool-stack20.0(?::\w+|)\s+(.*)$ ^librte-power20.0(?::\w+|)\s+(.*)$ ^librte-pmd-liquidio20.0(?::\w+|)\s+(.*)$ ^librte-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vhost20.0(?::\w+|)\s+(.*)$ ^librte-pmd-virtio-crypto20.0(?::\w+|)\s+(.*)$ ^librte-reorder20.0(?::\w+|)\s+(.*)$ ^librte-pmd-qede20.0(?::\w+|)\s+(.*)$ ^librte-pmd-pfe20.0(?::\w+|)\s+(.*)$ ^librte-flow-classify0.200(?::\w+|)\s+(.*)$ ^librte-rib0.200(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-cxgbe20.0(?::\w+|)\s+(.*)$ ^librte-mempool-ring20.0(?::\w+|)\s+(.*)$ ^librte-acl20.0(?::\w+|)\s+(.*)$ ^librte-common-cpt20.0(?::\w+|)\s+(.*)$ ^librte-pmd-aesni-gcm20.0(?::\w+|)\s+(.*)$ ^librte-rawdev-dpaa2-qdma20.0(?::\w+|)\s+(.*)$ ^librte-lpm20.0(?::\w+|)\s+(.*)$ ^librte-pmd-tap20.0(?::\w+|)\s+(.*)$ ^librte-eventdev20.0(?::\w+|)\s+(.*)$ ^librte-pmd-nfp20.0(?::\w+|)\s+(.*)$ ^librte-bus-dpaa20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ring20.0(?::\w+|)\s+(.*)$ ^librte-bus-vdev20.0(?::\w+|)\s+(.*)$ ^librte-common-octeontx2-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-ixgbe20.0(?::\w+|)\s+(.*)$ ^librte-pmd-vmxnet3-20.0(?::\w+|)\s+(.*)$ ^librte-pmd-crypto-scheduler20.0(?::\w+|)\s+(.*)$ ^librte-pmd-enetc20.0(?::\w+|)\s+(.*)$ ^librte-pmd-dpaa-event20.0(?::\w+|)\s+(.*)$ ^librte-pmd-octeontx2-crypto20.0(?::\w+|)\s+(.*)$ ^librte-security20.0(?::\w+|)\s+(.*)$ ^librte-compressdev0.200(?::\w+|)\s+(.*)$ ^librte-fib0.200(?::\w+|)\s+(.*)$ ^librte-bpf0.200(?::\w+|)\s+(.*)$ ^librust-regex-dev(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libwayland-egl1(?::\w+|)\s+(.*)$ ^libwayland-bin(?::\w+|)\s+(.*)$ ^libwayland-dev(?::\w+|)\s+(.*)$ ^libwayland-cursor0(?::\w+|)\s+(.*)$ ^libwayland-egl-backend-dev(?::\w+|)\s+(.*)$ ^libwayland-server0(?::\w+|)\s+(.*)$ ^libwayland-doc(?::\w+|)\s+(.*)$ ^libwayland-client0(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^libxencall1(?::\w+|)\s+(.*)$ ^libxengnttab1(?::\w+|)\s+(.*)$ ^libxentoollog1(?::\w+|)\s+(.*)$ ^xen-hypervisor-common(?::\w+|)\s+(.*)$ ^xen-system-arm64(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.11-armhf(?::\w+|)\s+(.*)$ ^libxenstore3.0(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.9-armhf(?::\w+|)\s+(.*)$ ^xen-system-amd64(?::\w+|)\s+(.*)$ ^libxenmisc4.11(?::\w+|)\s+(.*)$ ^libxendevicemodel1(?::\w+|)\s+(.*)$ ^xenstore-utils(?::\w+|)\s+(.*)$ ^libxentoolcore1(?::\w+|)\s+(.*)$ ^xen-utils-4.11(?::\w+|)\s+(.*)$ ^libxenforeignmemory1(?::\w+|)\s+(.*)$ ^xen-doc(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.9-amd64(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.11-arm64(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.9-arm64(?::\w+|)\s+(.*)$ ^xen-utils-common(?::\w+|)\s+(.*)$ ^libxen-dev(?::\w+|)\s+(.*)$ ^xen-hypervisor-4.11-amd64(?::\w+|)\s+(.*)$ ^libxenevtchn1(?::\w+|)\s+(.*)$ ^xen-system-armhf(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libopenexr-dev(?::\w+|)\s+(.*)$ ^openexr(?::\w+|)\s+(.*)$ ^libopenexr24(?::\w+|)\s+(.*)$ ^openexr-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^python-mako(?::\w+|)\s+(.*)$ ^python-mako-doc(?::\w+|)\s+(.*)$ ^python3-mako(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libpcre2-16-0(?::\w+|)\s+(.*)$ ^libpcre2-32-0(?::\w+|)\s+(.*)$ ^libpcre2-posix2(?::\w+|)\s+(.*)$ ^pcre2-utils(?::\w+|)\s+(.*)$ ^libpcre2-dev(?::\w+|)\s+(.*)$ ^libpcre2-8-0(?::\w+|)\s+(.*)$ ^etcd-server(?::\w+|)\s+(.*)$ ^golang-etcd-server-dev(?::\w+|)\s+(.*)$ ^etcd-client(?::\w+|)\s+(.*)$ ^etcd(?::\w+|)\s+(.*)$ ^libturbojpeg0-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo8-dev(?::\w+|)\s+(.*)$ ^libjpeg-turbo-progs(?::\w+|)\s+(.*)$ ^libturbojpeg(?::\w+|)\s+(.*)$ ^libjpeg-turbo8(?::\w+|)\s+(.*)$ ^libjpeg-turbo-test(?::\w+|)\s+(.*)$ ^sosreport(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^isc-dhcp-dev(?::\w+|)\s+(.*)$ ^isc-dhcp-client-ddns(?::\w+|)\s+(.*)$ ^isc-dhcp-relay(?::\w+|)\s+(.*)$ ^isc-dhcp-client(?::\w+|)\s+(.*)$ ^isc-dhcp-common(?::\w+|)\s+(.*)$ ^isc-dhcp-server(?::\w+|)\s+(.*)$ ^isc-dhcp-server-ldap(?::\w+|)\s+(.*)$ ^kitty-terminfo(?::\w+|)\s+(.*)$ ^kitty(?::\w+|)\s+(.*)$ ^kitty-doc(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libgmp10-doc(?::\w+|)\s+(.*)$ ^libgmpxx4ldbl(?::\w+|)\s+(.*)$ ^libgmp3-dev(?::\w+|)\s+(.*)$ ^libgmp10(?::\w+|)\s+(.*)$ ^libgmp-dev(?::\w+|)\s+(.*)$ ^unzip(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^gthumb-dev(?::\w+|)\s+(.*)$ ^gthumb-data(?::\w+|)\s+(.*)$ ^gthumb(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^libksba-mingw-w64-dev(?::\w+|)\s+(.*)$ ^libksba8(?::\w+|)\s+(.*)$ ^libksba-dev(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^barbican-keystone-listener(?::\w+|)\s+(.*)$ ^barbican-api(?::\w+|)\s+(.*)$ ^barbican-worker(?::\w+|)\s+(.*)$ ^barbican-common(?::\w+|)\s+(.*)$ ^python3-barbican(?::\w+|)\s+(.*)$ ^barbican-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^dbus-1-doc(?::\w+|)\s+(.*)$ ^dbus(?::\w+|)\s+(.*)$ ^libdbus-1-dev(?::\w+|)\s+(.*)$ ^dbus-user-session(?::\w+|)\s+(.*)$ ^dbus-x11(?::\w+|)\s+(.*)$ ^dbus-tests(?::\w+|)\s+(.*)$ ^libdbus-1-3(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^backport-iwlwifi-dkms(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ntfs-3g(?::\w+|)\s+(.*)$ ^libntfs-3g883(?::\w+|)\s+(.*)$ ^ntfs-3g-dev(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libpixman-1-0(?::\w+|)\s+(.*)$ ^libpixman-1-dev(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^golang-1.13-doc(?::\w+|)\s+(.*)$ ^golang-1.13-src(?::\w+|)\s+(.*)$ ^golang-1.13(?::\w+|)\s+(.*)$ ^golang-1.13-go(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^kpartx-boot(?::\w+|)\s+(.*)$ ^multipath-tools-boot(?::\w+|)\s+(.*)$ ^kpartx(?::\w+|)\s+(.*)$ ^multipath-tools(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libflac-doc(?::\w+|)\s+(.*)$ ^libflac-dev(?::\w+|)\s+(.*)$ ^libflac++-dev(?::\w+|)\s+(.*)$ ^flac(?::\w+|)\s+(.*)$ ^libflac++6v5(?::\w+|)\s+(.*)$ ^libflac8(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^jbigkit-bin(?::\w+|)\s+(.*)$ ^libjbig-dev(?::\w+|)\s+(.*)$ ^libjbig0(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^isag(?::\w+|)\s+(.*)$ ^sysstat(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^libbpf-dev(?::\w+|)\s+(.*)$ ^libbpf0(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^python-numpy-doc(?::\w+|)\s+(.*)$ ^python3-numpy(?::\w+|)\s+(.*)$ ^u-boot(?::\w+|)\s+(.*)$ ^u-boot-qemu(?::\w+|)\s+(.*)$ ^u-boot-sifive(?::\w+|)\s+(.*)$ ^u-boot-amlogic(?::\w+|)\s+(.*)$ ^u-boot-tools(?::\w+|)\s+(.*)$ ^u-boot-imx(?::\w+|)\s+(.*)$ ^u-boot-tegra(?::\w+|)\s+(.*)$ ^u-boot-sunxi(?::\w+|)\s+(.*)$ ^u-boot-qcom(?::\w+|)\s+(.*)$ ^u-boot-rpi(?::\w+|)\s+(.*)$ ^u-boot-omap(?::\w+|)\s+(.*)$ ^u-boot-mvebu(?::\w+|)\s+(.*)$ ^u-boot-rockchip(?::\w+|)\s+(.*)$ ^u-boot-exynos(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python-pil(?::\w+|)\s+(.*)$ ^python-pil.imagetk(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libusbredirparser-dev(?::\w+|)\s+(.*)$ ^libusbredirhost-dev(?::\w+|)\s+(.*)$ ^usbredirserver(?::\w+|)\s+(.*)$ ^libusbredirhost1(?::\w+|)\s+(.*)$ ^libusbredirparser1(?::\w+|)\s+(.*)$ ^freeradius-ldap(?::\w+|)\s+(.*)$ ^freeradius-redis(?::\w+|)\s+(.*)$ ^libfreeradius3(?::\w+|)\s+(.*)$ ^freeradius-yubikey(?::\w+|)\s+(.*)$ ^freeradius-memcached(?::\w+|)\s+(.*)$ ^freeradius-postgresql(?::\w+|)\s+(.*)$ ^freeradius-mysql(?::\w+|)\s+(.*)$ ^libfreeradius-dev(?::\w+|)\s+(.*)$ ^freeradius-dhcp(?::\w+|)\s+(.*)$ ^freeradius-python3(?::\w+|)\s+(.*)$ ^freeradius(?::\w+|)\s+(.*)$ ^freeradius-iodbc(?::\w+|)\s+(.*)$ ^freeradius-common(?::\w+|)\s+(.*)$ ^freeradius-rest(?::\w+|)\s+(.*)$ ^freeradius-utils(?::\w+|)\s+(.*)$ ^freeradius-config(?::\w+|)\s+(.*)$ ^freeradius-krb5(?::\w+|)\s+(.*)$ ^nautilus-data(?::\w+|)\s+(.*)$ ^gir1.2-nautilus-3.0(?::\w+|)\s+(.*)$ ^nautilus(?::\w+|)\s+(.*)$ ^libnautilus-extension-dev(?::\w+|)\s+(.*)$ ^libnautilus-extension1a(?::\w+|)\s+(.*)$ ^libksba-mingw-w64-dev(?::\w+|)\s+(.*)$ ^libksba8(?::\w+|)\s+(.*)$ ^libksba-dev(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^snmptrapd(?::\w+|)\s+(.*)$ ^libsnmp-dev(?::\w+|)\s+(.*)$ ^libsnmp-base(?::\w+|)\s+(.*)$ ^snmp(?::\w+|)\s+(.*)$ ^libsnmp-perl(?::\w+|)\s+(.*)$ ^tkmib(?::\w+|)\s+(.*)$ ^snmpd(?::\w+|)\s+(.*)$ ^libsnmp35(?::\w+|)\s+(.*)$ ^w3m-img(?::\w+|)\s+(.*)$ ^w3m(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^xpmutils(?::\w+|)\s+(.*)$ ^libxpm-dev(?::\w+|)\s+(.*)$ ^libxpm4(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^sudo-ldap(?::\w+|)\s+(.*)$ ^sudo(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^python-setuptools(?::\w+|)\s+(.*)$ ^pypy-setuptools(?::\w+|)\s+(.*)$ ^pypy-pkg-resources(?::\w+|)\s+(.*)$ ^python-pkg-resources(?::\w+|)\s+(.*)$ ^python-setuptools-doc(?::\w+|)\s+(.*)$ ^python3-pkg-resources(?::\w+|)\s+(.*)$ ^python3-setuptools(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^exuberant-ctags(?::\w+|)\s+(.*)$ ^python-wheel-common(?::\w+|)\s+(.*)$ ^python3-wheel(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-cracklib(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-cracklib(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^privoxy(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^python-future-doc(?::\w+|)\s+(.*)$ ^python3-future(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python3-glance(?::\w+|)\s+(.*)$ ^glance-api(?::\w+|)\s+(.*)$ ^glance(?::\w+|)\s+(.*)$ ^glance-common(?::\w+|)\s+(.*)$ ^python-glance-doc(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^advancecomp(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^lrzip(?::\w+|)\s+(.*)$ ^editorconfig-doc(?::\w+|)\s+(.*)$ ^libeditorconfig0(?::\w+|)\s+(.*)$ ^editorconfig(?::\w+|)\s+(.*)$ ^libeditorconfig-dev(?::\w+|)\s+(.*)$ ^tmux(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^grunt(?::\w+|)\s+(.*)$ ^libhcrypto4-heimdal(?::\w+|)\s+(.*)$ ^libwind0-heimdal(?::\w+|)\s+(.*)$ ^libroken18-heimdal(?::\w+|)\s+(.*)$ ^libgssapi3-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kcm(?::\w+|)\s+(.*)$ ^libhdb9-heimdal(?::\w+|)\s+(.*)$ ^libasn1-8-heimdal(?::\w+|)\s+(.*)$ ^libsl0-heimdal(?::\w+|)\s+(.*)$ ^libkadm5clnt7-heimdal(?::\w+|)\s+(.*)$ ^heimdal-kdc(?::\w+|)\s+(.*)$ ^libkdc2-heimdal(?::\w+|)\s+(.*)$ ^heimdal-servers(?::\w+|)\s+(.*)$ ^libheimntlm0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-docs(?::\w+|)\s+(.*)$ ^libheimbase1-heimdal(?::\w+|)\s+(.*)$ ^libkrb5-26-heimdal(?::\w+|)\s+(.*)$ ^libotp0-heimdal(?::\w+|)\s+(.*)$ ^heimdal-dev(?::\w+|)\s+(.*)$ ^libkafs0-heimdal(?::\w+|)\s+(.*)$ ^libhx509-5-heimdal(?::\w+|)\s+(.*)$ ^heimdal-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv8-heimdal(?::\w+|)\s+(.*)$ ^heimdal-clients(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^swift-account(?::\w+|)\s+(.*)$ ^swift-doc(?::\w+|)\s+(.*)$ ^swift-proxy(?::\w+|)\s+(.*)$ ^python3-swift(?::\w+|)\s+(.*)$ ^swift-container(?::\w+|)\s+(.*)$ ^swift(?::\w+|)\s+(.*)$ ^swift-object-expirer(?::\w+|)\s+(.*)$ ^swift-object(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^fig2dev(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-odbc(?::\w+|)\s+(.*)$ ^libaprutil1(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-mysql(?::\w+|)\s+(.*)$ ^libaprutil1-ldap(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-sqlite3(?::\w+|)\s+(.*)$ ^libaprutil1-dbd-pgsql(?::\w+|)\s+(.*)$ ^libaprutil1-dev(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^golang-golang-x-text-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libdcmtk14(?::\w+|)\s+(.*)$ ^dcmtk(?::\w+|)\s+(.*)$ ^dcmtk-doc(?::\w+|)\s+(.*)$ ^libdcmtk-dev(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^zoneminder-doc(?::\w+|)\s+(.*)$ ^zoneminder(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^mplayer-doc(?::\w+|)\s+(.*)$ ^mplayer-gui(?::\w+|)\s+(.*)$ ^mplayer(?::\w+|)\s+(.*)$ ^mencoder(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^awstats(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^lighttpd-doc(?::\w+|)\s+(.*)$ ^lighttpd-mod-authn-sasl(?::\w+|)\s+(.*)$ ^lighttpd-mod-magnet(?::\w+|)\s+(.*)$ ^lighttpd-dev(?::\w+|)\s+(.*)$ ^lighttpd-mod-authn-pam(?::\w+|)\s+(.*)$ ^lighttpd(?::\w+|)\s+(.*)$ ^lighttpd-mod-maxminddb(?::\w+|)\s+(.*)$ ^lighttpd-mod-vhostdb-dbi(?::\w+|)\s+(.*)$ ^lighttpd-modules-ldap(?::\w+|)\s+(.*)$ ^lighttpd-mod-cml(?::\w+|)\s+(.*)$ ^lighttpd-mod-vhostdb-pgsql(?::\w+|)\s+(.*)$ ^lighttpd-mod-geoip(?::\w+|)\s+(.*)$ ^lighttpd-mod-authn-gssapi(?::\w+|)\s+(.*)$ ^lighttpd-mod-webdav(?::\w+|)\s+(.*)$ ^lighttpd-mod-trigger-b4-dl(?::\w+|)\s+(.*)$ ^lighttpd-modules-mysql(?::\w+|)\s+(.*)$ ^libsox-fmt-mp3(?::\w+|)\s+(.*)$ ^libsox-fmt-pulse(?::\w+|)\s+(.*)$ ^libsox-fmt-ao(?::\w+|)\s+(.*)$ ^sox(?::\w+|)\s+(.*)$ ^libsox3(?::\w+|)\s+(.*)$ ^libsox-fmt-base(?::\w+|)\s+(.*)$ ^libsox-fmt-all(?::\w+|)\s+(.*)$ ^libsox-dev(?::\w+|)\s+(.*)$ ^libsox-fmt-alsa(?::\w+|)\s+(.*)$ ^libsox-fmt-oss(?::\w+|)\s+(.*)$ ^libsox-fmt-mp3(?::\w+|)\s+(.*)$ ^libsox-fmt-pulse(?::\w+|)\s+(.*)$ ^libsox-fmt-ao(?::\w+|)\s+(.*)$ ^sox(?::\w+|)\s+(.*)$ ^libsox3(?::\w+|)\s+(.*)$ ^libsox-fmt-base(?::\w+|)\s+(.*)$ ^libsox-fmt-all(?::\w+|)\s+(.*)$ ^libsox-dev(?::\w+|)\s+(.*)$ ^libsox-fmt-alsa(?::\w+|)\s+(.*)$ ^libsox-fmt-oss(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^systemd-tests(?::\w+|)\s+(.*)$ ^systemd-coredump(?::\w+|)\s+(.*)$ ^systemd(?::\w+|)\s+(.*)$ ^libsystemd0(?::\w+|)\s+(.*)$ ^systemd-container(?::\w+|)\s+(.*)$ ^libnss-myhostname(?::\w+|)\s+(.*)$ ^libudev1(?::\w+|)\s+(.*)$ ^systemd-timesyncd(?::\w+|)\s+(.*)$ ^libsystemd-dev(?::\w+|)\s+(.*)$ ^libnss-systemd(?::\w+|)\s+(.*)$ ^systemd-journal-remote(?::\w+|)\s+(.*)$ ^libpam-systemd(?::\w+|)\s+(.*)$ ^libnss-mymachines(?::\w+|)\s+(.*)$ ^libnss-resolve(?::\w+|)\s+(.*)$ ^systemd-sysv(?::\w+|)\s+(.*)$ ^udev(?::\w+|)\s+(.*)$ ^libudev-dev(?::\w+|)\s+(.*)$ ^sofia-sip-doc(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib3(?::\w+|)\s+(.*)$ ^libsofia-sip-ua0(?::\w+|)\s+(.*)$ ^sofia-sip-bin(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^libopusfile-doc(?::\w+|)\s+(.*)$ ^libopusfile-dev(?::\w+|)\s+(.*)$ ^libopusfile0(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libyaml-snake-java(?::\w+|)\s+(.*)$ ^libyaml-snake-java-doc(?::\w+|)\s+(.*)$ ^libprotobuf17(?::\w+|)\s+(.*)$ ^libprotoc17(?::\w+|)\s+(.*)$ ^libprotoc-dev(?::\w+|)\s+(.*)$ ^python-protobuf(?::\w+|)\s+(.*)$ ^libprotobuf-lite17(?::\w+|)\s+(.*)$ ^ruby-google-protobuf(?::\w+|)\s+(.*)$ ^libprotobuf-dev(?::\w+|)\s+(.*)$ ^python3-protobuf(?::\w+|)\s+(.*)$ ^libprotobuf-java(?::\w+|)\s+(.*)$ ^protobuf-compiler(?::\w+|)\s+(.*)$ ^libxstream-java(?::\w+|)\s+(.*)$ ^php-twig-inky-extra(?::\w+|)\s+(.*)$ ^php-twig-cssinliner-extra(?::\w+|)\s+(.*)$ ^php-twig-intl-extra(?::\w+|)\s+(.*)$ ^php-twig-extra-bundle(?::\w+|)\s+(.*)$ ^php-twig-html-extra(?::\w+|)\s+(.*)$ ^php-twig-doc(?::\w+|)\s+(.*)$ ^php-twig-markdown-extra(?::\w+|)\s+(.*)$ ^php-twig(?::\w+|)\s+(.*)$ ^python3-werkzeug(?::\w+|)\s+(.*)$ ^python-werkzeug-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^python-ipython-doc(?::\w+|)\s+(.*)$ ^python3-ipython(?::\w+|)\s+(.*)$ ^ipython3(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libphp-phpmailer(?::\w+|)\s+(.*)$ ^librecad-data(?::\w+|)\s+(.*)$ ^librecad(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^abcm2ps(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^tigervnc-xorg-extension(?::\w+|)\s+(.*)$ ^tigervnc-common(?::\w+|)\s+(.*)$ ^tigervnc-standalone-server(?::\w+|)\s+(.*)$ ^tigervnc-scraping-server(?::\w+|)\s+(.*)$ ^tigervnc-viewer(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^node-object-path(?::\w+|)\s+(.*)$ ^python-git-doc(?::\w+|)\s+(.*)$ ^python3-git(?::\w+|)\s+(.*)$ ^gif2apng(?::\w+|)\s+(.*)$ ^libgv-perl(?::\w+|)\s+(.*)$ ^python3-gv(?::\w+|)\s+(.*)$ ^libcgraph6(?::\w+|)\s+(.*)$ ^libgv-tcl(?::\w+|)\s+(.*)$ ^liblab-gamut1(?::\w+|)\s+(.*)$ ^libgvc6(?::\w+|)\s+(.*)$ ^libxdot4(?::\w+|)\s+(.*)$ ^libgv-php7(?::\w+|)\s+(.*)$ ^graphviz-doc(?::\w+|)\s+(.*)$ ^graphviz(?::\w+|)\s+(.*)$ ^libgv-lua(?::\w+|)\s+(.*)$ ^libpathplan4(?::\w+|)\s+(.*)$ ^libcdt5(?::\w+|)\s+(.*)$ ^libgvpr2(?::\w+|)\s+(.*)$ ^libgraphviz-dev(?::\w+|)\s+(.*)$ ^libgvc6-plugins-gtk(?::\w+|)\s+(.*)$ ^libgv-guile(?::\w+|)\s+(.*)$ ^libgv-ruby(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^node-url-parse(?::\w+|)\s+(.*)$ ^libgraphics-magick-perl(?::\w+|)\s+(.*)$ ^libgraphicsmagick-q16-3(?::\w+|)\s+(.*)$ ^libgraphicsmagick1-dev(?::\w+|)\s+(.*)$ ^graphicsmagick(?::\w+|)\s+(.*)$ ^graphicsmagick-imagemagick-compat(?::\w+|)\s+(.*)$ ^graphicsmagick-libmagick-dev-compat(?::\w+|)\s+(.*)$ ^libgraphicsmagick++-q16-12(?::\w+|)\s+(.*)$ ^libgraphicsmagick++1-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.14.0-\d+(?:-oem)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^xcftools(?::\w+|)\s+(.*)$ ^musl-dev(?::\w+|)\s+(.*)$ ^musl-tools(?::\w+|)\s+(.*)$ ^musl(?::\w+|)\s+(.*)$ ^ldb-tools(?::\w+|)\s+(.*)$ ^libldb2(?::\w+|)\s+(.*)$ ^python3-ldb(?::\w+|)\s+(.*)$ ^libldb-dev(?::\w+|)\s+(.*)$ ^python3-ldb-dev(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^liblouis-dev(?::\w+|)\s+(.*)$ ^python3-louis(?::\w+|)\s+(.*)$ ^liblouis-data(?::\w+|)\s+(.*)$ ^liblouis20(?::\w+|)\s+(.*)$ ^liblouis-bin(?::\w+|)\s+(.*)$ ^ipmitool(?::\w+|)\s+(.*)$ ^liblog4j1.2-java-doc(?::\w+|)\s+(.*)$ ^liblog4j1.2-java(?::\w+|)\s+(.*)$ ^node-trim-newlines(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^sudo-ldap(?::\w+|)\s+(.*)$ ^sudo(?::\w+|)\s+(.*)$ ^libexo-2-dev(?::\w+|)\s+(.*)$ ^libexo-helpers(?::\w+|)\s+(.*)$ ^libexo-common(?::\w+|)\s+(.*)$ ^libexo-1-0(?::\w+|)\s+(.*)$ ^exo-utils(?::\w+|)\s+(.*)$ ^libexo-1-dev(?::\w+|)\s+(.*)$ ^libexo-2-0(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libjson-smart-java(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^node-thenify(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^python3-flask-cors(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^kamailio-radius-modules(?::\w+|)\s+(.*)$ ^kamailio-lua-modules(?::\w+|)\s+(.*)$ ^kamailio-postgres-modules(?::\w+|)\s+(.*)$ ^kamailio-perl-modules(?::\w+|)\s+(.*)$ ^kamailio-ruby-modules(?::\w+|)\s+(.*)$ ^kamailio-mysql-modules(?::\w+|)\s+(.*)$ ^kamailio-utils-modules(?::\w+|)\s+(.*)$ ^kamailio-extra-modules(?::\w+|)\s+(.*)$ ^kamailio(?::\w+|)\s+(.*)$ ^kamailio-cpl-modules(?::\w+|)\s+(.*)$ ^kamailio-mono-modules(?::\w+|)\s+(.*)$ ^kamailio-kazoo-modules(?::\w+|)\s+(.*)$ ^kamailio-rabbitmq-modules(?::\w+|)\s+(.*)$ ^kamailio-cnxcc-modules(?::\w+|)\s+(.*)$ ^kamailio-snmpstats-modules(?::\w+|)\s+(.*)$ ^kamailio-tls-modules(?::\w+|)\s+(.*)$ ^kamailio-xmpp-modules(?::\w+|)\s+(.*)$ ^kamailio-presence-modules(?::\w+|)\s+(.*)$ ^kamailio-json-modules(?::\w+|)\s+(.*)$ ^kamailio-sctp-modules(?::\w+|)\s+(.*)$ ^kamailio-mongodb-modules(?::\w+|)\s+(.*)$ ^kamailio-geoip-modules(?::\w+|)\s+(.*)$ ^kamailio-sqlite-modules(?::\w+|)\s+(.*)$ ^kamailio-ldap-modules(?::\w+|)\s+(.*)$ ^kamailio-websocket-modules(?::\w+|)\s+(.*)$ ^kamailio-ims-modules(?::\w+|)\s+(.*)$ ^kamailio-phonenum-modules(?::\w+|)\s+(.*)$ ^kamailio-redis-modules(?::\w+|)\s+(.*)$ ^kamailio-python3-modules(?::\w+|)\s+(.*)$ ^kamailio-erlang-modules(?::\w+|)\s+(.*)$ ^kamailio-autheph-modules(?::\w+|)\s+(.*)$ ^kamailio-outbound-modules(?::\w+|)\s+(.*)$ ^kamailio-systemd-modules(?::\w+|)\s+(.*)$ ^kamailio-berkeley-modules(?::\w+|)\s+(.*)$ ^kamailio-geoip2-modules(?::\w+|)\s+(.*)$ ^kamailio-unixodbc-modules(?::\w+|)\s+(.*)$ ^kamailio-xml-modules(?::\w+|)\s+(.*)$ ^kamailio-berkeley-bin(?::\w+|)\s+(.*)$ ^kamailio-memcached-modules(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^libcommons-net-java-doc(?::\w+|)\s+(.*)$ ^libcommons-net-java(?::\w+|)\s+(.*)$ ^golang-1.18-go(?::\w+|)\s+(.*)$ ^golang-1.18-src(?::\w+|)\s+(.*)$ ^golang-1.18(?::\w+|)\s+(.*)$ ^golang-1.18-doc(?::\w+|)\s+(.*)$ ^golang-1.13(?::\w+|)\s+(.*)$ ^golang-1.13-src(?::\w+|)\s+(.*)$ ^golang-1.13-go(?::\w+|)\s+(.*)$ ^golang-1.13-doc(?::\w+|)\s+(.*)$ ^golang-1.16(?::\w+|)\s+(.*)$ ^golang-1.16-doc(?::\w+|)\s+(.*)$ ^golang-1.16-go(?::\w+|)\s+(.*)$ ^golang-1.16-src(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^cloud-init(?::\w+|)\s+(.*)$ ^cloud-init(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^openssl-ibmca(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libzen-dev(?::\w+|)\s+(.*)$ ^libzen-doc(?::\w+|)\s+(.*)$ ^libzen0v5(?::\w+|)\s+(.*)$ ^libnetty-java(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^erlang-x11(?::\w+|)\s+(.*)$ ^erlang-jinterface(?::\w+|)\s+(.*)$ ^erlang-asn1(?::\w+|)\s+(.*)$ ^erlang-inets(?::\w+|)\s+(.*)$ ^erlang-snmp(?::\w+|)\s+(.*)$ ^erlang-mode(?::\w+|)\s+(.*)$ ^erlang-odbc(?::\w+|)\s+(.*)$ ^erlang-common-test(?::\w+|)\s+(.*)$ ^erlang-examples(?::\w+|)\s+(.*)$ ^erlang-wx(?::\w+|)\s+(.*)$ ^erlang-ftp(?::\w+|)\s+(.*)$ ^erlang-observer(?::\w+|)\s+(.*)$ ^erlang-os-mon(?::\w+|)\s+(.*)$ ^erlang-syntax-tools(?::\w+|)\s+(.*)$ ^erlang-ssl(?::\w+|)\s+(.*)$ ^erlang-dev(?::\w+|)\s+(.*)$ ^erlang-ssh(?::\w+|)\s+(.*)$ ^erlang-megaco(?::\w+|)\s+(.*)$ ^erlang-manpages(?::\w+|)\s+(.*)$ ^erlang(?::\w+|)\s+(.*)$ ^erlang-tftp(?::\w+|)\s+(.*)$ ^erlang-runtime-tools(?::\w+|)\s+(.*)$ ^erlang-eunit(?::\w+|)\s+(.*)$ ^erlang-tools(?::\w+|)\s+(.*)$ ^erlang-debugger(?::\w+|)\s+(.*)$ ^erlang-parsetools(?::\w+|)\s+(.*)$ ^erlang-public-key(?::\w+|)\s+(.*)$ ^erlang-diameter(?::\w+|)\s+(.*)$ ^erlang-doc(?::\w+|)\s+(.*)$ ^erlang-reltool(?::\w+|)\s+(.*)$ ^erlang-xmerl(?::\w+|)\s+(.*)$ ^erlang-nox(?::\w+|)\s+(.*)$ ^erlang-eldap(?::\w+|)\s+(.*)$ ^erlang-src(?::\w+|)\s+(.*)$ ^erlang-edoc(?::\w+|)\s+(.*)$ ^erlang-mnesia(?::\w+|)\s+(.*)$ ^erlang-base-hipe(?::\w+|)\s+(.*)$ ^erlang-crypto(?::\w+|)\s+(.*)$ ^erlang-erl-docgen(?::\w+|)\s+(.*)$ ^erlang-base(?::\w+|)\s+(.*)$ ^erlang-et(?::\w+|)\s+(.*)$ ^erlang-dialyzer(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^gir1.2-javascriptcoregtk-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37-gtk2(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-dev(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-37(?::\w+|)\s+(.*)$ ^webkit2gtk-driver(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-18(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-doc(?::\w+|)\s+(.*)$ ^libjavascriptcoregtk-4.0-bin(?::\w+|)\s+(.*)$ ^gir1.2-webkit2-4.0(?::\w+|)\s+(.*)$ ^libwebkit2gtk-4.0-dev(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^sqlformat(?::\w+|)\s+(.*)$ ^python3-sqlparse(?::\w+|)\s+(.*)$ ^python-sqlparse-doc(?::\w+|)\s+(.*)$ ^pypy-sqlparse(?::\w+|)\s+(.*)$ ^node-css-what(?::\w+|)\s+(.*)$ ^python3-heat(?::\w+|)\s+(.*)$ ^heat-api-cfn(?::\w+|)\s+(.*)$ ^heat-engine(?::\w+|)\s+(.*)$ ^heat-api(?::\w+|)\s+(.*)$ ^heat-common(?::\w+|)\s+(.*)$ ^neutron-linuxbridge-agent(?::\w+|)\s+(.*)$ ^neutron-metering-agent(?::\w+|)\s+(.*)$ ^neutron-plugin-ml2(?::\w+|)\s+(.*)$ ^neutron-server(?::\w+|)\s+(.*)$ ^neutron-ovn-metadata-agent(?::\w+|)\s+(.*)$ ^python3-neutron(?::\w+|)\s+(.*)$ ^neutron-l3-agent(?::\w+|)\s+(.*)$ ^neutron-metadata-agent(?::\w+|)\s+(.*)$ ^neutron-dhcp-agent(?::\w+|)\s+(.*)$ ^neutron-sriov-agent(?::\w+|)\s+(.*)$ ^neutron-openvswitch-agent(?::\w+|)\s+(.*)$ ^neutron-common(?::\w+|)\s+(.*)$ ^neutron-macvtap-agent(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^os-brick-common(?::\w+|)\s+(.*)$ ^python3-os-brick(?::\w+|)\s+(.*)$ ^python-os-brick-doc(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^os-brick-common(?::\w+|)\s+(.*)$ ^python3-os-brick(?::\w+|)\s+(.*)$ ^python-os-brick-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^webp(?::\w+|)\s+(.*)$ ^libwebp6(?::\w+|)\s+(.*)$ ^libwebpmux3(?::\w+|)\s+(.*)$ ^libwebp-dev(?::\w+|)\s+(.*)$ ^libwebpdemux2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^node-eventsource(?::\w+|)\s+(.*)$ ^libfontembed-dev(?::\w+|)\s+(.*)$ ^libfontembed1(?::\w+|)\s+(.*)$ ^libcupsfilters-dev(?::\w+|)\s+(.*)$ ^cups-filters(?::\w+|)\s+(.*)$ ^cups-browsed(?::\w+|)\s+(.*)$ ^cups-filters-core-drivers(?::\w+|)\s+(.*)$ ^libcupsfilters1(?::\w+|)\s+(.*)$ ^node-minimatch(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linuxptp(?::\w+|)\s+(.*)$ ^jhead(?::\w+|)\s+(.*)$ ^ncurses-examples(?::\w+|)\s+(.*)$ ^lib32ncurses-dev(?::\w+|)\s+(.*)$ ^lib32ncursesw6(?::\w+|)\s+(.*)$ ^libtinfo-dev(?::\w+|)\s+(.*)$ ^libncursesw5(?::\w+|)\s+(.*)$ ^libtinfo5(?::\w+|)\s+(.*)$ ^libtinfo6(?::\w+|)\s+(.*)$ ^lib32tinfo6(?::\w+|)\s+(.*)$ ^lib32ncurses6(?::\w+|)\s+(.*)$ ^ncurses-bin(?::\w+|)\s+(.*)$ ^lib64tinfo6(?::\w+|)\s+(.*)$ ^libncurses5-dev(?::\w+|)\s+(.*)$ ^lib64ncurses6(?::\w+|)\s+(.*)$ ^libncurses-dev(?::\w+|)\s+(.*)$ ^libncurses6(?::\w+|)\s+(.*)$ ^libncurses5(?::\w+|)\s+(.*)$ ^ncurses-base(?::\w+|)\s+(.*)$ ^ncurses-doc(?::\w+|)\s+(.*)$ ^lib64ncurses-dev(?::\w+|)\s+(.*)$ ^ncurses-term(?::\w+|)\s+(.*)$ ^libncursesw6(?::\w+|)\s+(.*)$ ^libncursesw5-dev(?::\w+|)\s+(.*)$ ^lib64ncursesw6(?::\w+|)\s+(.*)$ ^libhtml-stripscripts-perl(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^node-xmldom(?::\w+|)\s+(.*)$ ^node-json-schema(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^jhead(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^jhead(?::\w+|)\s+(.*)$ ^python-flask-doc(?::\w+|)\s+(.*)$ ^python3-flask(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^node-nth-check(?::\w+|)\s+(.*)$ ^libptexenc-dev(?::\w+|)\s+(.*)$ ^libkpathsea-dev(?::\w+|)\s+(.*)$ ^libsynctex2(?::\w+|)\s+(.*)$ ^libtexlua53-dev(?::\w+|)\s+(.*)$ ^libtexluajit2(?::\w+|)\s+(.*)$ ^libtexluajit-dev(?::\w+|)\s+(.*)$ ^texlive-binaries(?::\w+|)\s+(.*)$ ^libkpathsea6(?::\w+|)\s+(.*)$ ^libtexlua53(?::\w+|)\s+(.*)$ ^libsynctex-dev(?::\w+|)\s+(.*)$ ^libptexenc1(?::\w+|)\s+(.*)$ ^node-hawk(?::\w+|)\s+(.*)$ ^libbatik-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libnanopb-dev(?::\w+|)\s+(.*)$ ^nanopb(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^python-avahi(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^isag(?::\w+|)\s+(.*)$ ^sysstat(?::\w+|)\s+(.*)$ ^netatalk(?::\w+|)\s+(.*)$ ^sniproxy(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^python-jupyter-core-doc(?::\w+|)\s+(.*)$ ^jupyter(?::\w+|)\s+(.*)$ ^jupyter-core(?::\w+|)\s+(.*)$ ^python3-jupyter-core(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^python3-requests(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^node-fetch(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^libpano13-dev(?::\w+|)\s+(.*)$ ^libpano13-bin(?::\w+|)\s+(.*)$ ^libpano13-3(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^libcap2(?::\w+|)\s+(.*)$ ^libcap2-bin(?::\w+|)\s+(.*)$ ^libpam-cap(?::\w+|)\s+(.*)$ ^libcap-dev(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^libgsasl7(?::\w+|)\s+(.*)$ ^libgsasl7-dev(?::\w+|)\s+(.*)$ ^gsasl(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-pypdf2(?::\w+|)\s+(.*)$ ^python-pypdf2(?::\w+|)\s+(.*)$ ^libjettison-java(?::\w+|)\s+(.*)$ ^libjettison-java(?::\w+|)\s+(.*)$ ^vlc-plugin-notify(?::\w+|)\s+(.*)$ ^vlc-plugin-svg(?::\w+|)\s+(.*)$ ^vlc-l10n(?::\w+|)\s+(.*)$ ^libvlc-dev(?::\w+|)\s+(.*)$ ^libvlccore9(?::\w+|)\s+(.*)$ ^libvlc-bin(?::\w+|)\s+(.*)$ ^vlc(?::\w+|)\s+(.*)$ ^vlc-data(?::\w+|)\s+(.*)$ ^vlc-plugin-fluidsynth(?::\w+|)\s+(.*)$ ^libvlc5(?::\w+|)\s+(.*)$ ^vlc-bin(?::\w+|)\s+(.*)$ ^vlc-plugin-visualization(?::\w+|)\s+(.*)$ ^vlc-plugin-jack(?::\w+|)\s+(.*)$ ^vlc-plugin-samba(?::\w+|)\s+(.*)$ ^vlc-plugin-qt(?::\w+|)\s+(.*)$ ^vlc-plugin-base(?::\w+|)\s+(.*)$ ^libvlccore-dev(?::\w+|)\s+(.*)$ ^vlc-plugin-access-extra(?::\w+|)\s+(.*)$ ^vlc-plugin-skins2(?::\w+|)\s+(.*)$ ^vlc-plugin-video-output(?::\w+|)\s+(.*)$ ^vlc-plugin-video-splitter(?::\w+|)\s+(.*)$ ^pngcheck(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^etcd-server(?::\w+|)\s+(.*)$ ^golang-etcd-server-dev(?::\w+|)\s+(.*)$ ^etcd-client(?::\w+|)\s+(.*)$ ^etcd(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^python3-reportlab-accel(?::\w+|)\s+(.*)$ ^python-reportlab-doc(?::\w+|)\s+(.*)$ ^python3-reportlab(?::\w+|)\s+(.*)$ ^python3-renderpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^libcpdb-libs-common1(?::\w+|)\s+(.*)$ ^libcpdb-libs-common-dev(?::\w+|)\s+(.*)$ ^libcpdb-libs-frontend-dev(?::\w+|)\s+(.*)$ ^libcpdb-libs-backend-dev(?::\w+|)\s+(.*)$ ^libcpdb-libs-frontend1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^gerbv(?::\w+|)\s+(.*)$ ^ruby-doorkeeper(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^dwarves(?::\w+|)\s+(.*)$ ^lib3mf1(?::\w+|)\s+(.*)$ ^lib3mf-doc(?::\w+|)\s+(.*)$ ^lib3mf-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^knot-resolver(?::\w+|)\s+(.*)$ ^knot-resolver-doc(?::\w+|)\s+(.*)$ ^knot-resolver-module-http(?::\w+|)\s+(.*)$ ^python3-scipy(?::\w+|)\s+(.*)$ ^python-scipy-doc(?::\w+|)\s+(.*)$ ^wkhtmltopdf(?::\w+|)\s+(.*)$ ^yajl-tools(?::\w+|)\s+(.*)$ ^libyajl-doc(?::\w+|)\s+(.*)$ ^libyajl-dev(?::\w+|)\s+(.*)$ ^libyajl2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^connman(?::\w+|)\s+(.*)$ ^connman-doc(?::\w+|)\s+(.*)$ ^connman-vpn(?::\w+|)\s+(.*)$ ^connman-dev(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^ecdsautils(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^graphite-web(?::\w+|)\s+(.*)$ ^amd64-microcode(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^open-iscsi(?::\w+|)\s+(.*)$ ^iscsiuio(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^libwsutil-dev(?::\w+|)\s+(.*)$ ^wireshark-dev(?::\w+|)\s+(.*)$ ^tshark(?::\w+|)\s+(.*)$ ^libwireshark-dev(?::\w+|)\s+(.*)$ ^wireshark-qt(?::\w+|)\s+(.*)$ ^libwiretap-dev(?::\w+|)\s+(.*)$ ^libwsutil11(?::\w+|)\s+(.*)$ ^wireshark-doc(?::\w+|)\s+(.*)$ ^wireshark-common(?::\w+|)\s+(.*)$ ^libwiretap10(?::\w+|)\s+(.*)$ ^wireshark-gtk(?::\w+|)\s+(.*)$ ^libwireshark13(?::\w+|)\s+(.*)$ ^libwireshark-data(?::\w+|)\s+(.*)$ ^wireshark(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^librsvg2-common(?::\w+|)\s+(.*)$ ^gir1.2-rsvg-2.0(?::\w+|)\s+(.*)$ ^librsvg2-doc(?::\w+|)\s+(.*)$ ^librsvg2-bin(?::\w+|)\s+(.*)$ ^librsvg2-2(?::\w+|)\s+(.*)$ ^librsvg2-dev(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-x(?::\w+|)\s+(.*)$ ^libgstreamer-gl1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-gl(?::\w+|)\s+(.*)$ ^gstreamer1.0-alsa(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-base-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-doc(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-apps(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^maradns-zoneserver(?::\w+|)\s+(.*)$ ^duende(?::\w+|)\s+(.*)$ ^maradns(?::\w+|)\s+(.*)$ ^maradns-deadwood(?::\w+|)\s+(.*)$ ^maradns-docs(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^cargo(?::\w+|)\s+(.*)$ ^cargo-doc(?::\w+|)\s+(.*)$ ^php-dompdf(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^python3-pypdf2(?::\w+|)\s+(.*)$ ^python-pypdf2(?::\w+|)\s+(.*)$ ^velocity-doc(?::\w+|)\s+(.*)$ ^velocity(?::\w+|)\s+(.*)$ ^libvelocity-tools-java-doc(?::\w+|)\s+(.*)$ ^libvelocity-tools-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^golang-yaml.v2-dev(?::\w+|)\s+(.*)$ ^golang-gopkg-yaml.v2-dev(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^zziplib-bin(?::\w+|)\s+(.*)$ ^libzzip-0-13(?::\w+|)\s+(.*)$ ^libzzip-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^inetutils-tools(?::\w+|)\s+(.*)$ ^inetutils-ftpd(?::\w+|)\s+(.*)$ ^inetutils-talkd(?::\w+|)\s+(.*)$ ^inetutils-traceroute(?::\w+|)\s+(.*)$ ^inetutils-talk(?::\w+|)\s+(.*)$ ^inetutils-telnetd(?::\w+|)\s+(.*)$ ^inetutils-inetd(?::\w+|)\s+(.*)$ ^inetutils-ping(?::\w+|)\s+(.*)$ ^inetutils-syslogd(?::\w+|)\s+(.*)$ ^inetutils-ftp(?::\w+|)\s+(.*)$ ^inetutils-telnet(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^libcjose0(?::\w+|)\s+(.*)$ ^libcjose-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gke)(?::\w+|)\s+(.*)$ ^faad(?::\w+|)\s+(.*)$ ^libfaad-dev(?::\w+|)\s+(.*)$ ^libfaad2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^amd64-microcode(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libasm1(?::\w+|)\s+(.*)$ ^libdw-dev(?::\w+|)\s+(.*)$ ^libelf1(?::\w+|)\s+(.*)$ ^libelf-dev(?::\w+|)\s+(.*)$ ^elfutils(?::\w+|)\s+(.*)$ ^libdw1(?::\w+|)\s+(.*)$ ^libasm-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^python-git-doc(?::\w+|)\s+(.*)$ ^python3-git(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^atftp(?::\w+|)\s+(.*)$ ^atftpd(?::\w+|)\s+(.*)$ ^golang-github-docker-distribution-dev(?::\w+|)\s+(.*)$ ^docker-registry(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^libsox-fmt-base(?::\w+|)\s+(.*)$ ^libsox-fmt-pulse(?::\w+|)\s+(.*)$ ^libsox-fmt-ao(?::\w+|)\s+(.*)$ ^libsox-dev(?::\w+|)\s+(.*)$ ^libsox3(?::\w+|)\s+(.*)$ ^libsox-fmt-mp3(?::\w+|)\s+(.*)$ ^libsox-fmt-all(?::\w+|)\s+(.*)$ ^sox(?::\w+|)\s+(.*)$ ^libsox-fmt-alsa(?::\w+|)\s+(.*)$ ^libsox-fmt-oss(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libshiro-java(?::\w+|)\s+(.*)$ ^libplib-dev(?::\w+|)\s+(.*)$ ^libplib1(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^shim-signed(?::\w+|)\s+(.*)$ ^shim(?::\w+|)\s+(.*)$ ^grub-efi-amd64-bin(?::\w+|)\s+(.*)$ ^grub-efi-amd64(?::\w+|)\s+(.*)$ ^grub-efi-arm64(?::\w+|)\s+(.*)$ ^grub-efi-arm64-bin(?::\w+|)\s+(.*)$ ^libopendmarc-dev(?::\w+|)\s+(.*)$ ^opendmarc(?::\w+|)\s+(.*)$ ^libopendmarc2(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^ruby-redcloth(?::\w+|)\s+(.*)$ ^libflac-doc(?::\w+|)\s+(.*)$ ^libflac-dev(?::\w+|)\s+(.*)$ ^libflac++-dev(?::\w+|)\s+(.*)$ ^flac(?::\w+|)\s+(.*)$ ^libflac++6v5(?::\w+|)\s+(.*)$ ^libflac8(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^webp(?::\w+|)\s+(.*)$ ^libwebp6(?::\w+|)\s+(.*)$ ^libwebpmux3(?::\w+|)\s+(.*)$ ^libwebp-dev(?::\w+|)\s+(.*)$ ^libwebpdemux2(?::\w+|)\s+(.*)$ ^libapache2-mod-security2(?::\w+|)\s+(.*)$ ^libssh2-1-dev(?::\w+|)\s+(.*)$ ^libssh2-1(?::\w+|)\s+(.*)$ ^gawk(?::\w+|)\s+(.*)$ ^mutt(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^vsftpd(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^memcached(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^indent-doc(?::\w+|)\s+(.*)$ ^indent(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^minidlna(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libtommath-dev(?::\w+|)\s+(.*)$ ^libtommath1(?::\w+|)\s+(.*)$ ^libtommath-doc(?::\w+|)\s+(.*)$ ^libvpx-dev(?::\w+|)\s+(.*)$ ^libvpx6(?::\w+|)\s+(.*)$ ^vpx-tools(?::\w+|)\s+(.*)$ ^libvpx-doc(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libx11-6(?::\w+|)\s+(.*)$ ^libx11-data(?::\w+|)\s+(.*)$ ^libx11-xcb-dev(?::\w+|)\s+(.*)$ ^libx11-xcb1(?::\w+|)\s+(.*)$ ^libx11-doc(?::\w+|)\s+(.*)$ ^libx11-dev(?::\w+|)\s+(.*)$ ^xpmutils(?::\w+|)\s+(.*)$ ^libxpm-dev(?::\w+|)\s+(.*)$ ^libxpm4(?::\w+|)\s+(.*)$ ^grub-efi-amd64-signed(?::\w+|)\s+(.*)$ ^grub-efi-arm64-signed(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^node-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui(?::\w+|)\s+(.*)$ ^libjs-jquery-ui-docs(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^jami-daemon(?::\w+|)\s+(.*)$ ^ring(?::\w+|)\s+(.*)$ ^ring-daemon(?::\w+|)\s+(.*)$ ^jami(?::\w+|)\s+(.*)$ ^libcue-dev(?::\w+|)\s+(.*)$ ^libcue2(?::\w+|)\s+(.*)$ ^kramdown(?::\w+|)\s+(.*)$ ^ruby-kramdown(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^libwbclient-dev(?::\w+|)\s+(.*)$ ^samba(?::\w+|)\s+(.*)$ ^libnss-winbind(?::\w+|)\s+(.*)$ ^libpam-winbind(?::\w+|)\s+(.*)$ ^libsmbclient(?::\w+|)\s+(.*)$ ^ctdb(?::\w+|)\s+(.*)$ ^smbclient(?::\w+|)\s+(.*)$ ^libwbclient0(?::\w+|)\s+(.*)$ ^samba-testsuite(?::\w+|)\s+(.*)$ ^samba-common-bin(?::\w+|)\s+(.*)$ ^winbind(?::\w+|)\s+(.*)$ ^samba-dsdb-modules(?::\w+|)\s+(.*)$ ^samba-dev(?::\w+|)\s+(.*)$ ^libsmbclient-dev(?::\w+|)\s+(.*)$ ^samba-vfs-modules(?::\w+|)\s+(.*)$ ^samba-common(?::\w+|)\s+(.*)$ ^registry-tools(?::\w+|)\s+(.*)$ ^samba-libs(?::\w+|)\s+(.*)$ ^python3-samba(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^iperf3(?::\w+|)\s+(.*)$ ^libiperf0(?::\w+|)\s+(.*)$ ^libiperf-dev(?::\w+|)\s+(.*)$ ^quagga-ripngd(?::\w+|)\s+(.*)$ ^quagga-isisd(?::\w+|)\s+(.*)$ ^quagga-ospfd(?::\w+|)\s+(.*)$ ^quagga-pimd(?::\w+|)\s+(.*)$ ^quagga-ripd(?::\w+|)\s+(.*)$ ^quagga-ospf6d(?::\w+|)\s+(.*)$ ^quagga(?::\w+|)\s+(.*)$ ^quagga-doc(?::\w+|)\s+(.*)$ ^quagga-core(?::\w+|)\s+(.*)$ ^quagga-bgpd(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libpmix-dev(?::\w+|)\s+(.*)$ ^libpmix2(?::\w+|)\s+(.*)$ ^libpmi2-pmix(?::\w+|)\s+(.*)$ ^libpmi-pmix-dev(?::\w+|)\s+(.*)$ ^libpmi1-pmix(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^libaom-doc(?::\w+|)\s+(.*)$ ^libaom-dev(?::\w+|)\s+(.*)$ ^aom-tools(?::\w+|)\s+(.*)$ ^libaom0(?::\w+|)\s+(.*)$ ^sofia-sip-doc(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib3(?::\w+|)\s+(.*)$ ^libsofia-sip-ua0(?::\w+|)\s+(.*)$ ^sofia-sip-bin(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-glib-dev(?::\w+|)\s+(.*)$ ^libsofia-sip-ua-dev(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libpmi0-dev(?::\w+|)\s+(.*)$ ^slurmctld(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins-dev(?::\w+|)\s+(.*)$ ^libslurm-perl(?::\w+|)\s+(.*)$ ^libpmi0(?::\w+|)\s+(.*)$ ^slurm-wlm(?::\w+|)\s+(.*)$ ^libslurm-dev(?::\w+|)\s+(.*)$ ^slurm-client(?::\w+|)\s+(.*)$ ^libpam-slurm(?::\w+|)\s+(.*)$ ^slurmd(?::\w+|)\s+(.*)$ ^slurm-wlm-torque(?::\w+|)\s+(.*)$ ^slurm-client-emulator(?::\w+|)\s+(.*)$ ^libpam-slurm-adopt(?::\w+|)\s+(.*)$ ^slurm-wlm-emulator(?::\w+|)\s+(.*)$ ^libpmi2-0(?::\w+|)\s+(.*)$ ^slurmdbd(?::\w+|)\s+(.*)$ ^slurm-wlm-doc(?::\w+|)\s+(.*)$ ^libslurm34(?::\w+|)\s+(.*)$ ^libpmi2-0-dev(?::\w+|)\s+(.*)$ ^libslurmdb-perl(?::\w+|)\s+(.*)$ ^sview(?::\w+|)\s+(.*)$ ^slurm-wlm-basic-plugins(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^xrdp(?::\w+|)\s+(.*)$ ^libaxis-java-doc(?::\w+|)\s+(.*)$ ^libaxis-java(?::\w+|)\s+(.*)$ ^libsndfile1(?::\w+|)\s+(.*)$ ^libsndfile1-dev(?::\w+|)\s+(.*)$ ^sndfile-programs(?::\w+|)\s+(.*)$ ^libgslcblas0(?::\w+|)\s+(.*)$ ^libgsl23(?::\w+|)\s+(.*)$ ^gsl-bin(?::\w+|)\s+(.*)$ ^libgsl-dev(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^xrdp(?::\w+|)\s+(.*)$ ^libprocps8(?::\w+|)\s+(.*)$ ^libprocps-dev(?::\w+|)\s+(.*)$ ^procps(?::\w+|)\s+(.*)$ ^traceroute(?::\w+|)\s+(.*)$ ^quagga-ripngd(?::\w+|)\s+(.*)$ ^quagga-isisd(?::\w+|)\s+(.*)$ ^quagga-ospfd(?::\w+|)\s+(.*)$ ^quagga-pimd(?::\w+|)\s+(.*)$ ^quagga-ripd(?::\w+|)\s+(.*)$ ^quagga-ospf6d(?::\w+|)\s+(.*)$ ^quagga(?::\w+|)\s+(.*)$ ^quagga-doc(?::\w+|)\s+(.*)$ ^quagga-core(?::\w+|)\s+(.*)$ ^quagga-bgpd(?::\w+|)\s+(.*)$ ^tidy(?::\w+|)\s+(.*)$ ^libtidy5deb1(?::\w+|)\s+(.*)$ ^libtidy-dev(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd-dev(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-0(?::\w+|)\s+(.*)$ ^libavahi-core7(?::\w+|)\s+(.*)$ ^libavahi-client3(?::\w+|)\s+(.*)$ ^libavahi-core-dev(?::\w+|)\s+(.*)$ ^libavahi-client-dev(?::\w+|)\s+(.*)$ ^avahi-ui-utils(?::\w+|)\s+(.*)$ ^libavahi-gobject-dev(?::\w+|)\s+(.*)$ ^avahi-dnsconfd(?::\w+|)\s+(.*)$ ^libavahi-compat-libdnssd1(?::\w+|)\s+(.*)$ ^libavahi-common3(?::\w+|)\s+(.*)$ ^avahi-daemon(?::\w+|)\s+(.*)$ ^avahi-discover(?::\w+|)\s+(.*)$ ^libavahi-common-dev(?::\w+|)\s+(.*)$ ^libavahi-common-data(?::\w+|)\s+(.*)$ ^avahi-utils(?::\w+|)\s+(.*)$ ^libavahi-ui-gtk3-dev(?::\w+|)\s+(.*)$ ^libavahi-glib-dev(?::\w+|)\s+(.*)$ ^libavahi-gobject0(?::\w+|)\s+(.*)$ ^gir1.2-avahi-0.6(?::\w+|)\s+(.*)$ ^avahi-autoipd(?::\w+|)\s+(.*)$ ^python-avahi(?::\w+|)\s+(.*)$ ^libavahi-glib1(?::\w+|)\s+(.*)$ ^strongswan-nm(?::\w+|)\s+(.*)$ ^strongswan-scepclient(?::\w+|)\s+(.*)$ ^libcharon-extra-plugins(?::\w+|)\s+(.*)$ ^libcharon-standard-plugins(?::\w+|)\s+(.*)$ ^libstrongswan-extra-plugins(?::\w+|)\s+(.*)$ ^strongswan-charon(?::\w+|)\s+(.*)$ ^libstrongswan(?::\w+|)\s+(.*)$ ^strongswan-libcharon(?::\w+|)\s+(.*)$ ^strongswan-swanctl(?::\w+|)\s+(.*)$ ^libstrongswan-standard-plugins(?::\w+|)\s+(.*)$ ^strongswan-starter(?::\w+|)\s+(.*)$ ^libcharon-extauth-plugins(?::\w+|)\s+(.*)$ ^charon-systemd(?::\w+|)\s+(.*)$ ^strongswan(?::\w+|)\s+(.*)$ ^strongswan-tnc-server(?::\w+|)\s+(.*)$ ^strongswan-tnc-client(?::\w+|)\s+(.*)$ ^strongswan-tnc-base(?::\w+|)\s+(.*)$ ^charon-cmd(?::\w+|)\s+(.*)$ ^strongswan-pki(?::\w+|)\s+(.*)$ ^strongswan-tnc-ifmap(?::\w+|)\s+(.*)$ ^strongswan-tnc-pdp(?::\w+|)\s+(.*)$ ^tang(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^mosquitto-dev(?::\w+|)\s+(.*)$ ^libmosquitto-dev(?::\w+|)\s+(.*)$ ^libmosquitto1(?::\w+|)\s+(.*)$ ^mosquitto(?::\w+|)\s+(.*)$ ^libmosquittopp1(?::\w+|)\s+(.*)$ ^libmosquittopp-dev(?::\w+|)\s+(.*)$ ^mosquitto-clients(?::\w+|)\s+(.*)$ ^hibagent(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^libzfs2linux(?::\w+|)\s+(.*)$ ^libzpool2linux(?::\w+|)\s+(.*)$ ^spl-dkms(?::\w+|)\s+(.*)$ ^zfs-initramfs(?::\w+|)\s+(.*)$ ^python3-pyzfs(?::\w+|)\s+(.*)$ ^zfs-dracut(?::\w+|)\s+(.*)$ ^pyzfs-doc(?::\w+|)\s+(.*)$ ^libnvpair1linux(?::\w+|)\s+(.*)$ ^zfsutils-linux(?::\w+|)\s+(.*)$ ^spl(?::\w+|)\s+(.*)$ ^zfs-test(?::\w+|)\s+(.*)$ ^libzfslinux-dev(?::\w+|)\s+(.*)$ ^libuutil1linux(?::\w+|)\s+(.*)$ ^zfs-zed(?::\w+|)\s+(.*)$ ^zfs-dkms(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^perl-modules-5.30(?::\w+|)\s+(.*)$ ^libperl-dev(?::\w+|)\s+(.*)$ ^perl-doc(?::\w+|)\s+(.*)$ ^perl(?::\w+|)\s+(.*)$ ^perl-base(?::\w+|)\s+(.*)$ ^libperl5.30(?::\w+|)\s+(.*)$ ^perl-debug(?::\w+|)\s+(.*)$ ^libgimp2.0-doc(?::\w+|)\s+(.*)$ ^libgimp2.0-dev(?::\w+|)\s+(.*)$ ^libgimp2.0(?::\w+|)\s+(.*)$ ^gimp-data(?::\w+|)\s+(.*)$ ^gimp(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^pypy3-dev(?::\w+|)\s+(.*)$ ^pypy3-lib-testsuite(?::\w+|)\s+(.*)$ ^pypy3-tk(?::\w+|)\s+(.*)$ ^pypy3-lib(?::\w+|)\s+(.*)$ ^pypy3-doc(?::\w+|)\s+(.*)$ ^pypy3(?::\w+|)\s+(.*)$ ^python3-sha3(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-0(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-bad-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-opencv(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad(?::\w+|)\s+(.*)$ ^libgstreamer-opencv1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-dev(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^rt4-standalone(?::\w+|)\s+(.*)$ ^rt4-db-postgresql(?::\w+|)\s+(.*)$ ^rt4-db-mysql(?::\w+|)\s+(.*)$ ^rt4-apache2(?::\w+|)\s+(.*)$ ^rt4-db-sqlite(?::\w+|)\s+(.*)$ ^rt4-clients(?::\w+|)\s+(.*)$ ^request-tracker4(?::\w+|)\s+(.*)$ ^rt4-fcgi(?::\w+|)\s+(.*)$ ^rt4-doc-html(?::\w+|)\s+(.*)$ ^haproxy(?::\w+|)\s+(.*)$ ^haproxy-doc(?::\w+|)\s+(.*)$ ^vim-haproxy(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^libtinyxml-doc(?::\w+|)\s+(.*)$ ^libtinyxml-dev(?::\w+|)\s+(.*)$ ^libtinyxml2.6.2v5(?::\w+|)\s+(.*)$ ^tar-scripts(?::\w+|)\s+(.*)$ ^tar(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^postfixadmin(?::\w+|)\s+(.*)$ ^netatalk(?::\w+|)\s+(.*)$ ^python3-pydantic(?::\w+|)\s+(.*)$ ^gnome-control-center(?::\w+|)\s+(.*)$ ^gnome-control-center-dev(?::\w+|)\s+(.*)$ ^gnome-control-center-faces(?::\w+|)\s+(.*)$ ^gnome-control-center-data(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^audiofile-tools(?::\w+|)\s+(.*)$ ^libaudiofile-dev(?::\w+|)\s+(.*)$ ^libaudiofile1(?::\w+|)\s+(.*)$ ^python3-zookeeper(?::\w+|)\s+(.*)$ ^libzookeeper-java(?::\w+|)\s+(.*)$ ^libzookeeper-java-doc(?::\w+|)\s+(.*)$ ^zookeeperd(?::\w+|)\s+(.*)$ ^zookeeper(?::\w+|)\s+(.*)$ ^libzookeeper-st-dev(?::\w+|)\s+(.*)$ ^zookeeper-bin(?::\w+|)\s+(.*)$ ^libzookeeper-mt-dev(?::\w+|)\s+(.*)$ ^libzookeeper-mt2(?::\w+|)\s+(.*)$ ^libzookeeper-st2(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamunrar9(?::\w+|)\s+(.*)$ ^monit(?::\w+|)\s+(.*)$ ^golang-1.20-doc(?::\w+|)\s+(.*)$ ^golang-1.20-src(?::\w+|)\s+(.*)$ ^golang-1.20-go(?::\w+|)\s+(.*)$ ^golang-1.20(?::\w+|)\s+(.*)$ ^golang-1.21-src(?::\w+|)\s+(.*)$ ^golang-1.21(?::\w+|)\s+(.*)$ ^golang-1.21-doc(?::\w+|)\s+(.*)$ ^golang-1.21-go(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^python3-twisted-bin(?::\w+|)\s+(.*)$ ^libxerces-c-dev(?::\w+|)\s+(.*)$ ^libxerces-c3.2(?::\w+|)\s+(.*)$ ^libxerces-c-samples(?::\w+|)\s+(.*)$ ^libxerces-c-doc(?::\w+|)\s+(.*)$ ^w3m-img(?::\w+|)\s+(.*)$ ^w3m(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^libspf2-2(?::\w+|)\s+(.*)$ ^libmail-spf-xs-perl(?::\w+|)\s+(.*)$ ^libspf2-dev(?::\w+|)\s+(.*)$ ^spfquery(?::\w+|)\s+(.*)$ ^libfreeimage3(?::\w+|)\s+(.*)$ ^libfreeimage-dev(?::\w+|)\s+(.*)$ ^libfreeimageplus3(?::\w+|)\s+(.*)$ ^libfreeimageplus-dev(?::\w+|)\s+(.*)$ ^libfreeimageplus-doc(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^libpam-runtime(?::\w+|)\s+(.*)$ ^libpam0g-dev(?::\w+|)\s+(.*)$ ^libpam-modules(?::\w+|)\s+(.*)$ ^libpam-modules-bin(?::\w+|)\s+(.*)$ ^libpam-doc(?::\w+|)\s+(.*)$ ^libpam-cracklib(?::\w+|)\s+(.*)$ ^libpam0g(?::\w+|)\s+(.*)$ ^filezilla-common(?::\w+|)\s+(.*)$ ^filezilla(?::\w+|)\s+(.*)$ ^libxerces-c-dev(?::\w+|)\s+(.*)$ ^libxerces-c3.2(?::\w+|)\s+(.*)$ ^libxerces-c-samples(?::\w+|)\s+(.*)$ ^libxerces-c-doc(?::\w+|)\s+(.*)$ ^postfix-doc(?::\w+|)\s+(.*)$ ^postfix(?::\w+|)\s+(.*)$ ^postfix-sqlite(?::\w+|)\s+(.*)$ ^postfix-cdb(?::\w+|)\s+(.*)$ ^postfix-pcre(?::\w+|)\s+(.*)$ ^postfix-lmdb(?::\w+|)\s+(.*)$ ^postfix-pgsql(?::\w+|)\s+(.*)$ ^postfix-mysql(?::\w+|)\s+(.*)$ ^postfix-ldap(?::\w+|)\s+(.*)$ ^postfix-doc(?::\w+|)\s+(.*)$ ^postfix(?::\w+|)\s+(.*)$ ^postfix-sqlite(?::\w+|)\s+(.*)$ ^postfix-cdb(?::\w+|)\s+(.*)$ ^postfix-pcre(?::\w+|)\s+(.*)$ ^postfix-lmdb(?::\w+|)\s+(.*)$ ^postfix-pgsql(?::\w+|)\s+(.*)$ ^postfix-mysql(?::\w+|)\s+(.*)$ ^postfix-ldap(?::\w+|)\s+(.*)$ ^libssh-gcrypt-dev(?::\w+|)\s+(.*)$ ^libssh-doc(?::\w+|)\s+(.*)$ ^libssh-4(?::\w+|)\s+(.*)$ ^libssh-dev(?::\w+|)\s+(.*)$ ^libssh-gcrypt-4(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^libapache-session-ldap-perl(?::\w+|)\s+(.*)$ ^python3-paramiko(?::\w+|)\s+(.*)$ ^paramiko-doc(?::\w+|)\s+(.*)$ ^python-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^mariadb-plugin-cracklib-password-check(?::\w+|)\s+(.*)$ ^mariadb-backup(?::\w+|)\s+(.*)$ ^mariadb-plugin-connect(?::\w+|)\s+(.*)$ ^mariadb-plugin-spider(?::\w+|)\s+(.*)$ ^libmariadbclient-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev(?::\w+|)\s+(.*)$ ^libmariadb3(?::\w+|)\s+(.*)$ ^libmariadbd19(?::\w+|)\s+(.*)$ ^mariadb-client-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-tokudb(?::\w+|)\s+(.*)$ ^mariadb-client(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-client(?::\w+|)\s+(.*)$ ^mariadb-server-10.3(?::\w+|)\s+(.*)$ ^mariadb-server-core-10.3(?::\w+|)\s+(.*)$ ^mariadb-test-data(?::\w+|)\s+(.*)$ ^mariadb-client-10.3(?::\w+|)\s+(.*)$ ^mariadb-plugin-rocksdb(?::\w+|)\s+(.*)$ ^mariadb-plugin-mroonga(?::\w+|)\s+(.*)$ ^libmariadbd-dev(?::\w+|)\s+(.*)$ ^libmariadb-dev-compat(?::\w+|)\s+(.*)$ ^mariadb-plugin-gssapi-server(?::\w+|)\s+(.*)$ ^mariadb-server(?::\w+|)\s+(.*)$ ^mariadb-common(?::\w+|)\s+(.*)$ ^mariadb-plugin-oqgraph(?::\w+|)\s+(.*)$ ^mariadb-test(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^libtinyxml-doc(?::\w+|)\s+(.*)$ ^libtinyxml-dev(?::\w+|)\s+(.*)$ ^libtinyxml2.6.2v5(?::\w+|)\s+(.*)$ ^ceph-mds(?::\w+|)\s+(.*)$ ^python3-rbd(?::\w+|)\s+(.*)$ ^ceph-mgr-modules-core(?::\w+|)\s+(.*)$ ^ceph-mgr(?::\w+|)\s+(.*)$ ^ceph-mgr-cephadm(?::\w+|)\s+(.*)$ ^ceph(?::\w+|)\s+(.*)$ ^ceph-osd(?::\w+|)\s+(.*)$ ^rbd-mirror(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-local(?::\w+|)\s+(.*)$ ^ceph-mgr-dashboard(?::\w+|)\s+(.*)$ ^librbd-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-rook(?::\w+|)\s+(.*)$ ^rbd-fuse(?::\w+|)\s+(.*)$ ^libradospp-dev(?::\w+|)\s+(.*)$ ^librados-dev(?::\w+|)\s+(.*)$ ^ceph-mgr-diskprediction-cloud(?::\w+|)\s+(.*)$ ^python3-ceph(?::\w+|)\s+(.*)$ ^cephadm(?::\w+|)\s+(.*)$ ^libradosstriper-dev(?::\w+|)\s+(.*)$ ^librados2(?::\w+|)\s+(.*)$ ^ceph-mon(?::\w+|)\s+(.*)$ ^libcephfs2(?::\w+|)\s+(.*)$ ^ceph-immutable-object-cache(?::\w+|)\s+(.*)$ ^librgw2(?::\w+|)\s+(.*)$ ^rbd-nbd(?::\w+|)\s+(.*)$ ^radosgw(?::\w+|)\s+(.*)$ ^librbd1(?::\w+|)\s+(.*)$ ^python3-rgw(?::\w+|)\s+(.*)$ ^python3-ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-dev(?::\w+|)\s+(.*)$ ^rados-objclass-dev(?::\w+|)\s+(.*)$ ^libradosstriper1(?::\w+|)\s+(.*)$ ^python3-ceph-argparse(?::\w+|)\s+(.*)$ ^librgw-dev(?::\w+|)\s+(.*)$ ^python3-rados(?::\w+|)\s+(.*)$ ^ceph-base(?::\w+|)\s+(.*)$ ^ceph-mgr-k8sevents(?::\w+|)\s+(.*)$ ^python3-cephfs(?::\w+|)\s+(.*)$ ^ceph-fuse(?::\w+|)\s+(.*)$ ^cephfs-shell(?::\w+|)\s+(.*)$ ^ceph-common(?::\w+|)\s+(.*)$ ^libcephfs-java(?::\w+|)\s+(.*)$ ^ceph-resource-agents(?::\w+|)\s+(.*)$ ^libcephfs-jni(?::\w+|)\s+(.*)$ ^amanda-client(?::\w+|)\s+(.*)$ ^amanda-common(?::\w+|)\s+(.*)$ ^amanda-server(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libldap-2.4-2(?::\w+|)\s+(.*)$ ^slapd-smbk5pwd(?::\w+|)\s+(.*)$ ^slapd-contrib(?::\w+|)\s+(.*)$ ^libldap-common(?::\w+|)\s+(.*)$ ^slapi-dev(?::\w+|)\s+(.*)$ ^ldap-utils(?::\w+|)\s+(.*)$ ^libldap2-dev(?::\w+|)\s+(.*)$ ^slapd(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^golang-github-opencontainers-runc-dev(?::\w+|)\s+(.*)$ ^runc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^python3-ujson(?::\w+|)\s+(.*)$ ^python3-ujson(?::\w+|)\s+(.*)$ ^python-glance-store-doc(?::\w+|)\s+(.*)$ ^python3-glance-store(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^passwd(?::\w+|)\s+(.*)$ ^login(?::\w+|)\s+(.*)$ ^uidmap(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^node-ip(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^roundcube-pgsql(?::\w+|)\s+(.*)$ ^roundcube-mysql(?::\w+|)\s+(.*)$ ^roundcube-plugins(?::\w+|)\s+(.*)$ ^roundcube(?::\w+|)\s+(.*)$ ^roundcube-core(?::\w+|)\s+(.*)$ ^roundcube-sqlite3(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^dnsmasq(?::\w+|)\s+(.*)$ ^dnsmasq-base-lua(?::\w+|)\s+(.*)$ ^dnsmasq-utils(?::\w+|)\s+(.*)$ ^dnsmasq-base(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^less(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libuv1-dev(?::\w+|)\s+(.*)$ ^libuv1(?::\w+|)\s+(.*)$ ^libcpanel-json-xs-perl(?::\w+|)\s+(.*)$ ^python3-openstackclient(?::\w+|)\s+(.*)$ ^python-openstackclient-doc(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^php-guzzlehttp-psr7(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^python3-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography(?::\w+|)\s+(.*)$ ^python-cryptography-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^ruby-image-processing(?::\w+|)\s+(.*)$ ^libc-ares2(?::\w+|)\s+(.*)$ ^libc-ares-dev(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^libgit2-28(?::\w+|)\s+(.*)$ ^libgit2-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^puma(?::\w+|)\s+(.*)$ ^libhtmlcleaner-java(?::\w+|)\s+(.*)$ ^libhtmlcleaner-java-doc(?::\w+|)\s+(.*)$ ^libmqtt-client-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^accountsservice(?::\w+|)\s+(.*)$ ^gir1.2-accountsservice-1.0(?::\w+|)\s+(.*)$ ^libaccountsservice-doc(?::\w+|)\s+(.*)$ ^libaccountsservice-dev(?::\w+|)\s+(.*)$ ^libaccountsservice0(?::\w+|)\s+(.*)$ ^openvswitch-doc(?::\w+|)\s+(.*)$ ^openvswitch-switch(?::\w+|)\s+(.*)$ ^openvswitch-pki(?::\w+|)\s+(.*)$ ^openvswitch-common(?::\w+|)\s+(.*)$ ^openvswitch-testcontroller(?::\w+|)\s+(.*)$ ^openvswitch-vtep(?::\w+|)\s+(.*)$ ^openvswitch-source(?::\w+|)\s+(.*)$ ^python3-openvswitch(?::\w+|)\s+(.*)$ ^openvswitch-switch-dpdk(?::\w+|)\s+(.*)$ ^openvswitch-test(?::\w+|)\s+(.*)$ ^ovn-docker(?::\w+|)\s+(.*)$ ^ovn-common(?::\w+|)\s+(.*)$ ^ovn-ic(?::\w+|)\s+(.*)$ ^ovn-host(?::\w+|)\s+(.*)$ ^ovn-central(?::\w+|)\s+(.*)$ ^ovn-ic-db(?::\w+|)\s+(.*)$ ^ovn-controller-vtep(?::\w+|)\s+(.*)$ ^ovn-doc(?::\w+|)\s+(.*)$ ^libgoogle-gson-java(?::\w+|)\s+(.*)$ ^libptexenc-dev(?::\w+|)\s+(.*)$ ^libkpathsea-dev(?::\w+|)\s+(.*)$ ^libptexenc1(?::\w+|)\s+(.*)$ ^libtexlua53-dev(?::\w+|)\s+(.*)$ ^libtexluajit2(?::\w+|)\s+(.*)$ ^libtexluajit-dev(?::\w+|)\s+(.*)$ ^texlive-binaries(?::\w+|)\s+(.*)$ ^libkpathsea6(?::\w+|)\s+(.*)$ ^libtexlua53(?::\w+|)\s+(.*)$ ^libsynctex-dev(?::\w+|)\s+(.*)$ ^libsynctex2(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libgv-perl(?::\w+|)\s+(.*)$ ^python3-gv(?::\w+|)\s+(.*)$ ^libcgraph6(?::\w+|)\s+(.*)$ ^libgv-tcl(?::\w+|)\s+(.*)$ ^liblab-gamut1(?::\w+|)\s+(.*)$ ^libgv-guile(?::\w+|)\s+(.*)$ ^libxdot4(?::\w+|)\s+(.*)$ ^libgv-lua(?::\w+|)\s+(.*)$ ^libcdt5(?::\w+|)\s+(.*)$ ^graphviz(?::\w+|)\s+(.*)$ ^libgv-php7(?::\w+|)\s+(.*)$ ^libpathplan4(?::\w+|)\s+(.*)$ ^graphviz-doc(?::\w+|)\s+(.*)$ ^libgvpr2(?::\w+|)\s+(.*)$ ^libgraphviz-dev(?::\w+|)\s+(.*)$ ^libgvc6-plugins-gtk(?::\w+|)\s+(.*)$ ^libgvc6(?::\w+|)\s+(.*)$ ^libgv-ruby(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^crmsh(?::\w+|)\s+(.*)$ ^crmsh-doc(?::\w+|)\s+(.*)$ ^libnet-cidr-lite-perl(?::\w+|)\s+(.*)$ ^debian-goodies(?::\w+|)\s+(.*)$ ^odbcinst(?::\w+|)\s+(.*)$ ^odbcinst1debian2(?::\w+|)\s+(.*)$ ^libodbc1(?::\w+|)\s+(.*)$ ^unixodbc-dev(?::\w+|)\s+(.*)$ ^unixodbc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^bsdutils(?::\w+|)\s+(.*)$ ^libfdisk-dev(?::\w+|)\s+(.*)$ ^libblkid1(?::\w+|)\s+(.*)$ ^rfkill(?::\w+|)\s+(.*)$ ^libfdisk1(?::\w+|)\s+(.*)$ ^libblkid-dev(?::\w+|)\s+(.*)$ ^util-linux-locales(?::\w+|)\s+(.*)$ ^libuuid1(?::\w+|)\s+(.*)$ ^libmount1(?::\w+|)\s+(.*)$ ^libsmartcols-dev(?::\w+|)\s+(.*)$ ^uuid-dev(?::\w+|)\s+(.*)$ ^libmount-dev(?::\w+|)\s+(.*)$ ^libsmartcols1(?::\w+|)\s+(.*)$ ^fdisk(?::\w+|)\s+(.*)$ ^uuid-runtime(?::\w+|)\s+(.*)$ ^util-linux(?::\w+|)\s+(.*)$ ^mount(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^libnss3-dev(?::\w+|)\s+(.*)$ ^libnss3(?::\w+|)\s+(.*)$ ^libnss3-tools(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^libmaven-shared-utils-java-doc(?::\w+|)\s+(.*)$ ^libmaven-shared-utils-java(?::\w+|)\s+(.*)$ ^yard-doc(?::\w+|)\s+(.*)$ ^yard(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libvirt0(?::\w+|)\s+(.*)$ ^libvirt-dev(?::\w+|)\s+(.*)$ ^libnss-libvirt(?::\w+|)\s+(.*)$ ^libvirt-daemon(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-systemd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-xen(?::\w+|)\s+(.*)$ ^libvirt-sanlock(?::\w+|)\s+(.*)$ ^libvirt-wireshark(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-rbd(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-qemu(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-gluster(?::\w+|)\s+(.*)$ ^libvirt-doc(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-vbox(?::\w+|)\s+(.*)$ ^libvirt-daemon-system-sysv(?::\w+|)\s+(.*)$ ^libvirt-daemon-system(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-lxc(?::\w+|)\s+(.*)$ ^libvirt-clients(?::\w+|)\s+(.*)$ ^libvirt-daemon-driver-storage-zfs(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^klibc-utils(?::\w+|)\s+(.*)$ ^libklibc(?::\w+|)\s+(.*)$ ^libklibc-dev(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws|-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^python3-pil.imagetk(?::\w+|)\s+(.*)$ ^python-pil-doc(?::\w+|)\s+(.*)$ ^python3-pil(?::\w+|)\s+(.*)$ ^python-pil(?::\w+|)\s+(.*)$ ^python-pil.imagetk(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^ruby-sanitize(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^zabbix-java-gateway(?::\w+|)\s+(.*)$ ^zabbix-frontend-php(?::\w+|)\s+(.*)$ ^zabbix-proxy-mysql(?::\w+|)\s+(.*)$ ^zabbix-server-pgsql(?::\w+|)\s+(.*)$ ^zabbix-server-mysql(?::\w+|)\s+(.*)$ ^zabbix-proxy-pgsql(?::\w+|)\s+(.*)$ ^zabbix-proxy-sqlite3(?::\w+|)\s+(.*)$ ^zabbix-agent(?::\w+|)\s+(.*)$ ^libfreerdp-server2-2(?::\w+|)\s+(.*)$ ^freerdp2-shadow-x11(?::\w+|)\s+(.*)$ ^libfreerdp2-2(?::\w+|)\s+(.*)$ ^freerdp2-dev(?::\w+|)\s+(.*)$ ^freerdp2-wayland(?::\w+|)\s+(.*)$ ^libwinpr2-dev(?::\w+|)\s+(.*)$ ^libfreerdp-shadow2-2(?::\w+|)\s+(.*)$ ^libuwac0-0(?::\w+|)\s+(.*)$ ^freerdp2-x11(?::\w+|)\s+(.*)$ ^libwinpr2-2(?::\w+|)\s+(.*)$ ^libuwac0-dev(?::\w+|)\s+(.*)$ ^libwinpr-tools2-2(?::\w+|)\s+(.*)$ ^libfreerdp-shadow-subsystem2-2(?::\w+|)\s+(.*)$ ^libfreerdp-client2-2(?::\w+|)\s+(.*)$ ^winpr-utils(?::\w+|)\s+(.*)$ ^libjs-cryptojs(?::\w+|)\s+(.*)$ ^libnghttp2-14(?::\w+|)\s+(.*)$ ^libnghttp2-doc(?::\w+|)\s+(.*)$ ^libnghttp2-dev(?::\w+|)\s+(.*)$ ^nghttp2-proxy(?::\w+|)\s+(.*)$ ^nghttp2(?::\w+|)\s+(.*)$ ^nghttp2-client(?::\w+|)\s+(.*)$ ^nghttp2-server(?::\w+|)\s+(.*)$ ^cpio(?::\w+|)\s+(.*)$ ^cpio-win32(?::\w+|)\s+(.*)$ ^less(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^node-json5(?::\w+|)\s+(.*)$ ^gerbv(?::\w+|)\s+(.*)$ ^anope(?::\w+|)\s+(.*)$ ^libde265-0(?::\w+|)\s+(.*)$ ^libde265-examples(?::\w+|)\s+(.*)$ ^libde265-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libspreadsheet-parsexlsx-perl(?::\w+|)\s+(.*)$ ^fossil(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^python-idna(?::\w+|)\s+(.*)$ ^python3-idna(?::\w+|)\s+(.*)$ ^libspreadsheet-parseexcel-perl(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^vlc-plugin-notify(?::\w+|)\s+(.*)$ ^vlc-plugin-svg(?::\w+|)\s+(.*)$ ^vlc-l10n(?::\w+|)\s+(.*)$ ^libvlc-dev(?::\w+|)\s+(.*)$ ^libvlccore9(?::\w+|)\s+(.*)$ ^libvlc-bin(?::\w+|)\s+(.*)$ ^vlc(?::\w+|)\s+(.*)$ ^vlc-data(?::\w+|)\s+(.*)$ ^vlc-plugin-fluidsynth(?::\w+|)\s+(.*)$ ^libvlc5(?::\w+|)\s+(.*)$ ^vlc-bin(?::\w+|)\s+(.*)$ ^vlc-plugin-visualization(?::\w+|)\s+(.*)$ ^vlc-plugin-jack(?::\w+|)\s+(.*)$ ^vlc-plugin-samba(?::\w+|)\s+(.*)$ ^vlc-plugin-qt(?::\w+|)\s+(.*)$ ^vlc-plugin-base(?::\w+|)\s+(.*)$ ^libvlccore-dev(?::\w+|)\s+(.*)$ ^vlc-plugin-access-extra(?::\w+|)\s+(.*)$ ^vlc-plugin-skins2(?::\w+|)\s+(.*)$ ^vlc-plugin-video-output(?::\w+|)\s+(.*)$ ^vlc-plugin-video-splitter(?::\w+|)\s+(.*)$ ^netatalk(?::\w+|)\s+(.*)$ ^python-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^amavisd-new-postfix(?::\w+|)\s+(.*)$ ^amavisd-new(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^python3-flask-security(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^libtss2-dev(?::\w+|)\s+(.*)$ ^libtss2-esys0(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-doc(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-x(?::\w+|)\s+(.*)$ ^libgstreamer-gl1.0-0(?::\w+|)\s+(.*)$ ^gstreamer1.0-gl(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-base-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-alsa(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-apps(?::\w+|)\s+(.*)$ ^python3-werkzeug(?::\w+|)\s+(.*)$ ^python-werkzeug-doc(?::\w+|)\s+(.*)$ ^node-browserify-sign(?::\w+|)\s+(.*)$ ^python3-pymysql(?::\w+|)\s+(.*)$ ^python-pymysql-doc(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-0(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-common(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-bin(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-dev(?::\w+|)\s+(.*)$ ^libgdk-pixbuf2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gdkpixbuf-2.0(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^libatrilview-dev(?::\w+|)\s+(.*)$ ^libatrildocument-dev(?::\w+|)\s+(.*)$ ^atril-common(?::\w+|)\s+(.*)$ ^atril(?::\w+|)\s+(.*)$ ^gir1.2-atrilview-1.5.0(?::\w+|)\s+(.*)$ ^libatrildocument3(?::\w+|)\s+(.*)$ ^gir1.2-atrildocument-1.5.0(?::\w+|)\s+(.*)$ ^gir1.2-atril(?::\w+|)\s+(.*)$ ^libatrilview3(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-testsupport(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^libvpx-dev(?::\w+|)\s+(.*)$ ^libvpx6(?::\w+|)\s+(.*)$ ^vpx-tools(?::\w+|)\s+(.*)$ ^libvpx-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^libgif7(?::\w+|)\s+(.*)$ ^giflib-tools(?::\w+|)\s+(.*)$ ^libgif-dev(?::\w+|)\s+(.*)$ ^libphp-adodb(?::\w+|)\s+(.*)$ ^libapache-mod-jk-doc(?::\w+|)\s+(.*)$ ^libapache2-mod-jk(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^libmatio-doc(?::\w+|)\s+(.*)$ ^libmatio9(?::\w+|)\s+(.*)$ ^libmatio-dev(?::\w+|)\s+(.*)$ ^libndp0(?::\w+|)\s+(.*)$ ^libndp-dev(?::\w+|)\s+(.*)$ ^libndp-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^virtuoso-opensource-6.1-bin(?::\w+|)\s+(.*)$ ^virtuoso-vad-sparqldemo(?::\w+|)\s+(.*)$ ^virtuoso-vsp-startpage(?::\w+|)\s+(.*)$ ^virtuoso-vad-isparql(?::\w+|)\s+(.*)$ ^virtuoso-opensource-6.1-common(?::\w+|)\s+(.*)$ ^virtuoso-vad-demo(?::\w+|)\s+(.*)$ ^virtuoso-server(?::\w+|)\s+(.*)$ ^virtuoso-vad-tutorial(?::\w+|)\s+(.*)$ ^virtuoso-minimal(?::\w+|)\s+(.*)$ ^virtuoso-opensource(?::\w+|)\s+(.*)$ ^virtuoso-vad-ods(?::\w+|)\s+(.*)$ ^virtuoso-vad-syncml(?::\w+|)\s+(.*)$ ^virtuoso-vad-doc(?::\w+|)\s+(.*)$ ^virtuoso-opensource-6.1(?::\w+|)\s+(.*)$ ^virtuoso-vad-conductor(?::\w+|)\s+(.*)$ ^libvirtodbc0(?::\w+|)\s+(.*)$ ^libvirtuoso5.5-cil(?::\w+|)\s+(.*)$ ^virtuoso-vad-bpel(?::\w+|)\s+(.*)$ ^virtuoso-vad-rdfmappers(?::\w+|)\s+(.*)$ ^libvte-2.91-common(?::\w+|)\s+(.*)$ ^libvte-2.91-dev(?::\w+|)\s+(.*)$ ^gir1.2-vte-2.91(?::\w+|)\s+(.*)$ ^libvte-2.91-doc(?::\w+|)\s+(.*)$ ^libvte-2.91-0(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libsss-certmap-dev(?::\w+|)\s+(.*)$ ^libipa-hbac-dev(?::\w+|)\s+(.*)$ ^sssd-ad(?::\w+|)\s+(.*)$ ^libsss-sudo(?::\w+|)\s+(.*)$ ^libsss-nss-idmap0(?::\w+|)\s+(.*)$ ^libnss-sss(?::\w+|)\s+(.*)$ ^sssd-ipa(?::\w+|)\s+(.*)$ ^libsss-simpleifp0(?::\w+|)\s+(.*)$ ^libsss-idmap-dev(?::\w+|)\s+(.*)$ ^python3-libsss-nss-idmap(?::\w+|)\s+(.*)$ ^libsss-certmap0(?::\w+|)\s+(.*)$ ^python3-sss(?::\w+|)\s+(.*)$ ^libpam-sss(?::\w+|)\s+(.*)$ ^sssd-kcm(?::\w+|)\s+(.*)$ ^libsss-idmap0(?::\w+|)\s+(.*)$ ^sssd-ldap(?::\w+|)\s+(.*)$ ^libsss-nss-idmap-dev(?::\w+|)\s+(.*)$ ^libsss-simpleifp-dev(?::\w+|)\s+(.*)$ ^sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd(?::\w+|)\s+(.*)$ ^libwbclient-sssd-dev(?::\w+|)\s+(.*)$ ^sssd-common(?::\w+|)\s+(.*)$ ^python3-libipa-hbac(?::\w+|)\s+(.*)$ ^libipa-hbac0(?::\w+|)\s+(.*)$ ^sssd-tools(?::\w+|)\s+(.*)$ ^sssd-ad-common(?::\w+|)\s+(.*)$ ^sssd-krb5-common(?::\w+|)\s+(.*)$ ^sssd-dbus(?::\w+|)\s+(.*)$ ^sssd-krb5(?::\w+|)\s+(.*)$ ^sssd-proxy(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^gdb-multiarch(?::\w+|)\s+(.*)$ ^gdbserver(?::\w+|)\s+(.*)$ ^gdb(?::\w+|)\s+(.*)$ ^gdb-doc(?::\w+|)\s+(.*)$ ^gdb-source(?::\w+|)\s+(.*)$ ^plasma-workspace-dev(?::\w+|)\s+(.*)$ ^libweather-ion7(?::\w+|)\s+(.*)$ ^libplasma-geolocation-interface5(?::\w+|)\s+(.*)$ ^libkworkspace5-5(?::\w+|)\s+(.*)$ ^plasma-workspace-wayland(?::\w+|)\s+(.*)$ ^sddm-theme-breeze(?::\w+|)\s+(.*)$ ^libcolorcorrect5(?::\w+|)\s+(.*)$ ^libnotificationmanager1(?::\w+|)\s+(.*)$ ^libtaskmanager6(?::\w+|)\s+(.*)$ ^plasma-workspace(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^libhibernate3-java(?::\w+|)\s+(.*)$ ^ansible(?::\w+|)\s+(.*)$ ^ansible-doc(?::\w+|)\s+(.*)$ ^heif-gdk-pixbuf(?::\w+|)\s+(.*)$ ^libheif-examples(?::\w+|)\s+(.*)$ ^libheif-dev(?::\w+|)\s+(.*)$ ^libheif1(?::\w+|)\s+(.*)$ ^heif-thumbnailer(?::\w+|)\s+(.*)$ ^roundcube-pgsql(?::\w+|)\s+(.*)$ ^roundcube-mysql(?::\w+|)\s+(.*)$ ^roundcube-plugins(?::\w+|)\s+(.*)$ ^roundcube(?::\w+|)\s+(.*)$ ^roundcube-core(?::\w+|)\s+(.*)$ ^roundcube-sqlite3(?::\w+|)\s+(.*)$ ^netplan.io(?::\w+|)\s+(.*)$ ^libnetplan0(?::\w+|)\s+(.*)$ ^libnetplan-dev(?::\w+|)\s+(.*)$ ^netplan.io(?::\w+|)\s+(.*)$ ^libnetplan0(?::\w+|)\s+(.*)$ ^libnetplan-dev(?::\w+|)\s+(.*)$ ^wget(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^libiso9660-dev(?::\w+|)\s+(.*)$ ^libcdio-utils(?::\w+|)\s+(.*)$ ^libiso9660-11(?::\w+|)\s+(.*)$ ^libudf-dev(?::\w+|)\s+(.*)$ ^libcdio18(?::\w+|)\s+(.*)$ ^libcdio-dev(?::\w+|)\s+(.*)$ ^libudf0(?::\w+|)\s+(.*)$ ^fontforge-extras(?::\w+|)\s+(.*)$ ^fontforge-common(?::\w+|)\s+(.*)$ ^fontforge-doc(?::\w+|)\s+(.*)$ ^fontforge-nox(?::\w+|)\s+(.*)$ ^libfontforge-dev(?::\w+|)\s+(.*)$ ^fontforge(?::\w+|)\s+(.*)$ ^libgdraw6(?::\w+|)\s+(.*)$ ^python3-fontforge(?::\w+|)\s+(.*)$ ^libfontforge3(?::\w+|)\s+(.*)$ ^libespeak-ng1(?::\w+|)\s+(.*)$ ^libespeak-ng-libespeak-dev(?::\w+|)\s+(.*)$ ^espeak-ng-data(?::\w+|)\s+(.*)$ ^libespeak-ng-dev(?::\w+|)\s+(.*)$ ^libespeak-ng-libespeak1(?::\w+|)\s+(.*)$ ^espeak-ng(?::\w+|)\s+(.*)$ ^espeak-ng-espeak(?::\w+|)\s+(.*)$ ^openvpn(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^kopano-archiver(?::\w+|)\s+(.*)$ ^kopano-backup(?::\w+|)\s+(.*)$ ^kopano-monitor(?::\w+|)\s+(.*)$ ^kopano-presence(?::\w+|)\s+(.*)$ ^kopano-search(?::\w+|)\s+(.*)$ ^kopano-contacts(?::\w+|)\s+(.*)$ ^kopano-spamd(?::\w+|)\s+(.*)$ ^kopano-core(?::\w+|)\s+(.*)$ ^kopano-l10n(?::\w+|)\s+(.*)$ ^php-mapi(?::\w+|)\s+(.*)$ ^kopano-server(?::\w+|)\s+(.*)$ ^python3-kopano(?::\w+|)\s+(.*)$ ^kopano-ical(?::\w+|)\s+(.*)$ ^kopano-dagent(?::\w+|)\s+(.*)$ ^kopano-dev(?::\w+|)\s+(.*)$ ^python3-mapi(?::\w+|)\s+(.*)$ ^kopano-spooler(?::\w+|)\s+(.*)$ ^kopano-common(?::\w+|)\s+(.*)$ ^kopano-libs(?::\w+|)\s+(.*)$ ^kopano-utils(?::\w+|)\s+(.*)$ ^kopano-gateway(?::\w+|)\s+(.*)$ ^libvirtodbc0(?::\w+|)\s+(.*)$ ^libvirtuoso5.5-cil(?::\w+|)\s+(.*)$ ^virtuoso-minimal(?::\w+|)\s+(.*)$ ^virtuoso-opensource(?::\w+|)\s+(.*)$ ^virtuoso-opensource-6.1(?::\w+|)\s+(.*)$ ^virtuoso-opensource-6.1-bin(?::\w+|)\s+(.*)$ ^virtuoso-opensource-6.1-common(?::\w+|)\s+(.*)$ ^virtuoso-server(?::\w+|)\s+(.*)$ ^virtuoso-vad-bpel(?::\w+|)\s+(.*)$ ^virtuoso-vad-conductor(?::\w+|)\s+(.*)$ ^virtuoso-vad-demo(?::\w+|)\s+(.*)$ ^virtuoso-vad-doc(?::\w+|)\s+(.*)$ ^virtuoso-vad-isparql(?::\w+|)\s+(.*)$ ^virtuoso-vad-ods(?::\w+|)\s+(.*)$ ^virtuoso-vad-rdfmappers(?::\w+|)\s+(.*)$ ^virtuoso-vad-sparqldemo(?::\w+|)\s+(.*)$ ^virtuoso-vad-syncml(?::\w+|)\s+(.*)$ ^virtuoso-vad-tutorial(?::\w+|)\s+(.*)$ ^virtuoso-vsp-startpage(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^cinder-api(?::\w+|)\s+(.*)$ ^cinder-backup(?::\w+|)\s+(.*)$ ^cinder-common(?::\w+|)\s+(.*)$ ^cinder-scheduler(?::\w+|)\s+(.*)$ ^cinder-volume(?::\w+|)\s+(.*)$ ^python3-cinder(?::\w+|)\s+(.*)$ ^glance(?::\w+|)\s+(.*)$ ^glance-api(?::\w+|)\s+(.*)$ ^glance-common(?::\w+|)\s+(.*)$ ^python-glance-doc(?::\w+|)\s+(.*)$ ^python3-glance(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^golang-1.21(?::\w+|)\s+(.*)$ ^golang-1.21-doc(?::\w+|)\s+(.*)$ ^golang-1.21-go(?::\w+|)\s+(.*)$ ^golang-1.21-src(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^gir1.2-gtk-2.0(?::\w+|)\s+(.*)$ ^gtk2-engines-pixbuf(?::\w+|)\s+(.*)$ ^gtk2.0-examples(?::\w+|)\s+(.*)$ ^libgail-common(?::\w+|)\s+(.*)$ ^libgail-dev(?::\w+|)\s+(.*)$ ^libgail-doc(?::\w+|)\s+(.*)$ ^libgail18(?::\w+|)\s+(.*)$ ^libgtk2.0-0(?::\w+|)\s+(.*)$ ^libgtk2.0-bin(?::\w+|)\s+(.*)$ ^libgtk2.0-common(?::\w+|)\s+(.*)$ ^libgtk2.0-dev(?::\w+|)\s+(.*)$ ^libgtk2.0-doc(?::\w+|)\s+(.*)$ ^gir1.2-gtk-3.0(?::\w+|)\s+(.*)$ ^gtk-3-examples(?::\w+|)\s+(.*)$ ^gtk-update-icon-cache(?::\w+|)\s+(.*)$ ^libgail-3-0(?::\w+|)\s+(.*)$ ^libgail-3-dev(?::\w+|)\s+(.*)$ ^libgail-3-doc(?::\w+|)\s+(.*)$ ^libgtk-3-0(?::\w+|)\s+(.*)$ ^libgtk-3-bin(?::\w+|)\s+(.*)$ ^libgtk-3-common(?::\w+|)\s+(.*)$ ^libgtk-3-dev(?::\w+|)\s+(.*)$ ^libgtk-3-doc(?::\w+|)\s+(.*)$ ^stunnel4(?::\w+|)\s+(.*)$ ^apache2(?::\w+|)\s+(.*)$ ^apache2-bin(?::\w+|)\s+(.*)$ ^apache2-data(?::\w+|)\s+(.*)$ ^apache2-dev(?::\w+|)\s+(.*)$ ^apache2-doc(?::\w+|)\s+(.*)$ ^apache2-ssl-dev(?::\w+|)\s+(.*)$ ^apache2-suexec-custom(?::\w+|)\s+(.*)$ ^apache2-suexec-pristine(?::\w+|)\s+(.*)$ ^apache2-utils(?::\w+|)\s+(.*)$ ^libapache2-mod-md(?::\w+|)\s+(.*)$ ^libapache2-mod-proxy-uwsgi(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^python-pymongo-doc(?::\w+|)\s+(.*)$ ^python3-bson(?::\w+|)\s+(.*)$ ^python3-bson-ext(?::\w+|)\s+(.*)$ ^python3-gridfs(?::\w+|)\s+(.*)$ ^python3-pymongo(?::\w+|)\s+(.*)$ ^python3-pymongo-ext(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^pypy-zipp(?::\w+|)\s+(.*)$ ^python-zipp(?::\w+|)\s+(.*)$ ^python3-zipp(?::\w+|)\s+(.*)$ ^squid(?::\w+|)\s+(.*)$ ^squid-cgi(?::\w+|)\s+(.*)$ ^squid-common(?::\w+|)\s+(.*)$ ^squid-purge(?::\w+|)\s+(.*)$ ^squidclient(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^activemq(?::\w+|)\s+(.*)$ ^libactivemq-java(?::\w+|)\s+(.*)$ ^nova-ajax-console-proxy(?::\w+|)\s+(.*)$ ^nova-api(?::\w+|)\s+(.*)$ ^nova-api-metadata(?::\w+|)\s+(.*)$ ^nova-api-os-compute(?::\w+|)\s+(.*)$ ^nova-api-os-volume(?::\w+|)\s+(.*)$ ^nova-cells(?::\w+|)\s+(.*)$ ^nova-common(?::\w+|)\s+(.*)$ ^nova-compute(?::\w+|)\s+(.*)$ ^nova-compute-kvm(?::\w+|)\s+(.*)$ ^nova-compute-libvirt(?::\w+|)\s+(.*)$ ^nova-compute-lxc(?::\w+|)\s+(.*)$ ^nova-compute-qemu(?::\w+|)\s+(.*)$ ^nova-compute-vmware(?::\w+|)\s+(.*)$ ^nova-compute-xen(?::\w+|)\s+(.*)$ ^nova-conductor(?::\w+|)\s+(.*)$ ^nova-doc(?::\w+|)\s+(.*)$ ^nova-novncproxy(?::\w+|)\s+(.*)$ ^nova-scheduler(?::\w+|)\s+(.*)$ ^nova-serialproxy(?::\w+|)\s+(.*)$ ^nova-spiceproxy(?::\w+|)\s+(.*)$ ^nova-volume(?::\w+|)\s+(.*)$ ^python3-nova(?::\w+|)\s+(.*)$ ^php-cas(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-21-testsupport(?::\w+|)\s+(.*)$ ^clickhouse-client(?::\w+|)\s+(.*)$ ^clickhouse-common(?::\w+|)\s+(.*)$ ^clickhouse-server(?::\w+|)\s+(.*)$ ^clickhouse-tools(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^golang-github-prometheus-alertmanager-dev(?::\w+|)\s+(.*)$ ^prometheus-alertmanager(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^exim4(?::\w+|)\s+(.*)$ ^exim4-base(?::\w+|)\s+(.*)$ ^exim4-config(?::\w+|)\s+(.*)$ ^exim4-daemon-heavy(?::\w+|)\s+(.*)$ ^exim4-daemon-light(?::\w+|)\s+(.*)$ ^exim4-dev(?::\w+|)\s+(.*)$ ^eximon4(?::\w+|)\s+(.*)$ ^golang-github-snapcore-snapd-dev(?::\w+|)\s+(.*)$ ^golang-github-ubuntu-core-snappy-dev(?::\w+|)\s+(.*)$ ^snap-confine(?::\w+|)\s+(.*)$ ^snapd(?::\w+|)\s+(.*)$ ^snapd-xdg-open(?::\w+|)\s+(.*)$ ^ubuntu-core-launcher(?::\w+|)\s+(.*)$ ^ubuntu-core-snapd-units(?::\w+|)\s+(.*)$ ^ubuntu-snappy(?::\w+|)\s+(.*)$ ^ubuntu-snappy-cli(?::\w+|)\s+(.*)$ ^gross(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^hostapd(?::\w+|)\s+(.*)$ ^wpagui(?::\w+|)\s+(.*)$ ^wpasupplicant(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^libcroco-tools(?::\w+|)\s+(.*)$ ^libcroco3(?::\w+|)\s+(.*)$ ^libcroco3-dev(?::\w+|)\s+(.*)$ ^ruby-rmagick(?::\w+|)\s+(.*)$ ^ruby-rmagick-doc(?::\w+|)\s+(.*)$ ^busybox(?::\w+|)\s+(.*)$ ^busybox-initramfs(?::\w+|)\s+(.*)$ ^busybox-static(?::\w+|)\s+(.*)$ ^busybox-syslogd(?::\w+|)\s+(.*)$ ^udhcpc(?::\w+|)\s+(.*)$ ^udhcpd(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^gnome-shell(?::\w+|)\s+(.*)$ ^gnome-shell-common(?::\w+|)\s+(.*)$ ^gnome-shell-extension-prefs(?::\w+|)\s+(.*)$ ^liborc-0.4-0(?::\w+|)\s+(.*)$ ^liborc-0.4-dev(?::\w+|)\s+(.*)$ ^liborc-0.4-dev-bin(?::\w+|)\s+(.*)$ ^liborc-0.4-doc(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^cacti(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^python-webob-doc(?::\w+|)\s+(.*)$ ^python3-webob(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^python3-twisted-bin(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^python3-twisted(?::\w+|)\s+(.*)$ ^python3-twisted-bin(?::\w+|)\s+(.*)$ ^twisted-doc(?::\w+|)\s+(.*)$ ^znc-backlog(?::\w+|)\s+(.*)$ ^znc-push(?::\w+|)\s+(.*)$ ^znc(?::\w+|)\s+(.*)$ ^znc-dev(?::\w+|)\s+(.*)$ ^znc-perl(?::\w+|)\s+(.*)$ ^znc-python(?::\w+|)\s+(.*)$ ^znc-tcl(?::\w+|)\s+(.*)$ ^python3-aiohttp(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libtiff-dev(?::\w+|)\s+(.*)$ ^libtiff-doc(?::\w+|)\s+(.*)$ ^libtiff-opengl(?::\w+|)\s+(.*)$ ^libtiff-tools(?::\w+|)\s+(.*)$ ^libtiff5(?::\w+|)\s+(.*)$ ^libtiff5-dev(?::\w+|)\s+(.*)$ ^libtiffxx5(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^libxmltok1(?::\w+|)\s+(.*)$ ^libxmltok1-dev(?::\w+|)\s+(.*)$ ^pypy-pkg-resources(?::\w+|)\s+(.*)$ ^pypy-setuptools(?::\w+|)\s+(.*)$ ^python-pkg-resources(?::\w+|)\s+(.*)$ ^python-setuptools(?::\w+|)\s+(.*)$ ^python-setuptools-doc(?::\w+|)\s+(.*)$ ^python3-pkg-resources(?::\w+|)\s+(.*)$ ^python3-setuptools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^dcmtk(?::\w+|)\s+(.*)$ ^dcmtk-doc(?::\w+|)\s+(.*)$ ^libdcmtk-dev(?::\w+|)\s+(.*)$ ^libdcmtk14(?::\w+|)\s+(.*)$ ^clamav(?::\w+|)\s+(.*)$ ^clamav-base(?::\w+|)\s+(.*)$ ^clamav-daemon(?::\w+|)\s+(.*)$ ^clamav-docs(?::\w+|)\s+(.*)$ ^clamav-freshclam(?::\w+|)\s+(.*)$ ^clamav-milter(?::\w+|)\s+(.*)$ ^clamav-testfiles(?::\w+|)\s+(.*)$ ^clamdscan(?::\w+|)\s+(.*)$ ^libclamav-dev(?::\w+|)\s+(.*)$ ^libclamav9(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^dovecot-auth-lua(?::\w+|)\s+(.*)$ ^dovecot-core(?::\w+|)\s+(.*)$ ^dovecot-dev(?::\w+|)\s+(.*)$ ^dovecot-gssapi(?::\w+|)\s+(.*)$ ^dovecot-imapd(?::\w+|)\s+(.*)$ ^dovecot-ldap(?::\w+|)\s+(.*)$ ^dovecot-lmtpd(?::\w+|)\s+(.*)$ ^dovecot-lucene(?::\w+|)\s+(.*)$ ^dovecot-managesieved(?::\w+|)\s+(.*)$ ^dovecot-mysql(?::\w+|)\s+(.*)$ ^dovecot-pgsql(?::\w+|)\s+(.*)$ ^dovecot-pop3d(?::\w+|)\s+(.*)$ ^dovecot-sieve(?::\w+|)\s+(.*)$ ^dovecot-solr(?::\w+|)\s+(.*)$ ^dovecot-sqlite(?::\w+|)\s+(.*)$ ^dovecot-submissiond(?::\w+|)\s+(.*)$ ^mail-stack-delivery(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^quagga(?::\w+|)\s+(.*)$ ^quagga-bgpd(?::\w+|)\s+(.*)$ ^quagga-core(?::\w+|)\s+(.*)$ ^quagga-doc(?::\w+|)\s+(.*)$ ^quagga-isisd(?::\w+|)\s+(.*)$ ^quagga-ospf6d(?::\w+|)\s+(.*)$ ^quagga-ospfd(?::\w+|)\s+(.*)$ ^quagga-pimd(?::\w+|)\s+(.*)$ ^quagga-ripd(?::\w+|)\s+(.*)$ ^quagga-ripngd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^tgt(?::\w+|)\s+(.*)$ ^tgt-rbd(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^emacs(?::\w+|)\s+(.*)$ ^emacs-bin-common(?::\w+|)\s+(.*)$ ^emacs-common(?::\w+|)\s+(.*)$ ^emacs-el(?::\w+|)\s+(.*)$ ^emacs-gtk(?::\w+|)\s+(.*)$ ^emacs-lucid(?::\w+|)\s+(.*)$ ^emacs-nox(?::\w+|)\s+(.*)$ ^puma(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^ca-certificates(?::\w+|)\s+(.*)$ ^apparmor(?::\w+|)\s+(.*)$ ^apparmor-easyprof(?::\w+|)\s+(.*)$ ^apparmor-notify(?::\w+|)\s+(.*)$ ^apparmor-profiles(?::\w+|)\s+(.*)$ ^apparmor-utils(?::\w+|)\s+(.*)$ ^dh-apparmor(?::\w+|)\s+(.*)$ ^libapache2-mod-apparmor(?::\w+|)\s+(.*)$ ^libapparmor-dev(?::\w+|)\s+(.*)$ ^libapparmor-perl(?::\w+|)\s+(.*)$ ^libapparmor1(?::\w+|)\s+(.*)$ ^libpam-apparmor(?::\w+|)\s+(.*)$ ^python3-apparmor(?::\w+|)\s+(.*)$ ^python3-libapparmor(?::\w+|)\s+(.*)$ ^libopenjp2-7(?::\w+|)\s+(.*)$ ^libopenjp2-7-dev(?::\w+|)\s+(.*)$ ^libopenjp2-tools(?::\w+|)\s+(.*)$ ^libopenjp3d-tools(?::\w+|)\s+(.*)$ ^libopenjp3d7(?::\w+|)\s+(.*)$ ^libopenjpip-dec-server(?::\w+|)\s+(.*)$ ^libopenjpip-server(?::\w+|)\s+(.*)$ ^libopenjpip-viewer(?::\w+|)\s+(.*)$ ^libopenjpip7(?::\w+|)\s+(.*)$ ^libapr1(?::\w+|)\s+(.*)$ ^libapr1-dev(?::\w+|)\s+(.*)$ ^python-configobj-doc(?::\w+|)\s+(.*)$ ^python3-configobj(?::\w+|)\s+(.*)$ ^cups(?::\w+|)\s+(.*)$ ^cups-bsd(?::\w+|)\s+(.*)$ ^cups-client(?::\w+|)\s+(.*)$ ^cups-common(?::\w+|)\s+(.*)$ ^cups-core-drivers(?::\w+|)\s+(.*)$ ^cups-daemon(?::\w+|)\s+(.*)$ ^cups-ipp-utils(?::\w+|)\s+(.*)$ ^cups-ppdc(?::\w+|)\s+(.*)$ ^cups-server-common(?::\w+|)\s+(.*)$ ^libcups2(?::\w+|)\s+(.*)$ ^libcups2-dev(?::\w+|)\s+(.*)$ ^libcupsimage2(?::\w+|)\s+(.*)$ ^libcupsimage2-dev(?::\w+|)\s+(.*)$ ^cups-browsed(?::\w+|)\s+(.*)$ ^cups-filters(?::\w+|)\s+(.*)$ ^cups-filters-core-drivers(?::\w+|)\s+(.*)$ ^libcupsfilters-dev(?::\w+|)\s+(.*)$ ^libcupsfilters1(?::\w+|)\s+(.*)$ ^libfontembed-dev(?::\w+|)\s+(.*)$ ^libfontembed1(?::\w+|)\s+(.*)$ ^cups-browsed(?::\w+|)\s+(.*)$ ^cups-filters(?::\w+|)\s+(.*)$ ^cups-filters-core-drivers(?::\w+|)\s+(.*)$ ^libcupsfilters-dev(?::\w+|)\s+(.*)$ ^libcupsfilters1(?::\w+|)\s+(.*)$ ^libfontembed-dev(?::\w+|)\s+(.*)$ ^libfontembed1(?::\w+|)\s+(.*)$ ^bubblewrap(?::\w+|)\s+(.*)$ ^flatpak(?::\w+|)\s+(.*)$ ^flatpak-tests(?::\w+|)\s+(.*)$ ^gir1.2-flatpak-1.0(?::\w+|)\s+(.*)$ ^libflatpak-dev(?::\w+|)\s+(.*)$ ^libflatpak-doc(?::\w+|)\s+(.*)$ ^libflatpak0(?::\w+|)\s+(.*)$ ^knot-resolver(?::\w+|)\s+(.*)$ ^knot-resolver-doc(?::\w+|)\s+(.*)$ ^knot-resolver-module-http(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^ruby-devise-two-factor(?::\w+|)\s+(.*)$ ^python-asyncssh-doc(?::\w+|)\s+(.*)$ ^python3-asyncssh(?::\w+|)\s+(.*)$ ^freeradius(?::\w+|)\s+(.*)$ ^freeradius-common(?::\w+|)\s+(.*)$ ^freeradius-config(?::\w+|)\s+(.*)$ ^freeradius-dhcp(?::\w+|)\s+(.*)$ ^freeradius-iodbc(?::\w+|)\s+(.*)$ ^freeradius-krb5(?::\w+|)\s+(.*)$ ^freeradius-ldap(?::\w+|)\s+(.*)$ ^freeradius-memcached(?::\w+|)\s+(.*)$ ^freeradius-mysql(?::\w+|)\s+(.*)$ ^freeradius-postgresql(?::\w+|)\s+(.*)$ ^freeradius-python3(?::\w+|)\s+(.*)$ ^freeradius-redis(?::\w+|)\s+(.*)$ ^freeradius-rest(?::\w+|)\s+(.*)$ ^freeradius-utils(?::\w+|)\s+(.*)$ ^freeradius-yubikey(?::\w+|)\s+(.*)$ ^libfreeradius-dev(?::\w+|)\s+(.*)$ ^libfreeradius3(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^ovmf(?::\w+|)\s+(.*)$ ^qemu-efi(?::\w+|)\s+(.*)$ ^qemu-efi-aarch64(?::\w+|)\s+(.*)$ ^qemu-efi-arm(?::\w+|)\s+(.*)$ ^gir1.2-gsf-1(?::\w+|)\s+(.*)$ ^libgsf-1-114(?::\w+|)\s+(.*)$ ^libgsf-1-common(?::\w+|)\s+(.*)$ ^libgsf-1-dev(?::\w+|)\s+(.*)$ ^libgsf-bin(?::\w+|)\s+(.*)$ ^ubuntu-advantage-desktop-daemon(?::\w+|)\s+(.*)$ ^nano(?::\w+|)\s+(.*)$ ^nano-tiny(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^amd64-microcode(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^libunbound-dev(?::\w+|)\s+(.*)$ ^libunbound8(?::\w+|)\s+(.*)$ ^python-unbound(?::\w+|)\s+(.*)$ ^python3-unbound(?::\w+|)\s+(.*)$ ^unbound(?::\w+|)\s+(.*)$ ^unbound-anchor(?::\w+|)\s+(.*)$ ^unbound-host(?::\w+|)\s+(.*)$ ^golang-1.22(?::\w+|)\s+(.*)$ ^golang-1.22-doc(?::\w+|)\s+(.*)$ ^golang-1.22-go(?::\w+|)\s+(.*)$ ^golang-1.22-src(?::\w+|)\s+(.*)$ ^libopenjp2-7(?::\w+|)\s+(.*)$ ^libopenjp2-7-dev(?::\w+|)\s+(.*)$ ^libopenjp2-tools(?::\w+|)\s+(.*)$ ^libopenjp3d-tools(?::\w+|)\s+(.*)$ ^libopenjp3d7(?::\w+|)\s+(.*)$ ^libopenjpip-dec-server(?::\w+|)\s+(.*)$ ^libopenjpip-server(?::\w+|)\s+(.*)$ ^libopenjpip-viewer(?::\w+|)\s+(.*)$ ^libopenjpip7(?::\w+|)\s+(.*)$ ^python3-urllib3(?::\w+|)\s+(.*)$ ^python-pip-whl(?::\w+|)\s+(.*)$ ^python3-pip(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libmpg123-0(?::\w+|)\s+(.*)$ ^libmpg123-dev(?::\w+|)\s+(.*)$ ^libout123-0(?::\w+|)\s+(.*)$ ^mpg123(?::\w+|)\s+(.*)$ ^libmpg123-0(?::\w+|)\s+(.*)$ ^libmpg123-dev(?::\w+|)\s+(.*)$ ^libout123-0(?::\w+|)\s+(.*)$ ^mpg123(?::\w+|)\s+(.*)$ ^qemu(?::\w+|)\s+(.*)$ ^qemu-block-extra(?::\w+|)\s+(.*)$ ^qemu-guest-agent(?::\w+|)\s+(.*)$ ^qemu-kvm(?::\w+|)\s+(.*)$ ^qemu-system(?::\w+|)\s+(.*)$ ^qemu-system-arm(?::\w+|)\s+(.*)$ ^qemu-system-common(?::\w+|)\s+(.*)$ ^qemu-system-data(?::\w+|)\s+(.*)$ ^qemu-system-gui(?::\w+|)\s+(.*)$ ^qemu-system-mips(?::\w+|)\s+(.*)$ ^qemu-system-misc(?::\w+|)\s+(.*)$ ^qemu-system-ppc(?::\w+|)\s+(.*)$ ^qemu-system-s390x(?::\w+|)\s+(.*)$ ^qemu-system-sparc(?::\w+|)\s+(.*)$ ^qemu-system-x86(?::\w+|)\s+(.*)$ ^qemu-system-x86-microvm(?::\w+|)\s+(.*)$ ^qemu-system-x86-xen(?::\w+|)\s+(.*)$ ^qemu-user(?::\w+|)\s+(.*)$ ^qemu-user-binfmt(?::\w+|)\s+(.*)$ ^qemu-user-static(?::\w+|)\s+(.*)$ ^qemu-utils(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-21-testsupport(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gkeop)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^python3-pydantic(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^python-asyncssh-doc(?::\w+|)\s+(.*)$ ^python3-asyncssh(?::\w+|)\s+(.*)$ ^golang-1.18(?::\w+|)\s+(.*)$ ^golang-1.18-doc(?::\w+|)\s+(.*)$ ^golang-1.18-go(?::\w+|)\s+(.*)$ ^golang-1.18-src(?::\w+|)\s+(.*)$ ^libgd-dev(?::\w+|)\s+(.*)$ ^libgd-tools(?::\w+|)\s+(.*)$ ^libgd3(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^python-waitress-doc(?::\w+|)\s+(.*)$ ^python3-waitress(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^libmodule-scandeps-perl(?::\w+|)\s+(.*)$ ^needrestart(?::\w+|)\s+(.*)$ ^needrestart(?::\w+|)\s+(.*)$ ^needrestart(?::\w+|)\s+(.*)$ ^libbarcode-zbar-perl(?::\w+|)\s+(.*)$ ^libzbar-dev(?::\w+|)\s+(.*)$ ^libzbar0(?::\w+|)\s+(.*)$ ^libzbargtk-dev(?::\w+|)\s+(.*)$ ^libzbargtk0(?::\w+|)\s+(.*)$ ^libzbarqt-dev(?::\w+|)\s+(.*)$ ^libzbarqt0(?::\w+|)\s+(.*)$ ^python3-zbar(?::\w+|)\s+(.*)$ ^zbar-tools(?::\w+|)\s+(.*)$ ^zbarcam-gtk(?::\w+|)\s+(.*)$ ^zbarcam-qt(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^rapidjson-dev(?::\w+|)\s+(.*)$ ^rapidjson-doc(?::\w+|)\s+(.*)$ ^gir1.2-soup-2.4(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-1(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-1(?::\w+|)\s+(.*)$ ^libsoup2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-doc(?::\w+|)\s+(.*)$ ^libsoup2.4-tests(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^librec-dev(?::\w+|)\s+(.*)$ ^librec1(?::\w+|)\s+(.*)$ ^recutils(?::\w+|)\s+(.*)$ ^tinyproxy(?::\w+|)\s+(.*)$ ^tinyproxy-bin(?::\w+|)\s+(.*)$ ^ofono(?::\w+|)\s+(.*)$ ^ofono-dev(?::\w+|)\s+(.*)$ ^ofono-scripts(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^expat(?::\w+|)\s+(.*)$ ^libexpat1(?::\w+|)\s+(.*)$ ^libexpat1-dev(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^python-tornado-doc(?::\w+|)\s+(.*)$ ^python3-tornado(?::\w+|)\s+(.*)$ ^ofono(?::\w+|)\s+(.*)$ ^ofono-dev(?::\w+|)\s+(.*)$ ^ofono-scripts(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^smarty3(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^python-mpmath-doc(?::\w+|)\s+(.*)$ ^python3-mpmath(?::\w+|)\s+(.*)$ ^docker-doc(?::\w+|)\s+(.*)$ ^docker.io(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^curl(?::\w+|)\s+(.*)$ ^libcurl3-gnutls(?::\w+|)\s+(.*)$ ^libcurl3-nss(?::\w+|)\s+(.*)$ ^libcurl4(?::\w+|)\s+(.*)$ ^libcurl4-doc(?::\w+|)\s+(.*)$ ^libcurl4-gnutls-dev(?::\w+|)\s+(.*)$ ^libcurl4-nss-dev(?::\w+|)\s+(.*)$ ^libcurl4-openssl-dev(?::\w+|)\s+(.*)$ ^libspring-aop-java(?::\w+|)\s+(.*)$ ^libspring-beans-java(?::\w+|)\s+(.*)$ ^libspring-context-java(?::\w+|)\s+(.*)$ ^libspring-context-support-java(?::\w+|)\s+(.*)$ ^libspring-core-java(?::\w+|)\s+(.*)$ ^libspring-expression-java(?::\w+|)\s+(.*)$ ^libspring-instrument-java(?::\w+|)\s+(.*)$ ^libspring-jdbc-java(?::\w+|)\s+(.*)$ ^libspring-jms-java(?::\w+|)\s+(.*)$ ^libspring-messaging-java(?::\w+|)\s+(.*)$ ^libspring-orm-java(?::\w+|)\s+(.*)$ ^libspring-oxm-java(?::\w+|)\s+(.*)$ ^libspring-test-java(?::\w+|)\s+(.*)$ ^libspring-transaction-java(?::\w+|)\s+(.*)$ ^libspring-web-java(?::\w+|)\s+(.*)$ ^libspring-web-portlet-java(?::\w+|)\s+(.*)$ ^libspring-web-servlet-java(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^editorconfig(?::\w+|)\s+(.*)$ ^editorconfig-doc(?::\w+|)\s+(.*)$ ^libeditorconfig-dev(?::\w+|)\s+(.*)$ ^libeditorconfig0(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^gir1.2-gstreamer-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-doc(?::\w+|)\s+(.*)$ ^gstreamer1.0-tools(?::\w+|)\s+(.*)$ ^libgstreamer1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer1.0-dev(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-base-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-alsa(?::\w+|)\s+(.*)$ ^gstreamer1.0-gl(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-apps(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-base-doc(?::\w+|)\s+(.*)$ ^gstreamer1.0-x(?::\w+|)\s+(.*)$ ^libgstreamer-gl1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-base1.0-dev(?::\w+|)\s+(.*)$ ^gstreamer1.0-gtk3(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-good-doc(?::\w+|)\s+(.*)$ ^gstreamer1.0-pulseaudio(?::\w+|)\s+(.*)$ ^gstreamer1.0-qt5(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-good1.0-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^htmldoc(?::\w+|)\s+(.*)$ ^htmldoc-common(?::\w+|)\s+(.*)$ ^tinyproxy(?::\w+|)\s+(.*)$ ^tinyproxy-bin(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^thunderbird(?::\w+|)\s+(.*)$ ^thunderbird-dev(?::\w+|)\s+(.*)$ ^thunderbird-gnome-support(?::\w+|)\s+(.*)$ ^thunderbird-locale-af(?::\w+|)\s+(.*)$ ^thunderbird-locale-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-ast(?::\w+|)\s+(.*)$ ^thunderbird-locale-be(?::\w+|)\s+(.*)$ ^thunderbird-locale-bg(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn(?::\w+|)\s+(.*)$ ^thunderbird-locale-bn-bd(?::\w+|)\s+(.*)$ ^thunderbird-locale-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-ca(?::\w+|)\s+(.*)$ ^thunderbird-locale-cak(?::\w+|)\s+(.*)$ ^thunderbird-locale-cs(?::\w+|)\s+(.*)$ ^thunderbird-locale-cy(?::\w+|)\s+(.*)$ ^thunderbird-locale-da(?::\w+|)\s+(.*)$ ^thunderbird-locale-de(?::\w+|)\s+(.*)$ ^thunderbird-locale-dsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-el(?::\w+|)\s+(.*)$ ^thunderbird-locale-en(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-gb(?::\w+|)\s+(.*)$ ^thunderbird-locale-en-us(?::\w+|)\s+(.*)$ ^thunderbird-locale-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-ar(?::\w+|)\s+(.*)$ ^thunderbird-locale-es-es(?::\w+|)\s+(.*)$ ^thunderbird-locale-et(?::\w+|)\s+(.*)$ ^thunderbird-locale-eu(?::\w+|)\s+(.*)$ ^thunderbird-locale-fa(?::\w+|)\s+(.*)$ ^thunderbird-locale-fi(?::\w+|)\s+(.*)$ ^thunderbird-locale-fr(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy(?::\w+|)\s+(.*)$ ^thunderbird-locale-fy-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga(?::\w+|)\s+(.*)$ ^thunderbird-locale-ga-ie(?::\w+|)\s+(.*)$ ^thunderbird-locale-gd(?::\w+|)\s+(.*)$ ^thunderbird-locale-gl(?::\w+|)\s+(.*)$ ^thunderbird-locale-he(?::\w+|)\s+(.*)$ ^thunderbird-locale-hr(?::\w+|)\s+(.*)$ ^thunderbird-locale-hsb(?::\w+|)\s+(.*)$ ^thunderbird-locale-hu(?::\w+|)\s+(.*)$ ^thunderbird-locale-hy(?::\w+|)\s+(.*)$ ^thunderbird-locale-id(?::\w+|)\s+(.*)$ ^thunderbird-locale-is(?::\w+|)\s+(.*)$ ^thunderbird-locale-it(?::\w+|)\s+(.*)$ ^thunderbird-locale-ja(?::\w+|)\s+(.*)$ ^thunderbird-locale-ka(?::\w+|)\s+(.*)$ ^thunderbird-locale-kab(?::\w+|)\s+(.*)$ ^thunderbird-locale-kk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ko(?::\w+|)\s+(.*)$ ^thunderbird-locale-lt(?::\w+|)\s+(.*)$ ^thunderbird-locale-lv(?::\w+|)\s+(.*)$ ^thunderbird-locale-mk(?::\w+|)\s+(.*)$ ^thunderbird-locale-ms(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb(?::\w+|)\s+(.*)$ ^thunderbird-locale-nb-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-nl(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn(?::\w+|)\s+(.*)$ ^thunderbird-locale-nn-no(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa(?::\w+|)\s+(.*)$ ^thunderbird-locale-pa-in(?::\w+|)\s+(.*)$ ^thunderbird-locale-pl(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-br(?::\w+|)\s+(.*)$ ^thunderbird-locale-pt-pt(?::\w+|)\s+(.*)$ ^thunderbird-locale-rm(?::\w+|)\s+(.*)$ ^thunderbird-locale-ro(?::\w+|)\s+(.*)$ ^thunderbird-locale-ru(?::\w+|)\s+(.*)$ ^thunderbird-locale-si(?::\w+|)\s+(.*)$ ^thunderbird-locale-sk(?::\w+|)\s+(.*)$ ^thunderbird-locale-sl(?::\w+|)\s+(.*)$ ^thunderbird-locale-sq(?::\w+|)\s+(.*)$ ^thunderbird-locale-sr(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv(?::\w+|)\s+(.*)$ ^thunderbird-locale-sv-se(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta(?::\w+|)\s+(.*)$ ^thunderbird-locale-ta-lk(?::\w+|)\s+(.*)$ ^thunderbird-locale-th(?::\w+|)\s+(.*)$ ^thunderbird-locale-tr(?::\w+|)\s+(.*)$ ^thunderbird-locale-uk(?::\w+|)\s+(.*)$ ^thunderbird-locale-uz(?::\w+|)\s+(.*)$ ^thunderbird-locale-vi(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-cn(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hans(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-hant(?::\w+|)\s+(.*)$ ^thunderbird-locale-zh-tw(?::\w+|)\s+(.*)$ ^thunderbird-mozsymbols(?::\w+|)\s+(.*)$ ^xul-ext-calendar-timezones(?::\w+|)\s+(.*)$ ^xul-ext-gdata-provider(?::\w+|)\s+(.*)$ ^xul-ext-lightning(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^adsys(?::\w+|)\s+(.*)$ ^adsys-windows(?::\w+|)\s+(.*)$ ^golang-go.net-dev(?::\w+|)\s+(.*)$ ^golang-golang-x-net-dev(?::\w+|)\s+(.*)$ ^librlottie-dev(?::\w+|)\s+(.*)$ ^librlottie0-1(?::\w+|)\s+(.*)$ ^libxmltok1(?::\w+|)\s+(.*)$ ^libxmltok1-dev(?::\w+|)\s+(.*)$ ^hpijs-ppds(?::\w+|)\s+(.*)$ ^hplip(?::\w+|)\s+(.*)$ ^hplip-data(?::\w+|)\s+(.*)$ ^hplip-doc(?::\w+|)\s+(.*)$ ^hplip-gui(?::\w+|)\s+(.*)$ ^libhpmud-dev(?::\w+|)\s+(.*)$ ^libhpmud0(?::\w+|)\s+(.*)$ ^libsane-hpaio(?::\w+|)\s+(.*)$ ^printer-driver-hpcups(?::\w+|)\s+(.*)$ ^printer-driver-hpijs(?::\w+|)\s+(.*)$ ^printer-driver-postscript-hp(?::\w+|)\s+(.*)$ ^pdns-backend-bind(?::\w+|)\s+(.*)$ ^pdns-backend-geoip(?::\w+|)\s+(.*)$ ^pdns-backend-ldap(?::\w+|)\s+(.*)$ ^pdns-backend-lua(?::\w+|)\s+(.*)$ ^pdns-backend-mydns(?::\w+|)\s+(.*)$ ^pdns-backend-mysql(?::\w+|)\s+(.*)$ ^pdns-backend-odbc(?::\w+|)\s+(.*)$ ^pdns-backend-pgsql(?::\w+|)\s+(.*)$ ^pdns-backend-pipe(?::\w+|)\s+(.*)$ ^pdns-backend-remote(?::\w+|)\s+(.*)$ ^pdns-backend-sqlite3(?::\w+|)\s+(.*)$ ^pdns-backend-tinydns(?::\w+|)\s+(.*)$ ^pdns-ixfrdist(?::\w+|)\s+(.*)$ ^pdns-recursor(?::\w+|)\s+(.*)$ ^pdns-server(?::\w+|)\s+(.*)$ ^pdns-tools(?::\w+|)\s+(.*)$ ^neomutt(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^rsync(?::\w+|)\s+(.*)$ ^git(?::\w+|)\s+(.*)$ ^git-all(?::\w+|)\s+(.*)$ ^git-cvs(?::\w+|)\s+(.*)$ ^git-daemon-run(?::\w+|)\s+(.*)$ ^git-daemon-sysvinit(?::\w+|)\s+(.*)$ ^git-doc(?::\w+|)\s+(.*)$ ^git-el(?::\w+|)\s+(.*)$ ^git-email(?::\w+|)\s+(.*)$ ^git-gui(?::\w+|)\s+(.*)$ ^git-man(?::\w+|)\s+(.*)$ ^git-mediawiki(?::\w+|)\s+(.*)$ ^git-svn(?::\w+|)\s+(.*)$ ^gitk(?::\w+|)\s+(.*)$ ^gitweb(?::\w+|)\s+(.*)$ ^libbcel-java(?::\w+|)\s+(.*)$ ^libbcel-java-doc(?::\w+|)\s+(.*)$ ^gimp-dds(?::\w+|)\s+(.*)$ ^audacity(?::\w+|)\s+(.*)$ ^audacity-data(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^libpodofo-dev(?::\w+|)\s+(.*)$ ^libpodofo-utils(?::\w+|)\s+(.*)$ ^libpodofo0.9.6(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^bluetooth(?::\w+|)\s+(.*)$ ^bluez(?::\w+|)\s+(.*)$ ^bluez-cups(?::\w+|)\s+(.*)$ ^bluez-hcidump(?::\w+|)\s+(.*)$ ^bluez-obexd(?::\w+|)\s+(.*)$ ^bluez-tests(?::\w+|)\s+(.*)$ ^libbluetooth-dev(?::\w+|)\s+(.*)$ ^libbluetooth3(?::\w+|)\s+(.*)$ ^libopenjp2-7(?::\w+|)\s+(.*)$ ^libopenjp2-7-dev(?::\w+|)\s+(.*)$ ^libopenjp2-tools(?::\w+|)\s+(.*)$ ^libopenjp3d-tools(?::\w+|)\s+(.*)$ ^libopenjp3d7(?::\w+|)\s+(.*)$ ^libopenjpip-dec-server(?::\w+|)\s+(.*)$ ^libopenjpip-server(?::\w+|)\s+(.*)$ ^libopenjpip-viewer(?::\w+|)\s+(.*)$ ^libopenjpip7(?::\w+|)\s+(.*)$ ^cyrus-admin(?::\w+|)\s+(.*)$ ^cyrus-caldav(?::\w+|)\s+(.*)$ ^cyrus-clients(?::\w+|)\s+(.*)$ ^cyrus-common(?::\w+|)\s+(.*)$ ^cyrus-dev(?::\w+|)\s+(.*)$ ^cyrus-doc(?::\w+|)\s+(.*)$ ^cyrus-imapd(?::\w+|)\s+(.*)$ ^cyrus-murder(?::\w+|)\s+(.*)$ ^cyrus-nntpd(?::\w+|)\s+(.*)$ ^cyrus-pop3d(?::\w+|)\s+(.*)$ ^cyrus-replication(?::\w+|)\s+(.*)$ ^libcyrus-imap-perl(?::\w+|)\s+(.*)$ ^htmldoc(?::\w+|)\s+(.*)$ ^htmldoc-common(?::\w+|)\s+(.*)$ ^cacti(?::\w+|)\s+(.*)$ ^libpcl-apps1.10(?::\w+|)\s+(.*)$ ^libpcl-common1.10(?::\w+|)\s+(.*)$ ^libpcl-dev(?::\w+|)\s+(.*)$ ^libpcl-doc(?::\w+|)\s+(.*)$ ^libpcl-features1.10(?::\w+|)\s+(.*)$ ^libpcl-filters1.10(?::\w+|)\s+(.*)$ ^libpcl-io1.10(?::\w+|)\s+(.*)$ ^libpcl-kdtree1.10(?::\w+|)\s+(.*)$ ^libpcl-keypoints1.10(?::\w+|)\s+(.*)$ ^libpcl-ml1.10(?::\w+|)\s+(.*)$ ^libpcl-octree1.10(?::\w+|)\s+(.*)$ ^libpcl-outofcore1.10(?::\w+|)\s+(.*)$ ^libpcl-people1.10(?::\w+|)\s+(.*)$ ^libpcl-recognition1.10(?::\w+|)\s+(.*)$ ^libpcl-registration1.10(?::\w+|)\s+(.*)$ ^libpcl-sample-consensus1.10(?::\w+|)\s+(.*)$ ^libpcl-search1.10(?::\w+|)\s+(.*)$ ^libpcl-segmentation1.10(?::\w+|)\s+(.*)$ ^libpcl-stereo1.10(?::\w+|)\s+(.*)$ ^libpcl-surface1.10(?::\w+|)\s+(.*)$ ^libpcl-tracking1.10(?::\w+|)\s+(.*)$ ^libpcl-visualization1.10(?::\w+|)\s+(.*)$ ^pcl-tools(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^frr(?::\w+|)\s+(.*)$ ^frr-doc(?::\w+|)\s+(.*)$ ^frr-pythontools(?::\w+|)\s+(.*)$ ^frr-rpki-rtrlib(?::\w+|)\s+(.*)$ ^frr-snmp(?::\w+|)\s+(.*)$ ^tcpreplay(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^bind9(?::\w+|)\s+(.*)$ ^bind9-dnsutils(?::\w+|)\s+(.*)$ ^bind9-doc(?::\w+|)\s+(.*)$ ^bind9-host(?::\w+|)\s+(.*)$ ^bind9-libs(?::\w+|)\s+(.*)$ ^bind9-utils(?::\w+|)\s+(.*)$ ^bind9utils(?::\w+|)\s+(.*)$ ^dnsutils(?::\w+|)\s+(.*)$ ^libvlc-bin(?::\w+|)\s+(.*)$ ^libvlc-dev(?::\w+|)\s+(.*)$ ^libvlc5(?::\w+|)\s+(.*)$ ^libvlccore-dev(?::\w+|)\s+(.*)$ ^libvlccore9(?::\w+|)\s+(.*)$ ^vlc(?::\w+|)\s+(.*)$ ^vlc-bin(?::\w+|)\s+(.*)$ ^vlc-data(?::\w+|)\s+(.*)$ ^vlc-l10n(?::\w+|)\s+(.*)$ ^vlc-plugin-access-extra(?::\w+|)\s+(.*)$ ^vlc-plugin-base(?::\w+|)\s+(.*)$ ^vlc-plugin-fluidsynth(?::\w+|)\s+(.*)$ ^vlc-plugin-jack(?::\w+|)\s+(.*)$ ^vlc-plugin-notify(?::\w+|)\s+(.*)$ ^vlc-plugin-qt(?::\w+|)\s+(.*)$ ^vlc-plugin-samba(?::\w+|)\s+(.*)$ ^vlc-plugin-skins2(?::\w+|)\s+(.*)$ ^vlc-plugin-svg(?::\w+|)\s+(.*)$ ^vlc-plugin-video-output(?::\w+|)\s+(.*)$ ^vlc-plugin-video-splitter(?::\w+|)\s+(.*)$ ^vlc-plugin-visualization(?::\w+|)\s+(.*)$ ^python-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^libjs-jquery(?::\w+|)\s+(.*)$ ^netdata(?::\w+|)\s+(.*)$ ^netdata-apache2(?::\w+|)\s+(.*)$ ^netdata-core(?::\w+|)\s+(.*)$ ^netdata-plugins-bash(?::\w+|)\s+(.*)$ ^netdata-plugins-nodejs(?::\w+|)\s+(.*)$ ^netdata-plugins-python(?::\w+|)\s+(.*)$ ^netdata-web(?::\w+|)\s+(.*)$ ^gir1.2-harfbuzz-0.0(?::\w+|)\s+(.*)$ ^libharfbuzz-bin(?::\w+|)\s+(.*)$ ^libharfbuzz-dev(?::\w+|)\s+(.*)$ ^libharfbuzz-doc(?::\w+|)\s+(.*)$ ^libharfbuzz-gobject0(?::\w+|)\s+(.*)$ ^libharfbuzz-icu0(?::\w+|)\s+(.*)$ ^libharfbuzz0b(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-21-testsupport(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^ckeditor(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^digikam(?::\w+|)\s+(.*)$ ^digikam-data(?::\w+|)\s+(.*)$ ^digikam-private-libs(?::\w+|)\s+(.*)$ ^showfoto(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^python3-virtualenv(?::\w+|)\s+(.*)$ ^virtualenv(?::\w+|)\s+(.*)$ ^php-symfony(?::\w+|)\s+(.*)$ ^php-symfony-amazon-mailer(?::\w+|)\s+(.*)$ ^php-symfony-asset(?::\w+|)\s+(.*)$ ^php-symfony-browser-kit(?::\w+|)\s+(.*)$ ^php-symfony-cache(?::\w+|)\s+(.*)$ ^php-symfony-config(?::\w+|)\s+(.*)$ ^php-symfony-console(?::\w+|)\s+(.*)$ ^php-symfony-css-selector(?::\w+|)\s+(.*)$ ^php-symfony-debug(?::\w+|)\s+(.*)$ ^php-symfony-debug-bundle(?::\w+|)\s+(.*)$ ^php-symfony-dependency-injection(?::\w+|)\s+(.*)$ ^php-symfony-doctrine-bridge(?::\w+|)\s+(.*)$ ^php-symfony-dom-crawler(?::\w+|)\s+(.*)$ ^php-symfony-dotenv(?::\w+|)\s+(.*)$ ^php-symfony-event-dispatcher(?::\w+|)\s+(.*)$ ^php-symfony-expression-language(?::\w+|)\s+(.*)$ ^php-symfony-filesystem(?::\w+|)\s+(.*)$ ^php-symfony-finder(?::\w+|)\s+(.*)$ ^php-symfony-form(?::\w+|)\s+(.*)$ ^php-symfony-framework-bundle(?::\w+|)\s+(.*)$ ^php-symfony-google-mailer(?::\w+|)\s+(.*)$ ^php-symfony-http-client(?::\w+|)\s+(.*)$ ^php-symfony-http-foundation(?::\w+|)\s+(.*)$ ^php-symfony-http-kernel(?::\w+|)\s+(.*)$ ^php-symfony-inflector(?::\w+|)\s+(.*)$ ^php-symfony-intl(?::\w+|)\s+(.*)$ ^php-symfony-ldap(?::\w+|)\s+(.*)$ ^php-symfony-lock(?::\w+|)\s+(.*)$ ^php-symfony-mailchimp-mailer(?::\w+|)\s+(.*)$ ^php-symfony-mailer(?::\w+|)\s+(.*)$ ^php-symfony-mailgun-mailer(?::\w+|)\s+(.*)$ ^php-symfony-messenger(?::\w+|)\s+(.*)$ ^php-symfony-mime(?::\w+|)\s+(.*)$ ^php-symfony-monolog-bridge(?::\w+|)\s+(.*)$ ^php-symfony-options-resolver(?::\w+|)\s+(.*)$ ^php-symfony-phpunit-bridge(?::\w+|)\s+(.*)$ ^php-symfony-postmark-mailer(?::\w+|)\s+(.*)$ ^php-symfony-process(?::\w+|)\s+(.*)$ ^php-symfony-property-access(?::\w+|)\s+(.*)$ ^php-symfony-property-info(?::\w+|)\s+(.*)$ ^php-symfony-proxy-manager-bridge(?::\w+|)\s+(.*)$ ^php-symfony-routing(?::\w+|)\s+(.*)$ ^php-symfony-security(?::\w+|)\s+(.*)$ ^php-symfony-security-bundle(?::\w+|)\s+(.*)$ ^php-symfony-security-core(?::\w+|)\s+(.*)$ ^php-symfony-security-csrf(?::\w+|)\s+(.*)$ ^php-symfony-security-guard(?::\w+|)\s+(.*)$ ^php-symfony-security-http(?::\w+|)\s+(.*)$ ^php-symfony-sendgrid-mailer(?::\w+|)\s+(.*)$ ^php-symfony-serializer(?::\w+|)\s+(.*)$ ^php-symfony-stopwatch(?::\w+|)\s+(.*)$ ^php-symfony-templating(?::\w+|)\s+(.*)$ ^php-symfony-translation(?::\w+|)\s+(.*)$ ^php-symfony-twig-bridge(?::\w+|)\s+(.*)$ ^php-symfony-twig-bundle(?::\w+|)\s+(.*)$ ^php-symfony-validator(?::\w+|)\s+(.*)$ ^php-symfony-var-dumper(?::\w+|)\s+(.*)$ ^php-symfony-var-exporter(?::\w+|)\s+(.*)$ ^php-symfony-web-link(?::\w+|)\s+(.*)$ ^php-symfony-web-profiler-bundle(?::\w+|)\s+(.*)$ ^php-symfony-web-server-bundle(?::\w+|)\s+(.*)$ ^php-symfony-workflow(?::\w+|)\s+(.*)$ ^php-symfony-yaml(?::\w+|)\s+(.*)$ ^libsndfile1(?::\w+|)\s+(.*)$ ^libsndfile1-dev(?::\w+|)\s+(.*)$ ^sndfile-programs(?::\w+|)\s+(.*)$ ^atril(?::\w+|)\s+(.*)$ ^atril-common(?::\w+|)\s+(.*)$ ^gir1.2-atril(?::\w+|)\s+(.*)$ ^gir1.2-atrildocument-1.5.0(?::\w+|)\s+(.*)$ ^gir1.2-atrilview-1.5.0(?::\w+|)\s+(.*)$ ^libatrildocument-dev(?::\w+|)\s+(.*)$ ^libatrildocument3(?::\w+|)\s+(.*)$ ^libatrilview-dev(?::\w+|)\s+(.*)$ ^libatrilview3(?::\w+|)\s+(.*)$ ^libtasn1-6(?::\w+|)\s+(.*)$ ^libtasn1-6-dev(?::\w+|)\s+(.*)$ ^libtasn1-bin(?::\w+|)\s+(.*)$ ^libtasn1-doc(?::\w+|)\s+(.*)$ ^libssl-dev(?::\w+|)\s+(.*)$ ^libssl-doc(?::\w+|)\s+(.*)$ ^libssl1.1(?::\w+|)\s+(.*)$ ^openssl(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^gnutls-bin(?::\w+|)\s+(.*)$ ^gnutls-doc(?::\w+|)\s+(.*)$ ^guile-gnutls(?::\w+|)\s+(.*)$ ^libgnutls-dane0(?::\w+|)\s+(.*)$ ^libgnutls-openssl27(?::\w+|)\s+(.*)$ ^libgnutls28-dev(?::\w+|)\s+(.*)$ ^libgnutls30(?::\w+|)\s+(.*)$ ^libgnutlsxx28(?::\w+|)\s+(.*)$ ^libnetty-java(?::\w+|)\s+(.*)$ ^libnginx-mod-http-auth-pam(?::\w+|)\s+(.*)$ ^libnginx-mod-http-cache-purge(?::\w+|)\s+(.*)$ ^libnginx-mod-http-dav-ext(?::\w+|)\s+(.*)$ ^libnginx-mod-http-echo(?::\w+|)\s+(.*)$ ^libnginx-mod-http-fancyindex(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip(?::\w+|)\s+(.*)$ ^libnginx-mod-http-geoip2(?::\w+|)\s+(.*)$ ^libnginx-mod-http-headers-more-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-image-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-lua(?::\w+|)\s+(.*)$ ^libnginx-mod-http-ndk(?::\w+|)\s+(.*)$ ^libnginx-mod-http-perl(?::\w+|)\s+(.*)$ ^libnginx-mod-http-subs-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-http-uploadprogress(?::\w+|)\s+(.*)$ ^libnginx-mod-http-upstream-fair(?::\w+|)\s+(.*)$ ^libnginx-mod-http-xslt-filter(?::\w+|)\s+(.*)$ ^libnginx-mod-mail(?::\w+|)\s+(.*)$ ^libnginx-mod-nchan(?::\w+|)\s+(.*)$ ^libnginx-mod-rtmp(?::\w+|)\s+(.*)$ ^libnginx-mod-stream(?::\w+|)\s+(.*)$ ^nginx(?::\w+|)\s+(.*)$ ^nginx-common(?::\w+|)\s+(.*)$ ^nginx-core(?::\w+|)\s+(.*)$ ^nginx-doc(?::\w+|)\s+(.*)$ ^nginx-extras(?::\w+|)\s+(.*)$ ^nginx-full(?::\w+|)\s+(.*)$ ^nginx-light(?::\w+|)\s+(.*)$ ^libcap-dev(?::\w+|)\s+(.*)$ ^libcap2(?::\w+|)\s+(.*)$ ^libcap2-bin(?::\w+|)\s+(.*)$ ^libpam-cap(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^rails(?::\w+|)\s+(.*)$ ^ruby-actioncable(?::\w+|)\s+(.*)$ ^ruby-actionmailer(?::\w+|)\s+(.*)$ ^ruby-actionpack(?::\w+|)\s+(.*)$ ^ruby-actionview(?::\w+|)\s+(.*)$ ^ruby-activejob(?::\w+|)\s+(.*)$ ^ruby-activemodel(?::\w+|)\s+(.*)$ ^ruby-activerecord(?::\w+|)\s+(.*)$ ^ruby-activestorage(?::\w+|)\s+(.*)$ ^ruby-activesupport(?::\w+|)\s+(.*)$ ^ruby-rails(?::\w+|)\s+(.*)$ ^ruby-railties(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^dropbear(?::\w+|)\s+(.*)$ ^dropbear-bin(?::\w+|)\s+(.*)$ ^dropbear-initramfs(?::\w+|)\s+(.*)$ ^dropbear-run(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^proftpd-basic(?::\w+|)\s+(.*)$ ^proftpd-dev(?::\w+|)\s+(.*)$ ^proftpd-doc(?::\w+|)\s+(.*)$ ^proftpd-mod-geoip(?::\w+|)\s+(.*)$ ^proftpd-mod-ldap(?::\w+|)\s+(.*)$ ^proftpd-mod-mysql(?::\w+|)\s+(.*)$ ^proftpd-mod-odbc(?::\w+|)\s+(.*)$ ^proftpd-mod-pgsql(?::\w+|)\s+(.*)$ ^proftpd-mod-snmp(?::\w+|)\s+(.*)$ ^proftpd-mod-sqlite(?::\w+|)\s+(.*)$ ^xdmx(?::\w+|)\s+(.*)$ ^xdmx-tools(?::\w+|)\s+(.*)$ ^xnest(?::\w+|)\s+(.*)$ ^xorg-server-source(?::\w+|)\s+(.*)$ ^xserver-common(?::\w+|)\s+(.*)$ ^xserver-xephyr(?::\w+|)\s+(.*)$ ^xserver-xorg-core(?::\w+|)\s+(.*)$ ^xserver-xorg-dev(?::\w+|)\s+(.*)$ ^xserver-xorg-legacy(?::\w+|)\s+(.*)$ ^xvfb(?::\w+|)\s+(.*)$ ^xwayland(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^libxmltok1(?::\w+|)\s+(.*)$ ^libxmltok1-dev(?::\w+|)\s+(.*)$ ^ruby-saml(?::\w+|)\s+(.*)$ ^erlang(?::\w+|)\s+(.*)$ ^erlang-asn1(?::\w+|)\s+(.*)$ ^erlang-base(?::\w+|)\s+(.*)$ ^erlang-base-hipe(?::\w+|)\s+(.*)$ ^erlang-common-test(?::\w+|)\s+(.*)$ ^erlang-crypto(?::\w+|)\s+(.*)$ ^erlang-debugger(?::\w+|)\s+(.*)$ ^erlang-dev(?::\w+|)\s+(.*)$ ^erlang-dialyzer(?::\w+|)\s+(.*)$ ^erlang-diameter(?::\w+|)\s+(.*)$ ^erlang-doc(?::\w+|)\s+(.*)$ ^erlang-edoc(?::\w+|)\s+(.*)$ ^erlang-eldap(?::\w+|)\s+(.*)$ ^erlang-erl-docgen(?::\w+|)\s+(.*)$ ^erlang-et(?::\w+|)\s+(.*)$ ^erlang-eunit(?::\w+|)\s+(.*)$ ^erlang-examples(?::\w+|)\s+(.*)$ ^erlang-ftp(?::\w+|)\s+(.*)$ ^erlang-inets(?::\w+|)\s+(.*)$ ^erlang-jinterface(?::\w+|)\s+(.*)$ ^erlang-manpages(?::\w+|)\s+(.*)$ ^erlang-megaco(?::\w+|)\s+(.*)$ ^erlang-mnesia(?::\w+|)\s+(.*)$ ^erlang-mode(?::\w+|)\s+(.*)$ ^erlang-nox(?::\w+|)\s+(.*)$ ^erlang-observer(?::\w+|)\s+(.*)$ ^erlang-odbc(?::\w+|)\s+(.*)$ ^erlang-os-mon(?::\w+|)\s+(.*)$ ^erlang-parsetools(?::\w+|)\s+(.*)$ ^erlang-public-key(?::\w+|)\s+(.*)$ ^erlang-reltool(?::\w+|)\s+(.*)$ ^erlang-runtime-tools(?::\w+|)\s+(.*)$ ^erlang-snmp(?::\w+|)\s+(.*)$ ^erlang-src(?::\w+|)\s+(.*)$ ^erlang-ssh(?::\w+|)\s+(.*)$ ^erlang-ssl(?::\w+|)\s+(.*)$ ^erlang-syntax-tools(?::\w+|)\s+(.*)$ ^erlang-tftp(?::\w+|)\s+(.*)$ ^erlang-tools(?::\w+|)\s+(.*)$ ^erlang-wx(?::\w+|)\s+(.*)$ ^erlang-x11(?::\w+|)\s+(.*)$ ^erlang-xmerl(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libraptor2-0(?::\w+|)\s+(.*)$ ^libraptor2-dev(?::\w+|)\s+(.*)$ ^libraptor2-doc(?::\w+|)\s+(.*)$ ^raptor2-utils(?::\w+|)\s+(.*)$ ^hostapd(?::\w+|)\s+(.*)$ ^wpagui(?::\w+|)\s+(.*)$ ^wpasupplicant(?::\w+|)\s+(.*)$ ^spip(?::\w+|)\s+(.*)$ ^cmark-gfm(?::\w+|)\s+(.*)$ ^libcmark-gfm-dev(?::\w+|)\s+(.*)$ ^libcmark-gfm-extensions-dev(?::\w+|)\s+(.*)$ ^libcmark-gfm-extensions0(?::\w+|)\s+(.*)$ ^libcmark-gfm0(?::\w+|)\s+(.*)$ ^gpac(?::\w+|)\s+(.*)$ ^gpac-modules-base(?::\w+|)\s+(.*)$ ^libgpac-dev(?::\w+|)\s+(.*)$ ^libgpac4(?::\w+|)\s+(.*)$ ^redis(?::\w+|)\s+(.*)$ ^redis-sentinel(?::\w+|)\s+(.*)$ ^redis-server(?::\w+|)\s+(.*)$ ^redis-tools(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^ansible(?::\w+|)\s+(.*)$ ^ansible-doc(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^firefox(?::\w+|)\s+(.*)$ ^firefox-dev(?::\w+|)\s+(.*)$ ^firefox-geckodriver(?::\w+|)\s+(.*)$ ^firefox-locale-af(?::\w+|)\s+(.*)$ ^firefox-locale-an(?::\w+|)\s+(.*)$ ^firefox-locale-ar(?::\w+|)\s+(.*)$ ^firefox-locale-as(?::\w+|)\s+(.*)$ ^firefox-locale-ast(?::\w+|)\s+(.*)$ ^firefox-locale-az(?::\w+|)\s+(.*)$ ^firefox-locale-be(?::\w+|)\s+(.*)$ ^firefox-locale-bg(?::\w+|)\s+(.*)$ ^firefox-locale-bn(?::\w+|)\s+(.*)$ ^firefox-locale-br(?::\w+|)\s+(.*)$ ^firefox-locale-bs(?::\w+|)\s+(.*)$ ^firefox-locale-ca(?::\w+|)\s+(.*)$ ^firefox-locale-cak(?::\w+|)\s+(.*)$ ^firefox-locale-cs(?::\w+|)\s+(.*)$ ^firefox-locale-csb(?::\w+|)\s+(.*)$ ^firefox-locale-cy(?::\w+|)\s+(.*)$ ^firefox-locale-da(?::\w+|)\s+(.*)$ ^firefox-locale-de(?::\w+|)\s+(.*)$ ^firefox-locale-el(?::\w+|)\s+(.*)$ ^firefox-locale-en(?::\w+|)\s+(.*)$ ^firefox-locale-eo(?::\w+|)\s+(.*)$ ^firefox-locale-es(?::\w+|)\s+(.*)$ ^firefox-locale-et(?::\w+|)\s+(.*)$ ^firefox-locale-eu(?::\w+|)\s+(.*)$ ^firefox-locale-fa(?::\w+|)\s+(.*)$ ^firefox-locale-fi(?::\w+|)\s+(.*)$ ^firefox-locale-fr(?::\w+|)\s+(.*)$ ^firefox-locale-fy(?::\w+|)\s+(.*)$ ^firefox-locale-ga(?::\w+|)\s+(.*)$ ^firefox-locale-gd(?::\w+|)\s+(.*)$ ^firefox-locale-gl(?::\w+|)\s+(.*)$ ^firefox-locale-gn(?::\w+|)\s+(.*)$ ^firefox-locale-gu(?::\w+|)\s+(.*)$ ^firefox-locale-he(?::\w+|)\s+(.*)$ ^firefox-locale-hi(?::\w+|)\s+(.*)$ ^firefox-locale-hr(?::\w+|)\s+(.*)$ ^firefox-locale-hsb(?::\w+|)\s+(.*)$ ^firefox-locale-hu(?::\w+|)\s+(.*)$ ^firefox-locale-hy(?::\w+|)\s+(.*)$ ^firefox-locale-ia(?::\w+|)\s+(.*)$ ^firefox-locale-id(?::\w+|)\s+(.*)$ ^firefox-locale-is(?::\w+|)\s+(.*)$ ^firefox-locale-it(?::\w+|)\s+(.*)$ ^firefox-locale-ja(?::\w+|)\s+(.*)$ ^firefox-locale-ka(?::\w+|)\s+(.*)$ ^firefox-locale-kab(?::\w+|)\s+(.*)$ ^firefox-locale-kk(?::\w+|)\s+(.*)$ ^firefox-locale-km(?::\w+|)\s+(.*)$ ^firefox-locale-kn(?::\w+|)\s+(.*)$ ^firefox-locale-ko(?::\w+|)\s+(.*)$ ^firefox-locale-ku(?::\w+|)\s+(.*)$ ^firefox-locale-lg(?::\w+|)\s+(.*)$ ^firefox-locale-lt(?::\w+|)\s+(.*)$ ^firefox-locale-lv(?::\w+|)\s+(.*)$ ^firefox-locale-mai(?::\w+|)\s+(.*)$ ^firefox-locale-mk(?::\w+|)\s+(.*)$ ^firefox-locale-ml(?::\w+|)\s+(.*)$ ^firefox-locale-mn(?::\w+|)\s+(.*)$ ^firefox-locale-mr(?::\w+|)\s+(.*)$ ^firefox-locale-ms(?::\w+|)\s+(.*)$ ^firefox-locale-my(?::\w+|)\s+(.*)$ ^firefox-locale-nb(?::\w+|)\s+(.*)$ ^firefox-locale-ne(?::\w+|)\s+(.*)$ ^firefox-locale-nl(?::\w+|)\s+(.*)$ ^firefox-locale-nn(?::\w+|)\s+(.*)$ ^firefox-locale-nso(?::\w+|)\s+(.*)$ ^firefox-locale-oc(?::\w+|)\s+(.*)$ ^firefox-locale-or(?::\w+|)\s+(.*)$ ^firefox-locale-pa(?::\w+|)\s+(.*)$ ^firefox-locale-pl(?::\w+|)\s+(.*)$ ^firefox-locale-pt(?::\w+|)\s+(.*)$ ^firefox-locale-ro(?::\w+|)\s+(.*)$ ^firefox-locale-ru(?::\w+|)\s+(.*)$ ^firefox-locale-si(?::\w+|)\s+(.*)$ ^firefox-locale-sk(?::\w+|)\s+(.*)$ ^firefox-locale-sl(?::\w+|)\s+(.*)$ ^firefox-locale-sq(?::\w+|)\s+(.*)$ ^firefox-locale-sr(?::\w+|)\s+(.*)$ ^firefox-locale-sv(?::\w+|)\s+(.*)$ ^firefox-locale-sw(?::\w+|)\s+(.*)$ ^firefox-locale-szl(?::\w+|)\s+(.*)$ ^firefox-locale-ta(?::\w+|)\s+(.*)$ ^firefox-locale-te(?::\w+|)\s+(.*)$ ^firefox-locale-tg(?::\w+|)\s+(.*)$ ^firefox-locale-th(?::\w+|)\s+(.*)$ ^firefox-locale-tr(?::\w+|)\s+(.*)$ ^firefox-locale-uk(?::\w+|)\s+(.*)$ ^firefox-locale-ur(?::\w+|)\s+(.*)$ ^firefox-locale-uz(?::\w+|)\s+(.*)$ ^firefox-locale-vi(?::\w+|)\s+(.*)$ ^firefox-locale-xh(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hans(?::\w+|)\s+(.*)$ ^firefox-locale-zh-hant(?::\w+|)\s+(.*)$ ^firefox-locale-zu(?::\w+|)\s+(.*)$ ^firefox-mozsymbols(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^python-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2(?::\w+|)\s+(.*)$ ^python-jinja2-doc(?::\w+|)\s+(.*)$ ^python3-jinja2(?::\w+|)\s+(.*)$ ^opensc(?::\w+|)\s+(.*)$ ^opensc-pkcs11(?::\w+|)\s+(.*)$ ^opensc(?::\w+|)\s+(.*)$ ^opensc-pkcs11(?::\w+|)\s+(.*)$ ^opensc(?::\w+|)\s+(.*)$ ^opensc-pkcs11(?::\w+|)\s+(.*)$ ^netatalk(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^idle-python3.8(?::\w+|)\s+(.*)$ ^libpython3.8(?::\w+|)\s+(.*)$ ^libpython3.8-dev(?::\w+|)\s+(.*)$ ^libpython3.8-minimal(?::\w+|)\s+(.*)$ ^libpython3.8-stdlib(?::\w+|)\s+(.*)$ ^libpython3.8-testsuite(?::\w+|)\s+(.*)$ ^python3.8(?::\w+|)\s+(.*)$ ^python3.8-dev(?::\w+|)\s+(.*)$ ^python3.8-doc(?::\w+|)\s+(.*)$ ^python3.8-examples(?::\w+|)\s+(.*)$ ^python3.8-full(?::\w+|)\s+(.*)$ ^python3.8-minimal(?::\w+|)\s+(.*)$ ^python3.8-venv(?::\w+|)\s+(.*)$ ^rar(?::\w+|)\s+(.*)$ ^libunrar-dev(?::\w+|)\s+(.*)$ ^libunrar5(?::\w+|)\s+(.*)$ ^unrar(?::\w+|)\s+(.*)$ ^libresteasy-java(?::\w+|)\s+(.*)$ ^freetype2-demos(?::\w+|)\s+(.*)$ ^freetype2-doc(?::\w+|)\s+(.*)$ ^libfreetype-dev(?::\w+|)\s+(.*)$ ^libfreetype6(?::\w+|)\s+(.*)$ ^libfreetype6-dev(?::\w+|)\s+(.*)$ ^plantuml(?::\w+|)\s+(.*)$ ^python3-djoser(?::\w+|)\s+(.*)$ ^python3-restrictedpython(?::\w+|)\s+(.*)$ ^liburiparser-dev(?::\w+|)\s+(.*)$ ^liburiparser-doc(?::\w+|)\s+(.*)$ ^liburiparser1(?::\w+|)\s+(.*)$ ^libxslt1-dev(?::\w+|)\s+(.*)$ ^libxslt1.1(?::\w+|)\s+(.*)$ ^xsltproc(?::\w+|)\s+(.*)$ ^alpine(?::\w+|)\s+(.*)$ ^alpine-doc(?::\w+|)\s+(.*)$ ^alpine-pico(?::\w+|)\s+(.*)$ ^pilot(?::\w+|)\s+(.*)$ ^libxslt1-dev(?::\w+|)\s+(.*)$ ^libxslt1.1(?::\w+|)\s+(.*)$ ^xsltproc(?::\w+|)\s+(.*)$ ^libpam-pkcs11(?::\w+|)\s+(.*)$ ^libsaml-dev(?::\w+|)\s+(.*)$ ^libsaml-doc(?::\w+|)\s+(.*)$ ^libsaml10(?::\w+|)\s+(.*)$ ^libsaml2-dev(?::\w+|)\s+(.*)$ ^libsaml2-doc(?::\w+|)\s+(.*)$ ^opensaml-schemas(?::\w+|)\s+(.*)$ ^opensaml-tools(?::\w+|)\s+(.*)$ ^opensaml2-schemas(?::\w+|)\s+(.*)$ ^opensaml2-tools(?::\w+|)\s+(.*)$ ^python3-nltk(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^libzvbi-common(?::\w+|)\s+(.*)$ ^libzvbi-dev(?::\w+|)\s+(.*)$ ^libzvbi-doc(?::\w+|)\s+(.*)$ ^libzvbi0(?::\w+|)\s+(.*)$ ^zvbi(?::\w+|)\s+(.*)$ ^libyaml-snake-java(?::\w+|)\s+(.*)$ ^libyaml-snake-java-doc(?::\w+|)\s+(.*)$ ^libvarnishapi-dev(?::\w+|)\s+(.*)$ ^libvarnishapi2(?::\w+|)\s+(.*)$ ^varnish(?::\w+|)\s+(.*)$ ^varnish-doc(?::\w+|)\s+(.*)$ ^golang-github-containerd-containerd-dev(?::\w+|)\s+(.*)$ ^containerd(?::\w+|)\s+(.*)$ ^elpa-org(?::\w+|)\s+(.*)$ ^org-mode(?::\w+|)\s+(.*)$ ^ghostscript(?::\w+|)\s+(.*)$ ^ghostscript-doc(?::\w+|)\s+(.*)$ ^ghostscript-x(?::\w+|)\s+(.*)$ ^libgs-dev(?::\w+|)\s+(.*)$ ^libgs9(?::\w+|)\s+(.*)$ ^libgs9-common(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-fips)(?::\w+|)\s+(.*)$ ^ovn-central(?::\w+|)\s+(.*)$ ^ovn-common(?::\w+|)\s+(.*)$ ^ovn-controller-vtep(?::\w+|)\s+(.*)$ ^ovn-doc(?::\w+|)\s+(.*)$ ^ovn-docker(?::\w+|)\s+(.*)$ ^ovn-host(?::\w+|)\s+(.*)$ ^ovn-ic(?::\w+|)\s+(.*)$ ^ovn-ic-db(?::\w+|)\s+(.*)$ ^aom-tools(?::\w+|)\s+(.*)$ ^libaom-dev(?::\w+|)\s+(.*)$ ^libaom-doc(?::\w+|)\s+(.*)$ ^libaom0(?::\w+|)\s+(.*)$ ^libtar-dev(?::\w+|)\s+(.*)$ ^libtar0(?::\w+|)\s+(.*)$ ^rabbitmq-server(?::\w+|)\s+(.*)$ ^libapache2-mod-php7.4(?::\w+|)\s+(.*)$ ^libphp7.4-embed(?::\w+|)\s+(.*)$ ^php7.4(?::\w+|)\s+(.*)$ ^php7.4-bcmath(?::\w+|)\s+(.*)$ ^php7.4-bz2(?::\w+|)\s+(.*)$ ^php7.4-cgi(?::\w+|)\s+(.*)$ ^php7.4-cli(?::\w+|)\s+(.*)$ ^php7.4-common(?::\w+|)\s+(.*)$ ^php7.4-curl(?::\w+|)\s+(.*)$ ^php7.4-dba(?::\w+|)\s+(.*)$ ^php7.4-dev(?::\w+|)\s+(.*)$ ^php7.4-enchant(?::\w+|)\s+(.*)$ ^php7.4-fpm(?::\w+|)\s+(.*)$ ^php7.4-gd(?::\w+|)\s+(.*)$ ^php7.4-gmp(?::\w+|)\s+(.*)$ ^php7.4-imap(?::\w+|)\s+(.*)$ ^php7.4-interbase(?::\w+|)\s+(.*)$ ^php7.4-intl(?::\w+|)\s+(.*)$ ^php7.4-json(?::\w+|)\s+(.*)$ ^php7.4-ldap(?::\w+|)\s+(.*)$ ^php7.4-mbstring(?::\w+|)\s+(.*)$ ^php7.4-mysql(?::\w+|)\s+(.*)$ ^php7.4-odbc(?::\w+|)\s+(.*)$ ^php7.4-opcache(?::\w+|)\s+(.*)$ ^php7.4-pgsql(?::\w+|)\s+(.*)$ ^php7.4-phpdbg(?::\w+|)\s+(.*)$ ^php7.4-pspell(?::\w+|)\s+(.*)$ ^php7.4-readline(?::\w+|)\s+(.*)$ ^php7.4-snmp(?::\w+|)\s+(.*)$ ^php7.4-soap(?::\w+|)\s+(.*)$ ^php7.4-sqlite3(?::\w+|)\s+(.*)$ ^php7.4-sybase(?::\w+|)\s+(.*)$ ^php7.4-tidy(?::\w+|)\s+(.*)$ ^php7.4-xml(?::\w+|)\s+(.*)$ ^php7.4-xmlrpc(?::\w+|)\s+(.*)$ ^php7.4-xsl(?::\w+|)\s+(.*)$ ^php7.4-zip(?::\w+|)\s+(.*)$ ^php-seclib(?::\w+|)\s+(.*)$ ^php-phpseclib(?::\w+|)\s+(.*)$ ^inspircd(?::\w+|)\s+(.*)$ ^inspircd-dev(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fips)(?::\w+|)\s+(.*)$ ^ruby-saml(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^dirmngr(?::\w+|)\s+(.*)$ ^gnupg(?::\w+|)\s+(.*)$ ^gnupg-agent(?::\w+|)\s+(.*)$ ^gnupg-l10n(?::\w+|)\s+(.*)$ ^gnupg-utils(?::\w+|)\s+(.*)$ ^gnupg2(?::\w+|)\s+(.*)$ ^gpg(?::\w+|)\s+(.*)$ ^gpg-agent(?::\w+|)\s+(.*)$ ^gpg-wks-client(?::\w+|)\s+(.*)$ ^gpg-wks-server(?::\w+|)\s+(.*)$ ^gpgconf(?::\w+|)\s+(.*)$ ^gpgsm(?::\w+|)\s+(.*)$ ^gpgv(?::\w+|)\s+(.*)$ ^gpgv-static(?::\w+|)\s+(.*)$ ^gpgv-win32(?::\w+|)\s+(.*)$ ^gpgv2(?::\w+|)\s+(.*)$ ^scdaemon(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^kamailio(?::\w+|)\s+(.*)$ ^kamailio-autheph-modules(?::\w+|)\s+(.*)$ ^kamailio-berkeley-bin(?::\w+|)\s+(.*)$ ^kamailio-berkeley-modules(?::\w+|)\s+(.*)$ ^kamailio-cnxcc-modules(?::\w+|)\s+(.*)$ ^kamailio-cpl-modules(?::\w+|)\s+(.*)$ ^kamailio-erlang-modules(?::\w+|)\s+(.*)$ ^kamailio-extra-modules(?::\w+|)\s+(.*)$ ^kamailio-geoip-modules(?::\w+|)\s+(.*)$ ^kamailio-geoip2-modules(?::\w+|)\s+(.*)$ ^kamailio-ims-modules(?::\w+|)\s+(.*)$ ^kamailio-json-modules(?::\w+|)\s+(.*)$ ^kamailio-kazoo-modules(?::\w+|)\s+(.*)$ ^kamailio-ldap-modules(?::\w+|)\s+(.*)$ ^kamailio-lua-modules(?::\w+|)\s+(.*)$ ^kamailio-memcached-modules(?::\w+|)\s+(.*)$ ^kamailio-mongodb-modules(?::\w+|)\s+(.*)$ ^kamailio-mono-modules(?::\w+|)\s+(.*)$ ^kamailio-mysql-modules(?::\w+|)\s+(.*)$ ^kamailio-outbound-modules(?::\w+|)\s+(.*)$ ^kamailio-perl-modules(?::\w+|)\s+(.*)$ ^kamailio-phonenum-modules(?::\w+|)\s+(.*)$ ^kamailio-postgres-modules(?::\w+|)\s+(.*)$ ^kamailio-presence-modules(?::\w+|)\s+(.*)$ ^kamailio-python3-modules(?::\w+|)\s+(.*)$ ^kamailio-rabbitmq-modules(?::\w+|)\s+(.*)$ ^kamailio-radius-modules(?::\w+|)\s+(.*)$ ^kamailio-redis-modules(?::\w+|)\s+(.*)$ ^kamailio-ruby-modules(?::\w+|)\s+(.*)$ ^kamailio-sctp-modules(?::\w+|)\s+(.*)$ ^kamailio-snmpstats-modules(?::\w+|)\s+(.*)$ ^kamailio-sqlite-modules(?::\w+|)\s+(.*)$ ^kamailio-systemd-modules(?::\w+|)\s+(.*)$ ^kamailio-tls-modules(?::\w+|)\s+(.*)$ ^kamailio-unixodbc-modules(?::\w+|)\s+(.*)$ ^kamailio-utils-modules(?::\w+|)\s+(.*)$ ^kamailio-websocket-modules(?::\w+|)\s+(.*)$ ^kamailio-xml-modules(?::\w+|)\s+(.*)$ ^kamailio-xmpp-modules(?::\w+|)\s+(.*)$ ^libruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7(?::\w+|)\s+(.*)$ ^ruby2.7-dev(?::\w+|)\s+(.*)$ ^ruby2.7-doc(?::\w+|)\s+(.*)$ ^vim(?::\w+|)\s+(.*)$ ^vim-athena(?::\w+|)\s+(.*)$ ^vim-common(?::\w+|)\s+(.*)$ ^vim-doc(?::\w+|)\s+(.*)$ ^vim-gtk(?::\w+|)\s+(.*)$ ^vim-gtk3(?::\w+|)\s+(.*)$ ^vim-gui-common(?::\w+|)\s+(.*)$ ^vim-nox(?::\w+|)\s+(.*)$ ^vim-runtime(?::\w+|)\s+(.*)$ ^vim-tiny(?::\w+|)\s+(.*)$ ^xxd(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^fis-gtm(?::\w+|)\s+(.*)$ ^fis-gtm-6.3-007(?::\w+|)\s+(.*)$ ^binutils(?::\w+|)\s+(.*)$ ^binutils-aarch64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-alpha-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabi(?::\w+|)\s+(.*)$ ^binutils-arm-linux-gnueabihf(?::\w+|)\s+(.*)$ ^binutils-common(?::\w+|)\s+(.*)$ ^binutils-dev(?::\w+|)\s+(.*)$ ^binutils-doc(?::\w+|)\s+(.*)$ ^binutils-for-build(?::\w+|)\s+(.*)$ ^binutils-for-host(?::\w+|)\s+(.*)$ ^binutils-hppa-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-hppa64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-i686-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-ia64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-m68k-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-multiarch(?::\w+|)\s+(.*)$ ^binutils-multiarch-dev(?::\w+|)\s+(.*)$ ^binutils-powerpc-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-powerpc64le-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-riscv64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-s390x-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-sh4-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-source(?::\w+|)\s+(.*)$ ^binutils-sparc64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-kfreebsd-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnu(?::\w+|)\s+(.*)$ ^binutils-x86-64-linux-gnux32(?::\w+|)\s+(.*)$ ^libbinutils(?::\w+|)\s+(.*)$ ^libctf-nobfd0(?::\w+|)\s+(.*)$ ^libctf0(?::\w+|)\s+(.*)$ ^erlang(?::\w+|)\s+(.*)$ ^erlang-asn1(?::\w+|)\s+(.*)$ ^erlang-base(?::\w+|)\s+(.*)$ ^erlang-base-hipe(?::\w+|)\s+(.*)$ ^erlang-common-test(?::\w+|)\s+(.*)$ ^erlang-crypto(?::\w+|)\s+(.*)$ ^erlang-debugger(?::\w+|)\s+(.*)$ ^erlang-dev(?::\w+|)\s+(.*)$ ^erlang-dialyzer(?::\w+|)\s+(.*)$ ^erlang-diameter(?::\w+|)\s+(.*)$ ^erlang-doc(?::\w+|)\s+(.*)$ ^erlang-edoc(?::\w+|)\s+(.*)$ ^erlang-eldap(?::\w+|)\s+(.*)$ ^erlang-erl-docgen(?::\w+|)\s+(.*)$ ^erlang-et(?::\w+|)\s+(.*)$ ^erlang-eunit(?::\w+|)\s+(.*)$ ^erlang-examples(?::\w+|)\s+(.*)$ ^erlang-ftp(?::\w+|)\s+(.*)$ ^erlang-inets(?::\w+|)\s+(.*)$ ^erlang-jinterface(?::\w+|)\s+(.*)$ ^erlang-manpages(?::\w+|)\s+(.*)$ ^erlang-megaco(?::\w+|)\s+(.*)$ ^erlang-mnesia(?::\w+|)\s+(.*)$ ^erlang-mode(?::\w+|)\s+(.*)$ ^erlang-nox(?::\w+|)\s+(.*)$ ^erlang-observer(?::\w+|)\s+(.*)$ ^erlang-odbc(?::\w+|)\s+(.*)$ ^erlang-os-mon(?::\w+|)\s+(.*)$ ^erlang-parsetools(?::\w+|)\s+(.*)$ ^erlang-public-key(?::\w+|)\s+(.*)$ ^erlang-reltool(?::\w+|)\s+(.*)$ ^erlang-runtime-tools(?::\w+|)\s+(.*)$ ^erlang-snmp(?::\w+|)\s+(.*)$ ^erlang-src(?::\w+|)\s+(.*)$ ^erlang-ssh(?::\w+|)\s+(.*)$ ^erlang-ssl(?::\w+|)\s+(.*)$ ^erlang-syntax-tools(?::\w+|)\s+(.*)$ ^erlang-tftp(?::\w+|)\s+(.*)$ ^erlang-tools(?::\w+|)\s+(.*)$ ^erlang-wx(?::\w+|)\s+(.*)$ ^erlang-x11(?::\w+|)\s+(.*)$ ^erlang-xmerl(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^dino-im(?::\w+|)\s+(.*)$ ^dino-im-common(?::\w+|)\s+(.*)$ ^gir1.2-soup-2.4(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-1(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-1(?::\w+|)\s+(.*)$ ^libsoup2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-doc(?::\w+|)\s+(.*)$ ^libsoup2.4-tests(?::\w+|)\s+(.*)$ ^imagemagick(?::\w+|)\s+(.*)$ ^imagemagick-6-common(?::\w+|)\s+(.*)$ ^imagemagick-6-doc(?::\w+|)\s+(.*)$ ^imagemagick-6.q16(?::\w+|)\s+(.*)$ ^imagemagick-6.q16hdri(?::\w+|)\s+(.*)$ ^imagemagick-common(?::\w+|)\s+(.*)$ ^imagemagick-doc(?::\w+|)\s+(.*)$ ^libimage-magick-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16-perl(?::\w+|)\s+(.*)$ ^libimage-magick-q16hdri-perl(?::\w+|)\s+(.*)$ ^libmagick++-6-headers(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-8(?::\w+|)\s+(.*)$ ^libmagick++-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagick++-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6-arch-config(?::\w+|)\s+(.*)$ ^libmagickcore-6-headers(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-6-extra(?::\w+|)\s+(.*)$ ^libmagickcore-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickcore-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6-headers(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16-dev(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-6(?::\w+|)\s+(.*)$ ^libmagickwand-6.q16hdri-dev(?::\w+|)\s+(.*)$ ^libmagickwand-dev(?::\w+|)\s+(.*)$ ^perlmagick(?::\w+|)\s+(.*)$ ^libmosquitto-dev(?::\w+|)\s+(.*)$ ^libmosquitto1(?::\w+|)\s+(.*)$ ^libmosquittopp-dev(?::\w+|)\s+(.*)$ ^libmosquittopp1(?::\w+|)\s+(.*)$ ^mosquitto(?::\w+|)\s+(.*)$ ^mosquitto-clients(?::\w+|)\s+(.*)$ ^mosquitto-dev(?::\w+|)\s+(.*)$ ^erlang(?::\w+|)\s+(.*)$ ^erlang-asn1(?::\w+|)\s+(.*)$ ^erlang-base(?::\w+|)\s+(.*)$ ^erlang-base-hipe(?::\w+|)\s+(.*)$ ^erlang-common-test(?::\w+|)\s+(.*)$ ^erlang-crypto(?::\w+|)\s+(.*)$ ^erlang-debugger(?::\w+|)\s+(.*)$ ^erlang-dev(?::\w+|)\s+(.*)$ ^erlang-dialyzer(?::\w+|)\s+(.*)$ ^erlang-diameter(?::\w+|)\s+(.*)$ ^erlang-doc(?::\w+|)\s+(.*)$ ^erlang-edoc(?::\w+|)\s+(.*)$ ^erlang-eldap(?::\w+|)\s+(.*)$ ^erlang-erl-docgen(?::\w+|)\s+(.*)$ ^erlang-et(?::\w+|)\s+(.*)$ ^erlang-eunit(?::\w+|)\s+(.*)$ ^erlang-examples(?::\w+|)\s+(.*)$ ^erlang-ftp(?::\w+|)\s+(.*)$ ^erlang-inets(?::\w+|)\s+(.*)$ ^erlang-jinterface(?::\w+|)\s+(.*)$ ^erlang-manpages(?::\w+|)\s+(.*)$ ^erlang-megaco(?::\w+|)\s+(.*)$ ^erlang-mnesia(?::\w+|)\s+(.*)$ ^erlang-mode(?::\w+|)\s+(.*)$ ^erlang-nox(?::\w+|)\s+(.*)$ ^erlang-observer(?::\w+|)\s+(.*)$ ^erlang-odbc(?::\w+|)\s+(.*)$ ^erlang-os-mon(?::\w+|)\s+(.*)$ ^erlang-parsetools(?::\w+|)\s+(.*)$ ^erlang-public-key(?::\w+|)\s+(.*)$ ^erlang-reltool(?::\w+|)\s+(.*)$ ^erlang-runtime-tools(?::\w+|)\s+(.*)$ ^erlang-snmp(?::\w+|)\s+(.*)$ ^erlang-src(?::\w+|)\s+(.*)$ ^erlang-ssh(?::\w+|)\s+(.*)$ ^erlang-ssl(?::\w+|)\s+(.*)$ ^erlang-syntax-tools(?::\w+|)\s+(.*)$ ^erlang-tftp(?::\w+|)\s+(.*)$ ^erlang-tools(?::\w+|)\s+(.*)$ ^erlang-wx(?::\w+|)\s+(.*)$ ^erlang-x11(?::\w+|)\s+(.*)$ ^erlang-xmerl(?::\w+|)\s+(.*)$ ^matrix-synapse(?::\w+|)\s+(.*)$ ^yelp-xsl(?::\w+|)\s+(.*)$ ^libyelp-dev(?::\w+|)\s+(.*)$ ^libyelp0(?::\w+|)\s+(.*)$ ^yelp(?::\w+|)\s+(.*)$ ^libarchive-dev(?::\w+|)\s+(.*)$ ^libarchive-tools(?::\w+|)\s+(.*)$ ^libarchive13(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^php-twig(?::\w+|)\s+(.*)$ ^php-twig-cssinliner-extra(?::\w+|)\s+(.*)$ ^php-twig-doc(?::\w+|)\s+(.*)$ ^php-twig-extra-bundle(?::\w+|)\s+(.*)$ ^php-twig-html-extra(?::\w+|)\s+(.*)$ ^php-twig-inky-extra(?::\w+|)\s+(.*)$ ^php-twig-intl-extra(?::\w+|)\s+(.*)$ ^php-twig-markdown-extra(?::\w+|)\s+(.*)$ ^openssh-client(?::\w+|)\s+(.*)$ ^openssh-server(?::\w+|)\s+(.*)$ ^openssh-sftp-server(?::\w+|)\s+(.*)$ ^openssh-tests(?::\w+|)\s+(.*)$ ^ssh(?::\w+|)\s+(.*)$ ^ssh-askpass-gnome(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-iot)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws-fips)(?::\w+|)\s+(.*)$ ^kicad(?::\w+|)\s+(.*)$ ^kicad-common(?::\w+|)\s+(.*)$ ^kicad-demos(?::\w+|)\s+(.*)$ ^kicad-doc-ca(?::\w+|)\s+(.*)$ ^kicad-doc-de(?::\w+|)\s+(.*)$ ^kicad-doc-en(?::\w+|)\s+(.*)$ ^kicad-doc-es(?::\w+|)\s+(.*)$ ^kicad-doc-fr(?::\w+|)\s+(.*)$ ^kicad-doc-id(?::\w+|)\s+(.*)$ ^kicad-doc-it(?::\w+|)\s+(.*)$ ^kicad-doc-ja(?::\w+|)\s+(.*)$ ^kicad-doc-pl(?::\w+|)\s+(.*)$ ^kicad-doc-ru(?::\w+|)\s+(.*)$ ^kicad-doc-zh(?::\w+|)\s+(.*)$ ^kicad-libraries(?::\w+|)\s+(.*)$ ^libxml2(?::\w+|)\s+(.*)$ ^libxml2-dev(?::\w+|)\s+(.*)$ ^libxml2-doc(?::\w+|)\s+(.*)$ ^libxml2-utils(?::\w+|)\s+(.*)$ ^python-libxml2(?::\w+|)\s+(.*)$ ^python3-libxml2(?::\w+|)\s+(.*)$ ^trafficserver(?::\w+|)\s+(.*)$ ^trafficserver-dev(?::\w+|)\s+(.*)$ ^trafficserver-experimental-plugins(?::\w+|)\s+(.*)$ ^libnode-dev(?::\w+|)\s+(.*)$ ^libnode64(?::\w+|)\s+(.*)$ ^nodejs(?::\w+|)\s+(.*)$ ^nodejs-doc(?::\w+|)\s+(.*)$ ^gir1.2-poppler-0.18(?::\w+|)\s+(.*)$ ^libpoppler-cpp-dev(?::\w+|)\s+(.*)$ ^libpoppler-cpp0v5(?::\w+|)\s+(.*)$ ^libpoppler-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-dev(?::\w+|)\s+(.*)$ ^libpoppler-glib-doc(?::\w+|)\s+(.*)$ ^libpoppler-glib8(?::\w+|)\s+(.*)$ ^libpoppler-private-dev(?::\w+|)\s+(.*)$ ^libpoppler-qt5-1(?::\w+|)\s+(.*)$ ^libpoppler-qt5-dev(?::\w+|)\s+(.*)$ ^libpoppler97(?::\w+|)\s+(.*)$ ^poppler-utils(?::\w+|)\s+(.*)$ ^micropython(?::\w+|)\s+(.*)$ ^micropython-doc(?::\w+|)\s+(.*)$ ^golang-docker-dev(?::\w+|)\s+(.*)$ ^golang-github-docker-docker-dev(?::\w+|)\s+(.*)$ ^vim-syntax-docker(?::\w+|)\s+(.*)$ ^python-scrapy-doc(?::\w+|)\s+(.*)$ ^python3-scrapy(?::\w+|)\s+(.*)$ ^corosync(?::\w+|)\s+(.*)$ ^corosync-doc(?::\w+|)\s+(.*)$ ^corosync-notifyd(?::\w+|)\s+(.*)$ ^corosync-vqsim(?::\w+|)\s+(.*)$ ^libcfg-dev(?::\w+|)\s+(.*)$ ^libcfg7(?::\w+|)\s+(.*)$ ^libcmap-dev(?::\w+|)\s+(.*)$ ^libcmap4(?::\w+|)\s+(.*)$ ^libcorosync-common-dev(?::\w+|)\s+(.*)$ ^libcorosync-common4(?::\w+|)\s+(.*)$ ^libcpg-dev(?::\w+|)\s+(.*)$ ^libcpg4(?::\w+|)\s+(.*)$ ^libquorum-dev(?::\w+|)\s+(.*)$ ^libquorum5(?::\w+|)\s+(.*)$ ^libsam-dev(?::\w+|)\s+(.*)$ ^libsam4(?::\w+|)\s+(.*)$ ^libvotequorum-dev(?::\w+|)\s+(.*)$ ^libvotequorum8(?::\w+|)\s+(.*)$ ^libmysqlclient-dev(?::\w+|)\s+(.*)$ ^libmysqlclient21(?::\w+|)\s+(.*)$ ^mysql-client(?::\w+|)\s+(.*)$ ^mysql-client-8.0(?::\w+|)\s+(.*)$ ^mysql-client-core-8.0(?::\w+|)\s+(.*)$ ^mysql-router(?::\w+|)\s+(.*)$ ^mysql-server(?::\w+|)\s+(.*)$ ^mysql-server-8.0(?::\w+|)\s+(.*)$ ^mysql-server-core-8.0(?::\w+|)\s+(.*)$ ^mysql-source-8.0(?::\w+|)\s+(.*)$ ^mysql-testsuite(?::\w+|)\s+(.*)$ ^mysql-testsuite-8.0(?::\w+|)\s+(.*)$ ^openjdk-8-demo(?::\w+|)\s+(.*)$ ^openjdk-8-doc(?::\w+|)\s+(.*)$ ^openjdk-8-jdk(?::\w+|)\s+(.*)$ ^openjdk-8-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre(?::\w+|)\s+(.*)$ ^openjdk-8-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-8-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-8-source(?::\w+|)\s+(.*)$ ^openjdk-11-demo(?::\w+|)\s+(.*)$ ^openjdk-11-doc(?::\w+|)\s+(.*)$ ^openjdk-11-jdk(?::\w+|)\s+(.*)$ ^openjdk-11-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre(?::\w+|)\s+(.*)$ ^openjdk-11-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-11-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-11-source(?::\w+|)\s+(.*)$ ^openjdk-17-demo(?::\w+|)\s+(.*)$ ^openjdk-17-doc(?::\w+|)\s+(.*)$ ^openjdk-17-jdk(?::\w+|)\s+(.*)$ ^openjdk-17-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre(?::\w+|)\s+(.*)$ ^openjdk-17-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-17-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-17-source(?::\w+|)\s+(.*)$ ^openjdk-21-demo(?::\w+|)\s+(.*)$ ^openjdk-21-doc(?::\w+|)\s+(.*)$ ^openjdk-21-jdk(?::\w+|)\s+(.*)$ ^openjdk-21-jdk-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre(?::\w+|)\s+(.*)$ ^openjdk-21-jre-headless(?::\w+|)\s+(.*)$ ^openjdk-21-jre-zero(?::\w+|)\s+(.*)$ ^openjdk-21-source(?::\w+|)\s+(.*)$ ^openjdk-21-testsupport(?::\w+|)\s+(.*)$ ^libraw-bin(?::\w+|)\s+(.*)$ ^libraw-dev(?::\w+|)\s+(.*)$ ^libraw-doc(?::\w+|)\s+(.*)$ ^libraw19(?::\w+|)\s+(.*)$ ^idle-python2.7(?::\w+|)\s+(.*)$ ^libpython2.7(?::\w+|)\s+(.*)$ ^libpython2.7-dev(?::\w+|)\s+(.*)$ ^libpython2.7-minimal(?::\w+|)\s+(.*)$ ^libpython2.7-stdlib(?::\w+|)\s+(.*)$ ^libpython2.7-testsuite(?::\w+|)\s+(.*)$ ^python2.7(?::\w+|)\s+(.*)$ ^python2.7-dev(?::\w+|)\s+(.*)$ ^python2.7-doc(?::\w+|)\s+(.*)$ ^python2.7-examples(?::\w+|)\s+(.*)$ ^python2.7-minimal(?::\w+|)\s+(.*)$ ^idle-python3.9(?::\w+|)\s+(.*)$ ^libpython3.9(?::\w+|)\s+(.*)$ ^libpython3.9-dev(?::\w+|)\s+(.*)$ ^libpython3.9-minimal(?::\w+|)\s+(.*)$ ^libpython3.9-stdlib(?::\w+|)\s+(.*)$ ^libpython3.9-testsuite(?::\w+|)\s+(.*)$ ^python3.9(?::\w+|)\s+(.*)$ ^python3.9-dev(?::\w+|)\s+(.*)$ ^python3.9-doc(?::\w+|)\s+(.*)$ ^python3.9-examples(?::\w+|)\s+(.*)$ ^python3.9-full(?::\w+|)\s+(.*)$ ^python3.9-minimal(?::\w+|)\s+(.*)$ ^python3.9-venv(?::\w+|)\s+(.*)$ ^gir1.2-soup-2.4(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-1(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-1(?::\w+|)\s+(.*)$ ^libsoup2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-doc(?::\w+|)\s+(.*)$ ^libsoup2.4-tests(?::\w+|)\s+(.*)$ ^gir1.2-soup-2.4(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-1(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-1(?::\w+|)\s+(.*)$ ^libsoup2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-doc(?::\w+|)\s+(.*)$ ^libsoup2.4-tests(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-generic|-generic-64k|-generic-lpae|-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure-fde)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^ruby-carrierwave(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^libreoffice-nlpsolver(?::\w+|)\s+(.*)$ ^libreoffice-wiki-publisher(?::\w+|)\s+(.*)$ ^gir1.2-lokdocview-0.1(?::\w+|)\s+(.*)$ ^libjuh-java(?::\w+|)\s+(.*)$ ^libjurt-java(?::\w+|)\s+(.*)$ ^liblibreofficekitgtk(?::\w+|)\s+(.*)$ ^libofficebean-java(?::\w+|)\s+(.*)$ ^libreoffice(?::\w+|)\s+(.*)$ ^libreoffice-avmedia-backend-gstreamer(?::\w+|)\s+(.*)$ ^libreoffice-base(?::\w+|)\s+(.*)$ ^libreoffice-base-core(?::\w+|)\s+(.*)$ ^libreoffice-base-drivers(?::\w+|)\s+(.*)$ ^libreoffice-base-nogui(?::\w+|)\s+(.*)$ ^libreoffice-calc(?::\w+|)\s+(.*)$ ^libreoffice-calc-nogui(?::\w+|)\s+(.*)$ ^libreoffice-common(?::\w+|)\s+(.*)$ ^libreoffice-core(?::\w+|)\s+(.*)$ ^libreoffice-core-nogui(?::\w+|)\s+(.*)$ ^libreoffice-dev(?::\w+|)\s+(.*)$ ^libreoffice-dev-common(?::\w+|)\s+(.*)$ ^libreoffice-dev-doc(?::\w+|)\s+(.*)$ ^libreoffice-draw(?::\w+|)\s+(.*)$ ^libreoffice-draw-nogui(?::\w+|)\s+(.*)$ ^libreoffice-evolution(?::\w+|)\s+(.*)$ ^libreoffice-gnome(?::\w+|)\s+(.*)$ ^libreoffice-gtk(?::\w+|)\s+(.*)$ ^libreoffice-gtk2(?::\w+|)\s+(.*)$ ^libreoffice-gtk3(?::\w+|)\s+(.*)$ ^libreoffice-help-ca(?::\w+|)\s+(.*)$ ^libreoffice-help-common(?::\w+|)\s+(.*)$ ^libreoffice-help-cs(?::\w+|)\s+(.*)$ ^libreoffice-help-da(?::\w+|)\s+(.*)$ ^libreoffice-help-de(?::\w+|)\s+(.*)$ ^libreoffice-help-dz(?::\w+|)\s+(.*)$ ^libreoffice-help-el(?::\w+|)\s+(.*)$ ^libreoffice-help-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-help-en-us(?::\w+|)\s+(.*)$ ^libreoffice-help-es(?::\w+|)\s+(.*)$ ^libreoffice-help-et(?::\w+|)\s+(.*)$ ^libreoffice-help-eu(?::\w+|)\s+(.*)$ ^libreoffice-help-fi(?::\w+|)\s+(.*)$ ^libreoffice-help-fr(?::\w+|)\s+(.*)$ ^libreoffice-help-gl(?::\w+|)\s+(.*)$ ^libreoffice-help-hi(?::\w+|)\s+(.*)$ ^libreoffice-help-hu(?::\w+|)\s+(.*)$ ^libreoffice-help-id(?::\w+|)\s+(.*)$ ^libreoffice-help-it(?::\w+|)\s+(.*)$ ^libreoffice-help-ja(?::\w+|)\s+(.*)$ ^libreoffice-help-km(?::\w+|)\s+(.*)$ ^libreoffice-help-ko(?::\w+|)\s+(.*)$ ^libreoffice-help-nl(?::\w+|)\s+(.*)$ ^libreoffice-help-om(?::\w+|)\s+(.*)$ ^libreoffice-help-pl(?::\w+|)\s+(.*)$ ^libreoffice-help-pt(?::\w+|)\s+(.*)$ ^libreoffice-help-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-help-ru(?::\w+|)\s+(.*)$ ^libreoffice-help-sk(?::\w+|)\s+(.*)$ ^libreoffice-help-sl(?::\w+|)\s+(.*)$ ^libreoffice-help-sv(?::\w+|)\s+(.*)$ ^libreoffice-help-tr(?::\w+|)\s+(.*)$ ^libreoffice-help-vi(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-help-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-impress(?::\w+|)\s+(.*)$ ^libreoffice-impress-nogui(?::\w+|)\s+(.*)$ ^libreoffice-java-common(?::\w+|)\s+(.*)$ ^libreoffice-kde(?::\w+|)\s+(.*)$ ^libreoffice-kde4(?::\w+|)\s+(.*)$ ^libreoffice-kde5(?::\w+|)\s+(.*)$ ^libreoffice-kf5(?::\w+|)\s+(.*)$ ^libreoffice-l10n-af(?::\w+|)\s+(.*)$ ^libreoffice-l10n-am(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ar(?::\w+|)\s+(.*)$ ^libreoffice-l10n-as(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ast(?::\w+|)\s+(.*)$ ^libreoffice-l10n-be(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-bs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ca(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cs(?::\w+|)\s+(.*)$ ^libreoffice-l10n-cy(?::\w+|)\s+(.*)$ ^libreoffice-l10n-da(?::\w+|)\s+(.*)$ ^libreoffice-l10n-de(?::\w+|)\s+(.*)$ ^libreoffice-l10n-dz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-el(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-gb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-en-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eo(?::\w+|)\s+(.*)$ ^libreoffice-l10n-es(?::\w+|)\s+(.*)$ ^libreoffice-l10n-et(?::\w+|)\s+(.*)$ ^libreoffice-l10n-eu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fa(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-fr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ga(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gd(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-gug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-he(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-hu(?::\w+|)\s+(.*)$ ^libreoffice-l10n-id(?::\w+|)\s+(.*)$ ^libreoffice-l10n-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-is(?::\w+|)\s+(.*)$ ^libreoffice-l10n-it(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ja(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ka(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-km(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kmr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-kn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ko(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-lv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ml(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-mr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nb(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ne(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-nso(?::\w+|)\s+(.*)$ ^libreoffice-l10n-oc(?::\w+|)\s+(.*)$ ^libreoffice-l10n-om(?::\w+|)\s+(.*)$ ^libreoffice-l10n-or(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pa-in(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt(?::\w+|)\s+(.*)$ ^libreoffice-l10n-pt-br(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ro(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ru(?::\w+|)\s+(.*)$ ^libreoffice-l10n-rw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-si(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ss(?::\w+|)\s+(.*)$ ^libreoffice-l10n-st(?::\w+|)\s+(.*)$ ^libreoffice-l10n-sv(?::\w+|)\s+(.*)$ ^libreoffice-l10n-szl(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ta(?::\w+|)\s+(.*)$ ^libreoffice-l10n-te(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tg(?::\w+|)\s+(.*)$ ^libreoffice-l10n-th(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-tr(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ts(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ug(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uk(?::\w+|)\s+(.*)$ ^libreoffice-l10n-uz(?::\w+|)\s+(.*)$ ^libreoffice-l10n-ve(?::\w+|)\s+(.*)$ ^libreoffice-l10n-vi(?::\w+|)\s+(.*)$ ^libreoffice-l10n-xh(?::\w+|)\s+(.*)$ ^libreoffice-l10n-za(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-cn(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zh-tw(?::\w+|)\s+(.*)$ ^libreoffice-l10n-zu(?::\w+|)\s+(.*)$ ^libreoffice-librelogo(?::\w+|)\s+(.*)$ ^libreoffice-math(?::\w+|)\s+(.*)$ ^libreoffice-math-nogui(?::\w+|)\s+(.*)$ ^libreoffice-mysql-connector(?::\w+|)\s+(.*)$ ^libreoffice-officebean(?::\w+|)\s+(.*)$ ^libreoffice-ogltrans(?::\w+|)\s+(.*)$ ^libreoffice-pdfimport(?::\w+|)\s+(.*)$ ^libreoffice-plasma(?::\w+|)\s+(.*)$ ^libreoffice-qt5(?::\w+|)\s+(.*)$ ^libreoffice-report-builder(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin(?::\w+|)\s+(.*)$ ^libreoffice-report-builder-bin-nogui(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-bsh(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-js(?::\w+|)\s+(.*)$ ^libreoffice-script-provider-python(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-firebird(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-hsqldb(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-mysql(?::\w+|)\s+(.*)$ ^libreoffice-sdbc-postgresql(?::\w+|)\s+(.*)$ ^libreoffice-smoketest-data(?::\w+|)\s+(.*)$ ^libreoffice-style-breeze(?::\w+|)\s+(.*)$ ^libreoffice-style-colibre(?::\w+|)\s+(.*)$ ^libreoffice-style-elementary(?::\w+|)\s+(.*)$ ^libreoffice-style-galaxy(?::\w+|)\s+(.*)$ ^libreoffice-style-hicontrast(?::\w+|)\s+(.*)$ ^libreoffice-style-human(?::\w+|)\s+(.*)$ ^libreoffice-style-karasa-jaga(?::\w+|)\s+(.*)$ ^libreoffice-style-oxygen(?::\w+|)\s+(.*)$ ^libreoffice-style-sifr(?::\w+|)\s+(.*)$ ^libreoffice-style-tango(?::\w+|)\s+(.*)$ ^libreoffice-subsequentcheckbase(?::\w+|)\s+(.*)$ ^libreoffice-systray(?::\w+|)\s+(.*)$ ^libreoffice-writer(?::\w+|)\s+(.*)$ ^libreoffice-writer-nogui(?::\w+|)\s+(.*)$ ^libreofficekit-data(?::\w+|)\s+(.*)$ ^libreofficekit-dev(?::\w+|)\s+(.*)$ ^libridl-java(?::\w+|)\s+(.*)$ ^libuno-cppu3(?::\w+|)\s+(.*)$ ^libuno-cppuhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-purpenvhelpergcc3-3(?::\w+|)\s+(.*)$ ^libuno-sal3(?::\w+|)\s+(.*)$ ^libuno-salhelpergcc3-3(?::\w+|)\s+(.*)$ ^libunoil-java(?::\w+|)\s+(.*)$ ^libunoloader-java(?::\w+|)\s+(.*)$ ^python3-access2base(?::\w+|)\s+(.*)$ ^python3-uno(?::\w+|)\s+(.*)$ ^uno-libs-private(?::\w+|)\s+(.*)$ ^ure(?::\w+|)\s+(.*)$ ^fonts-opensymbol(?::\w+|)\s+(.*)$ ^ruby-rack(?::\w+|)\s+(.*)$ ^open-vm-tools(?::\w+|)\s+(.*)$ ^open-vm-tools-desktop(?::\w+|)\s+(.*)$ ^open-vm-tools-dev(?::\w+|)\s+(.*)$ ^open-vm-tools-sdmp(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-lowlatency|-lowlatency-64k)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-intel-iotg)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.15.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-oracle)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-generic|-generic-lpae|-lowlatency)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-gcp-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-kvm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-ibm)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws-fips)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-aws)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-xilinx-zynqmp)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-bluefield)(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-azure-fips)(?::\w+|)\s+(.*)$ ^libecpg-compat3(?::\w+|)\s+(.*)$ ^libecpg-dev(?::\w+|)\s+(.*)$ ^libecpg6(?::\w+|)\s+(.*)$ ^libpgtypes3(?::\w+|)\s+(.*)$ ^libpq-dev(?::\w+|)\s+(.*)$ ^libpq5(?::\w+|)\s+(.*)$ ^postgresql-12(?::\w+|)\s+(.*)$ ^postgresql-client-12(?::\w+|)\s+(.*)$ ^postgresql-doc-12(?::\w+|)\s+(.*)$ ^postgresql-plperl-12(?::\w+|)\s+(.*)$ ^postgresql-plpython3-12(?::\w+|)\s+(.*)$ ^postgresql-pltcl-12(?::\w+|)\s+(.*)$ ^postgresql-server-dev-12(?::\w+|)\s+(.*)$ ^libtomcat9-embed-java(?::\w+|)\s+(.*)$ ^libtomcat9-java(?::\w+|)\s+(.*)$ ^tomcat9(?::\w+|)\s+(.*)$ ^tomcat9-admin(?::\w+|)\s+(.*)$ ^tomcat9-common(?::\w+|)\s+(.*)$ ^tomcat9-docs(?::\w+|)\s+(.*)$ ^tomcat9-examples(?::\w+|)\s+(.*)$ ^tomcat9-user(?::\w+|)\s+(.*)$ ^libfcgi-perl(?::\w+|)\s+(.*)$ ^lemon(?::\w+|)\s+(.*)$ ^libsqlite3-0(?::\w+|)\s+(.*)$ ^libsqlite3-dev(?::\w+|)\s+(.*)$ ^libsqlite3-tcl(?::\w+|)\s+(.*)$ ^sqlite3(?::\w+|)\s+(.*)$ ^sqlite3-doc(?::\w+|)\s+(.*)$ ^libtika-java(?::\w+|)\s+(.*)$ ^libglib2.0-0(?::\w+|)\s+(.*)$ ^libglib2.0-bin(?::\w+|)\s+(.*)$ ^libglib2.0-data(?::\w+|)\s+(.*)$ ^libglib2.0-dev(?::\w+|)\s+(.*)$ ^libglib2.0-dev-bin(?::\w+|)\s+(.*)$ ^libglib2.0-doc(?::\w+|)\s+(.*)$ ^libglib2.0-tests(?::\w+|)\s+(.*)$ ^intel-microcode(?::\w+|)\s+(.*)$ ^cifs-utils(?::\w+|)\s+(.*)$ ^net-tools(?::\w+|)\s+(.*)$ ^net-tools(?::\w+|)\s+(.*)$ ^ffmpeg(?::\w+|)\s+(.*)$ ^ffmpeg-doc(?::\w+|)\s+(.*)$ ^libavcodec-dev(?::\w+|)\s+(.*)$ ^libavcodec-extra(?::\w+|)\s+(.*)$ ^libavcodec-extra58(?::\w+|)\s+(.*)$ ^libavcodec58(?::\w+|)\s+(.*)$ ^libavdevice-dev(?::\w+|)\s+(.*)$ ^libavdevice58(?::\w+|)\s+(.*)$ ^libavfilter-dev(?::\w+|)\s+(.*)$ ^libavfilter-extra(?::\w+|)\s+(.*)$ ^libavfilter-extra7(?::\w+|)\s+(.*)$ ^libavfilter7(?::\w+|)\s+(.*)$ ^libavformat-dev(?::\w+|)\s+(.*)$ ^libavformat58(?::\w+|)\s+(.*)$ ^libavresample-dev(?::\w+|)\s+(.*)$ ^libavresample4(?::\w+|)\s+(.*)$ ^libavutil-dev(?::\w+|)\s+(.*)$ ^libavutil56(?::\w+|)\s+(.*)$ ^libpostproc-dev(?::\w+|)\s+(.*)$ ^libpostproc55(?::\w+|)\s+(.*)$ ^libswresample-dev(?::\w+|)\s+(.*)$ ^libswresample3(?::\w+|)\s+(.*)$ ^libswscale-dev(?::\w+|)\s+(.*)$ ^libswscale5(?::\w+|)\s+(.*)$ ^linux-image-(?:unsigned-)?5.4.0-\d+(?:-raspi)(?::\w+|)\s+(.*)$ ^glibc-doc(?::\w+|)\s+(.*)$ ^glibc-source(?::\w+|)\s+(.*)$ ^libc-bin(?::\w+|)\s+(.*)$ ^libc-dev-bin(?::\w+|)\s+(.*)$ ^libc6(?::\w+|)\s+(.*)$ ^libc6-amd64(?::\w+|)\s+(.*)$ ^libc6-armel(?::\w+|)\s+(.*)$ ^libc6-dev(?::\w+|)\s+(.*)$ ^libc6-dev-amd64(?::\w+|)\s+(.*)$ ^libc6-dev-armel(?::\w+|)\s+(.*)$ ^libc6-dev-i386(?::\w+|)\s+(.*)$ ^libc6-dev-s390(?::\w+|)\s+(.*)$ ^libc6-dev-x32(?::\w+|)\s+(.*)$ ^libc6-i386(?::\w+|)\s+(.*)$ ^libc6-lse(?::\w+|)\s+(.*)$ ^libc6-pic(?::\w+|)\s+(.*)$ ^libc6-prof(?::\w+|)\s+(.*)$ ^libc6-s390(?::\w+|)\s+(.*)$ ^libc6-x32(?::\w+|)\s+(.*)$ ^locales(?::\w+|)\s+(.*)$ ^locales-all(?::\w+|)\s+(.*)$ ^nscd(?::\w+|)\s+(.*)$ ^krb5-admin-server(?::\w+|)\s+(.*)$ ^krb5-doc(?::\w+|)\s+(.*)$ ^krb5-gss-samples(?::\w+|)\s+(.*)$ ^krb5-k5tls(?::\w+|)\s+(.*)$ ^krb5-kdc(?::\w+|)\s+(.*)$ ^krb5-kdc-ldap(?::\w+|)\s+(.*)$ ^krb5-kpropd(?::\w+|)\s+(.*)$ ^krb5-locales(?::\w+|)\s+(.*)$ ^krb5-multidev(?::\w+|)\s+(.*)$ ^krb5-otp(?::\w+|)\s+(.*)$ ^krb5-pkinit(?::\w+|)\s+(.*)$ ^krb5-user(?::\w+|)\s+(.*)$ ^libgssapi-krb5-2(?::\w+|)\s+(.*)$ ^libgssrpc4(?::\w+|)\s+(.*)$ ^libk5crypto3(?::\w+|)\s+(.*)$ ^libkadm5clnt-mit11(?::\w+|)\s+(.*)$ ^libkadm5srv-mit11(?::\w+|)\s+(.*)$ ^libkdb5-9(?::\w+|)\s+(.*)$ ^libkrad-dev(?::\w+|)\s+(.*)$ ^libkrad0(?::\w+|)\s+(.*)$ ^libkrb5-3(?::\w+|)\s+(.*)$ ^libkrb5-dev(?::\w+|)\s+(.*)$ ^libkrb5support0(?::\w+|)\s+(.*)$ ^gir1.2-soup-2.4(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-1(?::\w+|)\s+(.*)$ ^libsoup-gnome2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-1(?::\w+|)\s+(.*)$ ^libsoup2.4-dev(?::\w+|)\s+(.*)$ ^libsoup2.4-doc(?::\w+|)\s+(.*)$ ^libsoup2.4-tests(?::\w+|)\s+(.*)$ ^pypy-pkg-resources(?::\w+|)\s+(.*)$ ^pypy-setuptools(?::\w+|)\s+(.*)$ ^python-pkg-resources(?::\w+|)\s+(.*)$ ^python-setuptools(?::\w+|)\s+(.*)$ ^python-setuptools-doc(?::\w+|)\s+(.*)$ ^python3-pkg-resources(?::\w+|)\s+(.*)$ ^python3-setuptools(?::\w+|)\s+(.*)$ ^apport(?::\w+|)\s+(.*)$ ^apport-gtk(?::\w+|)\s+(.*)$ ^apport-kde(?::\w+|)\s+(.*)$ ^apport-noui(?::\w+|)\s+(.*)$ ^apport-retrace(?::\w+|)\s+(.*)$ ^apport-valgrind(?::\w+|)\s+(.*)$ ^dh-apport(?::\w+|)\s+(.*)$ ^python3-apport(?::\w+|)\s+(.*)$ ^python3-problem-report(?::\w+|)\s+(.*)$ ^libvpx-dev(?::\w+|)\s+(.*)$ ^libvpx-doc(?::\w+|)\s+(.*)$ ^libvpx6(?::\w+|)\s+(.*)$ ^vpx-tools(?::\w+|)\s+(.*)$ ^libwireshark-data(?::\w+|)\s+(.*)$ ^libwireshark-dev(?::\w+|)\s+(.*)$ ^libwireshark13(?::\w+|)\s+(.*)$ ^libwiretap-dev(?::\w+|)\s+(.*)$ ^libwiretap10(?::\w+|)\s+(.*)$ ^libwsutil-dev(?::\w+|)\s+(.*)$ ^libwsutil11(?::\w+|)\s+(.*)$ ^tshark(?::\w+|)\s+(.*)$ ^wireshark(?::\w+|)\s+(.*)$ ^wireshark-common(?::\w+|)\s+(.*)$ ^wireshark-dev(?::\w+|)\s+(.*)$ ^wireshark-doc(?::\w+|)\s+(.*)$ ^wireshark-gtk(?::\w+|)\s+(.*)$ ^wireshark-qt(?::\w+|)\s+(.*)$ ^python-django-doc(?::\w+|)\s+(.*)$ ^python3-django(?::\w+|)\s+(.*)$ ^fonts-glyphicons-halflings(?::\w+|)\s+(.*)$ ^libjs-bootstrap(?::\w+|)\s+(.*)$ ^libjs-bootstrap4(?::\w+|)\s+(.*)$ ^gir1.2-gst-plugins-bad-1.0(?::\w+|)\s+(.*)$ ^gstreamer1.0-opencv(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad(?::\w+|)\s+(.*)$ ^gstreamer1.0-plugins-bad-doc(?::\w+|)\s+(.*)$ ^libgstreamer-opencv1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-0(?::\w+|)\s+(.*)$ ^libgstreamer-plugins-bad1.0-dev(?::\w+|)\s+(.*)$