Ubuntu: (Multiple Advisories) (CVE-2024-27393): Linux kernel vulnerabilities
Description
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed that fixes tag were missing a call to page_pool_release_page() between v5.9 to v5.14, after which is should have used skb_mark_for_recycle(). Since v6.6 the call page_pool_release_page() were removed (in commit 535b9c61bdef ("net: page_pool: hide page_pool_release_page()") and remaining callers converted (in commit 6bfef2ec0172 ("Merge branch 'net-page_pool-remove-page_pool_release_page'")). This leak became visible in v6.8 via commit dba1b8a7ab68 ("mm/page_pool: catch page_pool memory leaks").
Solution(s)
- ubuntu-upgrade-linux-image-5-15-0-1048-gkeop
- ubuntu-upgrade-linux-image-5-15-0-1058-ibm
- ubuntu-upgrade-linux-image-5-15-0-1060-intel-iotg
- ubuntu-upgrade-linux-image-5-15-0-1060-nvidia
- ubuntu-upgrade-linux-image-5-15-0-1060-nvidia-lowlatency
- ubuntu-upgrade-linux-image-5-15-0-1062-gke
- ubuntu-upgrade-linux-image-5-15-0-1062-kvm
- ubuntu-upgrade-linux-image-5-15-0-1063-oracle
- ubuntu-upgrade-linux-image-5-15-0-1064-gcp
- ubuntu-upgrade-linux-image-5-15-0-1068-azure
- ubuntu-upgrade-linux-image-5-15-0-116-generic
- ubuntu-upgrade-linux-image-5-15-0-116-generic-64k
- ubuntu-upgrade-linux-image-5-15-0-116-generic-lpae
- ubuntu-upgrade-linux-image-5-15-0-116-lowlatency
- ubuntu-upgrade-linux-image-5-15-0-116-lowlatency-64k
- ubuntu-upgrade-linux-image-azure
- ubuntu-upgrade-linux-image-azure-cvm
- ubuntu-upgrade-linux-image-azure-lts-22-04
- ubuntu-upgrade-linux-image-gcp-lts-22-04
- ubuntu-upgrade-linux-image-generic
- ubuntu-upgrade-linux-image-generic-64k
- ubuntu-upgrade-linux-image-generic-lpae
- ubuntu-upgrade-linux-image-gke
- ubuntu-upgrade-linux-image-gke-5-15
- ubuntu-upgrade-linux-image-gkeop
- ubuntu-upgrade-linux-image-gkeop-5-15
- ubuntu-upgrade-linux-image-ibm
- ubuntu-upgrade-linux-image-intel
- ubuntu-upgrade-linux-image-intel-iotg
- ubuntu-upgrade-linux-image-kvm
- ubuntu-upgrade-linux-image-lowlatency
- ubuntu-upgrade-linux-image-lowlatency-64k
- ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
- ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
- ubuntu-upgrade-linux-image-nvidia
- ubuntu-upgrade-linux-image-nvidia-lowlatency
- ubuntu-upgrade-linux-image-oracle
- ubuntu-upgrade-linux-image-oracle-lts-22-04
- ubuntu-upgrade-linux-image-virtual
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center