Ubuntu: (Multiple Advisories) (CVE-2024-50096): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2024-50096): Linux kernel vulnerabilities

Severity

5

CVSS

(AV:L/AC:L/Au:S/C:C/I:N/A:N)

Published

11/05/2024

Created

12/19/2024

Added

12/18/2024

Modified

01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The `nouveau_dmem_copy_one` function ensures that the copy push command is sent to the device firmware but does not track whether it was executed successfully. In the case of a copy error (e.g., firmware or hardware failure), the copy push command will be sent via the firmware channel, and `nouveau_dmem_copy_one` will likely report success, leading to the `migrate_to_ram` function returning a dirty HIGH_USER page to the user. This can result in a security vulnerability, as a HIGH_USER page that may contain sensitive or corrupted data could be returned to the user. To prevent this vulnerability, we allocate a zero page. Thus, in case of an error, a non-dirty (zero) page will be returned to the user.

Solution(s)

• ubuntu-upgrade-linux-image-5-15-0-1039-xilinx-zynqmp
• ubuntu-upgrade-linux-image-5-15-0-1056-gkeop
• ubuntu-upgrade-linux-image-5-15-0-1066-ibm
• ubuntu-upgrade-linux-image-5-15-0-1066-raspi
• ubuntu-upgrade-linux-image-5-15-0-1068-nvidia
• ubuntu-upgrade-linux-image-5-15-0-1068-nvidia-lowlatency
• ubuntu-upgrade-linux-image-5-15-0-1070-gke
• ubuntu-upgrade-linux-image-5-15-0-1070-kvm
• ubuntu-upgrade-linux-image-5-15-0-1071-intel-iotg
• ubuntu-upgrade-linux-image-5-15-0-1071-oracle
• ubuntu-upgrade-linux-image-5-15-0-1072-gcp
• ubuntu-upgrade-linux-image-5-15-0-1073-aws
• ubuntu-upgrade-linux-image-5-15-0-1078-azure
• ubuntu-upgrade-linux-image-5-15-0-127-generic
• ubuntu-upgrade-linux-image-5-15-0-127-generic-64k
• ubuntu-upgrade-linux-image-5-15-0-127-generic-lpae
• ubuntu-upgrade-linux-image-5-15-0-127-lowlatency
• ubuntu-upgrade-linux-image-5-15-0-127-lowlatency-64k
• ubuntu-upgrade-linux-image-aws
• ubuntu-upgrade-linux-image-aws-lts-22-04
• ubuntu-upgrade-linux-image-azure
• ubuntu-upgrade-linux-image-azure-cvm
• ubuntu-upgrade-linux-image-azure-lts-22-04
• ubuntu-upgrade-linux-image-gcp
• ubuntu-upgrade-linux-image-gcp-lts-22-04
• ubuntu-upgrade-linux-image-generic
• ubuntu-upgrade-linux-image-generic-64k
• ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
• ubuntu-upgrade-linux-image-generic-hwe-20-04
• ubuntu-upgrade-linux-image-generic-lpae
• ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
• ubuntu-upgrade-linux-image-gke
• ubuntu-upgrade-linux-image-gke-5-15
• ubuntu-upgrade-linux-image-gkeop
• ubuntu-upgrade-linux-image-gkeop-5-15
• ubuntu-upgrade-linux-image-ibm
• ubuntu-upgrade-linux-image-intel
• ubuntu-upgrade-linux-image-intel-iotg
• ubuntu-upgrade-linux-image-kvm
• ubuntu-upgrade-linux-image-lowlatency
• ubuntu-upgrade-linux-image-lowlatency-64k
• ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
• ubuntu-upgrade-linux-image-nvidia
• ubuntu-upgrade-linux-image-nvidia-lowlatency
• ubuntu-upgrade-linux-image-oem-20-04
• ubuntu-upgrade-linux-image-oem-20-04b
• ubuntu-upgrade-linux-image-oem-20-04c
• ubuntu-upgrade-linux-image-oem-20-04d
• ubuntu-upgrade-linux-image-oracle
• ubuntu-upgrade-linux-image-oracle-lts-22-04
• ubuntu-upgrade-linux-image-raspi
• ubuntu-upgrade-linux-image-raspi-nolpae
• ubuntu-upgrade-linux-image-virtual
• ubuntu-upgrade-linux-image-virtual-hwe-20-04
• ubuntu-upgrade-linux-image-xilinx-zynqmp

References

• https://attackerkb.com/topics/cve-2024-50096
• CVE - 2024-50096
• USN-7166-1
• USN-7166-2
• USN-7166-3
• USN-7166-4
• USN-7186-1
• USN-7186-2
• USN-7194-1

View more