{"id":"USN-7195-1","summary":"linux-azure vulnerabilities","details":"\nZiming Zhang discovered that the DRM driver for VMware Virtual GPU did not\nproperly handle certain error conditions, leading to a NULL pointer\ndereference. A local attacker could possibly trigger this vulnerability to\ncause a denial of service. (CVE-2022-38096)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - ARM32 architecture;\n  - ARM64 architecture;\n  - S390 architecture;\n  - x86 architecture;\n  - Power management core;\n  - GPU drivers;\n  - InfiniBand drivers;\n  - Network drivers;\n  - S/390 drivers;\n  - SCSI subsystem;\n  - TTY drivers;\n  - BTRFS file system;\n  - Ext4 file system;\n  - EROFS file system;\n  - F2FS file system;\n  - File systems infrastructure;\n  - BPF subsystem;\n  - Socket messages infrastructure;\n  - Bluetooth subsystem;\n  - Memory management;\n  - Amateur Radio drivers;\n  - Ethernet bridge;\n  - Networking core;\n  - IPv4 networking;\n  - Network traffic control;\n  - Sun RPC protocol;\n  - VMware vSockets driver;\n  - SELinux security module;\n(CVE-2024-42240, CVE-2024-36938, CVE-2024-35967, CVE-2024-36953,\nCVE-2022-48938, CVE-2024-38553, CVE-2024-35904, CVE-2024-35965,\nCVE-2024-26947, CVE-2024-36968, CVE-2024-43892, CVE-2024-38597,\nCVE-2023-52498, CVE-2021-47501, CVE-2024-44942, CVE-2024-42077,\nCVE-2024-53057, CVE-2024-46724, CVE-2024-35963, CVE-2022-48943,\nCVE-2024-42068, CVE-2024-42156, CVE-2022-48733, CVE-2023-52639,\nCVE-2021-47101, CVE-2023-52821, CVE-2024-44940, CVE-2024-36952,\nCVE-2021-47001, CVE-2024-38538, CVE-2024-40910, CVE-2021-47076,\nCVE-2024-35966, CVE-2024-50264, CVE-2024-35951, CVE-2023-52488,\nCVE-2023-52497, CVE-2024-49967)\n","modified":"2026-04-27T17:47:15.354319817Z","published":"2025-01-09T12:19:02Z","related":["UBUNTU-CVE-2021-47001","UBUNTU-CVE-2021-47076","UBUNTU-CVE-2021-47101","UBUNTU-CVE-2021-47501","UBUNTU-CVE-2022-38096","UBUNTU-CVE-2022-48733","UBUNTU-CVE-2022-48938","UBUNTU-CVE-2022-48943","UBUNTU-CVE-2023-52488","UBUNTU-CVE-2023-52497","UBUNTU-CVE-2023-52498","UBUNTU-CVE-2023-52639","UBUNTU-CVE-2023-52821","UBUNTU-CVE-2024-26947","UBUNTU-CVE-2024-35904","UBUNTU-CVE-2024-35951","UBUNTU-CVE-2024-35963","UBUNTU-CVE-2024-35965","UBUNTU-CVE-2024-35966","UBUNTU-CVE-2024-35967","UBUNTU-CVE-2024-36938","UBUNTU-CVE-2024-36952","UBUNTU-CVE-2024-36953","UBUNTU-CVE-2024-36968","UBUNTU-CVE-2024-38538","UBUNTU-CVE-2024-38553","UBUNTU-CVE-2024-38597","UBUNTU-CVE-2024-40910","UBUNTU-CVE-2024-42068","UBUNTU-CVE-2024-42077","UBUNTU-CVE-2024-42156","UBUNTU-CVE-2024-42240","UBUNTU-CVE-2024-43892","UBUNTU-CVE-2024-44940","UBUNTU-CVE-2024-44942","UBUNTU-CVE-2024-46724","UBUNTU-CVE-2024-49967","UBUNTU-CVE-2024-50264","UBUNTU-CVE-2024-53057"],"upstream":["CVE-2021-47001","CVE-2021-47076","CVE-2021-47101","CVE-2021-47501","CVE-2022-38096","CVE-2022-48733","CVE-2022-48938","CVE-2022-48943","CVE-2023-52488","CVE-2023-52497","CVE-2023-52498","CVE-2023-52639","CVE-2023-52821","CVE-2024-26947","CVE-2024-35904","CVE-2024-35951","CVE-2024-35963","CVE-2024-35965","CVE-2024-35966","CVE-2024-35967","CVE-2024-36938","CVE-2024-36952","CVE-2024-36953","CVE-2024-36968","CVE-2024-38538","CVE-2024-38553","CVE-2024-38597","CVE-2024-40910","CVE-2024-42068","CVE-2024-42077","CVE-2024-42156","CVE-2024-42240","CVE-2024-43892","CVE-2024-44940","CVE-2024-44942","CVE-2024-46724","CVE-2024-49967","CVE-2024-50264","CVE-2024-53057","UBUNTU-CVE-2021-47001","UBUNTU-CVE-2021-47076","UBUNTU-CVE-2021-47101","UBUNTU-CVE-2021-47501","UBUNTU-CVE-2022-38096","UBUNTU-CVE-2022-48733","UBUNTU-CVE-2022-48938","UBUNTU-CVE-2022-48943","UBUNTU-CVE-2023-52488","UBUNTU-CVE-2023-52497","UBUNTU-CVE-2023-52498","UBUNTU-CVE-2023-52639","UBUNTU-CVE-2023-52821","UBUNTU-CVE-2024-26947","UBUNTU-CVE-2024-35904","UBUNTU-CVE-2024-35951","UBUNTU-CVE-2024-35963","UBUNTU-CVE-2024-35965","UBUNTU-CVE-2024-35966","UBUNTU-CVE-2024-35967","UBUNTU-CVE-2024-36938","UBUNTU-CVE-2024-36952","UBUNTU-CVE-2024-36953","UBUNTU-CVE-2024-36968","UBUNTU-CVE-2024-38538","UBUNTU-CVE-2024-38553","UBUNTU-CVE-2024-38597","UBUNTU-CVE-2024-40910","UBUNTU-CVE-2024-42068","UBUNTU-CVE-2024-42077","UBUNTU-CVE-2024-42156","UBUNTU-CVE-2024-42240","UBUNTU-CVE-2024-43892","UBUNTU-CVE-2024-44940","UBUNTU-CVE-2024-44942","UBUNTU-CVE-2024-46724","UBUNTU-CVE-2024-49967","UBUNTU-CVE-2024-50264","UBUNTU-CVE-2024-53057"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7195-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47001"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47076"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47101"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-47501"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-38096"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-48733"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-48938"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-48943"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-52488"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-52497"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-52498"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-52639"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-52821"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26947"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35904"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35951"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35963"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35965"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35966"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35967"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36938"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36952"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36953"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36968"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-38538"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-38553"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-38597"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-40910"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-42068"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-42077"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-42156"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-42240"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-43892"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-44940"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-44942"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-46724"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-49967"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-50264"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-53057"}],"affected":[{"package":{"name":"linux-azure","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-azure@5.4.0-1142.149?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1142.149"}]}],"versions":["5.3.0-1003.3","5.3.0-1008.9","5.3.0-1009.10","5.4.0-1006.6","5.4.0-1008.8","5.4.0-1009.9","5.4.0-1010.10","5.4.0-1012.12","5.4.0-1016.16","5.4.0-1019.19","5.4.0-1020.20","5.4.0-1022.22","5.4.0-1023.23","5.4.0-1025.25","5.4.0-1026.26","5.4.0-1031.32","5.4.0-1032.33","5.4.0-1034.35","5.4.0-1035.36","5.4.0-1036.38","5.4.0-1039.41","5.4.0-1040.42","5.4.0-1041.43","5.4.0-1043.45","5.4.0-1044.46","5.4.0-1046.48","5.4.0-1047.49","5.4.0-1048.50","5.4.0-1049.51","5.4.0-1051.53","5.4.0-1055.57","5.4.0-1056.58","5.4.0-1058.60","5.4.0-1059.62","5.4.0-1061.64","5.4.0-1062.65","5.4.0-1063.66","5.4.0-1064.67","5.4.0-1065.68","5.4.0-1067.70","5.4.0-1068.71","5.4.0-1069.72","5.4.0-1070.73","5.4.0-1072.75","5.4.0-1073.76","5.4.0-1074.77","5.4.0-1077.80","5.4.0-1078.81","5.4.0-1080.83","5.4.0-1083.87","5.4.0-1085.90","5.4.0-1086.91","5.4.0-1089.94","5.4.0-1090.95","5.4.0-1091.96","5.4.0-1094.100","5.4.0-1095.101","5.4.0-1098.104","5.4.0-1100.106","5.4.0-1101.107","5.4.0-1103.109","5.4.0-1104.110","5.4.0-1105.111","5.4.0-1106.112","5.4.0-1107.113","5.4.0-1108.114","5.4.0-1109.115","5.4.0-1110.116","5.4.0-1111.117","5.4.0-1112.118","5.4.0-1113.119","5.4.0-1114.120","5.4.0-1115.122","5.4.0-1116.123","5.4.0-1117.124","5.4.0-1118.125","5.4.0-1119.126","5.4.0-1120.127","5.4.0-1121.128","5.4.0-1122.129","5.4.0-1123.130","5.4.0-1124.131","5.4.0-1126.133","5.4.0-1127.134","5.4.0-1128.135","5.4.0-1129.136","5.4.0-1130.137","5.4.0-1131.138","5.4.0-1132.139","5.4.0-1133.140","5.4.0-1134.141","5.4.0-1135.142","5.4.0-1136.143","5.4.0-1137.144","5.4.0-1138.145","5.4.0-1139.146","5.4.0-1140.147"],"ecosystem_specific":{"binaries":[{"binary_version":"5.4.0-1142.149","binary_name":"linux-azure-cloud-tools-5.4.0-1142"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-azure-headers-5.4.0-1142"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-azure-tools-5.4.0-1142"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-buildinfo-5.4.0-1142-azure"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-cloud-tools-5.4.0-1142-azure"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-headers-5.4.0-1142-azure"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-image-unsigned-5.4.0-1142-azure"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-modules-5.4.0-1142-azure"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-modules-extra-5.4.0-1142-azure"},{"binary_version":"5.4.0-1142.149","binary_name":"linux-tools-5.4.0-1142-azure"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7195-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-47001"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-47076"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-47101"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-47501"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-38096"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-48733"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-48938"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-48943"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-52488"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-52497"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-52498"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-52639"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-52821"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26947"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-35904"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-35951"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-35963"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-35965"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-35966"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-35967"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-36938"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-36952"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-36953"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-36968"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-38538"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-38553"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-38597"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-40910"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-42068"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-42077"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-42156"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-42240"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-43892"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-44940"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-44942"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-46724"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-49967"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2024-50264"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-53057"}],"ecosystem":"Ubuntu:20.04:LTS"}}}],"schema_version":"1.7.5"}