USN-6742-1

Details

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. (CVE-2023-24023)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

JFS file system;
Netfilter; (CVE-2024-26581, CVE-2023-52600, CVE-2023-52603)

Affected Packages(21 packages)

linux-aws-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1058.64~20.04.1

linux-azure-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1061.70~20.04.1

linux-azure-fde-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1061.70~20.04.1.1

linux-gcp-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1058.66~20.04.1

linux-gkeop-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1043.50~20.04.1

linux-hwe-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-105.115~20.04.1

linux-ibm-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1053.56~20.04.1

linux-intel-iotg-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1055.61~20.04.1

linux-lowlatency-hwe-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-105.115~20.04.1

linux-oracle-5.15

Ubuntu 20.04 LTS

Fixed in:

5.15.0-1058.64~20.04.1

References

REPORThttps://ubuntu.com/security/CVE-2023-24023 REPORThttps://ubuntu.com/security/CVE-2023-52600 REPORThttps://ubuntu.com/security/CVE-2023-52603 REPORThttps://ubuntu.com/security/CVE-2024-26581 ADVISORYhttps://ubuntu.com/security/notices/USN-6742-1

USN-6742-1

Details

Affected Packages(21 packages)

References

Upstream

Ecosystems

Timeline