{"id":"USN-7392-4","summary":"linux-aws-fips vulnerabilities","details":"Chenyuan Yang discovered that the CEC driver driver in the Linux kernel\ncontained a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2024-23848)\n\nAttila Szász discovered that the HFS+ file system implementation in the\nLinux Kernel contained a heap overflow vulnerability. An attacker could use\na specially crafted file system image that, when mounted, could cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2025-0927)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - PowerPC architecture;\n  - S390 architecture;\n  - SuperH RISC architecture;\n  - User-Mode Linux (UML);\n  - x86 architecture;\n  - Cryptographic API;\n  - Virtio block driver;\n  - Data acquisition framework and drivers;\n  - Hardware crypto device drivers;\n  - DMA engine subsystem;\n  - EDAC drivers;\n  - ARM SCPI message protocol;\n  - GPIO subsystem;\n  - GPU drivers;\n  - HID subsystem;\n  - Microsoft Hyper-V drivers;\n  - I3C subsystem;\n  - IIO ADC drivers;\n  - IIO subsystem;\n  - InfiniBand drivers;\n  - LED subsystem;\n  - Multiple devices driver;\n  - Media drivers;\n  - Multifunction device drivers;\n  - MMC subsystem;\n  - MTD block device drivers;\n  - Network drivers;\n  - Mellanox network drivers;\n  - NVME drivers;\n  - PCI subsystem;\n  - Pin controllers subsystem;\n  - x86 platform drivers;\n  - Real Time Clock drivers;\n  - SCSI subsystem;\n  - SuperH / SH-Mobile drivers;\n  - QCOM SoC drivers;\n  - SPI subsystem;\n  - USB Gadget drivers;\n  - USB Serial drivers;\n  - USB Type-C Port Controller Manager driver;\n  - VFIO drivers;\n  - Framebuffer layer;\n  - Xen hypervisor drivers;\n  - BTRFS file system;\n  - Ext4 file system;\n  - F2FS file system;\n  - GFS2 file system;\n  - File systems infrastructure;\n  - JFFS2 file system;\n  - JFS file system;\n  - Network file system (NFS) client;\n  - Network file system (NFS) server daemon;\n  - NILFS2 file system;\n  - Overlay file system;\n  - Proc file system;\n  - Diskquota system;\n  - SMB network file system;\n  - UBI file system;\n  - Timer subsystem;\n  - VLANs driver;\n  - LAPB network protocol;\n  - Kernel init infrastructure;\n  - BPF subsystem;\n  - Kernel CPU control infrastructure;\n  - Tracing infrastructure;\n  - Memory management;\n  - 9P file system network protocol;\n  - Bluetooth subsystem;\n  - CAN network layer;\n  - Networking core;\n  - DCCP (Datagram Congestion Control Protocol);\n  - IEEE802154.4 network protocol;\n  - IPv4 networking;\n  - IPv6 networking;\n  - IEEE 802.15.4 subsystem;\n  - Netfilter;\n  - Netlink;\n  - NET/ROM layer;\n  - Packet sockets;\n  - Network traffic control;\n  - SCTP protocol;\n  - Sun RPC protocol;\n  - TIPC protocol;\n  - eXpress Data Path;\n  - SELinux security module;\n  - USB sound devices;\n(CVE-2024-56532, CVE-2024-53127, CVE-2024-56574, CVE-2024-56576,\nCVE-2024-57922, CVE-2024-53135, CVE-2024-56606, CVE-2024-53155,\nCVE-2024-53136, CVE-2024-56769, CVE-2024-56690, CVE-2024-53150,\nCVE-2024-38588, CVE-2024-53171, CVE-2024-56748, CVE-2024-56558,\nCVE-2024-56595, CVE-2024-56670, CVE-2024-56637, CVE-2024-56739,\nCVE-2024-56681, CVE-2024-53158, CVE-2024-53172, CVE-2024-56700,\nCVE-2024-56645, CVE-2024-56723, CVE-2024-56572, CVE-2024-57889,\nCVE-2024-43098, CVE-2024-56614, CVE-2024-53197, CVE-2025-21640,\nCVE-2024-57938, CVE-2024-53140, CVE-2024-57929, CVE-2024-56593,\nCVE-2024-56691, CVE-2025-21687, CVE-2024-56770, CVE-2024-53131,\nCVE-2024-56531, CVE-2024-56603, CVE-2025-21653, CVE-2024-53239,\nCVE-2024-57946, CVE-2024-56581, CVE-2024-56694, CVE-2024-56597,\nCVE-2024-57849, CVE-2024-56601, CVE-2024-53156, CVE-2024-56747,\nCVE-2024-53146, CVE-2025-21664, CVE-2024-53217, CVE-2025-21638,\nCVE-2024-53157, CVE-2024-56688, CVE-2024-47707, CVE-2024-53173,\nCVE-2024-56605, CVE-2024-56619, CVE-2024-49925, CVE-2024-49936,\nCVE-2024-56586, CVE-2024-57892, CVE-2024-56562, CVE-2024-57902,\nCVE-2024-53148, CVE-2024-53194, CVE-2024-56720, CVE-2024-53121,\nCVE-2024-48881, CVE-2024-56767, CVE-2024-56780, CVE-2024-56548,\nCVE-2024-57931, CVE-2024-56724, CVE-2024-53142, CVE-2024-53214,\nCVE-2025-21639, CVE-2024-43900, CVE-2024-56659, CVE-2024-57908,\nCVE-2024-57913, CVE-2024-53181, CVE-2024-56630, CVE-2024-56598,\nCVE-2024-56539, CVE-2024-57951, CVE-2024-56600, CVE-2024-52332,\nCVE-2024-55916, CVE-2024-53130, CVE-2024-56587, CVE-2024-57911,\nCVE-2024-57901, CVE-2024-57807, CVE-2024-49996, CVE-2025-21697,\nCVE-2024-53198, CVE-2024-53145, CVE-2024-57910, CVE-2022-49034,\nCVE-2024-56629, CVE-2024-56570, CVE-2024-57948, CVE-2024-53227,\nCVE-2024-56643, CVE-2024-56602, CVE-2024-57904, CVE-2024-56594,\nCVE-2024-56615, CVE-2024-53690, CVE-2024-56650, CVE-2025-21699,\nCVE-2024-56644, CVE-2024-56631, CVE-2024-53183, CVE-2024-50051,\nCVE-2024-49884, CVE-2024-56569, CVE-2024-56596, CVE-2024-57912,\nCVE-2024-56781, CVE-2024-57802, CVE-2024-56704, CVE-2024-57850,\nCVE-2024-57906, CVE-2025-21678, CVE-2024-56634, CVE-2024-53138,\nCVE-2021-47219, CVE-2024-57890, CVE-2024-53112, CVE-2024-53174,\nCVE-2024-56756, CVE-2024-56779, CVE-2024-57884, CVE-2024-56746,\nCVE-2024-53161, CVE-2024-57900, CVE-2024-56567, CVE-2024-56633,\nCVE-2025-21694, CVE-2024-53165, CVE-2024-56642, CVE-2024-53184,\nCVE-2024-44938, CVE-2024-53124, CVE-2025-21689, CVE-2024-53680)\n","modified":"2026-05-23T01:48:11.965465629Z","published":"2025-04-01T17:40:07Z","related":["UBUNTU-CVE-2021-47219","UBUNTU-CVE-2022-49034","UBUNTU-CVE-2024-23848","UBUNTU-CVE-2024-38588","UBUNTU-CVE-2024-43098","UBUNTU-CVE-2024-43900","UBUNTU-CVE-2024-44938","UBUNTU-CVE-2024-47707","UBUNTU-CVE-2024-48881","UBUNTU-CVE-2024-49884","UBUNTU-CVE-2024-49925","UBUNTU-CVE-2024-49936","UBUNTU-CVE-2024-49996","UBUNTU-CVE-2024-50051","UBUNTU-CVE-2024-52332","UBUNTU-CVE-2024-53112","UBUNTU-CVE-2024-53121","UBUNTU-CVE-2024-53124","UBUNTU-CVE-2024-53127","UBUNTU-CVE-2024-53130","UBUNTU-CVE-2024-53131","UBUNTU-CVE-2024-53135","UBUNTU-CVE-2024-53136","UBUNTU-CVE-2024-53138","UBUNTU-CVE-2024-53140","UBUNTU-CVE-2024-53142","UBUNTU-CVE-2024-53145","UBUNTU-CVE-2024-53146","UBUNTU-CVE-2024-53148","UBUNTU-CVE-2024-53150","UBUNTU-CVE-2024-53155","UBUNTU-CVE-2024-53156","UBUNTU-CVE-2024-53157","UBUNTU-CVE-2024-53158","UBUNTU-CVE-2024-53161","UBUNTU-CVE-2024-53165","UBUNTU-CVE-2024-53171","UBUNTU-CVE-2024-53172","UBUNTU-CVE-2024-53173","UBUNTU-CVE-2024-53174","UBUNTU-CVE-2024-53181","UBUNTU-CVE-2024-53183","UBUNTU-CVE-2024-53184","UBUNTU-CVE-2024-53194","UBUNTU-CVE-2024-53197","UBUNTU-CVE-2024-53198","UBUNTU-CVE-2024-53214","UBUNTU-CVE-2024-53217","UBUNTU-CVE-2024-53227","UBUNTU-CVE-2024-53239","UBUNTU-CVE-2024-53680","UBUNTU-CVE-2024-53690","UBUNTU-CVE-2024-55916","UBUNTU-CVE-2024-56531","UBUNTU-CVE-2024-56532","UBUNTU-CVE-2024-56539","UBUNTU-CVE-2024-56548","UBUNTU-CVE-2024-56558","UBUNTU-CVE-2024-56562","UBUNTU-CVE-2024-56567","UBUNTU-CVE-2024-56569","UBUNTU-CVE-2024-56570","UBUNTU-CVE-2024-56572","UBUNTU-CVE-2024-56574","UBUNTU-CVE-2024-56576","UBUNTU-CVE-2024-56581","UBUNTU-CVE-2024-56586","UBUNTU-CVE-2024-56587","UBUNTU-CVE-2024-56593","UBUNTU-CVE-2024-56594","UBUNTU-CVE-2024-56595","UBUNTU-CVE-2024-56596","UBUNTU-CVE-2024-56597","UBUNTU-CVE-2024-56598","UBUNTU-CVE-2024-56600","UBUNTU-CVE-2024-56601","UBUNTU-CVE-2024-56602","UBUNTU-CVE-2024-56603","UBUNTU-CVE-2024-56605","UBUNTU-CVE-2024-56606","UBUNTU-CVE-2024-56614","UBUNTU-CVE-2024-56615","UBUNTU-CVE-2024-56619","UBUNTU-CVE-2024-56629","UBUNTU-CVE-2024-56630","UBUNTU-CVE-2024-56631","UBUNTU-CVE-2024-56633","UBUNTU-CVE-2024-56634","UBUNTU-CVE-2024-56637","UBUNTU-CVE-2024-56642","UBUNTU-CVE-2024-56643","UBUNTU-CVE-2024-56644","UBUNTU-CVE-2024-56645","UBUNTU-CVE-2024-56650","UBUNTU-CVE-2024-56659","UBUNTU-CVE-2024-56670","UBUNTU-CVE-2024-56681","UBUNTU-CVE-2024-56688","UBUNTU-CVE-2024-56690","UBUNTU-CVE-2024-56691","UBUNTU-CVE-2024-56694","UBUNTU-CVE-2024-56700","UBUNTU-CVE-2024-56704","UBUNTU-CVE-2024-56720","UBUNTU-CVE-2024-56723","UBUNTU-CVE-2024-56724","UBUNTU-CVE-2024-56739","UBUNTU-CVE-2024-56746","UBUNTU-CVE-2024-56747","UBUNTU-CVE-2024-56748","UBUNTU-CVE-2024-56756","UBUNTU-CVE-2024-56767","UBUNTU-CVE-2024-56769","UBUNTU-CVE-2024-56770","UBUNTU-CVE-2024-56779","UBUNTU-CVE-2024-56780","UBUNTU-CVE-2024-56781","UBUNTU-CVE-2024-57802","UBUNTU-CVE-2024-57807","UBUNTU-CVE-2024-57849","UBUNTU-CVE-2024-57850","UBUNTU-CVE-2024-57884","UBUNTU-CVE-2024-57889","UBUNTU-CVE-2024-57890","UBUNTU-CVE-2024-57892","UBUNTU-CVE-2024-57900","UBUNTU-CVE-2024-57901","UBUNTU-CVE-2024-57902","UBUNTU-CVE-2024-57904","UBUNTU-CVE-2024-57906","UBUNTU-CVE-2024-57908","UBUNTU-CVE-2024-57910","UBUNTU-CVE-2024-57911","UBUNTU-CVE-2024-57912","UBUNTU-CVE-2024-57913","UBUNTU-CVE-2024-57922","UBUNTU-CVE-2024-57929","UBUNTU-CVE-2024-57931","UBUNTU-CVE-2024-57938","UBUNTU-CVE-2024-57946","UBUNTU-CVE-2024-57948","UBUNTU-CVE-2024-57951","UBUNTU-CVE-2025-0927","UBUNTU-CVE-2025-21638","UBUNTU-CVE-2025-21639","UBUNTU-CVE-2025-21640","UBUNTU-CVE-2025-21653","UBUNTU-CVE-2025-21664","UBUNTU-CVE-2025-21678","UBUNTU-CVE-2025-21687","UBUNTU-CVE-2025-21689","UBUNTU-CVE-2025-21694","UBUNTU-CVE-2025-21697","UBUNTU-CVE-2025-21699"],"upstream":["CVE-2024-56781","UBUNTU-CVE-2024-56781"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7392-4"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-56781"}],"affected":[{"package":{"name":"linux-aws-fips","ecosystem":"Ubuntu:Pro:FIPS-updates:20.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-fips?arch=source&distro=fips-updates%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1142.153+fips1"}]}],"versions":["5.4.0-1021.21+fips2","5.4.0-1069.73+fips2","5.4.0-1071.76+fips1","5.4.0-1072.77+fips1","5.4.0-1073.78+fips1","5.4.0-1078.84+fips1","5.4.0-1080.87+fips1","5.4.0-1081.88+fips1","5.4.0-1083.90+fips1","5.4.0-1085.92+fips1","5.4.0-1086.93+fips1","5.4.0-1088.96+fips1","5.4.0-1089.97+fips1","5.4.0-1092.100+fips1","5.4.0-1093.101+fips1","5.4.0-1094.102+fips1","5.4.0-1096.104+fips1","5.4.0-1099.107+fips1","5.4.0-1100.108+fips1","5.4.0-1101.109+fips1","5.4.0-1102.110+fips1","5.4.0-1103.111+fips1","5.4.0-1104.112+fips1","5.4.0-1105.113+fips1","5.4.0-1106.114+fips1","5.4.0-1107.115+fips1","5.4.0-1108.116+fips1","5.4.0-1109.118+fips1","5.4.0-1110.119+fips1","5.4.0-1111.120+fips1","5.4.0-1112.121+fips1","5.4.0-1113.123+fips1","5.4.0-1114.124+fips1","5.4.0-1116.126+fips1","5.4.0-1117.127+fips1","5.4.0-1118.128+fips1","5.4.0-1119.129+fips1","5.4.0-1120.130+fips1","5.4.0-1121.131+fips1","5.4.0-1122.132+fips1","5.4.0-1123.133+fips1","5.4.0-1124.134+fips1","5.4.0-1125.135+fips1","5.4.0-1126.136+fips2","5.4.0-1127.137+fips1","5.4.0-1128.138+fips1","5.4.0-1129.139+fips1","5.4.0-1130.140+fips1","5.4.0-1131.141+fips1","5.4.0-1132.142+fips1","5.4.0-1133.143+fips1","5.4.0-1134.144+fips1","5.4.0-1135.145+fips1","5.4.0-1136.146+fips1","5.4.0-1137.147+fips1","5.4.0-1139.149+fips1","5.4.0-1140.151+fips1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-aws-fips-headers-5.4.0-1142"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-aws-fips-tools-5.4.0-1142"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-buildinfo-5.4.0-1142-aws-fips"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-headers-5.4.0-1142-aws-fips"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-image-unsigned-5.4.0-1142-aws-fips"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-image-unsigned-hmac-5.4.0-1142-aws-fips"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-modules-5.4.0-1142-aws-fips"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-modules-extra-5.4.0-1142-aws-fips"},{"binary_version":"5.4.0-1142.153+fips1","binary_name":"linux-tools-5.4.0-1142-aws-fips"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7392-4.json","cves_map":{"cves":[{"id":"CVE-2024-56781","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:Pro:FIPS-updates:20.04:LTS"}}}],"schema_version":"1.7.5"}