Ubuntu 6283 Published by

The following Linux kernel security updates are available for Ubuntu Linux:

[USN-6626-1] Linux kernel vulnerabilities
[USN-6624-1] Linux kernel vulnerabilities
[LSN-0100-1] Linux kernel vulnerability
[USN-6625-1] Linux kernel vulnerabilities




[USN-6626-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6626-1
February 08, 2024

linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke,
linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15,
linux-kvm, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle,
linux-oracle-5.15 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-kvm: Linux kernel for cloud environments
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems
- linux-hwe-5.15: Linux hardware enablement (HWE) kernel
- linux-ibm-5.15: Linux kernel for IBM cloud systems
- linux-lowlatency-hwe-5.15: Linux low latency kernel
- linux-oracle-5.15: Linux kernel for Oracle Cloud systems

Details:

Quentin Minster discovered that a race condition existed in the KSMBD
implementation in the Linux kernel when handling sessions operations. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252,
CVE-2023-32257)

Marek Marczykowski-Górecki discovered that the Xen event channel
infrastructure implementation in the Linux kernel contained a race
condition. An attacker in a guest VM could possibly use this to cause a
denial of service (paravirtualized device unavailability). (CVE-2023-34324)

Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)

Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV)
implementation for AMD processors in the Linux kernel contained a race
condition when accessing MMIO registers. A local attacker in a SEV guest VM
could possibly use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-46813)

It was discovered that the Microchip USB Ethernet driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could use this to
cause a denial of service (system crash). (CVE-2023-6039)

It was discovered that the TLS subsystem in the Linux kernel did not
properly perform cryptographic operations in some situations, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-6176)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle dynset expressions passed from userspace, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash). (CVE-2023-6622)

It was discovered that the TIPC protocol implementation in the Linux kernel
did not properly handle locking during tipc_crypto_key_revoke() operations.
A local attacker could use this to cause a denial of service (kernel
deadlock). (CVE-2024-0641)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
linux-image-5.15.0-1036-gkeop 5.15.0-1036.42
linux-image-5.15.0-1044-nvidia 5.15.0-1044.44
linux-image-5.15.0-1044-nvidia-lowlatency 5.15.0-1044.44
linux-image-5.15.0-1046-ibm 5.15.0-1046.49
linux-image-5.15.0-1050-gke 5.15.0-1050.55
linux-image-5.15.0-1050-kvm 5.15.0-1050.55
linux-image-5.15.0-1051-gcp 5.15.0-1051.59
linux-image-5.15.0-1051-oracle 5.15.0-1051.57
linux-image-5.15.0-1053-aws 5.15.0-1053.58
linux-image-5.15.0-94-generic 5.15.0-94.104
linux-image-5.15.0-94-generic-64k 5.15.0-94.104
linux-image-5.15.0-94-generic-lpae 5.15.0-94.104
linux-image-aws-lts-22.04 5.15.0.1053.52
linux-image-gcp-lts-22.04 5.15.0.1051.47
linux-image-generic 5.15.0.94.91
linux-image-generic-64k 5.15.0.94.91
linux-image-generic-lpae 5.15.0.94.91
linux-image-gke 5.15.0.1050.49
linux-image-gke-5.15 5.15.0.1050.49
linux-image-gkeop 5.15.0.1036.35
linux-image-gkeop-5.15 5.15.0.1036.35
linux-image-ibm 5.15.0.1046.42
linux-image-kvm 5.15.0.1050.46
linux-image-nvidia 5.15.0.1044.44
linux-image-nvidia-lowlatency 5.15.0.1044.44
linux-image-oracle 5.15.0.1051.46
linux-image-oracle-lts-22.04 5.15.0.1051.46
linux-image-virtual 5.15.0.94.91

Ubuntu 20.04 LTS:
linux-image-5.15.0-1036-gkeop 5.15.0-1036.42~20.04.1
linux-image-5.15.0-1046-ibm 5.15.0-1046.49~20.04.1
linux-image-5.15.0-1051-gcp 5.15.0-1051.59~20.04.1
linux-image-5.15.0-1051-oracle 5.15.0-1051.57~20.04.1
linux-image-5.15.0-1053-aws 5.15.0-1053.58~20.04.1
linux-image-5.15.0-94-generic 5.15.0-94.104~20.04.1
linux-image-5.15.0-94-generic-64k 5.15.0-94.104~20.04.1
linux-image-5.15.0-94-generic-lpae 5.15.0-94.104~20.04.1
linux-image-5.15.0-94-lowlatency 5.15.0-94.104~20.04.1
linux-image-5.15.0-94-lowlatency-64k 5.15.0-94.104~20.04.1
linux-image-aws 5.15.0.1053.58~20.04.41
linux-image-gcp 5.15.0.1051.59~20.04.1
linux-image-generic-64k-hwe-20.04 5.15.0.94.104~20.04.50
linux-image-generic-hwe-20.04 5.15.0.94.104~20.04.50
linux-image-generic-lpae-hwe-20.04 5.15.0.94.104~20.04.50
linux-image-gkeop-5.15 5.15.0.1036.42~20.04.32
linux-image-ibm 5.15.0.1046.49~20.04.18
linux-image-lowlatency-64k-hwe-20.04 5.15.0.94.104~20.04.47
linux-image-lowlatency-hwe-20.04 5.15.0.94.104~20.04.47
linux-image-oem-20.04 5.15.0.94.104~20.04.50
linux-image-oem-20.04b 5.15.0.94.104~20.04.50
linux-image-oem-20.04c 5.15.0.94.104~20.04.50
linux-image-oem-20.04d 5.15.0.94.104~20.04.50
linux-image-oracle 5.15.0.1051.57~20.04.1
linux-image-virtual-hwe-20.04 5.15.0.94.104~20.04.50

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6626-1
CVE-2023-32250, CVE-2023-32252, CVE-2023-32257, CVE-2023-34324,
CVE-2023-35827, CVE-2023-46813, CVE-2023-6039, CVE-2023-6176,
CVE-2023-6622, CVE-2024-0641

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.15.0-94.104
https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1053.58
https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1051.59
https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1050.55
https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1036.42
https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1046.49
https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1050.55
https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1044.44
https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1051.57
https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1053.58~20.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1051.59~20.04.1
https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1036.42~20.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-94.104~20.04.1
https://launchpad.net/ubuntu/+source/linux-ibm-5.15/5.15.0-1046.49~20.04.1

https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-94.104~20.04.1

https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1051.57~20.04.1



[USN-6624-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6624-1
February 07, 2024

linux, linux-aws, linux-gcp, linux-hwe-6.5, linux-laptop,
linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle,
linux-raspi, linux-starfive vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-laptop: Linux kernel for Lenovo X13s ARM laptops
- linux-lowlatency: Linux low latency kernel
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-starfive: Linux kernel for StarFive processors
- linux-hwe-6.5: Linux hardware enablement (HWE) kernel
- linux-lowlatency-hwe-6.5: Linux low latency kernel
- linux-oem-6.5: Linux kernel for OEM systems

Details:

Marek Marczykowski-Górecki discovered that the Xen event channel
infrastructure implementation in the Linux kernel contained a race
condition. An attacker in a guest VM could possibly use this to cause a
denial of service (paravirtualized device unavailability). (CVE-2023-34324)

Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)

Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV)
implementation for AMD processors in the Linux kernel contained a race
condition when accessing MMIO registers. A local attacker in a SEV guest VM
could possibly use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-46813)

It was discovered that the io_uring subsystem in the Linux kernel contained
a race condition, leading to a null pointer dereference vulnerability. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-46862)

It was discovered that the netfilter subsystem in the Linux kernel did not
properly validate inner tunnel netlink attributes, leading to a null
pointer dereference vulnerability. A local attacker could use this to cause
a denial of service (system crash). (CVE-2023-5972)

It was discovered that the TLS subsystem in the Linux kernel did not
properly perform cryptographic operations in some situations, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-6176)

Jann Horn discovered that a race condition existed in the Linux kernel when
handling io_uring over sockets, leading to a use-after-free vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6531)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle dynset expressions passed from userspace, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash). (CVE-2023-6622)

It was discovered that the TIPC protocol implementation in the Linux kernel
did not properly handle locking during tipc_crypto_key_revoke() operations.
A local attacker could use this to cause a denial of service (kernel
deadlock). (CVE-2024-0641)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
linux-image-6.5.0-1007-starfive 6.5.0-1007.8
linux-image-6.5.0-1009-laptop 6.5.0-1009.12
linux-image-6.5.0-1010-raspi 6.5.0-1010.13
linux-image-6.5.0-1013-aws 6.5.0-1013.13
linux-image-6.5.0-1013-gcp 6.5.0-1013.13
linux-image-6.5.0-1015-oracle 6.5.0-1015.15
linux-image-6.5.0-17-generic 6.5.0-17.17
linux-image-6.5.0-17-generic-64k 6.5.0-17.17
linux-image-6.5.0-17-lowlatency 6.5.0-17.17.1
linux-image-6.5.0-17-lowlatency-64k 6.5.0-17.17.1
linux-image-aws 6.5.0.1013.13
linux-image-gcp 6.5.0.1013.13
linux-image-generic 6.5.0.17.19
linux-image-generic-64k 6.5.0.17.19
linux-image-generic-lpae 6.5.0.17.19
linux-image-kvm 6.5.0.17.19
linux-image-laptop-23.10 6.5.0.1009.12
linux-image-lowlatency 6.5.0.17.17.14
linux-image-lowlatency-64k 6.5.0.17.17.14
linux-image-oracle 6.5.0.1015.15
linux-image-raspi 6.5.0.1010.11
linux-image-raspi-nolpae 6.5.0.1010.11
linux-image-starfive 6.5.0.1007.9
linux-image-virtual 6.5.0.17.19

Ubuntu 22.04 LTS:
linux-image-6.5.0-1014-oem 6.5.0-1014.15
linux-image-6.5.0-17-generic 6.5.0-17.17~22.04.1
linux-image-6.5.0-17-generic-64k 6.5.0-17.17~22.04.1
linux-image-6.5.0-17-lowlatency 6.5.0-17.17.1.1.1~22.04.1
linux-image-6.5.0-17-lowlatency-64k 6.5.0-17.17.1.1.1~22.04.1
linux-image-generic-64k-hwe-22.04 6.5.0.17.17~22.04.9
linux-image-generic-hwe-22.04 6.5.0.17.17~22.04.9
linux-image-lowlatency-64k-hwe-22.04 6.5.0.17.17.1.1.1~22.04.6
linux-image-lowlatency-hwe-22.04 6.5.0.17.17.1.1.1~22.04.6
linux-image-oem-22.04d 6.5.0.1014.16
linux-image-virtual-hwe-22.04 6.5.0.17.17~22.04.9

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6624-1
CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-46862,
CVE-2023-5972, CVE-2023-6176, CVE-2023-6531, CVE-2023-6622,
CVE-2024-0641

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.5.0-17.17
https://launchpad.net/ubuntu/+source/linux-aws/6.5.0-1013.13
https://launchpad.net/ubuntu/+source/linux-gcp/6.5.0-1013.13
https://launchpad.net/ubuntu/+source/linux-laptop/6.5.0-1009.12
https://launchpad.net/ubuntu/+source/linux-lowlatency/6.5.0-17.17.1
https://launchpad.net/ubuntu/+source/linux-oracle/6.5.0-1015.15
https://launchpad.net/ubuntu/+source/linux-raspi/6.5.0-1010.13
https://launchpad.net/ubuntu/+source/linux-starfive/6.5.0-1007.8
https://launchpad.net/ubuntu/+source/linux-hwe-6.5/6.5.0-17.17~22.04.1

https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.5/6.5.0-17.17.1.1.1~22.04.1
https://launchpad.net/ubuntu/+source/linux-oem-6.5/6.5.0-1014.15



[LSN-0100-1] Linux kernel vulnerability


Linux kernel vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 22.04 LTS
- Ubuntu 14.04 ESM

Summary

Several security issues were fixed in the kernel.

Software Description

- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke - Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
- linux-ibm - Linux kernel for IBM cloud systems

Details

It was discovered that the SMB network file sharing protocol
implementation in the Linux kernel did not properly handle certain error
conditions, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-5345)

Lin Ma discovered that the netfilter subsystem in the Linux kernel did
not properly validate network family support while creating a new
netfilter table. A local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2023-6040)

It was discovered that the TLS subsystem in the Linux kernel did not
properly perform cryptographic operations in some situations, leading to
a null pointer dereference vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-6176)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel
did not properly handle inactive elements in its PIPAPO data structure,
leading to a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-6817)

It was discovered that the IGMP protocol implementation in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.
(CVE-2023-6932)

Update instructions

The problem can be corrected by updating your kernel livepatch to the
following versions:

Ubuntu 20.04 LTS
aws - 100.1
azure - 100.1
gcp - 100.1
generic - 100.1
gke - 100.1
gkeop - 100.1
ibm - 100.1
lowlatency - 100.1

Ubuntu 18.04 LTS
aws - 100.1
azure - 100.1
gcp - 100.1
generic - 100.1
lowlatency - 100.1

Ubuntu 16.04 ESM
aws - 100.1
azure - 100.1
gcp - 100.1
generic - 100.1
lowlatency - 100.1

Ubuntu 22.04 LTS
aws - 100.1
azure - 100.1
gcp - 100.1
generic - 100.1
gke - 100.1
ibm - 100.1

Ubuntu 14.04 ESM
generic - 100.1
lowlatency - 100.1

Support Information

Livepatches for supported LTS kernels will receive upgrades for a period
of up to 13 months after the build date of the kernel.

Livepatches for supported HWE kernels which are not based on an LTS
kernel version will receive upgrades for a period of up to 9 months
after the build date of the kernel, or until the end of support for that
kernel’s non-LTS distro release version, whichever is sooner.

References

- CVE-2023-5345
- CVE-2023-6040
- CVE-2023-6176
- CVE-2023-6817
- CVE-2023-6932



[USN-6625-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6625-1
February 07, 2024

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp
vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-bluefield: Linux kernel for NVIDIA BlueField platforms
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-iot: Linux kernel for IoT platforms
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
- linux-hwe-5.4: Linux hardware enablement (HWE) kernel
- linux-ibm-5.4: Linux kernel for IBM cloud systems
- linux-oracle-5.4: Linux kernel for Oracle Cloud systems

Details:

Marek Marczykowski-Górecki discovered that the Xen event channel
infrastructure implementation in the Linux kernel contained a race
condition. An attacker in a guest VM could possibly use this to cause a
denial of service (paravirtualized device unavailability). (CVE-2023-34324)

Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)

It was discovered that a race condition existed in the Linux kernel when
performing operations with kernel objects, leading to an out-of-bounds
write. A local attacker could use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2023-45863)

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
linux-image-5.4.0-1030-iot 5.4.0-1030.31
linux-image-5.4.0-1037-xilinx-zynqmp 5.4.0-1037.41
linux-image-5.4.0-1065-ibm 5.4.0-1065.70
linux-image-5.4.0-1078-bluefield 5.4.0-1078.84
linux-image-5.4.0-1085-gkeop 5.4.0-1085.89
linux-image-5.4.0-1106-kvm 5.4.0-1106.113
linux-image-5.4.0-1117-oracle 5.4.0-1117.126
linux-image-5.4.0-1118-aws 5.4.0-1118.128
linux-image-5.4.0-1123-azure 5.4.0-1123.130
linux-image-5.4.0-171-generic 5.4.0-171.189
linux-image-5.4.0-171-generic-lpae 5.4.0-171.189
linux-image-5.4.0-171-lowlatency 5.4.0-171.189
linux-image-aws-lts-20.04 5.4.0.1118.115
linux-image-azure-lts-20.04 5.4.0.1123.116
linux-image-bluefield 5.4.0.1078.73
linux-image-generic 5.4.0.171.169
linux-image-generic-lpae 5.4.0.171.169
linux-image-gkeop 5.4.0.1085.83
linux-image-gkeop-5.4 5.4.0.1085.83
linux-image-ibm-lts-20.04 5.4.0.1065.94
linux-image-kvm 5.4.0.1106.102
linux-image-lowlatency 5.4.0.171.169
linux-image-oem 5.4.0.171.169
linux-image-oem-osp1 5.4.0.171.169
linux-image-oracle-lts-20.04 5.4.0.1117.110
linux-image-virtual 5.4.0.171.169
linux-image-xilinx-zynqmp 5.4.0.1037.37

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
linux-image-5.4.0-1065-ibm 5.4.0-1065.70~18.04.1
linux-image-5.4.0-1117-oracle 5.4.0-1117.126~18.04.1
linux-image-5.4.0-1118-aws 5.4.0-1118.128~18.04.1
linux-image-5.4.0-1123-azure 5.4.0-1123.130~18.04.1
linux-image-5.4.0-171-generic 5.4.0-171.189~18.04.1
linux-image-5.4.0-171-lowlatency 5.4.0-171.189~18.04.1
linux-image-aws 5.4.0.1118.96
linux-image-azure 5.4.0.1123.96
linux-image-generic-hwe-18.04 5.4.0.171.189~18.04.139
linux-image-ibm 5.4.0.1065.75
linux-image-lowlatency-hwe-18.04 5.4.0.171.189~18.04.139
linux-image-oem 5.4.0.171.189~18.04.139
linux-image-oem-osp1 5.4.0.171.189~18.04.139
linux-image-oracle 5.4.0.1117.126~18.04.89
linux-image-snapdragon-hwe-18.04 5.4.0.171.189~18.04.139
linux-image-virtual-hwe-18.04 5.4.0.171.189~18.04.139

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6625-1
CVE-2023-34324, CVE-2023-35827, CVE-2023-45863, CVE-2023-46343

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.4.0-171.189
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1118.128
https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1123.130
https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1078.84
https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1085.89
https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1065.70
https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1030.31
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1106.113
https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1117.126
https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1037.41