Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6818-1
HistoryJun 07, 2024 - 8:18 p.m.

linux, linux-gcp, linux-gcp-6.5, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-raspi vulnerabilities

2024-06-0720:18:53
Google
osv.dev
1
linux kernel
nvme-of/tcp
intel data streaming
analytics
rds protocol
bluetooth
security issues
arm64 architecture
powerpc architecture
risc-v architecture
s390 architecture
x86 architecture
block layer subsystem
cryptographic api
acpi drivers
android drivers
drivers core
power management core
bus devices
device frequency scaling
dma engine
edac drivers
arm scmi
gpu drivers
iio adc drivers
infiniband drivers
iommu subsystem
media drivers
mtd block device drivers
network drivers
nvme drivers
device tree
pci driver
power supply drivers
rpmsg subsystem
scsi drivers
qcom soc drivers
spmi drivers
thermal drivers
tty drivers
vfio drivers
btrfs
ceph
efi variable
erofs
ext4
f2fs
gfs2
jfs
network file systems
pstore
reiserfs
smb
bpf subsystem
memory management
tls protocol
ethernet bridge
networking core
ipv4 networking
ipv6 networking
logical link layer
mac80211 subsystem
multipath tcp
netfilter
netlabel subsystem
network traffic control
smc sockets
sun rpc protocol
apparmor security module
intel asoc drivers
mediatek asoc drivers
usb sound devices
vulnerabilities
cve-2023-6356
cve-2023-6535
cve-2023-6536
cve-2024-21823
cve-2024-23849
cve-2024-24860
cve-2023-52598
cve-2023-52676
cve-2023-52609
cve-2024-26620
cve-2023-52487
cve-2023-52465
cve-2023-52473
cve-2023-52467
cve-2024-26583
cve-2023-52669
cve-2023-52664
cve-2023-52449
cve-2023-52614
cve-2024-26595
cve-2023-52611
cve-2023-52696
cve-2023-52591
cve-2023-52491
cve-2024-35839
cve-2023-52679
cve-2024-26607
cve-2023-52587
cve-2023-52469
cve-2023-52608
cve-2023-52617
cve-2023-52698
cve-2024-26673
cve-2024-35835
cve-2024-26808
cve-2024-26668
cve-2023-52626
cve-2023-52621
cve-2024-35837
cve-2023-52489
cve-2023-52597
cve-2024-26649
cve-2024-26615
cve-2024-35838
cve-2023-52693
cve-2023-52497
cve-2024-35842
cve-2024-26618
cve-2024-26610
cve-2024-26631
cve-2024-26644
cve-2024-26627
cve-2023-52677
cve-2023-52472
cve-2023-52627
cve-2023-52486
cve-2023-52632
cve-2023-52494
cve-2023-52468
cve-2024-26634
cve-2023-52588
cve-2024-26646
cve-2024-26584
cve-2023-52443
cve-2023-52691
cve-2024-26612
cve-2023-52595
cve-2024-26592
cve-2024-2662

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.0%

JSON

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel
did not properly validate H2C PDU data, leading to a null pointer
dereference vulnerability. A remote attacker could use this to cause a
denial of service (system crash). (CVE-2023-6356, CVE-2023-6535,
CVE-2023-6536)

It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • ARM64 architecture;
  • PowerPC architecture;
  • RISC-V architecture;
  • S390 architecture;
  • Core kernel;
  • x86 architecture;
  • Block layer subsystem;
  • Cryptographic API;
  • ACPI drivers;
  • Android drivers;
  • Drivers core;
  • Power management core;
  • Bus devices;
  • Device frequency scaling framework;
  • DMA engine subsystem;
  • EDAC drivers;
  • ARM SCMI message protocol;
  • GPU drivers;
  • IIO ADC drivers;
  • InfiniBand drivers;
  • IOMMU subsystem;
  • Media drivers;
  • Multifunction device drivers;
  • MTD block device drivers;
  • Network drivers;
  • NVME drivers;
  • Device tree and open firmware driver;
  • PCI driver for MicroSemi Switchtec;
  • Power supply drivers;
  • RPMSG subsystem;
  • SCSI drivers;
  • QCOM SoC drivers;
  • SPMI drivers;
  • Thermal drivers;
  • TTY drivers;
  • VFIO drivers;
  • BTRFS file system;
  • Ceph distributed file system;
  • EFI Variable file system;
  • EROFS file system;
  • Ext4 file system;
  • F2FS file system;
  • GFS2 file system;
  • JFS file system;
  • Network file systems library;
  • Network file system server daemon;
  • File systems infrastructure;
  • Pstore file system;
  • ReiserFS file system;
  • SMB network file system;
  • BPF subsystem;
  • Memory management;
  • TLS protocol;
  • Ethernet bridge;
  • Networking core;
  • IPv4 networking;
  • IPv6 networking;
  • Logical Link layer;
  • MAC80211 subsystem;
  • Multipath TCP;
  • Netfilter;
  • NetLabel subsystem;
  • Network traffic control;
  • SMC sockets;
  • Sun RPC protocol;
  • AppArmor security module;
  • Intel ASoC drivers;
  • MediaTek ASoC drivers;
  • USB sound devices;
    (CVE-2023-52598, CVE-2023-52676, CVE-2023-52609, CVE-2024-26620,
    CVE-2023-52487, CVE-2023-52465, CVE-2023-52473, CVE-2023-52467,
    CVE-2024-26583, CVE-2023-52669, CVE-2023-52664, CVE-2023-52449,
    CVE-2023-52614, CVE-2024-26595, CVE-2023-52611, CVE-2023-52696,
    CVE-2023-52591, CVE-2023-52491, CVE-2024-35839, CVE-2023-52679,
    CVE-2024-26607, CVE-2023-52587, CVE-2023-52469, CVE-2023-52608,
    CVE-2023-52617, CVE-2023-52698, CVE-2024-26673, CVE-2024-35835,
    CVE-2024-26808, CVE-2024-26668, CVE-2023-52626, CVE-2023-52621,
    CVE-2024-35837, CVE-2023-52489, CVE-2023-52597, CVE-2024-26649,
    CVE-2024-26615, CVE-2024-35838, CVE-2023-52693, CVE-2023-52497,
    CVE-2024-35842, CVE-2024-26618, CVE-2024-26610, CVE-2024-26631,
    CVE-2024-26644, CVE-2024-26627, CVE-2023-52677, CVE-2023-52472,
    CVE-2023-52627, CVE-2023-52486, CVE-2023-52632, CVE-2023-52494,
    CVE-2023-52468, CVE-2024-26634, CVE-2023-52588, CVE-2024-26646,
    CVE-2024-26584, CVE-2023-52443, CVE-2023-52691, CVE-2024-26612,
    CVE-2023-52595, CVE-2024-26592, CVE-2024-26623, CVE-2023-52492,
    CVE-2024-26670, CVE-2023-52583, CVE-2023-52681, CVE-2023-52635,
    CVE-2023-52457, CVE-2023-52445, CVE-2024-26629, CVE-2024-26594,
    CVE-2023-52675, CVE-2023-52488, CVE-2023-52446, CVE-2024-26625,
    CVE-2023-52697, CVE-2023-52453, CVE-2023-52498, CVE-2023-52686,
    CVE-2023-52593, CVE-2023-52612, CVE-2023-52687, CVE-2023-52470,
    CVE-2023-52455, CVE-2023-52444, CVE-2024-26608, CVE-2024-26633,
    CVE-2024-26645, CVE-2023-52451, CVE-2023-52456, CVE-2024-26640,
    CVE-2023-52670, CVE-2023-52589, CVE-2024-26598, CVE-2024-35841,
    CVE-2024-26647, CVE-2024-26636, CVE-2023-52680, CVE-2023-52616,
    CVE-2023-52685, CVE-2024-26582, CVE-2024-26638, CVE-2023-52694,
    CVE-2024-35840, CVE-2023-52448, CVE-2023-52623, CVE-2023-52462,
    CVE-2023-52452, CVE-2024-26641, CVE-2023-52683, CVE-2023-52682,
    CVE-2023-52594, CVE-2023-52490, CVE-2023-52493, CVE-2023-52633,
    CVE-2023-52606, CVE-2024-26669, CVE-2023-52584, CVE-2024-26585,
    CVE-2023-52610, CVE-2023-52672, CVE-2023-52450, CVE-2023-52666,
    CVE-2023-52458, CVE-2023-52622, CVE-2023-52674, CVE-2023-52619,
    CVE-2024-26586, CVE-2023-52667, CVE-2024-26616, CVE-2023-52463,
    CVE-2024-26632, CVE-2023-52447, CVE-2023-52692, CVE-2023-52678,
    CVE-2023-52607, CVE-2023-52618, CVE-2023-52464, CVE-2024-26671,
    CVE-2023-52599, CVE-2023-52454, CVE-2023-52495, CVE-2023-52690)

References

Related

ubuntu 16
openvas 35
osv 19
nessus 51
ubuntucve 9
redhat 2
amazon 1
fedora 4
slackware 1
photon 1
nvd 13
redhatcve 9
prion 2
cve 11
cvelist 8
vulnrichment 4
debiancve 13
ubuntu
ubuntu
Linux kernel (ARM laptop) vulnerabilities
2024-06-10 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (HWE) vulnerabilities
2024-06-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6818-3)
2024-06-17 00:00:00
Ubuntu: Security Advisory (USN-6819-3)
2024-06-13 00:00:00
Ubuntu: Security Advisory (USN-6819-1)
2024-06-10 00:00:00
osv
osv
linux-azure, linux-azure-6.5, linux-starfive, linux-starfive-6.5 vulnerabilities
2024-06-07 20:33:17
linux-laptop vulnerabilities
2024-06-10 16:09:36
linux-nvidia-6.5 vulnerabilities
2024-06-14 15:59:05
nessus
nessus
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6819-1)
2024-06-07 00:00:00
Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)
2024-06-14 00:00:00
Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)
2024-06-11 00:00:00
ubuntucve
ubuntucve
CVE-2023-6356
2024-02-07 00:00:00
CVE-2023-6536
2024-02-07 00:00:00
CVE-2023-6535
2024-02-07 00:00:00
redhat
redhat
(RHSA-2024:1881) Moderate: kernel security and bug fix update
2024-04-18 00:58:54
(RHSA-2024:1882) Important: kernel-rt security and bug fix update
2024-04-18 00:58:57
amazon
amazon
Medium: kernel
2024-05-23 22:04:00
fedora
fedora
[SECURITY] Fedora 38 Update: kernel-6.7.6-100.fc38
2024-02-28 01:41:53
[SECURITY] Fedora 38 Update: kernel-6.6.14-100.fc38
2024-02-02 02:23:23
[SECURITY] Fedora 39 Update: kernel-6.6.14-200.fc39
2024-02-02 01:15:59
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2024-06-05 19:11:11
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0738
2024-03-19 00:00:00
nvd
nvd
CVE-2024-26634
2024-03-18 11:15:10
CVE-2024-26649
2024-03-26 18:15:10
CVE-2024-35842
2024-05-17 15:15:21
redhatcve
redhatcve
CVE-2024-26623
2024-03-06 18:46:13
CVE-2024-26669
2024-04-02 23:41:25
CVE-2024-35842
2024-05-18 01:07:07
prion
prion
Spoofing
2024-03-11 18:15:00
Null pointer dereference
2024-03-06 07:15:00
cve
cve
CVE-2024-26623
2024-03-06 07:15:12
CVE-2024-35839
2024-05-17 15:15:21
CVE-2024-26647
2024-03-26 18:15:10
cvelist
cvelist
CVE-2024-26669 net/sched: flower: Fix chain template offload
2024-04-02 06:43:30
CVE-2024-26618 arm64/sme: Always exit sme_alloc() early with existing storage
2024-02-29 15:52:20
CVE-2024-26634 net: fix removing a namespace with conflicting altnames
2024-03-18 10:14:46
vulnrichment
vulnrichment
CVE-2024-26669 net/sched: flower: Fix chain template offload
2024-04-02 06:43:30
CVE-2024-26647 drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()'
2024-03-26 17:50:01
CVE-2024-35838 wifi: mac80211: fix potential sta-link leak
2024-05-17 14:02:36
debiancve
debiancve
CVE-2024-35838
2024-05-17 14:15:20
CVE-2024-35842
2024-05-17 15:15:21
CVE-2024-26618
2024-03-11 18:15:19

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.0%

JSON
Related for OSV:USN-6818-1
ubuntu16openvas35osv19nessus51ubuntucve9redhat2amazon1fedora4slackware1photon1nvd13redhatcve9prion2cve11cvelist8vulnrichment4debiancve13