Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6922-2
HistoryAug 01, 2024 - 1:39 p.m.

linux-lowlatency-hwe-6.5 vulnerabilities

2024-08-0113:39:54
Google
osv.dev
6
linux kernel
bluetooth
ubi
vulnerabilities
race condition
denial of service
debugfs
privileged attacker
local attacker
system crash
cve-2024-24857
cve-2024-24858
cve-2024-24859
cve-2024-25739
flash device
volume management.

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

7.2

Confidence

High

JSON

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)

Related

nessus 52
osv 29
ubuntu 22
openvas 43
photon 3
vulnrichment 3
nvd 4
ubuntucve 4
cbl_mariner 5
redhatcve 4
prion 4
cve 4
cvelist 4
debiancve 4
amazon 2
mageia 2
oraclelinux 3
almalinux 1
debian 2
rocky 1
redhat 3
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6922-2)
2024-08-01 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6922-1)
2024-07-31 00:00:00
Photon OS 3.0: Linux PHSA-2024-3.0-0765
2024-08-03 00:00:00
osv
osv
linux-nvidia-6.5 vulnerabilities
2024-07-29 09:54:35
linux-azure, linux-azure-4.15 vulnerabilities
2024-08-01 15:09:46
linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
2024-07-29 16:21:34
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-08-01 00:00:00
Linux kernel vulnerabilities
2024-07-29 00:00:00
Linux kernel vulnerabilities
2024-07-31 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6922-2)
2024-08-02 00:00:00
Ubuntu: Security Advisory (USN-6922-1)
2024-07-30 00:00:00
Ubuntu: Security Advisory (USN-6938-1)
2024-08-01 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-3.0-0765
2024-06-07 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0274
2024-05-18 00:00:00
Moderate Photon OS Security Update - PHSA-2024-4.0-0607
2024-05-10 00:00:00
vulnrichment
vulnrichment
CVE-2024-24857 Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()
2024-02-05 07:31:31
CVE-2024-24858 Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()
2024-02-05 07:30:55
CVE-2024-24859 Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()
2024-02-05 07:28:06
nvd
nvd
CVE-2024-24857
2024-02-05 08:15:44
CVE-2024-24858
2024-02-05 08:15:44
CVE-2024-24859
2024-02-05 08:15:44
ubuntucve
ubuntucve
CVE-2024-24859
2024-02-05 00:00:00
CVE-2024-24857
2024-02-05 00:00:00
CVE-2024-24858
2024-02-05 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-24859 affecting package kernel for versions less than 6.6.35.1-4
2024-08-14 20:43:58
CVE-2024-24857 affecting package kernel for versions less than 6.6.35.1-4
2024-08-14 20:43:58
CVE-2024-24858 affecting package kernel for versions less than 6.6.35.1-4
2024-08-14 20:43:58
redhatcve
redhatcve
CVE-2024-24859
2024-07-19 08:29:33
CVE-2024-24857
2024-02-27 11:03:58
CVE-2024-24858
2024-02-27 11:04:12
prion
prion
Race condition
2024-02-05 08:15:00
Race condition
2024-02-05 08:15:00
Race condition
2024-02-05 08:15:00
cve
cve
CVE-2024-24857
2024-02-05 08:15:44
CVE-2024-24859
2024-02-05 08:15:44
CVE-2024-24858
2024-02-05 08:15:44
cvelist
cvelist
CVE-2024-24858 Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()
2024-02-05 07:30:55
CVE-2024-24859 Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()
2024-02-05 07:28:06
CVE-2024-24857 Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()
2024-02-05 07:31:31
debiancve
debiancve
CVE-2024-24859
2024-02-05 08:15:44
CVE-2024-24857
2024-02-05 08:15:44
CVE-2024-24858
2024-02-05 08:15:44
amazon
amazon
Medium: kernel
2024-07-03 20:05:00
Important: kernel
2024-08-01 03:01:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-04-23 04:20:56
Updated kernel, kmod-xtables-addons, kmod-virtualbox packages fix security vulnerabilities
2024-04-23 04:20:56
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-08-05 00:00:00
Unbreakable Enterprise kernel security update
2024-08-05 00:00:00
kernel security update
2024-08-08 00:00:00
almalinux
almalinux
Important: kernel-rt security update
2024-08-08 00:00:00
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
rocky
rocky
kernel-rt security update
2024-08-21 14:52:36
redhat
redhat
(RHSA-2024:5102) Important: kernel-rt security update
2024-08-08 04:34:36
(RHSA-2024:5438) Moderate: OpenShift Container Platform 4.15.28 packages and security update
2024-08-21 03:33:53
(RHSA-2024:5101) Important: kernel security update
2024-08-08 04:34:29

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

7.2

Confidence

High

JSON
Related for OSV:USN-6922-2
nessus52osv29ubuntu22openvas43photon3vulnrichment3nvd4ubuntucve4cbl_mariner5redhatcve4prion4cve4cvelist4debiancve4amazon2mageia2oraclelinux3almalinux1debian2rocky1redhat3