Lucene search

GoogleOSV:USN-6950-4

HistoryAug 21, 2024 - 5:06 p.m.

linux-hwe-5.15 vulnerabilities

2024-08-2117:06:20

Google

osv.dev

linux kernel

vulnerabilities

arm32 architecture

arm64 architecture

block layer subsystem

bluetooth drivers

clock framework and drivers

firewire subsystem

gpu drivers

infiniband drivers

multiple devices driver

eeprom drivers

network drivers

pin controllers subsystem

remote processor subsystem

s/390 drivers

scsi drivers

9p distributed file system

network file system client

smb network file system

socket messages infrastructure

dynamic debug library

bluetooth subsystem

networking core

ipv4 networking

ipv6 networking

multipath tcp

nsh protocol

phonet protocol

tipc protocol

wireless networking

key management

alsa framework

hd-audio driver

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

16.8%

JSON

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

ARM32 architecture;
ARM64 architecture;
Block layer subsystem;
Bluetooth drivers;
Clock framework and drivers;
FireWire subsystem;
GPU drivers;
InfiniBand drivers;
Multiple devices driver;
EEPROM drivers;
Network drivers;
Pin controllers subsystem;
Remote Processor subsystem;
S/390 drivers;
SCSI drivers;
9P distributed file system;
Network file system client;
SMB network file system;
Socket messages infrastructure;
Dynamic debug library;
Bluetooth subsystem;
Networking core;
IPv4 networking;
IPv6 networking;
Multipath TCP;
NSH protocol;
Phonet protocol;
TIPC protocol;
Wireless networking;
Key management;
ALSA framework;
HD-audio driver;
(CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975,
CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848,
CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398,
CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937,
CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959,
CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889,
CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946,
CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941,
CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950,
CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969,
CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401,
CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953,
CVE-2024-36944, CVE-2024-36939)