Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6951-1
HistoryAug 08, 2024 - 10:45 p.m.

linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabilities

2024-08-0822:45:31
Google
osv.dev
10
linux kernel
arm64
m68k architecture
user-mode linux
x86 architecture
accessibility subsystem
character device driver
clock framework
cpu frequency scaling
hardware crypto
firewire
gpu drivers
macintosh driver
media drivers
network drivers
pin controllers
s/390 drivers
scsi drivers
soundwire
greybus lights
tty drivers
framebuffer
virtio drivers
9p file system
ecrypt file system
erofs file system
ext4 file system
f2fs file system
jffs2 file system
network file system
nilfs2 file system
smb network file system
kernel debugger
irq subsystem
tracing infrastructure
bluetooth subsystem
ipv4 networking
ipv6 networking
netfilter
nfc subsystem
unix domain sockets
wireless networking
express data path
xfrm subsystem
alsa framework

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • ARM64 architecture;
  • M68K architecture;
  • User-Mode Linux (UML);
  • x86 architecture;
  • Accessibility subsystem;
  • Character device driver;
  • Clock framework and drivers;
  • CPU frequency scaling framework;
  • Hardware crypto device drivers;
  • Buffer Sharing and Synchronization framework;
  • FireWire subsystem;
  • GPU drivers;
  • HW tracing;
  • Macintosh device drivers;
  • Multiple devices driver;
  • Media drivers;
  • Network drivers;
  • Pin controllers subsystem;
  • S/390 drivers;
  • SCSI drivers;
  • SoundWire subsystem;
  • Greybus lights staging drivers;
  • TTY drivers;
  • Framebuffer layer;
  • Virtio drivers;
  • 9P distributed file system;
  • eCrypt file system;
  • EROFS file system;
  • Ext4 file system;
  • F2FS file system;
  • JFFS2 file system;
  • Network file system client;
  • NILFS2 file system;
  • SMB network file system;
  • Kernel debugger infrastructure;
  • IRQ subsystem;
  • Tracing infrastructure;
  • Dynamic debug library;
  • 9P file system network protocol;
  • Bluetooth subsystem;
  • Networking core;
  • IPv4 networking;
  • IPv6 networking;
  • Netfilter;
  • NET/ROM layer;
  • NFC subsystem;
  • NSH protocol;
  • Open vSwitch;
  • Phonet protocol;
  • TIPC protocol;
  • Unix domain sockets;
  • Wireless networking;
  • eXpress Data Path;
  • XFRM subsystem;
  • ALSA framework;
    (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399,
    CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919,
    CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558,
    CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633,
    CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886,
    CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971,
    CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353,
    CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661,
    CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381,
    CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017,
    CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612,
    CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567,
    CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019,
    CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882,
    CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940,
    CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582,
    CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954,
    CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902,
    CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941,
    CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270,
    CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)

References

Related

osv 26
ubuntu 12
nessus 42
openvas 17
oraclelinux 4
debian 1
amazon 3
fedora 2
redhat 2
redos 1
photon 2
redhatcve 10
nvd 16
ubuntucve 12
cvelist 9
debiancve 11
cve 11
vulnrichment 11
cbl_mariner 7
osv
osv
linux-azure vulnerabilities
2024-08-14 17:25:05
linux-bluefield vulnerabilities
2024-08-21 16:57:32
linux-azure-5.4 vulnerabilities
2024-08-19 15:54:38
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-08-08 00:00:00
Linux kernel (Azure) vulnerabilities
2024-08-19 00:00:00
Linux kernel (BlueField) vulnerabilities
2024-08-21 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6951-1)
2024-08-08 00:00:00
Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-2)
2024-08-14 00:00:00
Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-3)
2024-08-19 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6951-3)
2024-08-20 00:00:00
Ubuntu: Security Advisory (USN-6951-4)
2024-08-22 00:00:00
Ubuntu: Security Advisory (USN-6951-1)
2024-08-09 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2024-08-12 00:00:00
Unbreakable Enterprise kernel security update
2024-08-12 00:00:00
Unbreakable Enterprise kernel-container security update
2024-08-12 00:00:00
debian
debian
[SECURITY] [DSA 5703-1] linux security update
2024-06-02 17:04:56
amazon
amazon
Important: kernel
2024-08-01 03:01:00
Important: kernel
2024-06-19 19:15:00
Important: kernel
2024-07-31 22:26:00
fedora
fedora
[SECURITY] Fedora 40 Update: kernel-6.8.10-300.fc40
2024-05-22 01:28:10
[SECURITY] Fedora 39 Update: kernel-6.8.10-200.fc39
2024-05-22 01:22:53
redhat
redhat
(RHSA-2024:5520) Important: kpatch-patch-4_18_0-477_43_1 security update
2024-08-19 00:59:30
(RHSA-2024:5522) Important: kpatch-patch-4_18_0-553 security update
2024-08-19 00:59:33
redos
redos
ROS-20240905-04
2024-09-05 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0640
2024-06-26 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0769
2024-06-28 00:00:00
redhatcve
redhatcve
CVE-2022-48674
2024-05-03 18:54:34
CVE-2024-38607
2024-06-20 14:29:37
CVE-2024-38637
2024-06-21 19:54:06
nvd
nvd
CVE-2023-52585
2024-03-06 07:15:07
CVE-2024-38579
2024-06-19 14:15:17
CVE-2024-39471
2024-06-25 15:15:15
ubuntucve
ubuntucve
CVE-2024-37353
2024-06-21 00:00:00
CVE-2024-38567
2024-06-19 00:00:00
CVE-2024-38558
2024-06-19 00:00:00
cvelist
cvelist
CVE-2024-37353
2024-06-21 10:18:10
CVE-2024-38582 nilfs2: fix potential hang in nilfs_detach_log_writer()
2024-06-19 13:37:39
CVE-2024-38612 ipv6: sr: fix invalid unregister error path
2024-06-19 13:56:13
debiancve
debiancve
CVE-2024-38587
2024-06-19 14:15:18
CVE-2024-38567
2024-06-19 14:15:16
CVE-2024-38582
2024-06-19 14:15:18
cve
cve
CVE-2024-38612
2024-06-19 14:15:21
CVE-2024-38589
2024-06-19 14:15:19
CVE-2023-52752
2024-05-21 16:15:14
vulnrichment
vulnrichment
CVE-2024-38558 net: openvswitch: fix overwriting ct original tuple for ICMPv6
2024-06-19 13:35:28
CVE-2024-39467 f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
2024-06-25 14:25:05
CVE-2024-38560 scsi: bfa: Ensure the copied buf is NUL terminated
2024-06-19 13:35:29
cbl_mariner
cbl_mariner
CVE-2024-39493 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58
CVE-2024-39292 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58
CVE-2024-39475 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON
Related for OSV:USN-6951-1
osv26ubuntu12nessus42openvas17oraclelinux4debian1amazon3fedora2redhat2redos1photon2redhatcve10nvd16ubuntucve12cvelist9debiancve11cve11vulnrichment11cbl_mariner7