Ubuntu: Security Advisory (USN-7003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7003-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7004-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7004-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7006-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7006-1 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-7003-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-2 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7005-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7005-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...

CVE-2024-45029

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to the following bug: BUG: sleeping function called from invali...

UBUNTU-CVE-2024-45013

In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvmeuninitctrl Commit 4733b65d82bd "nvme: start keep-alive after admin queue setup" moves starting keep-alive from nvmestartctrl into nvmeinitctrlfinish, but don't move stopping keep-alive into...

ALSA: usb-audio: Stop parsing channels bits when all channels are found.

...

kernel: xdp: Remove WARN() from __xdp_reg_mem_model()

A flaw was found in the Linux kernel's xdp subsystem in the xdpregmemmodel function where a memory allocation failure will trigger a warning if the function memidinithashtable returns an error. This warning is unnecessary as it elevates the severity of a memory allocation failure and pollutes the...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6999-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...

CVE-2024-27076

...

CVE-2024-27047

...

CVE-2024-38252

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2024-38253

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2024-38253

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2024-38252

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2024-38253

Technical details about CVE-2024-38253 (Windows Win32 Kernel Subsystem Elevation of Privilege) are not publicly provided in the supplied documents; monitor for updates from Microsoft and CVE repositories.

CVE-2024-38253 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

CVE-2024-38252

Technical details about CVE-2024-38252 are not publicly provided in the supplied documents. The records reference a Windows kernel privilege-elevation issue but do not disclose affected components, root cause, or fixes. Monitor for updates.