USN-6895-4: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

Ubuntu: Security Advisory (USN-6926-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6895-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6895-4 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...

CLSA-2024-1722535359 Fix of 18 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...

USN-6926-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

CLSA-2024-1722512538 Fix of 10 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-25744 - x86/sev: Rename memencrypt.c to memencryptamd.c - x86: Introduce ia32enabled - x86/coco: Disable 32-bit emulation by default on TDX and SEV CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: ngsm: fix frame reception handling - tty:...

USN-6922-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Chenyuan Yang discovered...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6922-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6922-2 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...

Ubuntu 14.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6926-2)

The remote Ubuntu 14.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6926-2 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...

USN-6938-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service system crash. CVE-2022-48619 黄思聪 discovered that the NFC Controller Interface NCI...

CVE-2024-41085

In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxlnvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address:...

kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned

A flaw was found in the Linux kernel's block subsystem, where a NULL pointer dereference occurs if partitions are created or resized with a size that is not a multiple of the logical block size. This flaw allows a privileged attacker to cause a denial of service...

Ubuntu: Security Advisory (USN-6923-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6938-1)

"The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6938-1 advisory. It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6923-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6923-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC...

USN-6927-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

USN-6923-2: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

USN-6923-2 linux-aws-5.15, linux-ibm, linux-ibm-5.15, linux-raspi vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

USN-6921-2 linux-lowlatency vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...