OESA-2024-1705 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-4 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

USN-6819-3: Linux kernel (OEM) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

USN-6831-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. CVE-2024-0841 Several security issues were discovered in the Linux kernel. An attacker...

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability

Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month...

kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg

A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...

kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg

A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6831-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6831-1 advisory. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6819-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

USN-6819-2: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

USN-6819-2 linux-aws, linux-oracle vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

USN-6820-2: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

USN-6828-1: Linux kernel (Intel IoTG) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 It was...

CVE-2024-30086

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2024-30086 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

CVE-2024-30086

Technical details about CVE-2024-30086 (affected component, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from Microsoft and official CVE disclosures.

USN-6817-2: Linux kernel (OEM) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...