19 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-36008
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in...
Azure Linux 3.0 Security Update: hyperv-daemons / kernel (CVE-2024-36008)
The version of hyperv-daemons / kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36008 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL id...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2608)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2352)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2024-36008)
The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36008 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL id...
CVE-2024-36008 affecting package kernel for versions less than 6.6.35.1-4
CVE-2024-36008 affecting package kernel for versions less than 6.6.35.1-4. An upgraded version of the package is available that resolves this issue...
CVE-2024-36008 affecting package hyperv-daemons for versions less than 6.6.35.1-1
CVE-2024-36008 affecting package hyperv-daemons for versions less than 6.6.35.1-1. An upgraded version of the package is available that resolves this issue...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
Ubuntu: Security Advisory (USN-6921-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6921-2: Linux kernel vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-2)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
USN-6921-1: Linux kernel vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
CVE-2024-36008 affecting package kernel for versions less than 5.15.158.1-1
CVE-2024-36008 affecting package kernel for versions less than 5.15.158.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-36008 affecting package hyperv-daemons for versions less than 5.15.158.1-1
CVE-2024-36008 affecting package hyperv-daemons for versions less than 5.15.158.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-36008
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
AZL-42132 CVE-2024-36008 affecting package hyperv-daemons for versions less than 6.6.35.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
CVE-2024-36008
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
CVE-2024-36008
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears the bug exists in latest trees. All calls to indevgetrcu must be checked for a NULL result. 1...
CVE-2024-36008
CVE-2024-36008 affects the Linux kernel; connected sources confirm a vulnerability in IPv4 path involving NULL idev handling in ip_route_use_hint() and a NULL-deref in fib_validate_source(). The issue arises in older trees and was addressed by ensuring __in_dev_get_rcu() results are checked for N...