Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6766-1
HistoryMay 07, 2024 - 12:00 a.m.

Linux kernel vulnerabilities

2024-05-0700:00:00
ubuntu.com
14
linux kernel
ubuntu 22.04 lts
ubuntu 20.04 lts
microsoft azure
google cloud platform
google container engine
ibm cloud
oracle cloud
open vswitch
branch history injection
rds protocol
cve-2024-1151
cve-2024-2201
cve-2024-23849
powerpc
s390
arm
gpu
hid
i2c
infiniband
media drivers
network drivers
pci
scsi
usb3
btrfs
ceph
ext4
f2fs
jfs
nilfs2
ntfs3
pstore
smb
can network
ipv4
ipv6
netfilter
realtek audio codecs.

7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.5%

JSON

Releases

  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS

Packages

  • linux - Linux kernel
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-azure-5.15 - Linux kernel for Microsoft Azure cloud systems
  • linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems
  • linux-azure-fde-5.15 - Linux kernel for Microsoft Azure CVM cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gcp-5.15 - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gke - Linux kernel for Google Container Engine (GKE) systems
  • linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
  • linux-gkeop-5.15 - Linux kernel for Google Container Engine (GKE) systems
  • linux-ibm - Linux kernel for IBM cloud systems
  • linux-ibm-5.15 - Linux kernel for IBM cloud systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-lowlatency - Linux low latency kernel
  • linux-lowlatency-hwe-5.15 - Linux low latency kernel
  • linux-nvidia - Linux kernel for NVIDIA systems
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-oracle-5.15 - Linux kernel for Oracle Cloud systems

Details

It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • PowerPC architecture;
  • S390 architecture;
  • Core kernel;
  • Block layer subsystem;
  • Android drivers;
  • Power management core;
  • Bus devices;
  • Hardware random number generator core;
  • Cryptographic API;
  • Device frequency;
  • DMA engine subsystem;
  • ARM SCMI message protocol;
  • GPU drivers;
  • HID subsystem;
  • Hardware monitoring drivers;
  • I2C subsystem;
  • IIO ADC drivers;
  • IIO subsystem;
  • IIO Magnetometer sensors drivers;
  • InfiniBand drivers;
  • Media drivers;
  • Network drivers;
  • PCI driver for MicroSemi Switchtec;
  • PHY drivers;
  • SCSI drivers;
  • DesignWare USB3 driver;
  • BTRFS file system;
  • Ceph distributed file system;
  • Ext4 file system;
  • F2FS file system;
  • JFS file system;
  • NILFS2 file system;
  • NTFS3 file system;
  • Pstore file system;
  • SMB network file system;
  • Memory management;
  • CAN network layer;
  • Networking core;
  • HSR network protocol;
  • IPv4 networking;
  • IPv6 networking;
  • Logical Link layer;
  • Multipath TCP;
  • Netfilter;
  • NFC subsystem;
  • SMC sockets;
  • Sun RPC protocol;
  • TIPC protocol;
  • Unix domain sockets;
  • Realtek audio codecs;
    (CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622,
    CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684,
    CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637,
    CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625,
    CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602,
    CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498,
    CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583,
    CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608,
    CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595,
    CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486,
    CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722,
    CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642,
    CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614,
    CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679,
    CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627,
    CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491,
    CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717,
    CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668,
    CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707,
    CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494,
    CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492,
    CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697)
OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchlinux-image-5.15.0-1044-gkeop< 5.15.0-1044.51UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1044-gkeop-dbgsym< 5.15.0-1044.51UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1054-ibm< 5.15.0-1054.57UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1054-ibm-dbgsym< 5.15.0-1054.57UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1054-nvidia< 5.15.0-1054.55UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1054-nvidia-dbgsym< 5.15.0-1054.55UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1054-nvidia-lowlatency< 5.15.0-1054.55UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1054-nvidia-lowlatency-dbgsym< 5.15.0-1054.55UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1058-gke< 5.15.0-1058.63UNKNOWN
Ubuntu22.04noarchlinux-image-5.15.0-1058-gke-dbgsym< 5.15.0-1058.63UNKNOWN
Rows per page:
1-10 of 2561

References

Related

openvas 13
nessus 16
osv 13
ubuntu 12
ubuntucve 28
cert 1
debian 2
cvelist 32
redhatcve 25
cve 22
debiancve 28
zdi 1
prion 6
openvas
openvas
Ubuntu: Security Advisory (USN-6766-1)
2024-05-08 00:00:00
Ubuntu: Security Advisory (USN-6766-2)
2024-05-16 00:00:00
Ubuntu: Security Advisory (USN-6766-3)
2024-05-21 00:00:00
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-1)
2024-05-07 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6766-3)
2024-05-20 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-2)
2024-05-15 00:00:00
osv
osv
linux-aws, linux-aws-5.15 vulnerabilities
2024-05-20 13:05:13
linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities
2024-05-07 19:22:43
linux-hwe-5.15, linux-raspi vulnerabilities
2024-05-15 15:15:08
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-05-15 00:00:00
Linux kernel (AWS) vulnerabilities
2024-05-20 00:00:00
Linux kernel vulnerabilities
2024-05-07 00:00:00
ubuntucve
ubuntucve
CVE-2023-52601
2024-03-06 00:00:00
CVE-2023-52604
2024-03-06 00:00:00
CVE-2024-26660
2024-04-02 00:00:00
cert
cert
Linux kernel on Intel systems is susceptible to Spectre v2 attacks
2024-04-09 00:00:00
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
cvelist
cvelist
CVE-2024-26695 crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked
2024-04-03 14:54:56
CVE-2024-26608 ksmbd: fix global oob in ksmbd_nl_policy
2024-02-29 15:52:14
CVE-2024-26641 ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
2024-03-18 10:19:07
redhatcve
redhatcve
CVE-2024-26698
2024-04-03 23:08:03
CVE-2024-26660
2024-04-02 23:40:34
CVE-2024-26640
2024-03-18 14:23:34
cve
cve
CVE-2024-26644
2024-03-26 16:15:12
CVE-2024-26689
2024-04-03 15:15:52
CVE-2023-52643
2024-04-17 10:15:08
debiancve
debiancve
CVE-2024-26594
2024-02-23 14:15:45
CVE-2024-26641
2024-03-18 11:15:11
CVE-2024-26644
2024-03-26 16:15:12
zdi
zdi
Linux Kernel ksmbd Mech Token Out-Of-Bounds Read Information Disclosure Vulnerability
2024-02-23 00:00:00
prion
prion
Design/Logic Flaw
2024-03-11 18:15:00
Null pointer dereference
2024-03-11 18:15:00
Spoofing
2024-03-06 07:15:00

7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.5%

JSON
Related for USN-6766-1
openvas13nessus16osv13ubuntu12ubuntucve28cert1debian2cvelist32redhatcve25cve22debiancve28zdi1prion6