The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6896-1 advisory.

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race     condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of     service (system crash). (CVE-2024-22099)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when     modifying certain settings values through debugfs. A privileged local attacker could use this to cause a     denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - x86 architecture;

    - Block layer subsystem;

    - Accessibility subsystem;

    - ACPI drivers;

    - Android drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - Data acquisition framework and drivers;

    - Cryptographic API;

    - GPU drivers;

    - HID subsystem;

    - I2C subsystem;

    - IRQ chip drivers;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - PCI subsystem;

    - SCSI drivers;

    - Freescale SoC drivers;

    - SPI subsystem;

    - Media staging drivers;

    - TTY drivers;

    - USB subsystem;

    - VFIO drivers;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - FAT file system;

    - NILFS2 file system;

    - Diskquota system;

    - SMB network file system;

    - UBI file system;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Memory management;

    - B.A.T.M.A.N. meshing protocol;

    - Bluetooth subsystem;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Netfilter;

    - NET/ROM layer;

    - NFC subsystem;

    - Open vSwitch;

    - Packet sockets;

    - RDS protocol;

    - Network traffic control;

    - Sun RPC protocol;

    - Unix domain sockets;

    - ALSA SH drivers;

    - USB sound devices;

    - KVM core; (CVE-2024-35969, CVE-2024-35819, CVE-2024-26851, CVE-2024-26816, CVE-2024-26643,     CVE-2023-52656, CVE-2024-27020, CVE-2024-35821, CVE-2024-35930, CVE-2024-35936, CVE-2024-27075,     CVE-2024-26817, CVE-2024-26984, CVE-2024-35895, CVE-2024-35853, CVE-2024-27043, CVE-2024-35978,     CVE-2024-35960, CVE-2024-26882, CVE-2024-35806, CVE-2024-35830, CVE-2024-26852, CVE-2024-35915,     CVE-2024-36006, CVE-2024-35935, CVE-2024-26926, CVE-2024-35877, CVE-2024-27396, CVE-2024-26654,     CVE-2024-27077, CVE-2024-27078, CVE-2024-27000, CVE-2024-35888, CVE-2024-27437, CVE-2024-26994,     CVE-2024-26973, CVE-2024-26687, CVE-2024-26955, CVE-2024-26898, CVE-2024-26859, CVE-2023-52620,     CVE-2024-35893, CVE-2024-26903, CVE-2024-26862, CVE-2024-35950, CVE-2023-52644, CVE-2024-26969,     CVE-2024-27028, CVE-2024-35984, CVE-2024-36007, CVE-2024-35925, CVE-2024-36020, CVE-2024-26956,     CVE-2024-35789, CVE-2024-26878, CVE-2024-35855, CVE-2024-35822, CVE-2023-52699, CVE-2024-27044,     CVE-2024-27030, CVE-2024-27065, CVE-2024-26993, CVE-2024-27395, CVE-2024-27013, CVE-2024-35922,     CVE-2024-26586, CVE-2024-36004, CVE-2024-35897, CVE-2024-35807, CVE-2024-26901, CVE-2024-27076,     CVE-2023-52880, CVE-2022-48627, CVE-2024-26894, CVE-2023-52650, CVE-2024-27001, CVE-2024-26863,     CVE-2024-26651, CVE-2024-35886, CVE-2024-35982, CVE-2024-26883, CVE-2024-26935, CVE-2024-27074,     CVE-2024-35849, CVE-2024-35955, CVE-2024-26965, CVE-2024-35898, CVE-2024-26855, CVE-2024-35933,     CVE-2024-35823, CVE-2024-35815, CVE-2024-26880, CVE-2024-26874, CVE-2024-26642, CVE-2024-26937,     CVE-2024-35854, CVE-2024-35997, CVE-2024-27059, CVE-2024-26812, CVE-2024-26999, CVE-2024-26923,     CVE-2024-26934, CVE-2024-27024, CVE-2024-27419, CVE-2024-35847, CVE-2024-26974, CVE-2024-26875,     CVE-2024-35805, CVE-2024-27008, CVE-2024-26889, CVE-2024-27053, CVE-2024-27388, CVE-2024-26981,     CVE-2024-26976, CVE-2024-35973, CVE-2024-35852, CVE-2024-35809, CVE-2024-27004, CVE-2024-26884,     CVE-2024-35899, CVE-2024-26931, CVE-2024-35813, CVE-2024-26922, CVE-2024-26957, CVE-2024-35944,     CVE-2024-27038, CVE-2024-35910, CVE-2024-26925, CVE-2024-26820, CVE-2024-26857, CVE-2024-26828,     CVE-2024-35825, CVE-2024-26813, CVE-2024-27046, CVE-2024-26810, CVE-2024-27436, CVE-2024-27073,     CVE-2024-35828, CVE-2024-35900, CVE-2024-26966)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387275 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    dm: call the resume method on internal suspend

    There is this reported crash when experimenting with the lvm2 testsuite.
    The list corruption is caused by the fact that the postsuspend and resume     methods were not paired correctly; there were two consecutive calls to the     origin_postsuspend function. The second call attempts to remove the     hash_list entry from a list, while it was already removed by the first     call.

    Fix __dm_internal_resume so that it calls the preresume and resume     methods of the table's targets.

    If a preresume method of some target fails, we are in a tricky situation.
    We can't return an error because dm_internal_resume isn't supposed to     return errors. We can't return success, because then the resume and     postsuspend methods would not be paired correctly. So, we set the     DMF_SUSPENDED flag and we fake normal suspend - it may confuse userspace     tools, but it won't cause a kernel crash.

    ------------[ cut here ]------------     kernel BUG at lib/list_debug.c:56!     invalid opcode: 0000 [#1] PREEMPT SMP     CPU: 1 PID: 8343 Comm: dmsetup Not tainted 6.8.0-rc6 #4     Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014     RIP: 0010:__list_del_entry_valid_or_report+0x77/0xc0     <snip>     RSP: 0018:ffff8881b831bcc0 EFLAGS: 00010282     RAX: 000000000000004e RBX: ffff888143b6eb80 RCX: 0000000000000000     RDX: 0000000000000001 RSI: ffffffff819053d0 RDI: 00000000ffffffff     RBP: ffff8881b83a3400 R08: 00000000fffeffff R09: 0000000000000058     R10: 0000000000000000 R11: ffffffff81a24080 R12: 0000000000000001     R13: ffff88814538e000 R14: ffff888143bc6dc0 R15: ffffffffa02e4bb0     FS:  00000000f7c0f780(0000) GS:ffff8893f0a40000(0000) knlGS:0000000000000000     CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033     CR2: 0000000057fb5000 CR3: 0000000143474000 CR4: 00000000000006b0     Call Trace:
     <TASK>      ? die+0x2d/0x80      ? do_trap+0xeb/0xf0      ? __list_del_entry_valid_or_report+0x77/0xc0      ? do_error_trap+0x60/0x80      ? __list_del_entry_valid_or_report+0x77/0xc0      ? exc_invalid_op+0x49/0x60      ? __list_del_entry_valid_or_report+0x77/0xc0      ? asm_exc_invalid_op+0x16/0x20      ? table_deps+0x1b0/0x1b0 [dm_mod]      ? __list_del_entry_valid_or_report+0x77/0xc0      origin_postsuspend+0x1a/0x50 [dm_snapshot]      dm_table_postsuspend_targets+0x34/0x50 [dm_mod]      dm_suspend+0xd8/0xf0 [dm_mod]      dev_suspend+0x1f2/0x2f0 [dm_mod]      ? table_deps+0x1b0/0x1b0 [dm_mod]      ctl_ioctl+0x300/0x5f0 [dm_mod]      dm_compat_ctl_ioctl+0x7/0x10 [dm_mod]
     __x64_compat_sys_ioctl+0x104/0x170      do_syscall_64+0x184/0x1b0      entry_SYSCALL_64_after_hwframe+0x46/0x4e     RIP: 0033:0xf7e6aead     <snip>
    ---[ end trace 0000000000000000 ]---

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6896-4 advisory.

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race     condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of     service (system crash). (CVE-2024-22099)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when     modifying certain settings values through debugfs. A privileged local attacker could use this to cause a     denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - x86 architecture;

    - Block layer subsystem;

    - Accessibility subsystem;

    - ACPI drivers;

    - Android drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - Data acquisition framework and drivers;

    - Cryptographic API;

    - GPU drivers;

    - HID subsystem;

    - I2C subsystem;

    - IRQ chip drivers;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - PCI subsystem;

    - SCSI drivers;

    - Freescale SoC drivers;

    - SPI subsystem;

    - Media staging drivers;

    - TTY drivers;

    - USB subsystem;

    - VFIO drivers;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - FAT file system;

    - NILFS2 file system;

    - Diskquota system;

    - SMB network file system;

    - UBI file system;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Memory management;

    - B.A.T.M.A.N. meshing protocol;

    - Bluetooth subsystem;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Netfilter;

    - NET/ROM layer;

    - NFC subsystem;

    - Open vSwitch;

    - Packet sockets;

    - RDS protocol;

    - Network traffic control;

    - Sun RPC protocol;

    - Unix domain sockets;

    - ALSA SH drivers;

    - USB sound devices;

    - KVM core; (CVE-2024-35930, CVE-2024-26687, CVE-2024-26828, CVE-2024-26903, CVE-2024-35893,     CVE-2024-35847, CVE-2024-35849, CVE-2024-35789, CVE-2024-26812, CVE-2024-26898, CVE-2024-26937,     CVE-2024-35809, CVE-2023-52620, CVE-2024-35852, CVE-2024-26922, CVE-2024-26923, CVE-2024-27001,     CVE-2024-35915, CVE-2024-35935, CVE-2024-26974, CVE-2024-26859, CVE-2024-26999, CVE-2024-26981,     CVE-2024-35982, CVE-2024-26969, CVE-2024-26889, CVE-2024-26984, CVE-2024-27077, CVE-2024-26973,     CVE-2024-27436, CVE-2024-26965, CVE-2024-35855, CVE-2024-27024, CVE-2024-26934, CVE-2024-35806,     CVE-2024-35895, CVE-2024-27076, CVE-2024-26931, CVE-2024-35888, CVE-2024-35899, CVE-2024-35815,     CVE-2024-35825, CVE-2024-27078, CVE-2024-36006, CVE-2024-26810, CVE-2023-52699, CVE-2024-26862,     CVE-2024-35821, CVE-2024-26851, CVE-2024-26901, CVE-2024-35922, CVE-2024-35944, CVE-2024-35828,     CVE-2024-27396, CVE-2024-35969, CVE-2024-26956, CVE-2024-35900, CVE-2024-26955, CVE-2024-26855,     CVE-2024-26993, CVE-2024-27028, CVE-2024-26894, CVE-2024-27065, CVE-2024-27046, CVE-2024-35936,     CVE-2024-26813, CVE-2024-26957, CVE-2024-26883, CVE-2024-35854, CVE-2024-35807, CVE-2024-35984,     CVE-2024-27053, CVE-2024-26994, CVE-2023-52880, CVE-2024-35823, CVE-2024-35997, CVE-2023-52656,     CVE-2024-35955, CVE-2024-36004, CVE-2024-35973, CVE-2024-26976, CVE-2024-26651, CVE-2024-26857,     CVE-2024-27074, CVE-2024-35933, CVE-2024-27000, CVE-2024-27030, CVE-2024-35813, CVE-2024-26586,     CVE-2023-52644, CVE-2024-26817, CVE-2024-26654, CVE-2024-27043, CVE-2024-27437, CVE-2024-26882,     CVE-2024-36020, CVE-2024-27038, CVE-2024-35853, CVE-2024-35925, CVE-2024-26874, CVE-2024-35877,     CVE-2024-36007, CVE-2024-35898, CVE-2024-27059, CVE-2024-27388, CVE-2024-27020, CVE-2024-26880,     CVE-2024-27395, CVE-2024-35805, CVE-2022-48627, CVE-2024-27044, CVE-2024-35830, CVE-2024-26926,     CVE-2024-35897, CVE-2024-35819, CVE-2024-26863, CVE-2024-35910, CVE-2024-27008, CVE-2024-26820,     CVE-2024-26852, CVE-2024-27073, CVE-2024-26935, CVE-2024-26816, CVE-2024-35960, CVE-2024-35950,     CVE-2024-27013, CVE-2023-52650, CVE-2024-27419, CVE-2024-26966, CVE-2024-26642, CVE-2024-26884,     CVE-2024-35822, CVE-2024-27075, CVE-2024-35886, CVE-2024-35978, CVE-2024-26875, CVE-2024-27004,     CVE-2024-26878)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote host is prior to 5.4.273-186.370. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-067 advisory.

    2024-12-05: CVE-2024-26882 was added to this advisory.

    2024-12-05: CVE-2024-26894 was added to this advisory.

    2024-08-27: CVE-2024-26863 was added to this advisory.

    2024-08-27: CVE-2023-52656 was added to this advisory.

    2024-08-27: CVE-2024-26878 was added to this advisory.

    2024-08-27: CVE-2024-27038 was added to this advisory.

    2024-08-27: CVE-2024-26862 was added to this advisory.

    2024-08-27: CVE-2024-26859 was added to this advisory.

    2024-08-27: CVE-2024-26816 was added to this advisory.

    2024-08-27: CVE-2024-26880 was added to this advisory.

    2024-08-27: CVE-2024-26901 was added to this advisory.

    2024-08-27: CVE-2024-27388 was added to this advisory.

    2024-08-01: CVE-2024-27077 was added to this advisory.

    2024-08-01: CVE-2024-27065 was added to this advisory.

    2024-08-01: CVE-2024-27025 was added to this advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    io_uring: drop any code related to SCM_RIGHTS (CVE-2023-52656)

    In the Linux kernel, the following vulnerability has been resolved:

    x86, relocs: Ignore relocations in .notes section (CVE-2024-26816)

    In the Linux kernel, the following vulnerability has been resolved:

    net/bnx2x: Prevent access to a freed page in page_pool (CVE-2024-26859)

    In the Linux kernel, the following vulnerability has been resolved:

    packet: annotate data-races around ignore_outgoing (CVE-2024-26862)

    In the Linux kernel, the following vulnerability has been resolved:

    hsr: Fix uninit-value access in hsr_get_node() (CVE-2024-26863)

    In the Linux kernel, the following vulnerability has been resolved:

    quota: Fix potential NULL pointer dereference (CVE-2024-26878)

    In the Linux kernel, the following vulnerability has been resolved:

    dm: call the resume method on internal suspend (CVE-2024-26880)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() (CVE-2024-26882)

    In the Linux kernel, the following vulnerability has been resolved:

    ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (CVE-2024-26894)

    In the Linux kernel, the following vulnerability has been resolved:

    aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts (CVE-2024-26898)

    In the Linux kernel, the following vulnerability has been resolved:

    do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)

    In the Linux kernel, the following vulnerability has been resolved:

    nbd: null check for nla_nest_start (CVE-2024-27025)

    In the Linux kernel, the following vulnerability has been resolved:

    clk: Fix clk_core_get NULL dereference (CVE-2024-27038)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: do not compare internal table flags on updates (CVE-2024-27065)

    In the Linux kernel, the following vulnerability has been resolved:

    media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (CVE-2024-27077)

    In the Linux kernel, the following vulnerability has been resolved:

    SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4823 advisory.

    * kernel: vmwgfx: multiple flaws (CVE-2022-36402, CVE-2022-40133, CVE-2022-38457, CVE-2023-5633)

    * kernel: nftables: (CVE-2024-26581)

    * kernel: uio: (CVE-2023-52439)

    * kernel: smb: (CVE-2023-52434)

    * kernel: intel: (CVE-2023-52450)

    * kernel: net: multiple flaws (CVE-2023-52578, CVE-2024-36978, CVE-2022-48743)

    * kernel: Bluetooth: (CVE-2023-52518)

    * kernel: netfilter: multiple flaws (CVE-2024-26668, CVE-2024-26808, CVE-2024-26925, CVE-2024-27020,     CVE-2024-27019, CVE-2024-27016, CVE-2024-27065, CVE-2024-35899, CVE-2024-35897)

    * kernel: hv_netvsc: (CVE-2024-26698)

    * kernel: ext4: multiple flaws (CVE-2024-26704, CVE-2024-26773)

    * kernel: net/sched: (CVE-2024-26739)

    * kernel: vfio/pci: (CVE-2024-26810)

    * kernel: dm: (CVE-2024-26880)

    * kernel: x86/xen: (CVE-2024-26908)

    * kernel: af_unix: multiple flaws (CVE-2024-26923, CVE-2024-38596)

    * kernel: scsi: multiple flaws (CVE-2024-26931, CVE-2024-26929, CVE-2023-52811, CVE-2024-36025,     CVE-2024-36924, CVE-2024-36952)

    * kernel: Squashfs: (CVE-2024-26982)

    * kernel: KVM: (CVE-2024-35791)

    * kernel: ipv6: (CVE-2024-27417)

    * kernel: drm/client: (CVE-2024-35950)

    * kernel: sched/psi: (CVE-2023-52707)

    * kernel: can: (CVE-2021-47459)

    * kernel: tcp: (CVE-2024-36904)

    * kernel: tls: (CVE-2024-36489)

    * The kernel packages contain the Linux kernel, the core of any Linux operating system.

    * Security Fix(es):

    * * kernel: vmwgfx: race condition leading to information disclosure vulnerability     (CVE-2023-33951,ZDI-23-707,ZDI-CAN-20110)

    * * kernel: vmwgfx: double free within the handling of vmw_buffer_object objects     (CVE-2023-33952,ZDI-23-708,ZDI-CAN-20292)

    * * kernel: stack overflow problem in Open vSwitch kernel module leading to DoS (CVE-2024-1151)

    * For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4928 advisory.

    - mlxbf_gige: call request_irq() after NAPI initialized (Kamal Heib) [RHEL-43012 RHEL-37179]     {CVE-2024-35907}
    - mlxbf_gige: stop PHY during open() error paths (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
    - mlxbf_gige: stop interface during shutdown (Kamal Heib) [RHEL-41708 RHEL-37244] {CVE-2024-35885}
    - net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43796 RHEL-43794] {CVE-2022-48743}
    - nfp: flower: handle acti_netdevs allocation failure (Ken Cox) [RHEL-42852 RHEL-35158] {CVE-2024-27046}
    - block: add check that partition length needs to be aligned with block size (Ming Lei) [RHEL-45501     RHEL-26616] {CVE-2023-52458}
    - icmp: prevent possible NULL dereferences from icmp_build_probe() (Antoine Tenart) [RHEL-42974     RHEL-37002] {CVE-2024-35857}
    - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-42689 RHEL-33271]     {CVE-2024-26852}
    - epoll: be better about file lifetimes (Pavel Reichl) [RHEL-44091 RHEL-44083] {CVE-2024-38580}
    - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (Dick Kennedy) [RHEL-40659 RHEL-40665     RHEL-24508 RHEL-39793] {CVE-2024-36924}
    - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (Dick Kennedy) [RHEL-40659     RHEL-40669 RHEL-24508 RHEL-39887] {CVE-2024-36952}
    - bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (Viktor Malik) [RHEL-42640     RHEL-31726] {CVE-2024-26737}
    - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-41489 RHEL-38415]     {CVE-2021-47459}
    - dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41838 RHEL-33217]     {CVE-2024-26880}
    - octeontx2-af: Use separate handlers for interrupts (Kamal Heib) [RHEL-42846 RHEL-35170] {CVE-2024-27030}
    - Squashfs: check the inode number is not the invalid value of zero (Abhi Das) [RHEL-42811 RHEL-35098]     {CVE-2024-26982}
    - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl)     [RHEL-42655 RHEL-31690] {CVE-2024-26773}
    - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-42528     RHEL-38200] {CVE-2023-52809}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    kernel: scsi: core: Put LLD module refcnt after SCSI device is released(CVE-2021-47480)

    kernel: dm rq: don't queue request to blk-mq during DM suspend(CVE-2021-47498)

    kernel: dm: fix mempool NULL pointer race when completing IO(CVE-2021-47435)

    kernel: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion(CVE-2024-35815)

    kernel: io_uring: drop any code related to SCM_RIGHTS(CVE-2023-52656)

    kernel: cpu/hotplug: Don't offline the last non-isolated CPU(CVE-2023-52831)

    kernel: drm/sched: Avoid data corruptions(CVE-2021-47354)

    kernel: IB/mlx5: Fix initializing CQ fragments buffer(CVE-2021-47261)

    kernel: drm: Fix use-after-free read in drm_getunique()(CVE-2021-47280)

    kernel: selinux: avoid dereference of garbage after mount failure(CVE-2024-35904)

    kernel: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()(CVE-2021-47473)

    kernel: mmc: mmc_spi: fix error handling in mmc_spi_probe()(CVE-2023-52708)

    kernel: block: fix overflow in blk_ioctl_discard()(CVE-2024-36917)

    kernel: PCI/PM: Drain runtime-idle callbacks before driver removal(CVE-2024-35809)

    kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET(CVE-2023-52813)

    kernel: bcache: avoid oversized read request in cache missing code path(CVE-2021-47275)

    kernel: thermal: core: prevent potential string overflow(CVE-2023-52868)

    kernel: udf: Fix NULL pointer dereference in udf_symlink function(CVE-2021-47353)

    kernel: pinctrl: core: delete incorrect free in pinctrl_enable()(CVE-2024-36940)

    kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes(CVE-2024-35789)

    kernel: netfilter: conntrack: serialize hash resizes and cleanups(CVE-2021-47408)

    kernel: scsi: mpt3sas: Fix kernel panic during drive powercycle test(CVE-2021-47565)

    kernel: fbmon: prevent division by zero in fb_videomode_from_videomode()(CVE-2024-35922)

    kernel: isofs: Fix out of bound access for corrupted isofs image(CVE-2021-47478)

    kernel: ext4: fix corruption during on-line resize(CVE-2024-35807)

    kernel: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload(CVE-2024-36919)

    kernel: perf/core: Bail out early if the request AUX area is out of bound(CVE-2023-52835)

    kernel: md/dm-raid: don#39;t call md_reap_sync_thread() directly(CVE-2024-35808)

    kernel: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe(CVE-2022-48715)

    kernel: Fix page corruption caused by racy check in __free_pages(CVE-2023-52739)

    kernel: mm, slub: fix potential memoryleak in kmem_cache_open()(CVE-2021-47466)

    kernel: ext4: fix mb_cache_entry#39;s e_refcnt leak in ext4_xattr_block_cache_find()(CVE-2024-39276)

    kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up(CVE-2024-36952)

    kernel: scsi: mpt3sas: Fix use-after-free warning(CVE-2022-48695)

    kernel: smb: client: fix use-after-free bug in cifs_debug_data_proc_show()(CVE-2023-52752)

    kernel:fix lockup in dm_exception_table_exit  There was reported lockup(CVE-2024-35805)

    kernel:block: prevent division by zero in blk_rq_stat_sum()(CVE-2024-35925)

    kernel:nouveau: lock the client object tree. (CVE-2024-27062)

    kernel:scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()  (CVE-2024-35930)

    kernel:scsi: qedf: Ensure the copied buf is NUL terminated(CVE-2024-38559)

    kernel:kvm: avoid speculation-based attacks from out-of-range memslot accesses(CVE-2021-47277)

    kernel:net: qcom/emac: fix UAF in emac_remove(CVE-2021-47311)

    kernel:net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()(CVE-2021-47541)

    kernel:ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in     hns_dsaf_ge_srst_by_port()(CVE-2021-47548)

    kernel:usbnet: sanity check for maxpacket(CVE-2021-47495)

    kernel:kprobes: Fix possible use-after-free issue on kprobe registration(CVE-2024-35955)

    kernel:netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()(CVE-2024-27020)

    kernel:tty: n_gsm: fix possible out-of-bounds in gsm0_receive()(CVE-2024-36016)

    kernel:tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets(CVE-2024-36905)

    kernel:tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().(CVE-2024-36904)

    kernel:scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()(CVE-2024-36924)

    kernel:net/mlx5: Properly link new fs rules into the tree(CVE-2024-35960)

    kernel:net: fix __dst_negative_advice() race(CVE-2024-36971)

    kernel:regmap: Fix possible double-free in regcache_rbtree_exit()(CVE-2021-47483)

    kernel:block: Fix wrong offset in bio_truncate()(CVE-2022-48747)

    kernel:of: module: add buffer overflow check in of_modalias()(CVE-2024-38541)

    kernel:ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.(CVE-2024-40984)

    kernel:igb: Fix use-after-free error during reset(CVE-2021-47301)

    kernel:firmware: arm_scpi: Fix string overflow in SCPI genpd driver(CVE-2021-47609)

    kernel:netfilter: complete validation of user input(CVE-2024-35962)

    kernel:llc: verify mac len before reading mac header(CVE-2023-52843)

    kernel:SUNRPC: fix a memleak in gss_import_v2_context(CVE-2023-52653)

    kernel:SUNRPC: fix some memleaks in gssx_dec_option_array(CVE-2024-27388)

    kernel:tcp: Fix shift-out-of-bounds in dctcp_update_alpha().(CVE-2024-37356)

    kernel:kdb: Fix buffer overflow during tab-complete(CVE-2024-39480)

    kernel:of: Fix double free in of_parse_phandle_with_args_map(CVE-2023-52679)

    kernel:scsi: lpfc: Fix link down processing to address NULL pointer dereference(CVE-2021-47183)

    kernel:nvme-fc: do not wait in vain when unloading module(CVE-2024-26846)

    kernel:dm: call the resume method on internal suspend(CVE-2024-26880)

    kernel:virtio: delete vq in vp_find_vqs_msix() when request_irq() fails(CVE-2024-37353)

    kernel:net/mlx5e: Avoid field-overflowing memcpy()(CVE-2022-48744)

    kernel:ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr(CVE-2024-35969)

    kernel:ring-buffer: Fix a race between readers and resize checks(CVE-2024-38601)

    kernel:af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg(CVE-2024-38596)

    kernel:HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up(CVE-2024-35997)

    kernel:i2c: smbus: fix NULL function pointer dereference(CVE-2024-35984)

    kernel:net: bridge: xmit: make sure we have at least eth header len bytes(CVE-2024-38538)

    kernel:inet_diag: fix kernel-infoleak for UDP sockets(CVE-2021-47597)

    kernel:nfp: Fix memory leak in nfp_cpp_area_cache_add()(CVE-2021-47516)

    kernel:erspan: make sure erspan_base_hdr is present in skb-head(CVE-2024-35888)

    kernel:netfilter: validate user input for expected length(CVE-2024-35896)

    kernel:ipv6: Fix potential uninit-value access in __ip6_make_skb()(CVE-2024-36903)

    kernel:net: cdc_eem: fix tx fixup skb leak(CVE-2021-47236)

    kernel:ipvlan: add ipvlan_route_v6_outbound() helper(CVE-2023-52796)

    kernel:RDMA: Verify port when creating flow rule(CVE-2021-47265)

    kernel:ipv6: Fix infinite recursion in fib6_dump_done().(CVE-2024-35886)

    kernel:i40e: Do not use WQ_MEM_RECLAIM flag for workqueue(CVE-2024-36004)

    kernel:net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path(CVE-2021-47438)

    kernel:net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path(CVE-2023-52703)

    kernel:net/mlx5e: fix a double-free in arfs_create_groups(CVE-2024-35835)

    kernel:i40e: Fix queues reservation for XDP(CVE-2021-47619)

    kernel:pinctrl: single: fix potential NULL dereference(CVE-2022-48708)

    kernel:vt: fix unicode buffer corruption when deleting characters(CVE-2024-35823)

    kernel:ptp: Fix possible memory leak in ptp_clock_register()(CVE-2021-47455)

    kernel:sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb(CVE-2021-47397)

    kernel:calipso: fix memory leak in netlbl_calipso_add_pass()(CVE-2023-52698)

    kernel:irqchip/gic-v3-its: Prevent double free on error(CVE-2024-35847)

    kernel:ftrace: Fix possible use-after-free issue in ftrace_location()(CVE-2024-38588)

    kernel:spi: Fix deadlock when adding SPI controllers on SPI buses(CVE-2021-47469)

    kernel:i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc(CVE-2021-47501)

    kernel:i2c: acpi: fix resource leak in reconfiguration device addition(CVE-2021-47425)

    kernel:net: fix out-of-bounds access in ops_init(CVE-2024-36883)

    kernel:ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()(CVE-2024-36902)

    kernel:ipv6: prevent NULL dereference in ip6_output()(CVE-2024-36901)

    kernel:tcp: do not accept ACK of bytes we never sent(CVE-2023-52881)

    kernel:net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()(CVE-2024-40995)

    kernel:ipv6: prevent possible NULL dereference in rt6_probe()(CVE-2024-40960)

    kernel:netpoll: Fix race condition in netpoll_owner_active(CVE-2024-41005)

    kernel:scsi: megaraid_sas: Fix resource leak in case of probe failure(CVE-2021-47329)

    kernel:bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()(CVE-2024-39487)

    kernel:ACPI: CPPC: Use access_width over bit_width for system memory accesses(CVE-2024-35995)

    kernel:ext4: fix uninitialized ratelimit_state-lock access in __ext4_fill_super()(CVE-2024-40998)

    kernel:vt_ioctl: fix array_index_nospec in vt_setactivate(CVE-2022-48804)

    kernel:sctp: fix kernel-infoleak for SCTP sockets(CVE-2022-48855)

    kernel:USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages(CVE-2024-40904)

    kernel:tcp: properly terminate timers for kernel sockets(CVE-2024-35910)

    kernel:SUNRPC: Fix RPC client cleaned up the freed pipefs dentries(CVE-2023-52803)

    kernel:scsi: iscsi: Fix iscsi_task use after free(CVE-2021-47427)

    kernel:tcp: avoid too many retransmit packets(CVE-2024-41007)

    kernel:RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests(CVE-2021-47391)

    kernel:SUNRPC: Fix a suspicious RCU usage warning(CVE-2023-52623)

    kernel:ima: Fix use-after-free on a dentry's dname.name(CVE-2024-39494)

    create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero     bytes, and crash, because of a missing check for ubi-leb_size.(CVE-2024-25739)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-1 advisory.

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer     dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.
    (CVE-2024-0841)

    Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race     condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of     service (system crash). (CVE-2024-22099)

    It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race     condition when stopping the device. A local attacker could possibly use this to cause a denial of service     (device unavailability). (CVE-2024-27432)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - RISC-V architecture;

    - x86 architecture;

    - ACPI drivers;

    - Block layer subsystem;

    - Clock framework and drivers;

    - CPU frequency scaling framework;

    - Cryptographic API;

    - DMA engine subsystem;

    - EFI core;

    - GPU drivers;

    - InfiniBand drivers;

    - IOMMU subsystem;

    - Multiple devices driver;

    - Media drivers;

    - MMC subsystem;

    - Network drivers;

    - NTB driver;

    - NVME drivers;

    - PCI subsystem;

    - MediaTek PM domains;

    - Power supply drivers;

    - SPI subsystem;

    - Media staging drivers;

    - TCM subsystem;

    - USB subsystem;

    - Framebuffer layer;

    - AFS file system;

    - File systems infrastructure;

    - BTRFS file system;

    - EROFS file system;

    - Ext4 file system;

    - F2FS file system;

    - Network file system client;

    - NTFS3 file system;

    - Diskquota system;

    - SMB network file system;

    - BPF subsystem;

    - Netfilter;

    - TLS protocol;

    - io_uring subsystem;

    - Bluetooth subsystem;

    - Memory management;

    - Ethernet bridge;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - L2TP protocol;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netlink;

    - NET/ROM layer;

    - Packet sockets;

    - RDS protocol;

    - Sun RPC protocol;

    - Unix domain sockets;

    - Wireless networking;

    - USB sound devices; (CVE-2024-26877, CVE-2024-35829, CVE-2024-26737, CVE-2024-27075, CVE-2024-27414,     CVE-2024-27053, CVE-2024-26889, CVE-2024-26792, CVE-2024-26882, CVE-2024-26906, CVE-2024-26851,     CVE-2024-27037, CVE-2024-26782, CVE-2024-27388, CVE-2024-26748, CVE-2024-27419, CVE-2024-27034,     CVE-2023-52662, CVE-2024-27047, CVE-2024-26874, CVE-2024-26779, CVE-2024-26872, CVE-2024-26820,     CVE-2024-35811, CVE-2024-26771, CVE-2024-26733, CVE-2024-26903, CVE-2024-26736, CVE-2024-26870,     CVE-2024-26883, CVE-2024-27403, CVE-2024-26878, CVE-2024-26857, CVE-2023-52645, CVE-2024-26601,     CVE-2024-26891, CVE-2024-27028, CVE-2024-27054, CVE-2024-26804, CVE-2024-27405, CVE-2024-35830,     CVE-2024-26898, CVE-2024-26754, CVE-2024-26793, CVE-2024-26747, CVE-2024-26901, CVE-2023-52652,     CVE-2023-52650, CVE-2024-26651, CVE-2024-26816, CVE-2024-35845, CVE-2024-26862, CVE-2024-26884,     CVE-2024-26752, CVE-2024-26852, CVE-2023-52656, CVE-2024-26790, CVE-2024-26603, CVE-2024-27078,     CVE-2024-26802, CVE-2024-27045, CVE-2024-27024, CVE-2024-27073, CVE-2024-26585, CVE-2024-26894,     CVE-2024-26583, CVE-2024-27416, CVE-2024-27431, CVE-2024-35844, CVE-2024-26838, CVE-2024-27410,     CVE-2024-26915, CVE-2024-26772, CVE-2024-26897, CVE-2024-26798, CVE-2024-27415, CVE-2024-26855,     CVE-2024-26833, CVE-2024-26764, CVE-2024-26659, CVE-2024-26846, CVE-2024-26895, CVE-2023-52644,     CVE-2024-26751, CVE-2024-26880, CVE-2024-26863, CVE-2024-26809, CVE-2024-27052, CVE-2024-27051,     CVE-2024-26907, CVE-2024-27413, CVE-2024-26801, CVE-2023-52620, CVE-2024-26749, CVE-2024-26787,     CVE-2024-27046, CVE-2024-26803, CVE-2024-26744, CVE-2024-26879, CVE-2024-27432, CVE-2024-27412,     CVE-2024-26791, CVE-2024-26773, CVE-2023-52640, CVE-2024-26778, CVE-2024-26859, CVE-2024-27044,     CVE-2024-26788, CVE-2024-27077, CVE-2024-26750, CVE-2024-26861, CVE-2023-52434, CVE-2024-26774,     CVE-2024-26795, CVE-2024-26856, CVE-2024-27043, CVE-2024-27039, CVE-2024-26777, CVE-2024-27030,     CVE-2024-26584, CVE-2024-26735, CVE-2024-26805, CVE-2024-26766, CVE-2024-26763, CVE-2024-27065,     CVE-2023-52641, CVE-2024-27417, CVE-2023-52497, CVE-2023-52447, CVE-2024-26769, CVE-2024-26843,     CVE-2024-26881, CVE-2024-26688, CVE-2024-26743, CVE-2024-27038, CVE-2024-27390, CVE-2024-27436,     CVE-2024-26839, CVE-2024-27074, CVE-2024-26840, CVE-2024-27076, CVE-2024-26835, CVE-2024-26885,     CVE-2024-26776, CVE-2024-26845, CVE-2024-26875, CVE-2024-35828)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-4 advisory.

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer     dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.
    (CVE-2024-0841)

    Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race     condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of     service (system crash). (CVE-2024-22099)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - RISC-V architecture;

    - x86 architecture;

    - ACPI drivers;

    - Block layer subsystem;

    - Clock framework and drivers;

    - CPU frequency scaling framework;

    - Cryptographic API;

    - DMA engine subsystem;

    - EFI core;

    - GPU drivers;

    - InfiniBand drivers;

    - IOMMU subsystem;

    - Multiple devices driver;

    - Media drivers;

    - MMC subsystem;

    - Network drivers;

    - NTB driver;

    - NVME drivers;

    - PCI subsystem;

    - MediaTek PM domains;

    - Power supply drivers;

    - SPI subsystem;

    - Media staging drivers;

    - TCM subsystem;

    - USB subsystem;

    - Framebuffer layer;

    - AFS file system;

    - File systems infrastructure;

    - BTRFS file system;

    - EROFS file system;

    - Ext4 file system;

    - F2FS file system;

    - Network file system client;

    - NTFS3 file system;

    - Diskquota system;

    - SMB network file system;

    - BPF subsystem;

    - Netfilter;

    - TLS protocol;

    - io_uring subsystem;

    - Bluetooth subsystem;

    - Memory management;

    - Ethernet bridge;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - L2TP protocol;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netlink;

    - NET/ROM layer;

    - Packet sockets;

    - RDS protocol;

    - Sun RPC protocol;

    - Unix domain sockets;

    - Wireless networking;

    - USB sound devices; (CVE-2024-35830, CVE-2024-27052, CVE-2023-52620, CVE-2024-26903, CVE-2024-27413,     CVE-2024-26766, CVE-2024-27077, CVE-2024-27044, CVE-2024-27076, CVE-2024-26833, CVE-2024-26874,     CVE-2024-26863, CVE-2023-52650, CVE-2024-26820, CVE-2024-26787, CVE-2023-52656, CVE-2024-26651,     CVE-2024-27065, CVE-2024-27053, CVE-2024-26583, CVE-2024-26774, CVE-2024-26782, CVE-2023-52640,     CVE-2024-26838, CVE-2024-27410, CVE-2024-26870, CVE-2024-27024, CVE-2024-26891, CVE-2024-26889,     CVE-2024-26897, CVE-2024-26857, CVE-2023-52434, CVE-2023-52645, CVE-2024-26901, CVE-2024-26872,     CVE-2024-27051, CVE-2024-27388, CVE-2024-26584, CVE-2024-26802, CVE-2024-26733, CVE-2024-27419,     CVE-2023-52447, CVE-2024-27054, CVE-2024-26840, CVE-2024-27038, CVE-2024-27028, CVE-2024-26883,     CVE-2024-27074, CVE-2024-26735, CVE-2024-26852, CVE-2024-27034, CVE-2024-26744, CVE-2024-26907,     CVE-2024-26777, CVE-2024-26835, CVE-2024-35845, CVE-2024-35828, CVE-2024-27037, CVE-2024-26764,     CVE-2024-26798, CVE-2024-27414, CVE-2024-26878, CVE-2024-27390, CVE-2024-26856, CVE-2024-26884,     CVE-2024-26779, CVE-2024-26895, CVE-2024-27436, CVE-2023-52641, CVE-2024-27039, CVE-2024-26776,     CVE-2024-26749, CVE-2024-27047, CVE-2024-26882, CVE-2023-52652, CVE-2023-52662, CVE-2024-26763,     CVE-2024-27030, CVE-2024-26772, CVE-2024-26859, CVE-2024-26791, CVE-2024-26788, CVE-2024-27046,     CVE-2024-26736, CVE-2024-26750, CVE-2024-26801, CVE-2024-35811, CVE-2024-26737, CVE-2024-27416,     CVE-2024-26769, CVE-2024-26906, CVE-2024-26795, CVE-2024-27417, CVE-2024-27078, CVE-2024-26790,     CVE-2024-27403, CVE-2024-27045, CVE-2024-27073, CVE-2024-26585, CVE-2024-26754, CVE-2024-27075,     CVE-2024-26877, CVE-2024-26861, CVE-2024-27432, CVE-2024-27415, CVE-2024-26752, CVE-2024-26601,     CVE-2024-26843, CVE-2024-26881, CVE-2024-26743, CVE-2024-26792, CVE-2024-26816, CVE-2024-26915,     CVE-2024-26809, CVE-2024-26862, CVE-2024-26771, CVE-2023-52644, CVE-2024-26747, CVE-2024-35844,     CVE-2024-26875, CVE-2024-26778, CVE-2024-26880, CVE-2024-26846, CVE-2024-27043, CVE-2024-26885,     CVE-2024-26773, CVE-2023-52497, CVE-2024-35829, CVE-2024-26845, CVE-2024-27412, CVE-2024-26894,     CVE-2024-26851, CVE-2024-26855, CVE-2024-26879, CVE-2024-26803, CVE-2024-26804, CVE-2024-26688,     CVE-2024-26839, CVE-2024-26793, CVE-2024-26659, CVE-2024-26603, CVE-2024-27431, CVE-2024-26751,     CVE-2024-27405, CVE-2024-26898, CVE-2024-26748, CVE-2024-26805)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7000 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.
    Security Fix(es):

     CVE-2023-6040  CVE-2024-26595  CVE-2024-26600  CVE-2021-46984  CVE-2023-52478  CVE-2023-52476     CVE-2023-52522  CVE-2021-47101  CVE-2021-47097  CVE-2023-52605  CVE-2024-26638  CVE-2024-26645     CVE-2024-26665  CVE-2024-26720  CVE-2024-26717  CVE-2024-26769  CVE-2024-26846  CVE-2024-26894     CVE-2024-26880  CVE-2024-26855  CVE-2024-26923  CVE-2024-26939  CVE-2024-27013  CVE-2024-27042     CVE-2024-35809  CVE-2023-52683  CVE-2024-35884  CVE-2024-35877  CVE-2024-35944  CVE-2024-35989     CVE-2021-47412  CVE-2021-47393  CVE-2021-47386  CVE-2021-47385  CVE-2021-47384  CVE-2021-47383     CVE-2021-47432  CVE-2021-47352  CVE-2021-47338  CVE-2021-47321  CVE-2021-47289  CVE-2021-47287     CVE-2023-52798  CVE-2023-52809  CVE-2023-52817  CVE-2023-52840  CVE-2023-52800  CVE-2021-47441     CVE-2021-47466  CVE-2021-47455  CVE-2021-47497  CVE-2021-47560  CVE-2021-47527  CVE-2024-36883     CVE-2024-36922  CVE-2024-36920  CVE-2024-36902  CVE-2024-36953  CVE-2024-36939  CVE-2024-36919     CVE-2024-36901  CVE-2021-47582  CVE-2021-47609  CVE-2024-38619  CVE-2022-48754  CVE-2022-48760     CVE-2024-38581  CVE-2024-38579  CVE-2024-38570  CVE-2024-38559  CVE-2024-38558  CVE-2024-37356     CVE-2024-39471  CVE-2024-39499  CVE-2024-39501  CVE-2024-39506  CVE-2024-40904  CVE-2024-40911     CVE-2024-40912  CVE-2024-40929  CVE-2024-40931  CVE-2024-40941  CVE-2024-40954  CVE-2024-40958     CVE-2024-40959  CVE-2024-40960  CVE-2024-40972  CVE-2024-40977  CVE-2024-40978  CVE-2024-40988     CVE-2024-40989  CVE-2024-40995  CVE-2024-40997  CVE-2024-40998  CVE-2024-41005  CVE-2024-40901     CVE-2024-41007  CVE-2024-41008  CVE-2022-48804  CVE-2022-48836  CVE-2022-48866  CVE-2024-41090     CVE-2024-41091  CVE-2024-41012  CVE-2024-41013  CVE-2024-41014  CVE-2024-41023  CVE-2024-41035     CVE-2024-41038  CVE-2024-41039  CVE-2024-41040  CVE-2024-41041  CVE-2024-41044  CVE-2024-41055     CVE-2024-41056  CVE-2024-41060  CVE-2024-41064  CVE-2024-41065  CVE-2024-41071  CVE-2024-41076     CVE-2024-41097  CVE-2024-42084  CVE-2024-42090  CVE-2024-42094  CVE-2024-42096  CVE-2024-42114     CVE-2024-42124  CVE-2024-42131  CVE-2024-42152  CVE-2024-42154  CVE-2024-42225  CVE-2024-42226     CVE-2024-42228  CVE-2024-42237  CVE-2024-42238  CVE-2024-42240  CVE-2024-42246  CVE-2024-42322     CVE-2024-43830  CVE-2024-43871  For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References     section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function.
    This can result in a bluetooth sniffing exception issue, possibly leading denial of     service.(CVE-2024-24859)

    bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq(CVE-2024-38540)

    drivers: core: synchronize really_probe() and dev_uevent()(CVE-2024-39501)

    drm/amd/display: Fix potential index out of bounds in color transformation function(CVE-2024-38552)

    drop_monitor: replace spin_lock by raw_spin_lock(CVE-2024-40980)

    dyndbg: fix old BUG_ON in control parser(CVE-2024-35947)

    ext4: do not create EA inode under buffer lock(CVE-2024-40972)

    HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()(CVE-2024-40934)

    ice: Fix crash by keep old cfg when update TCs more than queues(CVE-2022-48652)

    In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to     drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.(CVE-2024-23848)

    ipv6: fix possible race in __fib6_drop_pcpu_from()(CVE-2024-40905)

    ipv6: fix potential 'struct net' leak in inet6_rtm_getaddr()(CVE-2024-27417)

    kernel:af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg(CVE-2024-38596)

    kernel:bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()(CVE-2024-39487)

    kernel:dm: call the resume method on internal suspend(CVE-2024-26880)

    kernel:fix lockup in dm_exception_table_exit  There was reported lockup(CVE-2024-35805)

    kernel:ftrace: Fix possible use-after-free issue in ftrace_location()(CVE-2024-38588)

    kernel:ima: Fix use-after-free on a dentry's dname.name(CVE-2024-39494)

    kernel:ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr(CVE-2024-35969)

    kernel:ipv6: prevent possible NULL dereference in rt6_probe()(CVE-2024-40960)

    kernel:kdb: Fix buffer overflow during tab-complete(CVE-2024-39480)

    kernel:net/mlx5e: Avoid field-overflowing memcpy()(CVE-2022-48744)

    kernel:net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()(CVE-2024-40995)

    kernel:net: bridge: xmit: make sure we have at least eth header len bytes(CVE-2024-38538)

    kernel:netpoll: Fix race condition in netpoll_owner_active(CVE-2024-41005)

    kernel:nouveau: lock the client object tree. (CVE-2024-27062)

    kernel:nvme-fc: do not wait in vain when unloading module(CVE-2024-26846)

    kernel:of: Fix double free in of_parse_phandle_with_args_map(CVE-2023-52679)

    kernel:of: module: add buffer overflow check in of_modalias()(CVE-2024-38541)

    kernel:scsi: lpfc: Fix link down processing to address NULL pointer dereference(CVE-2021-47183)

    kernel:SUNRPC: fix some memleaks in gssx_dec_option_array(CVE-2024-27388)

    kernel:tcp: avoid too many retransmit packets(CVE-2024-41007)

    kernel:tcp: Fix shift-out-of-bounds in dctcp_update_alpha().(CVE-2024-37356)

    md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING(CVE-2024-39476)

    md: fix resync softlockup when bitmap size is less than array size(CVE-2024-38598)

    media: imon: fix access to invalid resource for the second interface(CVE-2023-52754)

    net/mlx5: Add a timeout to acquire the command queue semaphore(CVE-2024-38556)

    net/mlx5: Discard command completions in internal error(CVE-2024-38555)

    net/mlx5e: Fix netif state handling(CVE-2024-38608)

    net/sched: act_skbmod: prevent kernel-infoleak(CVE-2024-35893)

    netfilter: bridge: replace physindev with physinif in nf_bridge_info(CVE-2024-35839)

    netfilter: ipset: fix performance regression in swap operation(CVE-2024-26910)

    netfilter: nf_tables: flush pending destroy work before exit_net release(CVE-2024-35899)

    netfilter: nf_tables: honor table dormant flag from netdev release event path(CVE-2024-36005)

    netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()(CVE-2024-36286)

    NFSD: Fix ia_size underflow(CVE-2022-48828)

    RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt(CVE-2024-38544)

    scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory(CVE-2024-40901)

    tipc: force a dst refcount before doing decryption(CVE-2024-40983)

    usb: config: fix iteration issue in 'usb_get_bos_descriptor()'(CVE-2023-52781)

    bcache: fix variable length array abuse in btree_iter(CVE-2024-39482)

    pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER(CVE-2024-42090)

    udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().(CVE-2024-41041)

    net: hns3: fix kernel crash when 1588 is received on HIP08 devices(CVE-2024-26881)

    bpf: Fix a segment issue when downgrading gso_size(CVE-2024-42281)

    quota: Fix potential NULL pointer dereference(CVE-2024-26878)

    rds: tcp: Fix use-after-free of net in reqsk_timer_handler().(CVE-2024-26865)

    io_uring: fix possible deadlock in io_register_iowq_max_workers()(CVE-2024-41080)

    ASoC: topology: Fix references to freed memory(CVE-2024-41069)

    crypto: hisilicon/sec - Fix memory leak for sec resource release(CVE-2024-41002)

    filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)

    x86: stop playing stack games in profile_pc()(CVE-2024-42096)

    iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected(CVE-2024-26891)

    xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)

    xfs: don't walk off the end of a directory data block(CVE-2024-41013)

    sched/deadline: Fix task_struct reference leak(CVE-2024-41023)

    of: module: prevent NULL pointer dereference in vsnprintf()(CVE-2024-35878)

    mm: avoid overflows in dirty throttling logic(CVE-2024-42131)

    drm/ nouveau: fix null pointer dereference in nouveau_connector_get_modes(CVE-2024-42101)

    crypto: ecdh - explicitly zeroize private_key(CVE-2024-42098)

    Fix userfaultfd_api to return EINVAL as expected(CVE-2024-41027)

    ftruncate: pass a signed offset(CVE-2024-42084)

    nvmet: fix a possible leak when destroy a ctrl during qp establishment(CVE-2024-42152)

    nvmet: always initialize cqe.result(CVE-2024-41079)

    crypto: aead,cipher - zeroize key buffer after use(CVE-2024-42229)

    Bluetooth: L2CAP: Fix not validating setsockopt user input(CVE-2024-35965)

    KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()(CVE-2024-40953)

    filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)

    USB: serial: mos7840: fix crash on resume(CVE-2024-42244)

    tty: add the option to have a tty reject a new ldisc(CVE-2024-40966)

    media: dvb-frontends: tda10048: Fix integer overflow(CVE-2024-42223)

    ata: libata-core: Fix double free on error(CVE-2024-41087)

    ata: libata-core: Fix null pointer dereference on error(CVE-2024-41098)

    leds: trigger: Unregister sysfs attributes before calling deactivate()(CVE-2024-43830)

    enic: Validate length of nl attributes in enic_set_vf_port(CVE-2024-38659)

    tap: add missing verification for short frame(CVE-2024-41090)

    tun: add missing verification for short frame(CVE-2024-41091)

    netfilter: tproxy: bail out if IP has been disabled on the device(CVE-2024-36270)

    ext4: make sure the first directory block is not a hole(CVE-2024-42304)

    ext4: fix infinite loop when replaying fast_commit(CVE-2024-43828)

    ppp: reject claimed-as-LCP but actually malformed packets(CVE-2024-41044)

    RDMA/restrack: Fix potential invalid address access(CVE-2024-42080)

    nvme-fabrics: use reserved tag for reg read/write command(CVE-2024-41082)

    bnx2x: Fix multiple UBSAN array-index-out-of-bounds(CVE-2024-42148)

    inet_diag: Initialize pad field in struct inet_diag_req_v2(CVE-2024-42106)

    bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD(CVE-2024-42161)

    drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)(CVE-2024-39497)

    drm/amd/display: Add NULL pointer check for kzalloc(CVE-2024-42122)

    net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket(CVE-2024-42246)

    net: phy: fix phy_get_internal_delay accessing an empty array(CVE-2024-27047)

    tcp_metrics: validate source addr length(CVE-2024-42154)

    netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)

    RDMA/hns: Modify the print level of CQE error(CVE-2024-38590)

    udp: do not accept non-tunnel GSO skbs landing in a tunnel(CVE-2024-35884)

    skmsg: Skip zero length skb in sk_msg_recvmsg(CVE-2024-41048)

    xdp: Remove WARN() from __xdp_reg_mem_model()(CVE-2024-42082)

    HID: core: remove unnecessary WARN_ON() in implement()(CVE-2024-39509)

    net: nexthop: Initialize all fields in dumped nexthops(CVE-2024-42283)

    IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)

    RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)

    ipvs: properly dereference pe in ip_vs_add_service(CVE-2024-42322)

    net: usb: qmi_wwan: fix memory leak for not ip packets(CVE-2024-43861)

    libceph: fix race between delayed_work() and ceph_monc_stop()(CVE-2024-42232)

    tipc: Return non-zero value from tipc_udp_addr2str() on error(CVE-2024-42284)

    drm/ nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes(CVE-2024-41089)

    netfilter: nf_tables: prefer nft_chain_validate(CVE-2024-41042)

    net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE(CVE-2024-42321)

    net/mlx5: Always drain health in shutdown callback(CVE-2024-43866)

    USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory.

    Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error     conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this     vulnerability to cause a denial of service. (CVE-2022-38096)

    Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition     during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could     possibly use this to cause a denial of service (system crash). (CVE-2023-47233)

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux     kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker     could use this to cause a denial of service. (CVE-2024-21823)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race     condition when stopping the device. A local attacker could possibly use this to cause a denial of service     (device unavailability). (CVE-2024-27432)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - PowerPC architecture;

    - x86 architecture;

    - Block layer subsystem;

    - ACPI drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - CPU frequency scaling framework;

    - Cryptographic API;

    - DPLL subsystem;

    - ARM SCMI message protocol;

    - EFI core;

    - GPU drivers;

    - InfiniBand drivers;

    - IOMMU subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - MMC subsystem;

    - Network drivers;

    - NTB driver;

    - NVME drivers;

    - PCI subsystem;

    - Powercap sysfs driver;

    - SCSI drivers;

    - Freescale SoC drivers;

    - SPI subsystem;

    - Media staging drivers;

    - Thermal drivers;

    - TTY drivers;

    - USB subsystem;

    - DesignWare USB3 driver;

    - VFIO drivers;

    - Backlight driver;

    - Virtio drivers;

    - Xen hypervisor drivers;

    - AFS file system;

    - File systems infrastructure;

    - BTRFS file system;

    - debug file system;

    - Ext4 file system;

    - F2FS file system;

    - FAT file system;

    - Network file system client;

    - NILFS2 file system;

    - Overlay file system;

    - Pstore file system;

    - Diskquota system;

    - SMB network file system;

    - UBI file system;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Memory management;

    - Bluetooth subsystem;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - IEEE 802.15.4 subsystem;

    - Netfilter;

    - Packet sockets;

    - Network traffic control;

    - Sun RPC protocol;

    - ALSA SH drivers;

    - SOF drivers;

    - USB sound devices;

    - KVM core; (CVE-2024-35822, CVE-2024-26859, CVE-2024-26967, CVE-2024-27053, CVE-2024-27064,     CVE-2024-27437, CVE-2024-26931, CVE-2024-26870, CVE-2024-26927, CVE-2024-26880, CVE-2024-35789,     CVE-2024-26929, CVE-2024-27034, CVE-2024-26816, CVE-2024-26896, CVE-2024-26975, CVE-2024-26972,     CVE-2024-26937, CVE-2024-27032, CVE-2024-26871, CVE-2024-26655, CVE-2024-35829, CVE-2024-26886,     CVE-2023-52653, CVE-2024-27028, CVE-2024-26877, CVE-2024-26898, CVE-2024-35796, CVE-2024-27065,     CVE-2024-35807, CVE-2024-26966, CVE-2024-35826, CVE-2024-27067, CVE-2024-27039, CVE-2024-35811,     CVE-2024-26895, CVE-2024-26814, CVE-2024-26893, CVE-2023-52649, CVE-2024-35801, CVE-2023-52648,     CVE-2024-27048, CVE-2024-26934, CVE-2024-27049, CVE-2024-26890, CVE-2024-26874, CVE-2022-48669,     CVE-2023-52661, CVE-2024-27436, CVE-2024-27058, CVE-2024-26935, CVE-2024-26956, CVE-2024-26960,     CVE-2024-26976, CVE-2024-27041, CVE-2024-26873, CVE-2024-26946, CVE-2024-27080, CVE-2024-27432,     CVE-2023-52650, CVE-2024-26879, CVE-2023-52647, CVE-2024-27435, CVE-2024-27038, CVE-2024-26951,     CVE-2024-27390, CVE-2024-26863, CVE-2024-26959, CVE-2024-35794, CVE-2024-26889, CVE-2024-35845,     CVE-2024-27433, CVE-2024-26961, CVE-2024-35803, CVE-2024-26653, CVE-2024-26939, CVE-2024-26872,     CVE-2024-26979, CVE-2024-26973, CVE-2024-27029, CVE-2024-35831, CVE-2024-26892, CVE-2024-26888,     CVE-2024-27074, CVE-2024-35844, CVE-2024-26938, CVE-2024-26953, CVE-2024-27391, CVE-2024-35843,     CVE-2024-27040, CVE-2024-26875, CVE-2024-27026, CVE-2024-26978, CVE-2024-26882, CVE-2023-52652,     CVE-2023-52662, CVE-2024-26963, CVE-2024-26962, CVE-2024-27051, CVE-2024-27068, CVE-2024-26881,     CVE-2024-35800, CVE-2024-26964, CVE-2024-27389, CVE-2024-27043, CVE-2024-26901, CVE-2024-26941,     CVE-2024-35798, CVE-2024-35799, CVE-2024-26952, CVE-2024-26654, CVE-2024-27046, CVE-2024-35810,     CVE-2024-27050, CVE-2024-27063, CVE-2024-26954, CVE-2024-26884, CVE-2024-27047, CVE-2024-26932,     CVE-2024-26883, CVE-2024-26943, CVE-2024-26651, CVE-2024-26815, CVE-2024-26948, CVE-2024-27066,     CVE-2024-27037, CVE-2024-35806, CVE-2024-26869, CVE-2024-26878, CVE-2024-26810, CVE-2024-35797,     CVE-2024-27073, CVE-2024-26812, CVE-2024-26933, CVE-2024-26809, CVE-2024-26894, CVE-2024-35813,     CVE-2024-27033, CVE-2024-26876, CVE-2024-27076, CVE-2024-27045, CVE-2024-27079, CVE-2024-26861,     CVE-2024-26957, CVE-2024-26864, CVE-2024-26866, CVE-2024-35814, CVE-2024-26813, CVE-2024-27388,     CVE-2024-27042, CVE-2024-26862, CVE-2024-26968, CVE-2024-26940, CVE-2024-27027, CVE-2024-35793,     CVE-2024-35874, CVE-2024-27035, CVE-2024-26958, CVE-2024-26887, CVE-2024-35809, CVE-2024-26930,     CVE-2024-35819, CVE-2024-27392, CVE-2024-35808, CVE-2023-52644, CVE-2024-35828, CVE-2024-26657,     CVE-2024-26969, CVE-2024-27434, CVE-2024-35821, CVE-2023-52663, CVE-2024-27078, CVE-2024-35787,     CVE-2024-27044, CVE-2024-26848, CVE-2024-26955, CVE-2024-26899, CVE-2024-27077, CVE-2024-26897,     CVE-2024-26945, CVE-2024-26885, CVE-2024-27069, CVE-2024-27070, CVE-2024-27054, CVE-2024-35795,     CVE-2024-35817, CVE-2024-35827, CVE-2024-26656, CVE-2024-26860, CVE-2024-26942, CVE-2023-52659,     CVE-2024-26865, CVE-2024-26868, CVE-2024-26947, CVE-2024-35788, CVE-2024-26950, CVE-2024-27030,     CVE-2024-26949, CVE-2024-26900, CVE-2024-26971, CVE-2024-35805, CVE-2024-26977, CVE-2024-26944,     CVE-2024-27036, CVE-2024-26965, CVE-2024-26891, CVE-2024-27071, CVE-2024-27075, CVE-2024-27072,     CVE-2024-35830, CVE-2024-27052, CVE-2024-26970, CVE-2024-27031)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-2 advisory.

    Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error     conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this     vulnerability to cause a denial of service. (CVE-2022-38096)

    Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition     during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could     possibly use this to cause a denial of service (system crash). (CVE-2023-47233)

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race     condition when stopping the device. A local attacker could possibly use this to cause a denial of service     (device unavailability). (CVE-2024-27432)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - PowerPC architecture;

    - x86 architecture;

    - Block layer subsystem;

    - ACPI drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - CPU frequency scaling framework;

    - Cryptographic API;

    - DPLL subsystem;

    - ARM SCMI message protocol;

    - EFI core;

    - GPU drivers;

    - InfiniBand drivers;

    - IOMMU subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - MMC subsystem;

    - Network drivers;

    - NTB driver;

    - NVME drivers;

    - PCI subsystem;

    - Powercap sysfs driver;

    - SCSI drivers;

    - Freescale SoC drivers;

    - SPI subsystem;

    - Media staging drivers;

    - Thermal drivers;

    - TTY drivers;

    - USB subsystem;

    - DesignWare USB3 driver;

    - VFIO drivers;

    - Backlight driver;

    - Virtio drivers;

    - Xen hypervisor drivers;

    - AFS file system;

    - File systems infrastructure;

    - BTRFS file system;

    - debug file system;

    - Ext4 file system;

    - F2FS file system;

    - FAT file system;

    - Network file system client;

    - NILFS2 file system;

    - Overlay file system;

    - Pstore file system;

    - Diskquota system;

    - SMB network file system;

    - UBI file system;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Memory management;

    - Bluetooth subsystem;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - IEEE 802.15.4 subsystem;

    - Netfilter;

    - Packet sockets;

    - Network traffic control;

    - Sun RPC protocol;

    - ALSA SH drivers;

    - SOF drivers;

    - USB sound devices;

    - KVM core; (CVE-2024-26859, CVE-2024-26944, CVE-2024-27049, CVE-2024-26868, CVE-2024-26932,     CVE-2024-35843, CVE-2024-35814, CVE-2024-26866, CVE-2024-26941, CVE-2024-27080, CVE-2024-26938,     CVE-2024-26889, CVE-2024-27075, CVE-2024-27077, CVE-2024-26864, CVE-2024-35787, CVE-2024-27071,     CVE-2024-26880, CVE-2024-26961, CVE-2024-26945, CVE-2024-26863, CVE-2024-35795, CVE-2024-27045,     CVE-2024-27066, CVE-2024-27046, CVE-2024-26816, CVE-2024-27069, CVE-2024-26861, CVE-2024-26968,     CVE-2024-26963, CVE-2024-26878, CVE-2024-27073, CVE-2024-35806, CVE-2024-26951, CVE-2024-26954,     CVE-2024-27026, CVE-2024-26956, CVE-2024-35811, CVE-2024-35803, CVE-2024-26964, CVE-2024-26848,     CVE-2024-27434, CVE-2024-35844, CVE-2024-26977, CVE-2024-27031, CVE-2024-35813, CVE-2024-26960,     CVE-2024-27067, CVE-2024-26937, CVE-2024-26884, CVE-2024-26656, CVE-2024-27068, CVE-2024-26871,     CVE-2023-52653, CVE-2024-26939, CVE-2024-26967, CVE-2024-26966, CVE-2024-27043, CVE-2024-26814,     CVE-2024-35829, CVE-2024-26973, CVE-2024-35810, CVE-2024-26877, CVE-2024-27392, CVE-2024-35805,     CVE-2024-26875, CVE-2024-26970, CVE-2024-26657, CVE-2024-26874, CVE-2024-26971, CVE-2024-26872,     CVE-2024-35798, CVE-2024-26931, CVE-2024-26948, CVE-2024-26883, CVE-2024-26955, CVE-2024-27039,     CVE-2024-27038, CVE-2024-27065, CVE-2024-26899, CVE-2024-27048, CVE-2024-35874, CVE-2024-35845,     CVE-2024-35799, CVE-2024-35827, CVE-2024-26935, CVE-2024-27079, CVE-2024-35821, CVE-2024-26950,     CVE-2024-26879, CVE-2024-26940, CVE-2024-35788, CVE-2024-26891, CVE-2024-27063, CVE-2024-27433,     CVE-2024-27036, CVE-2024-35819, CVE-2024-26969, CVE-2024-27044, CVE-2024-27028, CVE-2024-27070,     CVE-2023-52649, CVE-2024-27435, CVE-2024-35830, CVE-2024-26929, CVE-2024-26653, CVE-2024-26887,     CVE-2024-26869, CVE-2024-26942, CVE-2024-35822, CVE-2024-26979, CVE-2024-26881, CVE-2024-26655,     CVE-2024-26975, CVE-2023-52650, CVE-2024-26651, CVE-2024-35828, CVE-2024-26965, CVE-2024-27437,     CVE-2024-35794, CVE-2024-26962, CVE-2024-27058, CVE-2024-27076, CVE-2024-27035, CVE-2024-27074,     CVE-2024-27027, CVE-2024-26860, CVE-2024-27042, CVE-2024-27390, CVE-2024-26815, CVE-2023-52662,     CVE-2024-27051, CVE-2024-35796, CVE-2024-27047, CVE-2024-26930, CVE-2024-26865, CVE-2024-27064,     CVE-2024-35826, CVE-2024-26885, CVE-2024-26873, CVE-2024-26943, CVE-2024-26893, CVE-2024-27030,     CVE-2024-26976, CVE-2024-35793, CVE-2024-26952, CVE-2023-52644, CVE-2024-35797, CVE-2024-27029,     CVE-2024-26927, CVE-2024-26812, CVE-2024-27432, CVE-2024-26897, CVE-2024-26890, CVE-2024-26972,     CVE-2024-35800, CVE-2024-27032, CVE-2024-27052, CVE-2023-52647, CVE-2024-26898, CVE-2023-52652,     CVE-2024-35808, CVE-2024-26876, CVE-2024-26933, CVE-2024-26862, CVE-2024-27033, CVE-2023-52663,     CVE-2024-27041, CVE-2023-52648, CVE-2024-26888, CVE-2024-26957, CVE-2024-26953, CVE-2023-52659,     CVE-2024-27436, CVE-2024-27040, CVE-2024-27054, CVE-2024-27050, CVE-2024-26886, CVE-2023-52661,     CVE-2024-35831, CVE-2024-26946, CVE-2024-26949, CVE-2024-26809, CVE-2024-26892, CVE-2024-26654,     CVE-2024-26901, CVE-2024-27053, CVE-2024-26882, CVE-2024-35809, CVE-2024-26978, CVE-2024-27037,     CVE-2024-27391, CVE-2024-27034, CVE-2024-26895, CVE-2024-35817, CVE-2024-26900, CVE-2024-26896,     CVE-2024-26958, CVE-2024-35801, CVE-2024-27388, CVE-2024-26934, CVE-2024-27078, CVE-2024-35789,     CVE-2024-26894, CVE-2024-27389, CVE-2024-35807, CVE-2024-27072, CVE-2024-26947, CVE-2024-26870,     CVE-2024-26813, CVE-2022-48669, CVE-2024-26959, CVE-2024-26810)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-696 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    io_uring: drop any code related to SCM_RIGHTS (CVE-2023-52656)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid10: prevent soft lockup while flush writes (CVE-2023-53151)

    Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM (md, raid, raid5 modules)     allows Forced Integer Overflow. (CVE-2024-23307)

    A malicious hypervisor can potentially break confidentiality and integrity of Linux SEV-SNP guests by     injecting interrupts. (CVE-2024-25742)

    In the Linux kernel, the following vulnerability has been resolved:

    net: tls: handle backlogging of crypto requests

    Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on ourrequests to the crypto API,     crypto_aead_{encrypt,decrypt} can return-EBUSY instead of -EINPROGRESS in valid situations. For example,     whenthe cryptd queue for AESNI is full (easy to trigger with anartificially low     cryptd.cryptd_max_cpu_qlen), requests will be enqueuedto the backlog but still processed. In that case,     the async callbackwill also be called twice: first with err == -EINPROGRESS, which itseems we can just     ignore, then with err == 0.

    Compared to Sabrina's original patch this version uses the newtls_*crypt_async_wait() helpers and converts     the EBUSY toEINPROGRESS to avoid having to modify all the error handlingpaths. The handling is identical.
    (CVE-2024-26584)

    In the Linux kernel, the following vulnerability has been resolved:

    tls: fix race between tx work scheduling and socket close

    Similarly to previous commit, the submitting thread (recvmsg/sendmsg)may exit as soon as the async crypto     handler calls complete().Reorder scheduling the work before calling complete().This seems more logical in     the first place, as it'sthe inverse order of what the submitting thread will do. (CVE-2024-26585)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nft_set_pipapo: release elements in clone only from destroy path (CVE-2024-26809)

    In the Linux kernel, the following vulnerability has been resolved:

    vfio/pci: Lock external INTx masking ops (CVE-2024-26810)

    In the Linux kernel, the following vulnerability has been resolved:

    vfio/pci: Create persistent INTx handler (CVE-2024-26812)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check (CVE-2024-26815)

    In the Linux kernel, the following vulnerability has been resolved:

    x86, relocs: Ignore relocations in .notes section (CVE-2024-26816)

    In the Linux kernel, the following vulnerability has been resolved:

    dm-integrity: fix a memory leak when rechecking the data (CVE-2024-26860)

    In the Linux kernel, the following vulnerability has been resolved:

    wireguard: receive: annotate data-race around receiving_counter.counter (CVE-2024-26861)

    In the Linux kernel, the following vulnerability has been resolved:

    packet: annotate data-races around ignore_outgoing (CVE-2024-26862)

    In the Linux kernel, the following vulnerability has been resolved:

    hsr: Fix uninit-value access in hsr_get_node() (CVE-2024-26863)

    In the Linux kernel, the following vulnerability has been resolved:

    tcp: Fix refcnt handling in __inet_hash_connect(). (CVE-2024-26864)

    In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in     reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and     another ref tracker warning [1]. syzkaller could not find a repro, but in the log, the only suspicious     sequence was as follows: 18:26:22 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ...
    connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4001, 0x0, @loopback}, 0x1c) (async) The notable thing here is     0x4001 in connect(), which is RDS_TCP_PORT. (CVE-2024-26865)

    In the Linux kernel, the following vulnerability has been resolved:

    nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (CVE-2024-26868)

    In the Linux kernel, the following vulnerability has been resolved:

    NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)

    In the Linux kernel, the following vulnerability has been resolved:

    quota: Fix potential NULL pointer dereference (CVE-2024-26878)

    In the Linux kernel, the following vulnerability has been resolved:

    dm: call the resume method on internal suspend (CVE-2024-26880)

    In the Linux kernel, the following vulnerability has been resolved:

    net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() (CVE-2024-26882)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: Fix stackmap overflow check on 32-bit arches (CVE-2024-26883)

    In the Linux kernel, the following vulnerability has been resolved:

    iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected (CVE-2024-26891)

    In the Linux kernel, the following vulnerability has been resolved:

    ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (CVE-2024-26894)

    In the Linux kernel, the following vulnerability has been resolved:

    aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts (CVE-2024-26898)

    In the Linux kernel, the following vulnerability has been resolved:

    do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)

    In the Linux kernel, the following vulnerability has been resolved:

    USB: core: Fix deadlock in port disable sysfs attribute (CVE-2024-26933)

    In the Linux kernel, the following vulnerability has been resolved:

    USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: core: Fix unremoved procfs host directory regression (CVE-2024-26935)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/i915/gt: Reset queue_priority_hint on parking (CVE-2024-26937)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (CVE-2024-26938)

    In the Linux kernel, the following vulnerability has been resolved:

    kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946)

    In the Linux kernel, the following vulnerability has been resolved:

    wireguard: netlink: access device through ctx instead of peer (CVE-2024-26950)

    In the Linux kernel, the following vulnerability has been resolved:

    wireguard: netlink: check for dangling peer via is_dead instead of empty list (CVE-2024-26951)

    In the Linux kernel, the following vulnerability has been resolved:

    nfs: fix UAF in direct writes (CVE-2024-26958)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: swap: fix race between free_swap_and_cache() and swapoff() (CVE-2024-26960)

    In the Linux kernel, the following vulnerability has been resolved:

    usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)

    In the Linux kernel, the following vulnerability has been resolved:

    fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)

    In the Linux kernel, the following vulnerability has been resolved:

    pci_iounmap(): Fix MMIO mapping leak (CVE-2024-26977)

    In the Linux kernel, the following vulnerability has been resolved:

    nbd: null check for nla_nest_start (CVE-2024-27025)

    In the Linux kernel, the following vulnerability has been resolved:

    clk: Fix clk_core_get NULL dereference (CVE-2024-27038)

    In the Linux kernel, the following vulnerability has been resolved:

    net: phy: fix phy_get_internal_delay accessing an empty array (CVE-2024-27047)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: do not compare internal table flags on updates (CVE-2024-27065)

    In the Linux kernel, the following vulnerability has been resolved:

    SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)

    In the Linux kernel, the following vulnerability has been resolved:

    pstore: inode: Only d_invalidate() is needed (CVE-2024-27389)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down() (CVE-2024-27390)

    In the Linux kernel, the following vulnerability has been resolved:

    nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)

    In the Linux kernel, the following vulnerability has been resolved:

    vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791)

    In the Linux kernel, the following vulnerability has been resolved:

    efi: fix panic in kdump kernel (CVE-2024-35800)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Mark target gfn of emulated atomic instruction as dirty (CVE-2024-35804)

    In the Linux kernel, the following vulnerability has been resolved:

    dm snapshot: fix lockup in dm_exception_table_exit (CVE-2024-35805)

    In the Linux kernel, the following vulnerability has been resolved:

    PCI/PM: Drain runtime-idle callbacks before driver removal (CVE-2024-35809)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion (CVE-2024-35815)

    In the Linux kernel, the following vulnerability has been resolved:

    vt: fix unicode buffer corruption when deleting characters (CVE-2024-35823)

    In the Linux kernel, the following vulnerability has been resolved:

    block: Fix page refcounts for unaligned buffers in __bio_release_pages() (CVE-2024-35826)

    In the Linux kernel, the following vulnerability has been resolved:

    io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (CVE-2024-35827)

    In the Linux kernel, the following vulnerability has been resolved:

    keys: Fix overwrite of key expiration on instantiation (CVE-2024-36031)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2561-1 advisory.

    The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication Bluetooth might have     allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access     (bsc#1171988).
    - CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
    - CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005).
    - CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866).
    - CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792).
    - CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993).
    - CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997).
    - CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965).
    - CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978).
    - CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977).
    - CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976).
    - CVE-2021-47309: net: validate lwtstate->data before returning from skb_tunnel_info() (bsc#1224967).
    - CVE-2021-47328: blacklist.conf: bsc#1225047 CVE-2021-47328: breaks kABI Also, does not apply.
    - CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140)
    - CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
    - CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
    - CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306).
    - CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337).
    - CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232).
    - CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (bsc#1225229)
    - CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261)
    - CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357).
    - CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372).
    - CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
    - CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463).
    - CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound     (bsc#1225505).
    - CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
    - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
    - CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567).
    - CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554).
    - CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562)
    - CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716)
    - CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718).
    - CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699).
    - CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705).
    - CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698)
    - CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711).
    - CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701).
    - CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976).
    - CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
    - CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve     local privilege escalation (bsc#1215420).
    - CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
    - CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
    - CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
    - CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
    - CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686).
    - CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478).
    - CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490).
    - CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
    - CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573).
    - CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571).
    - CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
    - CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569).
    - CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530).
    - CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532).
    - CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577).
    - CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599).
    - CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
    - CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
    - CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
    - CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency     (bsc#1225583).
    - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
    - CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
    - CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
    - CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
    - CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
    - CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
    - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
    - CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
    - CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
    - CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
    - CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188).
    - CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043).
    - CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
    - CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
    - CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
    - CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177).
    - CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432).
    - CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
    - CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
    - CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
    - CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
    - CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739).
    - CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622).
    - CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
    - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
    - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
    - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
    - CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
    - CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
    - CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
    - CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
    - CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
    - CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660)
    - CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
    - CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651).
    - CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647).
    - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
    - CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
    - CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
    - CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
    - CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
    - CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
    - CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
    - CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
    - CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593).
    - CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642).
    - CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
    - CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
    - CVE-2024-36952: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up     (bsc#1225898).
    - CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722).
    - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
    - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
    - CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
    - CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
    - CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
    - CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
    - CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
    - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
    - CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835).
    - CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
    - CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895).
    - CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872)
    - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
    - CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
    - CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
    - CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597)
    - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
    - CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593).
    - CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735)
    - CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767)
    - CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
    - CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747).
    - CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769).
    - CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
    - CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637).
    - CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
    - CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
    - CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
    - CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
    - CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754).
    - CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861).
    - CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895).
    - CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
    - CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
    - CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
    - CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
    - CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
    - CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435)


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6828-1 advisory.

    Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition     during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could     possibly use this to cause a denial of service (system crash). (CVE-2023-47233)

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer     dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.
    (CVE-2024-0841)

    It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during     recursive action operations under certain conditions. A local attacker could use this to cause a denial of     service (system crash). (CVE-2024-1151)

    Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux     kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were     insufficient for Intel processors. A local attacker could potentially use this to expose sensitive     information. (CVE-2024-2201)

    Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race     condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of     service (system crash). (CVE-2024-22099)

    Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-     bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system     crash). (CVE-2024-23849)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - Core kernel;

    - x86 architecture;

    - Block layer subsystem;

    - ACPI drivers;

    - Android drivers;

    - Power management core;

    - Bus devices;

    - Hardware random number generator core;

    - Clock framework and drivers;

    - CPU frequency scaling framework;

    - Cryptographic API;

    - Device frequency scaling framework;

    - DMA engine subsystem;

    - ARM SCMI message protocol;

    - EFI core;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I2C subsystem;

    - IIO ADC drivers;

    - IIO subsystem;

    - IIO Magnetometer sensors drivers;

    - InfiniBand drivers;

    - IOMMU subsystem;

    - Multiple devices driver;

    - Media drivers;

    - MMC subsystem;

    - Network drivers;

    - NTB driver;

    - NVME drivers;

    - PCI subsystem;

    - PCI driver for MicroSemi Switchtec;

    - PHY drivers;

    - MediaTek PM domains;

    - Power supply drivers;

    - SCSI drivers;

    - SPI subsystem;

    - Media staging drivers;

    - TCM subsystem;

    - USB subsystem;

    - DesignWare USB3 driver;

    - Framebuffer layer;

    - AFS file system;

    - File systems infrastructure;

    - BTRFS file system;

    - Ceph distributed file system;

    - EROFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - Network file system client;

    - NILFS2 file system;

    - NTFS3 file system;

    - Pstore file system;

    - Diskquota system;

    - SMB network file system;

    - BPF subsystem;

    - Memory management;

    - Netfilter;

    - TLS protocol;

    - io_uring subsystem;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - L2TP protocol;

    - Logical Link layer;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netlink;

    - NET/ROM layer;

    - NFC subsystem;

    - Packet sockets;

    - RDS protocol;

    - SMC sockets;

    - Sun RPC protocol;

    - TIPC protocol;

    - Unix domain sockets;

    - Wireless networking;

    - Tomoyo security module;

    - Realtek audio codecs;

    - USB sound devices; (CVE-2024-26910, CVE-2024-27074, CVE-2023-52494, CVE-2023-52594, CVE-2024-26915,     CVE-2024-26766, CVE-2023-52489, CVE-2024-35845, CVE-2024-26846, CVE-2024-26898, CVE-2024-26897,     CVE-2024-26826, CVE-2024-26798, CVE-2023-52662, CVE-2024-26856, CVE-2023-52608, CVE-2024-26782,     CVE-2024-27047, CVE-2024-27390, CVE-2024-26610, CVE-2024-26804, CVE-2023-52638, CVE-2024-26771,     CVE-2024-26752, CVE-2024-26585, CVE-2024-26645, CVE-2024-26715, CVE-2024-27028, CVE-2024-26809,     CVE-2024-26880, CVE-2024-27432, CVE-2024-27065, CVE-2024-26717, CVE-2023-52616, CVE-2024-26748,     CVE-2024-26795, CVE-2024-26671, CVE-2024-26743, CVE-2024-27412, CVE-2024-26802, CVE-2024-26733,     CVE-2024-26736, CVE-2023-52618, CVE-2024-27046, CVE-2024-26688, CVE-2024-26679, CVE-2024-26769,     CVE-2024-27051, CVE-2024-26603, CVE-2024-26744, CVE-2023-52434, CVE-2024-26697, CVE-2024-27075,     CVE-2023-52583, CVE-2024-26583, CVE-2024-27403, CVE-2024-26907, CVE-2024-26636, CVE-2024-27410,     CVE-2023-52530, CVE-2024-26840, CVE-2024-26851, CVE-2024-26862, CVE-2023-52640, CVE-2024-35829,     CVE-2024-26906, CVE-2024-26777, CVE-2024-27419, CVE-2024-26664, CVE-2024-26627, CVE-2024-26859,     CVE-2023-52486, CVE-2023-52652, CVE-2024-26835, CVE-2024-35844, CVE-2024-26702, CVE-2024-26635,     CVE-2024-26704, CVE-2023-52633, CVE-2024-26816, CVE-2024-26894, CVE-2024-26778, CVE-2023-52599,     CVE-2024-35828, CVE-2024-26776, CVE-2023-52493, CVE-2024-26845, CVE-2024-26594, CVE-2024-26885,     CVE-2024-26829, CVE-2023-52645, CVE-2024-26695, CVE-2023-52615, CVE-2024-26651, CVE-2024-26843,     CVE-2023-52606, CVE-2024-26675, CVE-2024-26874, CVE-2024-26883, CVE-2024-26772, CVE-2024-26673,     CVE-2024-26737, CVE-2023-52631, CVE-2024-26640, CVE-2023-52598, CVE-2024-26735, CVE-2024-26895,     CVE-2024-26592, CVE-2023-52492, CVE-2024-26861, CVE-2023-52644, CVE-2024-26920, CVE-2024-26877,     CVE-2024-26863, CVE-2024-26720, CVE-2024-26722, CVE-2024-27045, CVE-2024-27038, CVE-2024-26763,     CVE-2024-26833, CVE-2024-27417, CVE-2024-26916, CVE-2024-26857, CVE-2024-26875, CVE-2024-26606,     CVE-2024-27024, CVE-2024-26615, CVE-2023-52614, CVE-2023-52641, CVE-2024-26600, CVE-2024-27043,     CVE-2023-52635, CVE-2024-26787, CVE-2024-26622, CVE-2024-27413, CVE-2024-26791, CVE-2023-52622,     CVE-2023-52491, CVE-2023-52604, CVE-2024-27037, CVE-2024-26881, CVE-2024-26754, CVE-2024-26659,     CVE-2024-26663, CVE-2024-26747, CVE-2023-52602, CVE-2024-26712, CVE-2024-26839, CVE-2024-26749,     CVE-2024-26764, CVE-2024-26820, CVE-2024-26882, CVE-2024-27039, CVE-2024-27078, CVE-2024-26889,     CVE-2024-26870, CVE-2024-26788, CVE-2024-26602, CVE-2024-26903, CVE-2024-27044, CVE-2024-27073,     CVE-2023-52601, CVE-2023-52595, CVE-2024-26707, CVE-2024-27415, CVE-2023-52637, CVE-2024-26660,     CVE-2024-27414, CVE-2024-27054, CVE-2023-52497, CVE-2024-26801, CVE-2023-52435, CVE-2023-52620,     CVE-2023-52627, CVE-2024-26698, CVE-2023-52597, CVE-2024-27077, CVE-2023-52650, CVE-2024-26750,     CVE-2024-26852, CVE-2024-27053, CVE-2023-52656, CVE-2024-26625, CVE-2024-26779, CVE-2024-27431,     CVE-2024-26751, CVE-2024-26684, CVE-2024-26803, CVE-2024-26593, CVE-2023-52642, CVE-2023-52447,     CVE-2024-26790, CVE-2024-26825, CVE-2024-26668, CVE-2023-52607, CVE-2024-26872, CVE-2024-27030,     CVE-2023-52643, CVE-2024-26901, CVE-2024-35830, CVE-2024-26855, CVE-2023-52588, CVE-2023-52587,     CVE-2024-26891, CVE-2024-26644, CVE-2024-26884, CVE-2024-26793, CVE-2024-26805, CVE-2024-26584,     CVE-2024-27405, CVE-2023-52623, CVE-2024-26608, CVE-2024-26878, CVE-2024-27388, CVE-2024-27416,     CVE-2024-26685, CVE-2024-27034, CVE-2024-26879, CVE-2024-26614, CVE-2024-26792, CVE-2023-52617,     CVE-2024-26773, CVE-2024-26665, CVE-2024-26641, CVE-2023-52619, CVE-2024-35811, CVE-2024-27052,     CVE-2024-27076, CVE-2024-26838, CVE-2024-26808, CVE-2024-26696, CVE-2024-26676, CVE-2024-26689,     CVE-2024-26774, CVE-2024-26601, CVE-2023-52498, CVE-2024-27436)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	名称	产品	系列	发布时间	最近更新时间	严重程度
202292	Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6896-1)	Nessus	Ubuntu Local Security Checks	2024/7/12	2025/12/24	high
202422	EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1911)	Nessus	Huawei Local Security Checks	2024/7/15	2025/9/25	high
267220	Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387275)	Nessus	Unity Linux Local Security Checks	2025/10/7	2025/10/15	medium
202690	Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6896-4)	Nessus	Ubuntu Local Security Checks	2024/7/19	2025/12/24	high
198259	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-067)	Nessus	Amazon Linux Local Security Checks	2024/5/31	2026/1/26	high
204602	RHEL 9 : kernel (RHSA-2024:4823)	Nessus	Red Hat Local Security Checks	2024/7/24	2025/9/29	high
204945	Oracle Linux 9 : kernel (ELSA-2024-4928)	Nessus	Oracle Linux Local Security Checks	2024/8/1	2026/2/9	high
207151	EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-2418)	Nessus	Huawei Local Security Checks	2024/9/12	2025/9/25	high
200225	Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6821-1)	Nessus	Ubuntu Local Security Checks	2024/6/7	2024/8/27	high
200634	Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)	Nessus	Ubuntu Local Security Checks	2024/6/14	2024/8/27	high
207683	RHEL 8 : kernel (RHSA-2024:7000)	Nessus	Red Hat Local Security Checks	2024/9/24	2026/3/24	high
208398	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2585)	Nessus	Huawei Local Security Checks	2024/10/9	2025/10/13	high
200227	Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)	Nessus	Ubuntu Local Security Checks	2024/6/7	2026/3/24	high
200275	Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)	Nessus	Ubuntu Local Security Checks	2024/6/10	2026/3/24	high
205093	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-696)	Nessus	Amazon Linux Local Security Checks	2024/8/6	2026/2/24	high
202761	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2561-1)	Nessus	SuSE Local Security Checks	2024/7/22	2026/1/7	critical
200372	Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6828-1)	Nessus	Ubuntu Local Security Checks	2024/6/11	2025/9/24	high

检测

插件搜索

high

high

medium

high

high

high

high

high

high

high

high

high

high

high

high

critical

high