Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6918-1
HistoryJul 26, 2024 - 2:39 p.m.

linux-oracle vulnerabilities

2024-07-2614:39:52
Google
osv.dev
6
linux kernel vulnerabilities
bluetooth subsystem
race condition
arm64 architecture
risc-v architecture
s390 architecture
x86 architecture
block layer subsystem
compute acceleration framework
cryptographic api
gpu drivers
network drivers
file systems infrastructure
core kernel
memory management
networking core
selinux security module
cve-2024-26988
cve-2024-36023
cve-2024-35869
cve-2024-35938
cve-2024-27000
cve-2024-35880
cve-2024-35915
cve-2024-35959
and more

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0

Percentile

16.4%

JSON

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • ARM64 architecture;
  • RISC-V architecture;
  • S390 architecture;
  • x86 architecture;
  • Block layer subsystem;
  • Compute Acceleration Framework;
  • Accessibility subsystem;
  • Android drivers;
  • Drivers core;
  • Bluetooth drivers;
  • Clock framework and drivers;
  • Data acquisition framework and drivers;
  • Cryptographic API;
  • Buffer Sharing and Synchronization framework;
  • GPU drivers;
  • On-Chip Interconnect management framework;
  • IOMMU subsystem;
  • Multiple devices driver;
  • Media drivers;
  • VMware VMCI Driver;
  • Network drivers;
  • Microsoft Azure Network Adapter (MANA) driver;
  • Device tree and open firmware driver;
  • Chrome hardware platform drivers;
  • i.MX PM domains;
  • TI SCI PM domains driver;
  • S/390 drivers;
  • SCSI drivers;
  • SPI subsystem;
  • Thermal drivers;
  • TTY drivers;
  • USB subsystem;
  • Framebuffer layer;
  • BTRFS file system;
  • Network file system server daemon;
  • NILFS2 file system;
  • File systems infrastructure;
  • Pstore file system;
  • SMB network file system;
  • BPF subsystem;
  • Bluetooth subsystem;
  • Netfilter;
  • io_uring subsystem;
  • Core kernel;
  • Extra boot config (XBC);
  • Memory management;
  • Amateur Radio drivers;
  • B.A.T.M.A.N. meshing protocol;
  • Ethernet bridge;
  • Networking core;
  • IPv4 networking;
  • IPv6 networking;
  • Multipath TCP;
  • NFC subsystem;
  • RDS protocol;
  • Network traffic control;
  • SMC sockets;
  • Sun RPC protocol;
  • TLS protocol;
  • Unix domain sockets;
  • Wireless networking;
  • eXpress Data Path;
  • SELinux security module;
    (CVE-2024-26988, CVE-2024-36023, CVE-2024-35869, CVE-2024-35938,
    CVE-2024-27000, CVE-2024-35880, CVE-2024-35915, CVE-2024-35959,
    CVE-2024-35883, CVE-2024-35886, CVE-2024-35976, CVE-2024-35903,
    CVE-2024-35980, CVE-2024-27020, CVE-2024-35955, CVE-2024-35964,
    CVE-2024-26980, CVE-2024-35882, CVE-2024-35927, CVE-2024-35884,
    CVE-2024-35914, CVE-2024-35905, CVE-2024-26925, CVE-2024-35885,
    CVE-2024-26990, CVE-2024-27012, CVE-2024-35969, CVE-2024-35862,
    CVE-2024-35956, CVE-2024-35971, CVE-2024-27022, CVE-2024-35935,
    CVE-2024-26992, CVE-2024-27010, CVE-2024-35892, CVE-2024-26999,
    CVE-2024-26989, CVE-2024-35963, CVE-2024-35981, CVE-2024-26997,
    CVE-2024-35920, CVE-2024-35918, CVE-2024-35933, CVE-2024-35867,
    CVE-2024-35904, CVE-2024-35890, CVE-2024-35968, CVE-2024-35917,
    CVE-2024-35897, CVE-2024-26922, CVE-2024-36026, CVE-2024-27013,
    CVE-2024-26991, CVE-2024-26996, CVE-2024-35873, CVE-2024-26987,
    CVE-2024-35895, CVE-2024-36027, CVE-2024-35896, CVE-2024-35894,
    CVE-2024-26983, CVE-2024-35966, CVE-2024-35967, CVE-2024-35945,
    CVE-2024-27003, CVE-2024-35939, CVE-2024-35861, CVE-2024-26985,
    CVE-2024-27015, CVE-2024-35982, CVE-2024-35912, CVE-2024-35979,
    CVE-2024-35879, CVE-2024-26982, CVE-2024-35891, CVE-2024-35925,
    CVE-2024-35870, CVE-2024-27021, CVE-2024-35866, CVE-2024-27014,
    CVE-2024-27001, CVE-2024-27004, CVE-2024-35953, CVE-2024-36021,
    CVE-2024-35931, CVE-2024-27007, CVE-2024-35922, CVE-2024-35872,
    CVE-2024-35926, CVE-2024-27016, CVE-2024-26984, CVE-2024-35919,
    CVE-2024-35911, CVE-2024-26923, CVE-2024-35929, CVE-2024-35887,
    CVE-2024-35893, CVE-2024-35898, CVE-2024-35930, CVE-2024-35934,
    CVE-2024-35916, CVE-2024-35877, CVE-2024-26926, CVE-2024-35974,
    CVE-2024-36018, CVE-2024-27002, CVE-2024-35975, CVE-2024-35864,
    CVE-2024-35958, CVE-2024-35944, CVE-2024-35985, CVE-2024-35940,
    CVE-2024-35900, CVE-2024-27018, CVE-2024-26936, CVE-2024-36024,
    CVE-2024-26998, CVE-2024-35954, CVE-2024-35878, CVE-2024-26928,
    CVE-2024-35952, CVE-2024-36020, CVE-2024-26986, CVE-2024-35950,
    CVE-2024-35957, CVE-2024-35909, CVE-2024-27005, CVE-2024-35978,
    CVE-2024-35875, CVE-2024-35943, CVE-2024-35970, CVE-2024-35863,
    CVE-2024-26993, CVE-2024-35865, CVE-2024-26995, CVE-2024-35888,
    CVE-2024-35899, CVE-2024-35868, CVE-2023-52699, CVE-2024-26994,
    CVE-2024-26817, CVE-2024-35902, CVE-2024-35977, CVE-2024-35961,
    CVE-2024-36025, CVE-2024-35936, CVE-2024-35913, CVE-2024-27017,
    CVE-2024-35889, CVE-2024-35972, CVE-2024-35901, CVE-2024-26921,
    CVE-2024-26924, CVE-2024-35951, CVE-2024-35860, CVE-2024-35907,
    CVE-2024-35910, CVE-2024-36022, CVE-2024-27019, CVE-2024-27009,
    CVE-2024-26981, CVE-2024-35973, CVE-2024-35965, CVE-2024-36019,
    CVE-2024-35871, CVE-2024-27008, CVE-2024-26811, CVE-2024-35908,
    CVE-2024-35921, CVE-2024-35942, CVE-2024-35946, CVE-2024-35924,
    CVE-2024-27011, CVE-2024-35960, CVE-2024-27006, CVE-2024-35937,
    CVE-2024-35932)

References

Related

openvas 25
nessus 37
osv 30
ubuntu 21
fedora 3
debian 1
redos 2
photon 1
cvelist 9
ubuntucve 11
nvd 11
redhat 1
vulnrichment 12
cve 12
debiancve 11
redhatcve 9
cbl_mariner 3
openvas
openvas
Ubuntu: Security Advisory (USN-6893-1)
2024-07-12 00:00:00
Ubuntu: Security Advisory (USN-6893-2)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-6893-3)
2024-07-24 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6893-1)
2024-07-11 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6893-2)
2024-07-16 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6918-1)
2024-07-26 00:00:00
osv
osv
linux-gke, linux-nvidia vulnerabilities
2024-07-16 09:17:22
linux, linux-azure, linux-gcp, linux-ibm, linux-intel, linux-lowlatency, linux-oem-6.8, linux-raspi vulnerabilities
2024-07-11 19:01:12
linux-aws vulnerabilities
2024-07-23 09:12:48
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-07-16 00:00:00
Linux kernel vulnerabilities
2024-07-11 00:00:00
Linux kernel vulnerabilities
2024-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: kernel-6.8.8-300.fc40
2024-05-03 01:49:00
[SECURITY] Fedora 38 Update: kernel-6.8.8-100.fc38
2024-05-03 01:38:45
[SECURITY] Fedora 39 Update: kernel-6.8.8-200.fc39
2024-05-03 01:34:06
debian
debian
[SECURITY] [DSA 5680-1] linux security update
2024-05-06 17:40:02
redos
redos
ROS-20240820-10
2024-08-20 00:00:00
ROS-20240821-01
2024-08-21 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-3.0-0765
2024-06-07 00:00:00
cvelist
cvelist
CVE-2024-35860 bpf: support deferring bpf_link dealloc to after RCU grace period
2024-05-19 08:34:19
CVE-2024-35975 octeontx2-pf: Fix transmit scheduler resource leak
2024-05-20 09:42:01
CVE-2024-35903 x86/bpf: Fix IP after emitting call depth accounting
2024-05-19 08:34:56
ubuntucve
ubuntucve
CVE-2024-35974
2024-05-20 00:00:00
CVE-2024-35975
2024-05-20 00:00:00
CVE-2024-35929
2024-05-19 00:00:00
nvd
nvd
CVE-2024-35968
2024-05-20 10:15:11
CVE-2024-35865
2024-05-19 09:15:08
CVE-2024-35903
2024-05-19 09:15:11
redhat
redhat
(RHSA-2024:4106) Important: kernel-rt security update
2024-06-26 00:04:06
vulnrichment
vulnrichment
CVE-2024-35931 drm/amdgpu: Skip do PCI error slot reset during RAS recovery
2024-05-19 10:10:39
CVE-2024-35968 pds_core: Fix pdsc_check_pci_health function to use work thread
2024-05-20 09:41:57
CVE-2024-35927 drm: Check output polling initialized before disabling
2024-05-19 10:10:37
cve
cve
CVE-2024-35968
2024-05-20 10:15:11
CVE-2024-35903
2024-05-19 09:15:11
CVE-2024-35926
2024-05-19 11:15:48
debiancve
debiancve
CVE-2024-35929
2024-05-19 11:15:48
CVE-2024-35865
2024-05-19 09:15:08
CVE-2024-35880
2024-05-19 09:15:09
redhatcve
redhatcve
CVE-2024-35860
2024-05-20 14:21:39
CVE-2024-35921
2024-05-20 14:21:07
CVE-2024-35891
2024-05-20 12:14:55
cbl_mariner
cbl_mariner
CVE-2024-35972 affecting package kernel for versions less than 5.15.158.1-1
2024-06-12 22:23:00
CVE-2024-27005 affecting package hyperv-daemons for versions less than 6.6.35.1-1
2024-07-23 02:21:02
CVE-2024-35917 affecting package hyperv-daemons for versions less than 6.6.35.1-1
2024-07-23 02:21:02

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0

Percentile

16.4%

JSON
Related for OSV:USN-6918-1
openvas25nessus37osv30ubuntu21fedora3debian1redos2photon1cvelist9ubuntucve11nvd11redhat1vulnrichment12cve12debiancve11redhatcve9cbl_mariner3