Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6831-1
HistoryJun 12, 2024 - 12:00 a.m.

Linux kernel vulnerabilities

2024-06-1200:00:00
ubuntu.com
11
ubuntu
linux kernel
security vulnerabilities
hugetlb
null pointer dereference
denial of service
arm32
powerpc
x86
dma engine
efi core
gpu drivers
infiniband
network drivers
power supply drivers
usb
file systems
bluetooth
networking
ipv4
ipv6
l2tp protocol
kernel
cve

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

JSON

Releases

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
  • linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
  • linux-ibm - Linux kernel for IBM cloud systems
  • linux-ibm-5.4 - Linux kernel for IBM cloud systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
  • linux-raspi - Linux kernel for Raspberry Pi systems
  • linux-raspi-5.4 - Linux kernel for Raspberry Pi systems
  • linux-xilinx-zynqmp - Linux kernel for Xilinx ZynqMP processors

Details

It was discovered that the HugeTLB file system component of the Linux
Kernel contained a NULL pointer dereference vulnerability. A privileged
attacker could possibly use this to to cause a denial of service.
(CVE-2024-0841)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • ARM32 architecture;
  • PowerPC architecture;
  • x86 architecture;
  • DMA engine subsystem;
  • EFI core;
  • GPU drivers;
  • InfiniBand drivers;
  • Multiple devices driver;
  • Network drivers;
  • Power supply drivers;
  • TCM subsystem;
  • Userspace I/O drivers;
  • USB subsystem;
  • Framebuffer layer;
  • AFS file system;
  • File systems infrastructure;
  • BTRFS file system;
  • Ext4 file system;
  • Bluetooth subsystem;
  • Networking core;
  • IPv4 networking;
  • IPv6 networking;
  • L2TP protocol;
  • MAC80211 subsystem;
  • Netfilter;
  • Netlink;
  • Wireless networking;
    (CVE-2024-26748, CVE-2024-27417, CVE-2024-26840, CVE-2023-52504,
    CVE-2024-26790, CVE-2024-26763, CVE-2024-26805, CVE-2024-26773,
    CVE-2021-47063, CVE-2024-26791, CVE-2024-27413, CVE-2024-26788,
    CVE-2024-27405, CVE-2024-26845, CVE-2024-26766, CVE-2021-47070,
    CVE-2024-26839, CVE-2024-26712, CVE-2024-27412, CVE-2024-26752,
    CVE-2024-26778, CVE-2024-26735, CVE-2024-26736, CVE-2024-27410,
    CVE-2024-26779, CVE-2024-26804, CVE-2024-26749, CVE-2024-26793,
    CVE-2024-26764, CVE-2024-26751, CVE-2024-35811, CVE-2024-26835,
    CVE-2024-26772, CVE-2024-26777, CVE-2024-26688, CVE-2024-27416,
    CVE-2024-26801, CVE-2024-26733, CVE-2024-27414, CVE-2024-26754,
    CVE-2024-26848)
OSVersionArchitecturePackageVersionFilename
Ubuntu20.04noarchlinux-image-5.4.0-1045-xilinx-zynqmp< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-buildinfo-5.4.0-1045-xilinx-zynqmp< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-headers-5.4.0-1045-xilinx-zynqmp< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-image-5.4.0-1045-xilinx-zynqmp-dbgsym< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-modules-5.4.0-1045-xilinx-zynqmp< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-tools-5.4.0-1045-xilinx-zynqmp< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-xilinx-zynqmp-headers-5.4.0-1045< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-xilinx-zynqmp-tools-5.4.0-1045< 5.4.0-1045.49UNKNOWN
Ubuntu20.04noarchlinux-image-5.4.0-1073-ibm< 5.4.0-1073.78UNKNOWN
Ubuntu20.04noarchlinux-image-5.4.0-1073-ibm-dbgsym< 5.4.0-1073.78UNKNOWN
Rows per page:
1-10 of 3771

References

Related

openvas 2
nessus 6
osv 7
debiancve 27
ubuntucve 28
vulnrichment 23
cve 24
cvelist 27
nvd 25
redhatcve 28
prion 2
openvas
openvas
Ubuntu: Security Advisory (USN-6831-1)
2024-06-13 00:00:00
Ubuntu: Security Advisory (USN-6867-1)
2024-07-04 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6831-1)
2024-06-12 00:00:00
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6867-1)
2024-07-04 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-068)
2024-05-31 00:00:00
osv
osv
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
2024-06-12 15:51:37
linux-bluefield, linux-iot vulnerabilities
2024-07-03 21:40:16
CVE-2024-27414
2024-05-17 12:15:00
debiancve
debiancve
CVE-2021-47063
2024-02-29 23:15:07
CVE-2024-26848
2024-04-17 11:15:08
CVE-2024-27414
2024-05-17 12:15:12
ubuntucve
ubuntucve
CVE-2024-26848
2024-04-17 00:00:00
CVE-2024-27414
2024-05-17 00:00:00
CVE-2024-27412
2024-05-17 00:00:00
vulnrichment
vulnrichment
CVE-2021-47070 uio_hv_generic: Fix another memory leak in error handling paths
2024-03-01 21:15:09
CVE-2024-27414 rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
2024-05-17 11:50:57
CVE-2024-27412 power: supply: bq27xxx-i2c: Do not free non existing IRQ
2024-05-17 11:50:50
cve
cve
CVE-2024-27414
2024-05-17 12:15:12
CVE-2024-26749
2024-04-03 17:15:51
CVE-2024-27413
2024-05-17 12:15:12
cvelist
cvelist
CVE-2024-27414 rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
2024-05-17 11:50:57
CVE-2024-26749 usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()
2024-04-03 17:00:35
CVE-2023-52504 x86/alternatives: Disable KASAN in apply_alternatives()
2024-03-02 21:52:18
nvd
nvd
CVE-2024-26754
2024-04-03 17:15:52
CVE-2024-26749
2024-04-03 17:15:51
CVE-2024-26839
2024-04-17 10:15:09
redhatcve
redhatcve
CVE-2024-26845
2024-04-17 17:30:52
CVE-2024-26839
2024-04-17 17:30:12
CVE-2024-27413
2024-05-17 22:38:42
prion
prion
Spoofing
2024-03-01 22:15:00
Design/Logic Flaw
2024-03-02 22:15:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

JSON
Related for USN-6831-1
openvas2nessus6osv7debiancve27ubuntucve28vulnrichment23cve24cvelist27nvd25redhatcve28prion2