Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6868-2
HistoryJul 10, 2024 - 12:00 a.m.

Linux kernel (AWS) vulnerabilities

2024-07-1000:00:00
ubuntu.com
12
ubuntu 18.04 esm
linux-aws-5.4
branch history injection
intel processors
netfilter
cve-2024-2201
cve-2024-26925
cve-2024-26643
security issues

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

8.1

Confidence

High

JSON

Releases

  • Ubuntu 18.04 ESM

Packages

  • linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems

Details

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • Netfilter;
    (CVE-2024-26925, CVE-2024-26643)

Related

openvas 43
osv 21
ubuntu 17
nessus 62
cert 1
vulnrichment 1
debiancve 4
cve 3
cvelist 3
redhatcve 4
nvd 3
ubuntucve 4
amd 1
oraclelinux 8
xen 2
mscve 1
prion 1
photon 1
fedora 5
thn 1
intel 1
cloudfoundry 2
citrix 1
suse 3
redos 1
redhat 3
ibm 1
debian 1
openvas
openvas
Ubuntu: Security Advisory (USN-6868-2)
2024-07-11 00:00:00
Ubuntu: Security Advisory (USN-6868-1)
2024-07-04 00:00:00
Ubuntu: Security Advisory (USN-6872-1)
2024-07-04 00:00:00
osv
osv
linux-aws-5.4 vulnerabilities
2024-07-10 21:09:27
linux, linux-aws, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
2024-07-03 23:04:31
linux-lowlatency, linux-lowlatency-hwe-6.5 vulnerabilities
2024-07-04 16:35:24
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-07-03 00:00:00
Linux kernel vulnerabilities
2024-07-04 00:00:00
Linux kernel vulnerabilities
2024-07-04 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6868-1)
2024-07-04 00:00:00
Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6868-2)
2024-07-11 00:00:00
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6872-2)
2024-07-04 00:00:00
cert
cert
Linux kernel on Intel systems is susceptible to Spectre v2 attacks
2024-04-09 00:00:00
vulnrichment
vulnrichment
CVE-2024-26643 netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
2024-03-21 10:43:44
debiancve
debiancve
CVE-2024-26643
2024-03-21 11:15:28
CVE-2024-26925
2024-04-25 06:15:57
CVE-2024-2201
2024-04-10 15:17:48
cve
cve
CVE-2024-26643
2024-03-21 11:15:28
CVE-2024-26925
2024-04-25 06:15:57
CVE-2022-0001
2022-03-11 18:15:25
cvelist
cvelist
CVE-2024-26643 netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
2024-03-21 10:43:44
CVE-2024-26925 netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
2024-04-24 21:49:23
CVE-2022-0001
2022-03-11 00:00:00
redhatcve
redhatcve
CVE-2024-26643
2024-03-21 23:04:08
CVE-2024-26925
2024-04-25 14:05:37
CVE-2024-2201
2024-04-10 04:50:44
nvd
nvd
CVE-2024-26643
2024-03-21 11:15:28
CVE-2024-26925
2024-04-25 06:15:57
CVE-2022-0001
2022-03-11 18:15:25
ubuntucve
ubuntucve
CVE-2024-26643
2024-03-21 00:00:00
CVE-2024-26925
2024-04-25 00:00:00
CVE-2024-2201
2024-04-09 00:00:00
amd
amd
Spectre V2 Mitigation Bypass on Linux®
2024-04-09 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-05-13 00:00:00
Unbreakable Enterprise kernel-container security update
2024-05-13 00:00:00
Unbreakable Enterprise kernel security update
2024-05-15 00:00:00
xen
xen
x86: Native Branch History Injection
2024-04-09 17:00:00
Multiple speculative security issues
2022-03-08 18:12:00
mscve
mscve
Intel: CVE-2022-0001 Branch History Injection
2024-04-09 07:00:00
prion
prion
Information disclosure
2022-03-11 18:15:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0248
2024-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: xen-4.18.2-4.fc40
2024-08-01 02:53:22
[SECURITY] Fedora 39 Update: xen-4.17.4-2.fc39
2024-08-01 01:25:24
[SECURITY] Fedora 39 Update: xen-4.17.4-1.fc39
2024-04-25 01:20:27
thn
thn
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
2024-04-10 09:26:00
intel
intel
Intel® Processor Advisory
2022-03-08 00:00:00
cloudfoundry
cloudfoundry
USN-5319-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
USN-5318-1: Linux kernel vulnerabilities | Cloud Foundry
2022-03-11 00:00:00
citrix
citrix
XenServer and Citrix Hypervisor Security Update for CVE-2023-46842, CVE-2024-2201 and CVE-2024-31142
2024-04-11 08:39:54
suse
suse
Security update for xen (important)
2022-03-23 00:00:00
Security update for the Linux Kernel (important)
2022-03-08 00:00:00
Security update for the Linux Kernel (important)
2022-03-08 00:00:00
redos
redos
ROS-20240821-01
2024-08-21 00:00:00
redhat
redhat
(RHSA-2024:3306) Moderate: kernel security and bug fix update
2024-05-23 05:51:19
(RHSA-2024:3460) Moderate: kernel-rt security and bug fix update
2024-05-29 07:38:15
(RHSA-2024:3461) Moderate: kernel security and bug fix update
2024-05-29 07:38:15
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Intel Processors affect IBM Cloud Pak System
2023-03-31 15:06:36
debian
debian
[SECURITY] [DSA 5095-1] linux security update
2022-03-09 15:30:29

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

8.1

Confidence

High

JSON
Related for USN-6868-2
openvas43osv21ubuntu17nessus62cert1vulnrichment1debiancve4cve3cvelist3redhatcve4nvd3ubuntucve4amd1oraclelinux8xen2mscve1prion1photon1fedora5thn1intel1cloudfoundry2citrix1suse3redos1redhat3ibm1debian1