Lucene search

UbuntuUSN-6972-4

HistoryAug 28, 2024 - 12:00 a.m.

Linux kernel (Oracle) vulnerabilities

2024-08-2800:00:00

ubuntu.com

linux kernel

oracle

bluetooth

subsystem

vulnerabilities

null pointer dereference

denial of service

race condition

security issues

superh risc architecture

user-mode linux

gpu drivers

mmc subsystem

network drivers

phy drivers

pin controllers subsystem

xen hypervisor drivers

gfs2 file system

core kernel

ipv4 networking

ipv6 networking

hd-audio driver

alsa sh drivers

cve-2024-22099

cve-2024-24860

cve-2024-26903

cve-2024-35835

cve-2023-52644

cve-2024-39292

cve-2024-36940

cve-2024-26600

cve-2023-52629

cve-2024-35955

cve-2023-52760

cve-2023-52806

cve-2024-39484

cve-2024-26679

cve-2024-26654

cve-2024-36901

cve-2024-26687

cve-2023-52470

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

Low

JSON

Releases

Ubuntu 18.04 ESM
Ubuntu 16.04 ESM

Packages

linux-oracle - Linux kernel for Oracle Cloud systems

Details

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux
Kernel contained a race condition, leading to a NULL pointer dereference.
An attacker could possibly use this to cause a denial of service (system
crash). (CVE-2024-22099)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

SuperH RISC architecture;
User-Mode Linux (UML);
GPU drivers;
MMC subsystem;
Network drivers;
PHY drivers;
Pin controllers subsystem;
Xen hypervisor drivers;
GFS2 file system;
Core kernel;
Bluetooth subsystem;
IPv4 networking;
IPv6 networking;
HD-audio driver;
ALSA SH drivers;
(CVE-2024-26903, CVE-2024-35835, CVE-2023-52644, CVE-2024-39292,
CVE-2024-36940, CVE-2024-26600, CVE-2023-52629, CVE-2024-35955,
CVE-2023-52760, CVE-2023-52806, CVE-2024-39484, CVE-2024-26679,
CVE-2024-26654, CVE-2024-36901, CVE-2024-26687, CVE-2023-52470)

OSVersionArchitecturePackageVersionFilename
Ubuntu18.04noarchlinux-image-4.15.0-1134-oracle< 4.15.0-1134.145UNKNOWN
Ubuntu18.04noarchlinux-image-4.15.0-1121-oracle< 4.15.0-1121.132UNKNOWN
Ubuntu18.04noarchlinux-image-4.15.0-1121-oracle-dbgsym< 4.15.0-1121.132UNKNOWN
Ubuntu18.04noarchlinux-image-oracle-lts-18.04< 4.15.0.1134.139UNKNOWN
Ubuntu18.04noarchlinux-headers-oracle-lts-18.04< 4.15.0.1134.139UNKNOWN
Ubuntu18.04noarchlinux-oracle-lts-18.04< 4.15.0.1134.139UNKNOWN
Ubuntu18.04noarchlinux-signed-image-oracle-lts-18.04< 4.15.0.1134.139UNKNOWN
Ubuntu18.04noarchlinux-signed-oracle-lts-18.04< 4.15.0.1134.139UNKNOWN
Ubuntu18.04noarchlinux-tools-oracle-lts-18.04< 4.15.0.1134.139UNKNOWN
Ubuntu16.04noarchlinux-image-4.15.0-1134-oracle< 4.15.0-1134.145~16.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	18.04	noarch	linux-image-4.15.0-1134-oracle	< 4.15.0-1134.145	UNKNOWN
Ubuntu	18.04	noarch	linux-image-4.15.0-1121-oracle	< 4.15.0-1121.132	UNKNOWN
Ubuntu	18.04	noarch	linux-image-4.15.0-1121-oracle-dbgsym	< 4.15.0-1121.132	UNKNOWN
Ubuntu	18.04	noarch	linux-image-oracle-lts-18.04	< 4.15.0.1134.139	UNKNOWN
Ubuntu	18.04	noarch	linux-headers-oracle-lts-18.04	< 4.15.0.1134.139	UNKNOWN
Ubuntu	18.04	noarch	linux-oracle-lts-18.04	< 4.15.0.1134.139	UNKNOWN
Ubuntu	18.04	noarch	linux-signed-image-oracle-lts-18.04	< 4.15.0.1134.139	UNKNOWN
Ubuntu	18.04	noarch	linux-signed-oracle-lts-18.04	< 4.15.0.1134.139	UNKNOWN
Ubuntu	18.04	noarch	linux-tools-oracle-lts-18.04	< 4.15.0.1134.139	UNKNOWN
Ubuntu	16.04	noarch	linux-image-4.15.0-1134-oracle	< 4.15.0-1134.145~16.04.1	UNKNOWN