Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-52468 (GCVE-0-2023-52468)
Vulnerability from cvelistv5
Published
2024-02-25 08:16
Modified
2025-05-04 07:37
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
class: fix use-after-free in class_register()
The lock_class_key is still registered and can be found in
lock_keys_hash hlist after subsys_private is freed in error
handler path.A task who iterate over the lock_keys_hash
later may cause use-after-free.So fix that up and unregister
the lock_class_key before kfree(cp).
On our platform, a driver fails to kset_register because of
creating duplicate filename '/class/xxx'.With Kasan enabled,
it prints a invalid-access bug report.
KASAN bug report:
BUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc
Write of size 8 at addr 15ffff808b8c0368 by task modprobe/252
Pointer tag: [15], memory tag: [fe]
CPU: 7 PID: 252 Comm: modprobe Tainted: G W
6.6.0-mainline-maybe-dirty #1
Call trace:
dump_backtrace+0x1b0/0x1e4
show_stack+0x2c/0x40
dump_stack_lvl+0xac/0xe0
print_report+0x18c/0x4d8
kasan_report+0xe8/0x148
__hwasan_store8_noabort+0x88/0x98
lockdep_register_key+0x19c/0x1bc
class_register+0x94/0x1ec
init_module+0xbc/0xf48 [rfkill]
do_one_initcall+0x17c/0x72c
do_init_module+0x19c/0x3f8
...
Memory state around the buggy address:
ffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a
ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe
>ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
^
ffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03
As CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access
not use-after-free here.In this case, modprobe is manipulating
the corrupted lock_keys_hash hlish where lock_class_key is already
freed before.
It's worth noting that this only can happen if lockdep is enabled,
which is not true for normal system.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-26T18:14:41.496128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:16.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:19.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/base/class.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b57196a5ec5e4c0ffecde8348b085b778c7dce04",
"status": "affected",
"version": "dcfbb67e48a2becfce7990386e985b9c45098ee5",
"versionType": "git"
},
{
"lessThan": "0f1486dafca3398c4c46b9f6e6452fa27e73b559",
"status": "affected",
"version": "dcfbb67e48a2becfce7990386e985b9c45098ee5",
"versionType": "git"
},
{
"lessThan": "93ec4a3b76404bce01bd5c9032bef5df6feb1d62",
"status": "affected",
"version": "dcfbb67e48a2becfce7990386e985b9c45098ee5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/base/class.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.14",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.14",
"versionStartIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.2",
"versionStartIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix use-after-free in class_register()\n\nThe lock_class_key is still registered and can be found in\nlock_keys_hash hlist after subsys_private is freed in error\nhandler path.A task who iterate over the lock_keys_hash\nlater may cause use-after-free.So fix that up and unregister\nthe lock_class_key before kfree(cp).\n\nOn our platform, a driver fails to kset_register because of\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\nit prints a invalid-access bug report.\n\nKASAN bug report:\n\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\nPointer tag: [15], memory tag: [fe]\n\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\n 6.6.0-mainline-maybe-dirty #1\n\nCall trace:\ndump_backtrace+0x1b0/0x1e4\nshow_stack+0x2c/0x40\ndump_stack_lvl+0xac/0xe0\nprint_report+0x18c/0x4d8\nkasan_report+0xe8/0x148\n__hwasan_store8_noabort+0x88/0x98\nlockdep_register_key+0x19c/0x1bc\nclass_register+0x94/0x1ec\ninit_module+0xbc/0xf48 [rfkill]\ndo_one_initcall+0x17c/0x72c\ndo_init_module+0x19c/0x3f8\n...\nMemory state around the buggy address:\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\n ^\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\n\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\nnot use-after-free here.In this case, modprobe is manipulating\nthe corrupted lock_keys_hash hlish where lock_class_key is already\nfreed before.\n\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\nwhich is not true for normal system."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:37:20.416Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
},
{
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
}
],
"title": "class: fix use-after-free in class_register()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52468",
"datePublished": "2024-02-25T08:16:32.387Z",
"dateReserved": "2024-02-20T12:30:33.297Z",
"dateUpdated": "2025-05-04T07:37:20.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-52468\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-26T16:27:48.710\",\"lastModified\":\"2024-11-21T08:39:50.360\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nclass: fix use-after-free in class_register()\\n\\nThe lock_class_key is still registered and can be found in\\nlock_keys_hash hlist after subsys_private is freed in error\\nhandler path.A task who iterate over the lock_keys_hash\\nlater may cause use-after-free.So fix that up and unregister\\nthe lock_class_key before kfree(cp).\\n\\nOn our platform, a driver fails to kset_register because of\\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\\nit prints a invalid-access bug report.\\n\\nKASAN bug report:\\n\\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\\nPointer tag: [15], memory tag: [fe]\\n\\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\\n 6.6.0-mainline-maybe-dirty #1\\n\\nCall trace:\\ndump_backtrace+0x1b0/0x1e4\\nshow_stack+0x2c/0x40\\ndump_stack_lvl+0xac/0xe0\\nprint_report+0x18c/0x4d8\\nkasan_report+0xe8/0x148\\n__hwasan_store8_noabort+0x88/0x98\\nlockdep_register_key+0x19c/0x1bc\\nclass_register+0x94/0x1ec\\ninit_module+0xbc/0xf48 [rfkill]\\ndo_one_initcall+0x17c/0x72c\\ndo_init_module+0x19c/0x3f8\\n...\\nMemory state around the buggy address:\\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\\n ^\\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\\n\\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\\nnot use-after-free here.In this case, modprobe is manipulating\\nthe corrupted lock_keys_hash hlish where lock_class_key is already\\nfreed before.\\n\\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\\nwhich is not true for normal system.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clase: corrige use-after-free en class_register() Lock_class_key todav\u00eda est\u00e1 registrada y se puede encontrar en lock_keys_hash hlist despu\u00e9s de que subsys_private se libere en la ruta del controlador de errores. Una tarea que itera sobre Lock_keys_hash m\u00e1s tarde puede causar use-after-free. As\u00ed que solucione eso y cancele el registro de lock_class_key antes de kfree (cp). En nuestra plataforma, un controlador no logra kset_register debido a que crea un nombre de archivo duplicado \u0027/class/xxx\u0027. Con Kasan habilitado, imprime un informe de error de acceso no v\u00e1lido. Informe de error de KASAN: ERROR: KASAN: acceso no v\u00e1lido en lockdep_register_key+0x19c/0x1bc Escritura de tama\u00f1o 8 en la direcci\u00f3n 15ffff808b8c0368 mediante tarea modprobe/252 Etiqueta de puntero: [15], etiqueta de memoria: [fe] CPU: 7 PID: 252 Comm: modprobe contaminado: GW 6.6.0-mainline-maybe-dirty #1 Rastreo de llamadas: dump_backtrace+0x1b0/0x1e4 show_stack+0x2c/0x40 dump_stack_lvl+0xac/0xe0 print_report+0x18c/0x4d8 kasan_report+0xe8/0x148 __hwasan_store8_noabort+0x 88/0x98 lockdep_register_key+ 0x19c/0x1bc class_register+0x94/0x1ec init_module+0xbc/0xf48 [rfkill] do_one_initcall+0x17c/0x72c do_init_module+0x19c/0x3f8 ... Estado de la memoria alrededor de la direcci\u00f3n del error: ffffff808b8c0100: 8a 8a 8a 8a 8a 8 un 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe\u0026gt; ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe ^ fffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 Como CONFIG_KASAN_GENERIC no est\u00e1 configurado, Kasan informa aqu\u00ed de acceso no v\u00e1lido, no use-after-free. En este caso, modprobe est\u00e1 manipulando el lock_keys_hash hlish corrupto donde lock_class_key ya se liber\u00f3 antes. Vale la pena se\u00f1alar que esto s\u00f3lo puede suceder si lockdep est\u00e1 habilitado, lo cual no es cierto para el sistema normal.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"6.6.14\",\"matchCriteriaId\":\"686183E6-D5C3-4A5B-9A18-8E3B4294EA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7.0\",\"versionEndExcluding\":\"6.7.2\",\"matchCriteriaId\":\"0EA3778C-730B-464C-8023-18CA6AC0B807\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:03:19.632Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52468\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-26T18:14:41.496128Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:13.300Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"class: fix use-after-free in class_register()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"dcfbb67e48a2becfce7990386e985b9c45098ee5\", \"lessThan\": \"b57196a5ec5e4c0ffecde8348b085b778c7dce04\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"dcfbb67e48a2becfce7990386e985b9c45098ee5\", \"lessThan\": \"0f1486dafca3398c4c46b9f6e6452fa27e73b559\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"dcfbb67e48a2becfce7990386e985b9c45098ee5\", \"lessThan\": \"93ec4a3b76404bce01bd5c9032bef5df6feb1d62\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/base/class.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.4\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.14\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/base/class.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04\"}, {\"url\": \"https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559\"}, {\"url\": \"https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nclass: fix use-after-free in class_register()\\n\\nThe lock_class_key is still registered and can be found in\\nlock_keys_hash hlist after subsys_private is freed in error\\nhandler path.A task who iterate over the lock_keys_hash\\nlater may cause use-after-free.So fix that up and unregister\\nthe lock_class_key before kfree(cp).\\n\\nOn our platform, a driver fails to kset_register because of\\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\\nit prints a invalid-access bug report.\\n\\nKASAN bug report:\\n\\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\\nPointer tag: [15], memory tag: [fe]\\n\\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\\n 6.6.0-mainline-maybe-dirty #1\\n\\nCall trace:\\ndump_backtrace+0x1b0/0x1e4\\nshow_stack+0x2c/0x40\\ndump_stack_lvl+0xac/0xe0\\nprint_report+0x18c/0x4d8\\nkasan_report+0xe8/0x148\\n__hwasan_store8_noabort+0x88/0x98\\nlockdep_register_key+0x19c/0x1bc\\nclass_register+0x94/0x1ec\\ninit_module+0xbc/0xf48 [rfkill]\\ndo_one_initcall+0x17c/0x72c\\ndo_init_module+0x19c/0x3f8\\n...\\nMemory state around the buggy address:\\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\\n ^\\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\\n\\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\\nnot use-after-free here.In this case, modprobe is manipulating\\nthe corrupted lock_keys_hash hlish where lock_class_key is already\\nfreed before.\\n\\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\\nwhich is not true for normal system.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.14\", \"versionStartIncluding\": \"6.4\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.7.2\", \"versionStartIncluding\": \"6.4\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8\", \"versionStartIncluding\": \"6.4\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:37:20.416Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-52468\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T07:37:20.416Z\", \"dateReserved\": \"2024-02-20T12:30:33.297Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-02-25T08:16:32.387Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0383
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-52633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52633"
},
{
"name": "CVE-2024-26825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
},
{
"name": "CVE-2023-52622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
},
{
"name": "CVE-2023-52448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
},
{
"name": "CVE-2024-26696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
},
{
"name": "CVE-2023-52456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52456"
},
{
"name": "CVE-2024-26650",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26650"
},
{
"name": "CVE-2024-26614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26614"
},
{
"name": "CVE-2024-26595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26595"
},
{
"name": "CVE-2024-26634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26634"
},
{
"name": "CVE-2023-52621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
},
{
"name": "CVE-2024-26629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26629"
},
{
"name": "CVE-2024-26586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26586"
},
{
"name": "CVE-2024-26715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26715"
},
{
"name": "CVE-2023-52637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
},
{
"name": "CVE-2024-26585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
},
{
"name": "CVE-2024-26638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26638"
},
{
"name": "CVE-2023-52491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52491"
},
{
"name": "CVE-2024-26704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
},
{
"name": "CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"name": "CVE-2023-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
},
{
"name": "CVE-2023-52453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52453"
},
{
"name": "CVE-2024-26712",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26712"
},
{
"name": "CVE-2023-52642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52642"
},
{
"name": "CVE-2024-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
},
{
"name": "CVE-2023-52635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52635"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2023-52489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
},
{
"name": "CVE-2023-52638",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52638"
},
{
"name": "CVE-2023-52492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
},
{
"name": "CVE-2024-26665",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26665"
},
{
"name": "CVE-2023-52611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52611"
},
{
"name": "CVE-2023-52454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52454"
},
{
"name": "CVE-2024-26627",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
},
{
"name": "CVE-2023-52632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52632"
},
{
"name": "CVE-2024-26910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26910"
},
{
"name": "CVE-2023-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
},
{
"name": "CVE-2024-26698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
},
{
"name": "CVE-2024-26632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26632"
},
{
"name": "CVE-2024-26645",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26645"
},
{
"name": "CVE-2024-26702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
},
{
"name": "CVE-2024-26631",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26631"
},
{
"name": "CVE-2024-26673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26673"
},
{
"name": "CVE-2024-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
},
{
"name": "CVE-2024-26615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
},
{
"name": "CVE-2024-26669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26669"
},
{
"name": "CVE-2023-52618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52618"
},
{
"name": "CVE-2023-52604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
},
{
"name": "CVE-2023-52643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
},
{
"name": "CVE-2023-52601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
},
{
"name": "CVE-2024-26722",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
},
{
"name": "CVE-2024-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
},
{
"name": "CVE-2024-26679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
},
{
"name": "CVE-2023-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52616"
},
{
"name": "CVE-2023-52435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
},
{
"name": "CVE-2024-26707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
},
{
"name": "CVE-2023-52455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
},
{
"name": "CVE-2024-26695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
},
{
"name": "CVE-2024-26647",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26647"
},
{
"name": "CVE-2024-26623",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26623"
},
{
"name": "CVE-2023-52486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
},
{
"name": "CVE-2024-26670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
},
{
"name": "CVE-2023-52619",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
},
{
"name": "CVE-2023-52617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
},
{
"name": "CVE-2024-26920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26920"
},
{
"name": "CVE-2024-26593",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
},
{
"name": "CVE-2024-26676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26676"
},
{
"name": "CVE-2024-26916",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26916"
},
{
"name": "CVE-2023-52462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
},
{
"name": "CVE-2024-26636",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26636"
},
{
"name": "CVE-2023-6356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
},
{
"name": "CVE-2023-52609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52609"
},
{
"name": "CVE-2024-26829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26829"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2023-52493",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52493"
},
{
"name": "CVE-2023-52584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52584"
},
{
"name": "CVE-2024-26606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
},
{
"name": "CVE-2023-52488",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52488"
},
{
"name": "CVE-2024-26625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
},
{
"name": "CVE-2024-26635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26635"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2024-26649",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26649"
},
{
"name": "CVE-2023-52631",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52631"
},
{
"name": "CVE-2023-52608",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52608"
},
{
"name": "CVE-2024-26592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26592"
},
{
"name": "CVE-2023-52589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52589"
},
{
"name": "CVE-2024-26697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
},
{
"name": "CVE-2024-26826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
},
{
"name": "CVE-2024-26583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
},
{
"name": "CVE-2024-26685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
},
{
"name": "CVE-2024-24860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24860"
},
{
"name": "CVE-2023-52599",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
},
{
"name": "CVE-2023-52473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52473"
},
{
"name": "CVE-2024-26607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
},
{
"name": "CVE-2023-52472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52472"
},
{
"name": "CVE-2024-26663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
},
{
"name": "CVE-2024-26675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2024-26610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
},
{
"name": "CVE-2023-52583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
},
{
"name": "CVE-2024-26584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
},
{
"name": "CVE-2023-52602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2023-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
},
{
"name": "CVE-2023-52498",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52498"
},
{
"name": "CVE-2024-26618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26618"
},
{
"name": "CVE-2023-52446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52446"
},
{
"name": "CVE-2023-52487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52487"
},
{
"name": "CVE-2024-1151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
},
{
"name": "CVE-2023-52497",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
},
{
"name": "CVE-2024-26646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26646"
},
{
"name": "CVE-2024-26668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
},
{
"name": "CVE-2023-52612",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52612"
},
{
"name": "CVE-2024-26640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
},
{
"name": "CVE-2024-26594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26594"
},
{
"name": "CVE-2023-52627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52627"
},
{
"name": "CVE-2023-52458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52458"
},
{
"name": "CVE-2023-52588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52588"
},
{
"name": "CVE-2023-52468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52468"
},
{
"name": "CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"name": "CVE-2024-26644",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26644"
},
{
"name": "CVE-2023-52465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52465"
},
{
"name": "CVE-2023-52598",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
},
{
"name": "CVE-2023-52490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52490"
},
{
"name": "CVE-2024-26633",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26633"
},
{
"name": "CVE-2023-52450",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52450"
},
{
"name": "CVE-2023-52594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
},
{
"name": "CVE-2024-26808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
},
{
"name": "CVE-2023-52595",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
},
{
"name": "CVE-2024-26620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26620"
},
{
"name": "CVE-2023-52623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
},
{
"name": "CVE-2023-52447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52447"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2024-26608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26608"
},
{
"name": "CVE-2023-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
},
{
"name": "CVE-2023-52610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52610"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
},
{
"name": "CVE-2023-52606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
},
{
"name": "CVE-2023-52597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
},
{
"name": "CVE-2023-52495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52495"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26616"
},
{
"name": "CVE-2024-26582",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26582"
},
{
"name": "CVE-2024-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
},
{
"name": "CVE-2024-26641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
},
{
"name": "CVE-2023-52626",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52626"
},
{
"name": "CVE-2023-52463",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
},
{
"name": "CVE-2023-52467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
},
{
"name": "CVE-2023-52443",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52443"
},
{
"name": "CVE-2023-52591",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52591"
},
{
"name": "CVE-2023-52614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52614"
},
{
"name": "CVE-2024-26664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
},
{
"name": "CVE-2023-52452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52452"
},
{
"name": "CVE-2023-52494",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52494"
},
{
"name": "CVE-2024-26612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26612"
},
{
"name": "CVE-2023-52607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
},
{
"name": "CVE-2024-23849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23849"
},
{
"name": "CVE-2024-26684",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
},
{
"name": "CVE-2023-52457",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52457"
},
{
"name": "CVE-2023-52449",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52449"
},
{
"name": "CVE-2023-52444",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52444"
}
],
"initial_release_date": "2024-05-10T00:00:00",
"last_revision_date": "2024-05-10T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0383",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6767-1 du 07 mai 2024",
"url": "https://ubuntu.com/security/notices/USN-6767-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6765-1 du 07 mai 2024",
"url": "https://ubuntu.com/security/notices/USN-6765-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6766-1 du 07 mai 2024",
"url": "https://ubuntu.com/security/notices/USN-6766-1"
}
]
}
fkie_cve-2023-52468
Vulnerability from fkie_nvd
Published
2024-02-26 16:27
Modified
2024-11-21 08:39
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
class: fix use-after-free in class_register()
The lock_class_key is still registered and can be found in
lock_keys_hash hlist after subsys_private is freed in error
handler path.A task who iterate over the lock_keys_hash
later may cause use-after-free.So fix that up and unregister
the lock_class_key before kfree(cp).
On our platform, a driver fails to kset_register because of
creating duplicate filename '/class/xxx'.With Kasan enabled,
it prints a invalid-access bug report.
KASAN bug report:
BUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc
Write of size 8 at addr 15ffff808b8c0368 by task modprobe/252
Pointer tag: [15], memory tag: [fe]
CPU: 7 PID: 252 Comm: modprobe Tainted: G W
6.6.0-mainline-maybe-dirty #1
Call trace:
dump_backtrace+0x1b0/0x1e4
show_stack+0x2c/0x40
dump_stack_lvl+0xac/0xe0
print_report+0x18c/0x4d8
kasan_report+0xe8/0x148
__hwasan_store8_noabort+0x88/0x98
lockdep_register_key+0x19c/0x1bc
class_register+0x94/0x1ec
init_module+0xbc/0xf48 [rfkill]
do_one_initcall+0x17c/0x72c
do_init_module+0x19c/0x3f8
...
Memory state around the buggy address:
ffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a
ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe
>ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
^
ffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03
As CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access
not use-after-free here.In this case, modprobe is manipulating
the corrupted lock_keys_hash hlish where lock_class_key is already
freed before.
It's worth noting that this only can happen if lockdep is enabled,
which is not true for normal system.
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04 | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "686183E6-D5C3-4A5B-9A18-8E3B4294EA6A",
"versionEndExcluding": "6.6.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA3778C-730B-464C-8023-18CA6AC0B807",
"versionEndExcluding": "6.7.2",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix use-after-free in class_register()\n\nThe lock_class_key is still registered and can be found in\nlock_keys_hash hlist after subsys_private is freed in error\nhandler path.A task who iterate over the lock_keys_hash\nlater may cause use-after-free.So fix that up and unregister\nthe lock_class_key before kfree(cp).\n\nOn our platform, a driver fails to kset_register because of\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\nit prints a invalid-access bug report.\n\nKASAN bug report:\n\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\nPointer tag: [15], memory tag: [fe]\n\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\n 6.6.0-mainline-maybe-dirty #1\n\nCall trace:\ndump_backtrace+0x1b0/0x1e4\nshow_stack+0x2c/0x40\ndump_stack_lvl+0xac/0xe0\nprint_report+0x18c/0x4d8\nkasan_report+0xe8/0x148\n__hwasan_store8_noabort+0x88/0x98\nlockdep_register_key+0x19c/0x1bc\nclass_register+0x94/0x1ec\ninit_module+0xbc/0xf48 [rfkill]\ndo_one_initcall+0x17c/0x72c\ndo_init_module+0x19c/0x3f8\n...\nMemory state around the buggy address:\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\n ^\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\n\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\nnot use-after-free here.In this case, modprobe is manipulating\nthe corrupted lock_keys_hash hlish where lock_class_key is already\nfreed before.\n\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\nwhich is not true for normal system."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clase: corrige use-after-free en class_register() Lock_class_key todav\u00eda est\u00e1 registrada y se puede encontrar en lock_keys_hash hlist despu\u00e9s de que subsys_private se libere en la ruta del controlador de errores. Una tarea que itera sobre Lock_keys_hash m\u00e1s tarde puede causar use-after-free. As\u00ed que solucione eso y cancele el registro de lock_class_key antes de kfree (cp). En nuestra plataforma, un controlador no logra kset_register debido a que crea un nombre de archivo duplicado \u0027/class/xxx\u0027. Con Kasan habilitado, imprime un informe de error de acceso no v\u00e1lido. Informe de error de KASAN: ERROR: KASAN: acceso no v\u00e1lido en lockdep_register_key+0x19c/0x1bc Escritura de tama\u00f1o 8 en la direcci\u00f3n 15ffff808b8c0368 mediante tarea modprobe/252 Etiqueta de puntero: [15], etiqueta de memoria: [fe] CPU: 7 PID: 252 Comm: modprobe contaminado: GW 6.6.0-mainline-maybe-dirty #1 Rastreo de llamadas: dump_backtrace+0x1b0/0x1e4 show_stack+0x2c/0x40 dump_stack_lvl+0xac/0xe0 print_report+0x18c/0x4d8 kasan_report+0xe8/0x148 __hwasan_store8_noabort+0x 88/0x98 lockdep_register_key+ 0x19c/0x1bc class_register+0x94/0x1ec init_module+0xbc/0xf48 [rfkill] do_one_initcall+0x17c/0x72c do_init_module+0x19c/0x3f8 ... Estado de la memoria alrededor de la direcci\u00f3n del error: ffffff808b8c0100: 8a 8a 8a 8a 8a 8 un 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe\u0026gt; ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe ^ fffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 Como CONFIG_KASAN_GENERIC no est\u00e1 configurado, Kasan informa aqu\u00ed de acceso no v\u00e1lido, no use-after-free. En este caso, modprobe est\u00e1 manipulando el lock_keys_hash hlish corrupto donde lock_class_key ya se liber\u00f3 antes. Vale la pena se\u00f1alar que esto s\u00f3lo puede suceder si lockdep est\u00e1 habilitado, lo cual no es cierto para el sistema normal."
}
],
"id": "CVE-2023-52468",
"lastModified": "2024-11-21T08:39:50.360",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-26T16:27:48.710",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2024-0475
Vulnerability from csaf_certbund
Published
2024-02-25 23:00
Modified
2025-01-13 23:00
Summary
Linux-Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen oder einen nicht spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0475 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0475.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0475 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0475"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022325-CVE-2023-52453-9f24%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022325-CVE-2024-26594-1cbc%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022330-CVE-2023-52454-5cf0%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022331-CVE-2023-52455-a28f%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022331-CVE-2023-52456-f9dd%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022332-CVE-2023-52457-c7b9%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022332-CVE-2023-52458-d1cd%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022333-CVE-2023-52459-f653%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022333-CVE-2023-52460-a52b%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022334-CVE-2023-52461-a619%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52462-b663%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022336-CVE-2023-52464-b17c%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022336-CVE-2024-26595-9a8d%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022337-CVE-2024-26596-57cb%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022337-CVE-2024-26597-be75%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022338-CVE-2024-26598-24f4%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022338-CVE-2024-26599-cd65%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022405-CVE-2024-26600-44a2%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022411-CVE-2024-26601-b6ac%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022416-CVE-2024-26604-71a3%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022419-CVE-2024-26605-7b06%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022539-CVE-2023-52465-2e75%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022544-CVE-2023-52466-fea5%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022544-CVE-2023-52467-434b%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022545-CVE-2023-52468-59a2%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022546-CVE-2023-52469-5141%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022546-CVE-2023-52470-44d1%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022546-CVE-2023-52471-ab29%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022547-CVE-2023-52472-fa03%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022547-CVE-2023-52473-c3cc%40gregkh/"
},
{
"category": "external",
"summary": "VE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022555-CVE-2021-46904-d49f%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022557-CVE-2021-46905-6507%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022558-CVE-2022-48626-8a90%40gregkh/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2024-061 vom 2024-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2024-061.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1249 vom 2024-03-12",
"url": "https://access.redhat.com/errata/RHSA-2024:1249"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1250 vom 2024-03-12",
"url": "https://access.redhat.com/errata/RHSA-2024:1250"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6688-1 vom 2024-03-11",
"url": "https://ubuntu.com/security/notices/USN-6688-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0855-1 vom 2024-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018151.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0858-1 vom 2024-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018153.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0857-1 vom 2024-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018154.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0856-1 vom 2024-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018155.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1306 vom 2024-03-13",
"url": "https://access.redhat.com/errata/RHSA-2024:1306"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0900-1 vom 2024-03-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018167.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1332 vom 2024-03-14",
"url": "https://access.redhat.com/errata/RHSA-2024:1332"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0900-2 vom 2024-03-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018182.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0910-1 vom 2024-03-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018181.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-1 vom 2024-03-20",
"url": "https://ubuntu.com/security/notices/USN-6707-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-1249 vom 2024-03-21",
"url": "https://linux.oracle.com/errata/ELSA-2024-1249.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-2 vom 2024-03-21",
"url": "https://ubuntu.com/security/notices/USN-6707-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0976-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018185.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0926-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018204.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0975-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018186.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0925-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018205.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0977-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018210.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-3 vom 2024-03-26",
"url": "https://ubuntu.com/security/notices/USN-6707-3"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1533 vom 2024-03-27",
"url": "https://access.redhat.com/errata/RHSA-2024:1533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1532 vom 2024-03-27",
"url": "https://access.redhat.com/errata/RHSA-2024:1532"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2024-040 vom 2024-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2024-040.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-4 vom 2024-03-28",
"url": "https://ubuntu.com/security/notices/USN-6707-4"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-052 vom 2024-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-052.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1653 vom 2024-04-03",
"url": "https://access.redhat.com/errata/RHSA-2024:1653"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6725-1 vom 2024-04-09",
"url": "https://ubuntu.com/security/notices/USN-6725-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6726-1 vom 2024-04-09",
"url": "https://ubuntu.com/security/notices/USN-6726-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6726-2 vom 2024-04-16",
"url": "https://ubuntu.com/security/notices/USN-6726-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6725-2 vom 2024-04-16",
"url": "https://ubuntu.com/security/notices/USN-6725-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1320-1 vom 2024-04-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018372.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1321-1 vom 2024-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018375.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1322-1 vom 2024-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018374.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6726-3 vom 2024-04-17",
"url": "https://ubuntu.com/security/notices/USN-6726-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1332-2 vom 2024-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018378.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1322-2 vom 2024-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018377.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1332-1 vom 2024-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018376.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6740-1 vom 2024-04-19",
"url": "https://ubuntu.com/security/notices/USN-6740-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2008 vom 2024-04-23",
"url": "https://access.redhat.com/errata/RHSA-2024:2008"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2006 vom 2024-04-23",
"url": "https://access.redhat.com/errata/RHSA-2024:2006"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-2004 vom 2024-04-25",
"url": "http://linux.oracle.com/errata/ELSA-2024-2004.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1466-1 vom 2024-04-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018438.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2394"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1480-1 vom 2024-04-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018444.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0103-1 vom 2024-04-30",
"url": "https://ubuntu.com/security/notices/LSN-0103-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2585 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2585"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2582 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2582"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018445.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5681 vom 2024-05-06",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5680 vom 2024-05-06",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00089.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6767-1 vom 2024-05-07",
"url": "https://ubuntu.com/security/notices/USN-6767-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6766-1 vom 2024-05-07",
"url": "https://ubuntu.com/security/notices/USN-6766-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6765-1 vom 2024-05-07",
"url": "https://ubuntu.com/security/notices/USN-6765-1"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
},
{
"category": "external",
"summary": "Insyde Security Advisory INSYDE-SA-2024002 vom 2024-05-14",
"url": "https://www.insyde.com/security-pledge/SA-2024002"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6767-2 vom 2024-05-14",
"url": "https://ubuntu.com/security/notices/USN-6767-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018528.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018525.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018538.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6766-2 vom 2024-05-15",
"url": "https://ubuntu.com/security/notices/USN-6766-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6766-3 vom 2024-05-20",
"url": "https://ubuntu.com/security/notices/USN-6766-3"
},
{
"category": "external",
"summary": "F5 Security Advisory K000139682 vom 2024-05-20",
"url": "https://my.f5.com/manage/s/article/K000139682"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3138"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6795-1 vom 2024-05-28",
"url": "https://ubuntu.com/security/notices/USN-6795-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6820-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6820-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156774 vom 2024-06-07",
"url": "https://www.ibm.com/support/pages/node/7156774"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6821-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6818-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6819-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-2 vom 2024-06-10",
"url": "https://ubuntu.com/security/notices/USN-6818-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-2 vom 2024-06-10",
"url": "https://ubuntu.com/security/notices/USN-6821-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6820-2 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6820-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3810 vom 2024-06-11",
"url": "https://access.redhat.com/errata/RHSA-2024:3810"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-2 vom 2024-06-12",
"url": "https://ubuntu.com/security/notices/USN-6819-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-3 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6821-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6828-1 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6828-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3855 vom 2024-06-12",
"url": "https://access.redhat.com/errata/RHSA-2024:3855"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3854 vom 2024-06-12",
"url": "https://access.redhat.com/errata/RHSA-2024:3854"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0104-1 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/LSN-0104-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-3 vom 2024-06-12",
"url": "https://ubuntu.com/security/notices/USN-6819-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-4 vom 2024-06-14",
"url": "https://ubuntu.com/security/notices/USN-6821-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-3 vom 2024-06-14",
"url": "https://ubuntu.com/security/notices/USN-6818-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-4 vom 2024-06-19",
"url": "https://ubuntu.com/security/notices/USN-6818-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3841 vom 2024-06-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3842 vom 2024-06-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-4 vom 2024-06-26",
"url": "https://ubuntu.com/security/notices/USN-6819-4"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2525 vom 2024-06-28",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2525.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4211 vom 2024-07-02",
"url": "https://access.redhat.com/errata/RHSA-2024:4211"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
"url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4211 vom 2024-07-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-4211.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6871-1 vom 2024-07-04",
"url": "https://ubuntu.com/security/notices/USN-6871-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4352 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4352"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4415 vom 2024-07-09",
"url": "https://access.redhat.com/errata/RHSA-2024:4415"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6892-1 vom 2024-07-10",
"url": "https://ubuntu.com/security/notices/USN-6892-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4321 vom 2024-07-10",
"url": "https://access.redhat.com/errata/RHSA-2024:4321"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-1 vom 2024-07-12",
"url": "https://ubuntu.com/security/notices/USN-6895-1"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4352 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4352"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4211 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4211"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-2 vom 2024-07-16",
"url": "https://ubuntu.com/security/notices/USN-6895-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-3 vom 2024-07-19",
"url": "https://ubuntu.com/security/notices/USN-6895-3"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4740 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4740"
},
{
"category": "external",
"summary": "F5 Security Advisory K000140297 vom 2023-07-26",
"url": "https://my.f5.com/manage/s/article/K000140297"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6919-1 vom 2024-07-26",
"url": "https://ubuntu.com/security/notices/USN-6919-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6926-1 vom 2024-07-29",
"url": "https://ubuntu.com/security/notices/USN-6926-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7161794 vom 2024-07-29",
"url": "https://www.ibm.com/support/pages/node/7161794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4928 vom 2024-07-31",
"url": "https://access.redhat.com/errata/RHSA-2024:4928"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4928 vom 2024-08-01",
"url": "https://errata.build.resf.org/RLSA-2024:4928"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6938-1 vom 2024-07-31",
"url": "https://ubuntu.com/security/notices/USN-6938-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162077 vom 2024-07-31",
"url": "https://www.ibm.com/support/pages/node/7162077"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4928 vom 2024-08-01",
"url": "https://linux.oracle.com/errata/ELSA-2024-4928.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6926-2 vom 2024-08-01",
"url": "https://ubuntu.com/security/notices/USN-6926-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-4 vom 2024-08-05",
"url": "https://ubuntu.com/security/notices/USN-6895-4"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-348 vom 2024-08-06",
"url": "https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5067 vom 2024-08-07",
"url": "https://access.redhat.com/errata/RHSA-2024:5067"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5066 vom 2024-08-07",
"url": "https://access.redhat.com/errata/RHSA-2024:5066"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2802-1 vom 2024-08-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019133.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5102 vom 2024-08-08",
"url": "https://access.redhat.com/errata/RHSA-2024:5102"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5101 vom 2024-08-08",
"url": "https://access.redhat.com/errata/RHSA-2024:5101"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6926-3 vom 2024-08-09",
"url": "https://ubuntu.com/security/notices/USN-6926-3"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-5101 vom 2024-08-09",
"url": "https://linux.oracle.com/errata/ELSA-2024-5101.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2896-1 vom 2024-08-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019185.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5363 vom 2024-08-14",
"url": "https://access.redhat.com/errata/RHSA-2024:5363"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-5363 vom 2024-08-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-5363.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1489-1 vom 2024-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/D5LYDXV5ACGHUYO5XWLWD5VAOA5HLJ7U/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1465-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019273.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2203-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019244.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1663-1 vom 2024-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MFQEXBT2XPZQJMUF7MN6ZVO5FXVY4NKK/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1669-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019269.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2973-1 vom 2024-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019280.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5672 vom 2024-08-21",
"url": "https://access.redhat.com/errata/RHSA-2024:5672"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5673 vom 2024-08-21",
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6976-1 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6976-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6972-1 vom 2024-08-21",
"url": "https://ubuntu.com/security/notices/USN-6972-1"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:5102 vom 2024-08-21",
"url": "https://errata.build.resf.org/RLSA-2024:5102"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:5101 vom 2024-08-21",
"url": "https://errata.build.resf.org/RLSA-2024:5101"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6971-1 vom 2024-08-21",
"url": "https://ubuntu.com/security/notices/USN-6971-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6972-2 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6972-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6973-2 vom 2024-08-23",
"url": "https://ubuntu.com/security/notices/USN-6972-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6972-4 vom 2024-08-29",
"url": "https://ubuntu.com/security/notices/USN-6972-4"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7167662 vom 2024-09-05",
"url": "https://www.ibm.com/support/pages/node/7167662"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6567 vom 2024-09-11",
"url": "https://access.redhat.com/errata/RHSA-2024:6567"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6567 vom 2024-09-12",
"url": "https://linux.oracle.com/errata/ELSA-2024-6567.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:6567 vom 2024-09-17",
"url": "https://errata.build.resf.org/RLSA-2024:6567"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7001 vom 2024-09-24",
"url": "https://access.redhat.com/errata/RHSA-2024:7001"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7169778 vom 2024-09-24",
"url": "https://www.ibm.com/support/pages/node/7169778"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7000 vom 2024-09-24",
"url": "https://access.redhat.com/errata/RHSA-2024:7000"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-7000 vom 2024-09-26",
"url": "https://linux.oracle.com/errata/ELSA-2024-7000.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:7001 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:7001"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-422 vom 2024-10-10",
"url": "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7069-1 vom 2024-10-16",
"url": "https://ubuntu.com/security/notices/USN-7069-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8161 vom 2024-10-16",
"url": "https://access.redhat.com/errata/RHSA-2024:8161"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7069-2 vom 2024-10-17",
"url": "https://ubuntu.com/security/notices/USN-7069-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7173960 vom 2024-10-23",
"url": "https://www.ibm.com/support/pages/node/7173960"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8318 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8318"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7174634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9315"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10771 vom 2024-12-04",
"url": "https://access.redhat.com/errata/RHSA-2024:10771"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4316-1 vom 2024-12-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S4I5Z6ALCJLHTP25U3HMJHEXN4DR2USM/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4314-1 vom 2024-12-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SARXL66CQHD5VSFG5PUBNBVBPVFUN4KT/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179045 vom 2024-12-16",
"url": "https://www.ibm.com/support/pages/node/7179045"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA92874 vom 2024-01-09",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-9315 vom 2025-01-13",
"url": "https://oss.oracle.com/pipermail/el-errata/2025-January/017000.html"
}
],
"source_lang": "en-US",
"title": "Linux-Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe",
"tracking": {
"current_release_date": "2025-01-13T23:00:00.000+00:00",
"generator": {
"date": "2025-01-14T13:52:38.618+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-0475",
"initial_release_date": "2024-02-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-02-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-03-14T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2024-03-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-20T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2024-03-21T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-03-24T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-25T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-03-26T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon und Ubuntu aufgenommen"
},
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-09T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2024-04-17T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-18T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-04-21T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-23T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-24T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-04-28T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-04-29T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE, Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-06T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2024-05-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Insyde aufgenommen"
},
{
"date": "2024-05-14T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-15T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2024-05-20T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu und F5 aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-05-30T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-04T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-06-06T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-09T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Ubuntu und IBM aufgenommen"
},
{
"date": "2024-06-10T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-06-12T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2024-06-16T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-18T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-23T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-25T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2024-06-26T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-06-30T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Dell und Oracle Linux aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-23T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2024-07-28T22:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-29T22:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Ubuntu und IBM aufgenommen"
},
{
"date": "2024-07-30T22:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-31T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Rocky Enterprise Software Foundation, Ubuntu, IBM und Oracle Linux aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-04T22:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-08-06T22:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-11T22:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-08-19T22:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-20T22:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-21T22:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Ubuntu und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-25T22:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-28T22:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-05T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2024-09-16T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-09-23T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Red Hat und IBM aufgenommen"
},
{
"date": "2024-09-25T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-29T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-30T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-10-17T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-03T23:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-12-16T23:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "95",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-01-13T23:00:00.000+00:00",
"number": "96",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "96"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T024663",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:-"
}
}
},
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.11",
"product": {
"name": "Dell NetWorker \u003c19.11",
"product_id": "T035785"
}
},
{
"category": "product_version",
"name": "19.11",
"product": {
"name": "Dell NetWorker 19.11",
"product_id": "T035785-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.11"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "24.0.0",
"product": {
"name": "IBM Business Automation Workflow 24.0.0",
"product_id": "T036570",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
"product_id": "T038741"
}
},
{
"category": "product_version",
"name": "7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
"product_id": "T038741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "11.4",
"product": {
"name": "IBM Security Guardium 11.4",
"product_id": "1076561",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.4"
}
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM Security Guardium 11.5",
"product_id": "1411051",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.5"
}
}
},
{
"category": "product_version",
"name": "12",
"product": {
"name": "IBM Security Guardium 12.0",
"product_id": "T031092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.0"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.16.3",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.16.3",
"product_id": "T037795"
}
},
{
"category": "product_version",
"name": "10.1.16.3",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.16.3",
"product_id": "T037795-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.16.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.9.5",
"product": {
"name": "IBM Storage Scale \u003c6.1.9.5",
"product_id": "T039851"
}
},
{
"category": "product_version",
"name": "6.1.9.5",
"product": {
"name": "IBM Storage Scale 6.1.9.5",
"product_id": "T039851-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.1.9.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.2.0",
"product": {
"name": "IBM Storage Scale \u003c6.2.2.0",
"product_id": "T039852"
}
},
{
"category": "product_version",
"name": "6.2.2.0",
"product": {
"name": "IBM Storage Scale 6.2.2.0",
"product_id": "T039852-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.2.2.0"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel",
"product": {
"name": "Insyde UEFI Firmware kernel",
"product_id": "T034716",
"product_identification_helper": {
"cpe": "cpe:/h:insyde:uefi:kernel"
}
}
}
],
"category": "product_name",
"name": "UEFI Firmware"
}
],
"category": "vendor",
"name": "Insyde"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.1R2",
"product": {
"name": "Juniper Junos Space \u003c24.1R2",
"product_id": "T040074"
}
},
{
"category": "product_version",
"name": "24.1R2",
"product": {
"name": "Juniper Junos Space 24.1R2",
"product_id": "T040074-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r2"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T032006",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46904",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2021-46904"
},
{
"cve": "CVE-2021-46905",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2021-46905"
},
{
"cve": "CVE-2022-48626",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2022-48626"
},
{
"cve": "CVE-2023-52453",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52453"
},
{
"cve": "CVE-2023-52454",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52454"
},
{
"cve": "CVE-2023-52455",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52455"
},
{
"cve": "CVE-2023-52456",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52456"
},
{
"cve": "CVE-2023-52457",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52457"
},
{
"cve": "CVE-2023-52458",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52459",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52459"
},
{
"cve": "CVE-2023-52460",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52460"
},
{
"cve": "CVE-2023-52461",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52461"
},
{
"cve": "CVE-2023-52462",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52462"
},
{
"cve": "CVE-2023-52463",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52463"
},
{
"cve": "CVE-2023-52464",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52464"
},
{
"cve": "CVE-2023-52465",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52465"
},
{
"cve": "CVE-2023-52466",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52466"
},
{
"cve": "CVE-2023-52467",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52467"
},
{
"cve": "CVE-2023-52468",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52468"
},
{
"cve": "CVE-2023-52469",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52469"
},
{
"cve": "CVE-2023-52470",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52470"
},
{
"cve": "CVE-2023-52471",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52471"
},
{
"cve": "CVE-2023-52472",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52472"
},
{
"cve": "CVE-2023-52473",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52473"
},
{
"cve": "CVE-2024-26594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26594"
},
{
"cve": "CVE-2024-26595",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26595"
},
{
"cve": "CVE-2024-26596",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-26597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26597"
},
{
"cve": "CVE-2024-26598",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26598"
},
{
"cve": "CVE-2024-26599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26599"
},
{
"cve": "CVE-2024-26600",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26600"
},
{
"cve": "CVE-2024-26601",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26601"
},
{
"cve": "CVE-2024-26602",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26602"
},
{
"cve": "CVE-2024-26603",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26603"
},
{
"cve": "CVE-2024-26604",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26604"
},
{
"cve": "CVE-2024-26605",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26605"
}
]
}
wid-sec-w-2024-0475
Vulnerability from csaf_certbund
Published
2024-02-25 23:00
Modified
2025-01-13 23:00
Summary
Linux-Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen oder einen nicht spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0475 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0475.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0475 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0475"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022325-CVE-2023-52453-9f24%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022325-CVE-2024-26594-1cbc%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022330-CVE-2023-52454-5cf0%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022331-CVE-2023-52455-a28f%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022331-CVE-2023-52456-f9dd%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022332-CVE-2023-52457-c7b9%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022332-CVE-2023-52458-d1cd%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022333-CVE-2023-52459-f653%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022333-CVE-2023-52460-a52b%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022334-CVE-2023-52461-a619%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52462-b663%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022336-CVE-2023-52464-b17c%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022336-CVE-2024-26595-9a8d%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022337-CVE-2024-26596-57cb%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022337-CVE-2024-26597-be75%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022338-CVE-2024-26598-24f4%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022338-CVE-2024-26599-cd65%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022405-CVE-2024-26600-44a2%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022411-CVE-2024-26601-b6ac%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022416-CVE-2024-26604-71a3%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022419-CVE-2024-26605-7b06%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022539-CVE-2023-52465-2e75%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022544-CVE-2023-52466-fea5%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022544-CVE-2023-52467-434b%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022545-CVE-2023-52468-59a2%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022546-CVE-2023-52469-5141%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022546-CVE-2023-52470-44d1%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022546-CVE-2023-52471-ab29%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022547-CVE-2023-52472-fa03%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022547-CVE-2023-52473-c3cc%40gregkh/"
},
{
"category": "external",
"summary": "VE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022555-CVE-2021-46904-d49f%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022557-CVE-2021-46905-6507%40gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-02-25",
"url": "http://lore.kernel.org/linux-cve-announce/2024022558-CVE-2022-48626-8a90%40gregkh/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2024-061 vom 2024-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2024-061.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1249 vom 2024-03-12",
"url": "https://access.redhat.com/errata/RHSA-2024:1249"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1250 vom 2024-03-12",
"url": "https://access.redhat.com/errata/RHSA-2024:1250"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6688-1 vom 2024-03-11",
"url": "https://ubuntu.com/security/notices/USN-6688-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0855-1 vom 2024-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018151.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0858-1 vom 2024-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018153.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0857-1 vom 2024-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018154.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0856-1 vom 2024-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018155.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1306 vom 2024-03-13",
"url": "https://access.redhat.com/errata/RHSA-2024:1306"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0900-1 vom 2024-03-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018167.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1332 vom 2024-03-14",
"url": "https://access.redhat.com/errata/RHSA-2024:1332"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0900-2 vom 2024-03-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018182.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0910-1 vom 2024-03-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018181.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-1 vom 2024-03-20",
"url": "https://ubuntu.com/security/notices/USN-6707-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-1249 vom 2024-03-21",
"url": "https://linux.oracle.com/errata/ELSA-2024-1249.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-2 vom 2024-03-21",
"url": "https://ubuntu.com/security/notices/USN-6707-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0976-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018185.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0926-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018204.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0975-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018186.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0925-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018205.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0977-1 vom 2024-03-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018210.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-3 vom 2024-03-26",
"url": "https://ubuntu.com/security/notices/USN-6707-3"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1533 vom 2024-03-27",
"url": "https://access.redhat.com/errata/RHSA-2024:1533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1532 vom 2024-03-27",
"url": "https://access.redhat.com/errata/RHSA-2024:1532"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2024-040 vom 2024-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2024-040.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6707-4 vom 2024-03-28",
"url": "https://ubuntu.com/security/notices/USN-6707-4"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-052 vom 2024-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-052.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1653 vom 2024-04-03",
"url": "https://access.redhat.com/errata/RHSA-2024:1653"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6725-1 vom 2024-04-09",
"url": "https://ubuntu.com/security/notices/USN-6725-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6726-1 vom 2024-04-09",
"url": "https://ubuntu.com/security/notices/USN-6726-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6726-2 vom 2024-04-16",
"url": "https://ubuntu.com/security/notices/USN-6726-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6725-2 vom 2024-04-16",
"url": "https://ubuntu.com/security/notices/USN-6725-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1320-1 vom 2024-04-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018372.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1321-1 vom 2024-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018375.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1322-1 vom 2024-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018374.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6726-3 vom 2024-04-17",
"url": "https://ubuntu.com/security/notices/USN-6726-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1332-2 vom 2024-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018378.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1322-2 vom 2024-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018377.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1332-1 vom 2024-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018376.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6740-1 vom 2024-04-19",
"url": "https://ubuntu.com/security/notices/USN-6740-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2008 vom 2024-04-23",
"url": "https://access.redhat.com/errata/RHSA-2024:2008"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2006 vom 2024-04-23",
"url": "https://access.redhat.com/errata/RHSA-2024:2006"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-2004 vom 2024-04-25",
"url": "http://linux.oracle.com/errata/ELSA-2024-2004.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1466-1 vom 2024-04-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018438.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2394"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1480-1 vom 2024-04-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018444.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0103-1 vom 2024-04-30",
"url": "https://ubuntu.com/security/notices/LSN-0103-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2585 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2585"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2582 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2582"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018445.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5681 vom 2024-05-06",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5680 vom 2024-05-06",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00089.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6767-1 vom 2024-05-07",
"url": "https://ubuntu.com/security/notices/USN-6767-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6766-1 vom 2024-05-07",
"url": "https://ubuntu.com/security/notices/USN-6766-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6765-1 vom 2024-05-07",
"url": "https://ubuntu.com/security/notices/USN-6765-1"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
},
{
"category": "external",
"summary": "Insyde Security Advisory INSYDE-SA-2024002 vom 2024-05-14",
"url": "https://www.insyde.com/security-pledge/SA-2024002"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6767-2 vom 2024-05-14",
"url": "https://ubuntu.com/security/notices/USN-6767-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018528.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018525.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018538.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6766-2 vom 2024-05-15",
"url": "https://ubuntu.com/security/notices/USN-6766-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6766-3 vom 2024-05-20",
"url": "https://ubuntu.com/security/notices/USN-6766-3"
},
{
"category": "external",
"summary": "F5 Security Advisory K000139682 vom 2024-05-20",
"url": "https://my.f5.com/manage/s/article/K000139682"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3138"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6795-1 vom 2024-05-28",
"url": "https://ubuntu.com/security/notices/USN-6795-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6820-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6820-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156774 vom 2024-06-07",
"url": "https://www.ibm.com/support/pages/node/7156774"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6821-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6818-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6819-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-2 vom 2024-06-10",
"url": "https://ubuntu.com/security/notices/USN-6818-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-2 vom 2024-06-10",
"url": "https://ubuntu.com/security/notices/USN-6821-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6820-2 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6820-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3810 vom 2024-06-11",
"url": "https://access.redhat.com/errata/RHSA-2024:3810"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-2 vom 2024-06-12",
"url": "https://ubuntu.com/security/notices/USN-6819-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-3 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6821-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6828-1 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6828-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3855 vom 2024-06-12",
"url": "https://access.redhat.com/errata/RHSA-2024:3855"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3854 vom 2024-06-12",
"url": "https://access.redhat.com/errata/RHSA-2024:3854"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0104-1 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/LSN-0104-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-3 vom 2024-06-12",
"url": "https://ubuntu.com/security/notices/USN-6819-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-4 vom 2024-06-14",
"url": "https://ubuntu.com/security/notices/USN-6821-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-3 vom 2024-06-14",
"url": "https://ubuntu.com/security/notices/USN-6818-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6818-4 vom 2024-06-19",
"url": "https://ubuntu.com/security/notices/USN-6818-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3841 vom 2024-06-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3842 vom 2024-06-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6819-4 vom 2024-06-26",
"url": "https://ubuntu.com/security/notices/USN-6819-4"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2525 vom 2024-06-28",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2525.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4211 vom 2024-07-02",
"url": "https://access.redhat.com/errata/RHSA-2024:4211"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
"url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4211 vom 2024-07-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-4211.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6871-1 vom 2024-07-04",
"url": "https://ubuntu.com/security/notices/USN-6871-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4352 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4352"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4415 vom 2024-07-09",
"url": "https://access.redhat.com/errata/RHSA-2024:4415"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6892-1 vom 2024-07-10",
"url": "https://ubuntu.com/security/notices/USN-6892-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4321 vom 2024-07-10",
"url": "https://access.redhat.com/errata/RHSA-2024:4321"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-1 vom 2024-07-12",
"url": "https://ubuntu.com/security/notices/USN-6895-1"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4352 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4352"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4211 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4211"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-2 vom 2024-07-16",
"url": "https://ubuntu.com/security/notices/USN-6895-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-3 vom 2024-07-19",
"url": "https://ubuntu.com/security/notices/USN-6895-3"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4740 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4740"
},
{
"category": "external",
"summary": "F5 Security Advisory K000140297 vom 2023-07-26",
"url": "https://my.f5.com/manage/s/article/K000140297"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6919-1 vom 2024-07-26",
"url": "https://ubuntu.com/security/notices/USN-6919-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6926-1 vom 2024-07-29",
"url": "https://ubuntu.com/security/notices/USN-6926-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7161794 vom 2024-07-29",
"url": "https://www.ibm.com/support/pages/node/7161794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4928 vom 2024-07-31",
"url": "https://access.redhat.com/errata/RHSA-2024:4928"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4928 vom 2024-08-01",
"url": "https://errata.build.resf.org/RLSA-2024:4928"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6938-1 vom 2024-07-31",
"url": "https://ubuntu.com/security/notices/USN-6938-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162077 vom 2024-07-31",
"url": "https://www.ibm.com/support/pages/node/7162077"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4928 vom 2024-08-01",
"url": "https://linux.oracle.com/errata/ELSA-2024-4928.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6926-2 vom 2024-08-01",
"url": "https://ubuntu.com/security/notices/USN-6926-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6895-4 vom 2024-08-05",
"url": "https://ubuntu.com/security/notices/USN-6895-4"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-348 vom 2024-08-06",
"url": "https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5067 vom 2024-08-07",
"url": "https://access.redhat.com/errata/RHSA-2024:5067"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5066 vom 2024-08-07",
"url": "https://access.redhat.com/errata/RHSA-2024:5066"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2802-1 vom 2024-08-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019133.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5102 vom 2024-08-08",
"url": "https://access.redhat.com/errata/RHSA-2024:5102"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5101 vom 2024-08-08",
"url": "https://access.redhat.com/errata/RHSA-2024:5101"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6926-3 vom 2024-08-09",
"url": "https://ubuntu.com/security/notices/USN-6926-3"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-5101 vom 2024-08-09",
"url": "https://linux.oracle.com/errata/ELSA-2024-5101.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2896-1 vom 2024-08-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019185.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5363 vom 2024-08-14",
"url": "https://access.redhat.com/errata/RHSA-2024:5363"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-5363 vom 2024-08-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-5363.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1489-1 vom 2024-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/D5LYDXV5ACGHUYO5XWLWD5VAOA5HLJ7U/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1465-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019273.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2203-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019244.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1663-1 vom 2024-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MFQEXBT2XPZQJMUF7MN6ZVO5FXVY4NKK/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1669-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019269.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2973-1 vom 2024-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019280.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5672 vom 2024-08-21",
"url": "https://access.redhat.com/errata/RHSA-2024:5672"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5673 vom 2024-08-21",
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6976-1 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6976-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6972-1 vom 2024-08-21",
"url": "https://ubuntu.com/security/notices/USN-6972-1"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:5102 vom 2024-08-21",
"url": "https://errata.build.resf.org/RLSA-2024:5102"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:5101 vom 2024-08-21",
"url": "https://errata.build.resf.org/RLSA-2024:5101"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6971-1 vom 2024-08-21",
"url": "https://ubuntu.com/security/notices/USN-6971-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6972-2 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6972-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6973-2 vom 2024-08-23",
"url": "https://ubuntu.com/security/notices/USN-6972-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6972-4 vom 2024-08-29",
"url": "https://ubuntu.com/security/notices/USN-6972-4"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7167662 vom 2024-09-05",
"url": "https://www.ibm.com/support/pages/node/7167662"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6567 vom 2024-09-11",
"url": "https://access.redhat.com/errata/RHSA-2024:6567"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6567 vom 2024-09-12",
"url": "https://linux.oracle.com/errata/ELSA-2024-6567.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:6567 vom 2024-09-17",
"url": "https://errata.build.resf.org/RLSA-2024:6567"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7001 vom 2024-09-24",
"url": "https://access.redhat.com/errata/RHSA-2024:7001"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7169778 vom 2024-09-24",
"url": "https://www.ibm.com/support/pages/node/7169778"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7000 vom 2024-09-24",
"url": "https://access.redhat.com/errata/RHSA-2024:7000"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-7000 vom 2024-09-26",
"url": "https://linux.oracle.com/errata/ELSA-2024-7000.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:7001 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:7001"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-422 vom 2024-10-10",
"url": "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7069-1 vom 2024-10-16",
"url": "https://ubuntu.com/security/notices/USN-7069-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8161 vom 2024-10-16",
"url": "https://access.redhat.com/errata/RHSA-2024:8161"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7069-2 vom 2024-10-17",
"url": "https://ubuntu.com/security/notices/USN-7069-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7173960 vom 2024-10-23",
"url": "https://www.ibm.com/support/pages/node/7173960"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8318 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8318"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7174634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9315"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10771 vom 2024-12-04",
"url": "https://access.redhat.com/errata/RHSA-2024:10771"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4316-1 vom 2024-12-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S4I5Z6ALCJLHTP25U3HMJHEXN4DR2USM/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4314-1 vom 2024-12-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SARXL66CQHD5VSFG5PUBNBVBPVFUN4KT/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179045 vom 2024-12-16",
"url": "https://www.ibm.com/support/pages/node/7179045"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA92874 vom 2024-01-09",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-9315 vom 2025-01-13",
"url": "https://oss.oracle.com/pipermail/el-errata/2025-January/017000.html"
}
],
"source_lang": "en-US",
"title": "Linux-Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe",
"tracking": {
"current_release_date": "2025-01-13T23:00:00.000+00:00",
"generator": {
"date": "2025-01-14T13:52:38.618+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-0475",
"initial_release_date": "2024-02-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-02-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-03-14T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2024-03-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-20T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2024-03-21T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-03-24T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-25T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-03-26T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon und Ubuntu aufgenommen"
},
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-09T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2024-04-17T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-18T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-04-21T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-23T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-24T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-04-28T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-04-29T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE, Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-06T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2024-05-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Insyde aufgenommen"
},
{
"date": "2024-05-14T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-15T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2024-05-20T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu und F5 aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-05-30T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-04T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-06-06T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-09T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Ubuntu und IBM aufgenommen"
},
{
"date": "2024-06-10T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-06-12T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2024-06-16T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-18T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-23T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-25T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2024-06-26T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-06-30T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Dell und Oracle Linux aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-23T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2024-07-28T22:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-29T22:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Ubuntu und IBM aufgenommen"
},
{
"date": "2024-07-30T22:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-31T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Rocky Enterprise Software Foundation, Ubuntu, IBM und Oracle Linux aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-04T22:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-08-06T22:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-11T22:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-08-19T22:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-20T22:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-21T22:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Ubuntu und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-25T22:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-28T22:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-05T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2024-09-16T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-09-23T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Red Hat und IBM aufgenommen"
},
{
"date": "2024-09-25T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-29T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-30T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-10-17T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-03T23:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-12-16T23:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "95",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-01-13T23:00:00.000+00:00",
"number": "96",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "96"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T024663",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:-"
}
}
},
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.11",
"product": {
"name": "Dell NetWorker \u003c19.11",
"product_id": "T035785"
}
},
{
"category": "product_version",
"name": "19.11",
"product": {
"name": "Dell NetWorker 19.11",
"product_id": "T035785-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.11"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "24.0.0",
"product": {
"name": "IBM Business Automation Workflow 24.0.0",
"product_id": "T036570",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
"product_id": "T038741"
}
},
{
"category": "product_version",
"name": "7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
"product_id": "T038741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "11.4",
"product": {
"name": "IBM Security Guardium 11.4",
"product_id": "1076561",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.4"
}
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM Security Guardium 11.5",
"product_id": "1411051",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.5"
}
}
},
{
"category": "product_version",
"name": "12",
"product": {
"name": "IBM Security Guardium 12.0",
"product_id": "T031092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.0"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.16.3",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.16.3",
"product_id": "T037795"
}
},
{
"category": "product_version",
"name": "10.1.16.3",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.16.3",
"product_id": "T037795-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.16.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.9.5",
"product": {
"name": "IBM Storage Scale \u003c6.1.9.5",
"product_id": "T039851"
}
},
{
"category": "product_version",
"name": "6.1.9.5",
"product": {
"name": "IBM Storage Scale 6.1.9.5",
"product_id": "T039851-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.1.9.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.2.0",
"product": {
"name": "IBM Storage Scale \u003c6.2.2.0",
"product_id": "T039852"
}
},
{
"category": "product_version",
"name": "6.2.2.0",
"product": {
"name": "IBM Storage Scale 6.2.2.0",
"product_id": "T039852-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.2.2.0"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel",
"product": {
"name": "Insyde UEFI Firmware kernel",
"product_id": "T034716",
"product_identification_helper": {
"cpe": "cpe:/h:insyde:uefi:kernel"
}
}
}
],
"category": "product_name",
"name": "UEFI Firmware"
}
],
"category": "vendor",
"name": "Insyde"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.1R2",
"product": {
"name": "Juniper Junos Space \u003c24.1R2",
"product_id": "T040074"
}
},
{
"category": "product_version",
"name": "24.1R2",
"product": {
"name": "Juniper Junos Space 24.1R2",
"product_id": "T040074-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r2"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T032006",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46904",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2021-46904"
},
{
"cve": "CVE-2021-46905",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2021-46905"
},
{
"cve": "CVE-2022-48626",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2022-48626"
},
{
"cve": "CVE-2023-52453",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52453"
},
{
"cve": "CVE-2023-52454",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52454"
},
{
"cve": "CVE-2023-52455",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52455"
},
{
"cve": "CVE-2023-52456",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52456"
},
{
"cve": "CVE-2023-52457",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52457"
},
{
"cve": "CVE-2023-52458",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52459",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52459"
},
{
"cve": "CVE-2023-52460",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52460"
},
{
"cve": "CVE-2023-52461",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52461"
},
{
"cve": "CVE-2023-52462",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52462"
},
{
"cve": "CVE-2023-52463",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52463"
},
{
"cve": "CVE-2023-52464",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52464"
},
{
"cve": "CVE-2023-52465",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52465"
},
{
"cve": "CVE-2023-52466",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52466"
},
{
"cve": "CVE-2023-52467",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52467"
},
{
"cve": "CVE-2023-52468",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52468"
},
{
"cve": "CVE-2023-52469",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52469"
},
{
"cve": "CVE-2023-52470",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52470"
},
{
"cve": "CVE-2023-52471",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52471"
},
{
"cve": "CVE-2023-52472",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52472"
},
{
"cve": "CVE-2023-52473",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2023-52473"
},
{
"cve": "CVE-2024-26594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26594"
},
{
"cve": "CVE-2024-26595",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26595"
},
{
"cve": "CVE-2024-26596",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-26597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26597"
},
{
"cve": "CVE-2024-26598",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26598"
},
{
"cve": "CVE-2024-26599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26599"
},
{
"cve": "CVE-2024-26600",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26600"
},
{
"cve": "CVE-2024-26601",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26601"
},
{
"cve": "CVE-2024-26602",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26602"
},
{
"cve": "CVE-2024-26603",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26603"
},
{
"cve": "CVE-2024-26604",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26604"
},
{
"cve": "CVE-2024-26605",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie ksmbd, arm64 von KVM oder mlxsw, unter anderem aufgrund verschiedener Probleme wie einer NULL-Zeiger-Dereferenz, einem Out-of-Bounds-Zugriff oder einem Use-after-free-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service-Zustand zu verursachen oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T032006",
"67646",
"T034583",
"T004914",
"T038741",
"T039852",
"T037795",
"T039851",
"T040030",
"T040074",
"T021415",
"T031092",
"T024663",
"T001663",
"398363",
"T034716",
"1076561",
"T032255",
"T035785",
"T014381",
"T036570",
"2951",
"T002207",
"T000126",
"1411051"
]
},
"release_date": "2024-02-25T23:00:00.000+00:00",
"title": "CVE-2024-26605"
}
]
}
gsd-2023-52468
Vulnerability from gsd
Modified
2024-02-21 06:01
Details
In the Linux kernel, the following vulnerability has been resolved:
class: fix use-after-free in class_register()
The lock_class_key is still registered and can be found in
lock_keys_hash hlist after subsys_private is freed in error
handler path.A task who iterate over the lock_keys_hash
later may cause use-after-free.So fix that up and unregister
the lock_class_key before kfree(cp).
On our platform, a driver fails to kset_register because of
creating duplicate filename '/class/xxx'.With Kasan enabled,
it prints a invalid-access bug report.
KASAN bug report:
BUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc
Write of size 8 at addr 15ffff808b8c0368 by task modprobe/252
Pointer tag: [15], memory tag: [fe]
CPU: 7 PID: 252 Comm: modprobe Tainted: G W
6.6.0-mainline-maybe-dirty #1
Call trace:
dump_backtrace+0x1b0/0x1e4
show_stack+0x2c/0x40
dump_stack_lvl+0xac/0xe0
print_report+0x18c/0x4d8
kasan_report+0xe8/0x148
__hwasan_store8_noabort+0x88/0x98
lockdep_register_key+0x19c/0x1bc
class_register+0x94/0x1ec
init_module+0xbc/0xf48 [rfkill]
do_one_initcall+0x17c/0x72c
do_init_module+0x19c/0x3f8
...
Memory state around the buggy address:
ffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a
ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe
>ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
^
ffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03
As CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access
not use-after-free here.In this case, modprobe is manipulating
the corrupted lock_keys_hash hlish where lock_class_key is already
freed before.
It's worth noting that this only can happen if lockdep is enabled,
which is not true for normal system.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-52468"
],
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix use-after-free in class_register()\n\nThe lock_class_key is still registered and can be found in\nlock_keys_hash hlist after subsys_private is freed in error\nhandler path.A task who iterate over the lock_keys_hash\nlater may cause use-after-free.So fix that up and unregister\nthe lock_class_key before kfree(cp).\n\nOn our platform, a driver fails to kset_register because of\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\nit prints a invalid-access bug report.\n\nKASAN bug report:\n\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\nPointer tag: [15], memory tag: [fe]\n\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\n 6.6.0-mainline-maybe-dirty #1\n\nCall trace:\ndump_backtrace+0x1b0/0x1e4\nshow_stack+0x2c/0x40\ndump_stack_lvl+0xac/0xe0\nprint_report+0x18c/0x4d8\nkasan_report+0xe8/0x148\n__hwasan_store8_noabort+0x88/0x98\nlockdep_register_key+0x19c/0x1bc\nclass_register+0x94/0x1ec\ninit_module+0xbc/0xf48 [rfkill]\ndo_one_initcall+0x17c/0x72c\ndo_init_module+0x19c/0x3f8\n...\nMemory state around the buggy address:\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\n ^\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\n\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\nnot use-after-free here.In this case, modprobe is manipulating\nthe corrupted lock_keys_hash hlish where lock_class_key is already\nfreed before.\n\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\nwhich is not true for normal system.",
"id": "GSD-2023-52468",
"modified": "2024-02-21T06:01:53.296230Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@kernel.org",
"ID": "CVE-2023-52468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "dcfbb67e48a2",
"version_value": "b57196a5ec5e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.14",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix use-after-free in class_register()\n\nThe lock_class_key is still registered and can be found in\nlock_keys_hash hlist after subsys_private is freed in error\nhandler path.A task who iterate over the lock_keys_hash\nlater may cause use-after-free.So fix that up and unregister\nthe lock_class_key before kfree(cp).\n\nOn our platform, a driver fails to kset_register because of\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\nit prints a invalid-access bug report.\n\nKASAN bug report:\n\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\nPointer tag: [15], memory tag: [fe]\n\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\n 6.6.0-mainline-maybe-dirty #1\n\nCall trace:\ndump_backtrace+0x1b0/0x1e4\nshow_stack+0x2c/0x40\ndump_stack_lvl+0xac/0xe0\nprint_report+0x18c/0x4d8\nkasan_report+0xe8/0x148\n__hwasan_store8_noabort+0x88/0x98\nlockdep_register_key+0x19c/0x1bc\nclass_register+0x94/0x1ec\ninit_module+0xbc/0xf48 [rfkill]\ndo_one_initcall+0x17c/0x72c\ndo_init_module+0x19c/0x3f8\n...\nMemory state around the buggy address:\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\n ^\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\n\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\nnot use-after-free here.In this case, modprobe is manipulating\nthe corrupted lock_keys_hash hlish where lock_class_key is already\nfreed before.\n\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\nwhich is not true for normal system."
}
]
},
"generator": {
"engine": "bippy-8df59b4913de"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
},
{
"name": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"name": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "686183E6-D5C3-4A5B-9A18-8E3B4294EA6A",
"versionEndExcluding": "6.6.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA3778C-730B-464C-8023-18CA6AC0B807",
"versionEndExcluding": "6.7.2",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix use-after-free in class_register()\n\nThe lock_class_key is still registered and can be found in\nlock_keys_hash hlist after subsys_private is freed in error\nhandler path.A task who iterate over the lock_keys_hash\nlater may cause use-after-free.So fix that up and unregister\nthe lock_class_key before kfree(cp).\n\nOn our platform, a driver fails to kset_register because of\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\nit prints a invalid-access bug report.\n\nKASAN bug report:\n\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\nPointer tag: [15], memory tag: [fe]\n\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\n 6.6.0-mainline-maybe-dirty #1\n\nCall trace:\ndump_backtrace+0x1b0/0x1e4\nshow_stack+0x2c/0x40\ndump_stack_lvl+0xac/0xe0\nprint_report+0x18c/0x4d8\nkasan_report+0xe8/0x148\n__hwasan_store8_noabort+0x88/0x98\nlockdep_register_key+0x19c/0x1bc\nclass_register+0x94/0x1ec\ninit_module+0xbc/0xf48 [rfkill]\ndo_one_initcall+0x17c/0x72c\ndo_init_module+0x19c/0x3f8\n...\nMemory state around the buggy address:\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\n ^\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\n\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\nnot use-after-free here.In this case, modprobe is manipulating\nthe corrupted lock_keys_hash hlish where lock_class_key is already\nfreed before.\n\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\nwhich is not true for normal system."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clase: corrige use-after-free en class_register() Lock_class_key todav\u00eda est\u00e1 registrada y se puede encontrar en lock_keys_hash hlist despu\u00e9s de que subsys_private se libere en la ruta del controlador de errores. Una tarea que itera sobre Lock_keys_hash m\u00e1s tarde puede causar use-after-free. As\u00ed que solucione eso y cancele el registro de lock_class_key antes de kfree (cp). En nuestra plataforma, un controlador no logra kset_register debido a que crea un nombre de archivo duplicado \u0027/class/xxx\u0027. Con Kasan habilitado, imprime un informe de error de acceso no v\u00e1lido. Informe de error de KASAN: ERROR: KASAN: acceso no v\u00e1lido en lockdep_register_key+0x19c/0x1bc Escritura de tama\u00f1o 8 en la direcci\u00f3n 15ffff808b8c0368 mediante tarea modprobe/252 Etiqueta de puntero: [15], etiqueta de memoria: [fe] CPU: 7 PID: 252 Comm: modprobe contaminado: GW 6.6.0-mainline-maybe-dirty #1 Rastreo de llamadas: dump_backtrace+0x1b0/0x1e4 show_stack+0x2c/0x40 dump_stack_lvl+0xac/0xe0 print_report+0x18c/0x4d8 kasan_report+0xe8/0x148 __hwasan_store8_noabort+0x 88/0x98 lockdep_register_key+ 0x19c/0x1bc class_register+0x94/0x1ec init_module+0xbc/0xf48 [rfkill] do_one_initcall+0x17c/0x72c do_init_module+0x19c/0x3f8 ... Estado de la memoria alrededor de la direcci\u00f3n del error: ffffff808b8c0100: 8a 8a 8a 8a 8a 8 un 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe\u0026gt; ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe ^ fffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 Como CONFIG_KASAN_GENERIC no est\u00e1 configurado, Kasan informa aqu\u00ed de acceso no v\u00e1lido, no use-after-free. En este caso, modprobe est\u00e1 manipulando el lock_keys_hash hlish corrupto donde lock_class_key ya se liber\u00f3 antes. Vale la pena se\u00f1alar que esto s\u00f3lo puede suceder si lockdep est\u00e1 habilitado, lo cual no es cierto para el sistema normal."
}
],
"id": "CVE-2023-52468",
"lastModified": "2024-04-17T19:00:42.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-26T16:27:48.710",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
ghsa-p88p-j9px-cq4j
Vulnerability from github
Published
2024-02-26 18:30
Modified
2024-04-17 21:30
Severity ?
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
class: fix use-after-free in class_register()
The lock_class_key is still registered and can be found in lock_keys_hash hlist after subsys_private is freed in error handler path.A task who iterate over the lock_keys_hash later may cause use-after-free.So fix that up and unregister the lock_class_key before kfree(cp).
On our platform, a driver fails to kset_register because of creating duplicate filename '/class/xxx'.With Kasan enabled, it prints a invalid-access bug report.
KASAN bug report:
BUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc Write of size 8 at addr 15ffff808b8c0368 by task modprobe/252 Pointer tag: [15], memory tag: [fe]
CPU: 7 PID: 252 Comm: modprobe Tainted: G W 6.6.0-mainline-maybe-dirty #1
Call trace: dump_backtrace+0x1b0/0x1e4 show_stack+0x2c/0x40 dump_stack_lvl+0xac/0xe0 print_report+0x18c/0x4d8 kasan_report+0xe8/0x148 __hwasan_store8_noabort+0x88/0x98 lockdep_register_key+0x19c/0x1bc class_register+0x94/0x1ec init_module+0xbc/0xf48 [rfkill] do_one_initcall+0x17c/0x72c do_init_module+0x19c/0x3f8 ... Memory state around the buggy address: ffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a ffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe
ffffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe ^ ffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03
As CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access not use-after-free here.In this case, modprobe is manipulating the corrupted lock_keys_hash hlish where lock_class_key is already freed before.
It's worth noting that this only can happen if lockdep is enabled, which is not true for normal system.
{
"affected": [],
"aliases": [
"CVE-2023-52468"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-26T16:27:48Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix use-after-free in class_register()\n\nThe lock_class_key is still registered and can be found in\nlock_keys_hash hlist after subsys_private is freed in error\nhandler path.A task who iterate over the lock_keys_hash\nlater may cause use-after-free.So fix that up and unregister\nthe lock_class_key before kfree(cp).\n\nOn our platform, a driver fails to kset_register because of\ncreating duplicate filename \u0027/class/xxx\u0027.With Kasan enabled,\nit prints a invalid-access bug report.\n\nKASAN bug report:\n\nBUG: KASAN: invalid-access in lockdep_register_key+0x19c/0x1bc\nWrite of size 8 at addr 15ffff808b8c0368 by task modprobe/252\nPointer tag: [15], memory tag: [fe]\n\nCPU: 7 PID: 252 Comm: modprobe Tainted: G W\n 6.6.0-mainline-maybe-dirty #1\n\nCall trace:\ndump_backtrace+0x1b0/0x1e4\nshow_stack+0x2c/0x40\ndump_stack_lvl+0xac/0xe0\nprint_report+0x18c/0x4d8\nkasan_report+0xe8/0x148\n__hwasan_store8_noabort+0x88/0x98\nlockdep_register_key+0x19c/0x1bc\nclass_register+0x94/0x1ec\ninit_module+0xbc/0xf48 [rfkill]\ndo_one_initcall+0x17c/0x72c\ndo_init_module+0x19c/0x3f8\n...\nMemory state around the buggy address:\nffffff808b8c0100: 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a 8a\nffffff808b8c0200: 8a 8a 8a 8a 8a 8a 8a 8a fe fe fe fe fe fe fe fe\n\u003effffff808b8c0300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe\n ^\nffffff808b8c0400: 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03\n\nAs CONFIG_KASAN_GENERIC is not set, Kasan reports invalid-access\nnot use-after-free here.In this case, modprobe is manipulating\nthe corrupted lock_keys_hash hlish where lock_class_key is already\nfreed before.\n\nIt\u0027s worth noting that this only can happen if lockdep is enabled,\nwhich is not true for normal system.",
"id": "GHSA-p88p-j9px-cq4j",
"modified": "2024-04-17T21:30:45Z",
"published": "2024-02-26T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52468"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0f1486dafca3398c4c46b9f6e6452fa27e73b559"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/93ec4a3b76404bce01bd5c9032bef5df6feb1d62"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b57196a5ec5e4c0ffecde8348b085b778c7dce04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…