Vulnerability-Lookup

CVE-2024-46688 (GCVE-0-2024-46688)

Vulnerability from cvelistv5 – Published: 2024-09-13 05:29 – Updated: 2026-05-11 20:34

Title

erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails

Summary

In the Linux kernel, the following vulnerability has been resolved: erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails If z_erofs_gbuf_growsize() partially fails on a global buffer due to memory allocation failure or fault injection (as reported by syzbot [1]), new pages need to be freed by comparing to the existing pages to avoid memory leaks. However, the old gbuf->pages[] array may not be large enough, which can lead to null-ptr-deref or out-of-bound access. Fix this by checking against gbuf->nrpages in advance. [1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com

Severity ?

No CVSS data available.

Assigner

Linux

References

2 references

URL	Tags
https://git.kernel.org/stable/c/49c0e081998008cde…
https://git.kernel.org/stable/c/0005e01e1e875c5e2…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: d6db47e571dcaecaeaafa8840d00ae849ae3907b , < 49c0e081998008cde0c872c0ff9affa1ece4b878 (git) Affected: d6db47e571dcaecaeaafa8840d00ae849ae3907b , < 0005e01e1e875c5e27130c5e2ed0189749d1e08a (git)
Linux	Linux	Affected: 6.10 Unaffected: 0 , < 6.10 (semver) Unaffected: 6.10.8 , ≤ 6.10.* (semver) Unaffected: 6.11 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46688",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-29T15:07:39.843089Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-29T15:07:54.585Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/erofs/zutil.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "49c0e081998008cde0c872c0ff9affa1ece4b878",
              "status": "affected",
              "version": "d6db47e571dcaecaeaafa8840d00ae849ae3907b",
              "versionType": "git"
            },
            {
              "lessThan": "0005e01e1e875c5e27130c5e2ed0189749d1e08a",
              "status": "affected",
              "version": "d6db47e571dcaecaeaafa8840d00ae849ae3907b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/erofs/zutil.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.10"
            },
            {
              "lessThan": "6.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.10.8",
                  "versionStartIncluding": "6.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.11",
                  "versionStartIncluding": "6.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\n\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\nmemory allocation failure or fault injection (as reported by syzbot [1]),\nnew pages need to be freed by comparing to the existing pages to avoid\nmemory leaks.\n\nHowever, the old gbuf-\u003epages[] array may not be large enough, which can\nlead to null-ptr-deref or out-of-bound access.\n\nFix this by checking against gbuf-\u003enrpages in advance.\n\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:34:28.918Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878"
        },
        {
          "url": "https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a"
        }
      ],
      "title": "erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-46688",
    "datePublished": "2024-09-13T05:29:19.031Z",
    "dateReserved": "2024-09-11T15:12:18.249Z",
    "dateUpdated": "2026-05-11T20:34:28.918Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-46688",
      "date": "2026-05-25",
      "epss": "0.00051",
      "percentile": "0.15956"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.10\", \"versionEndExcluding\": \"6.10.8\", \"matchCriteriaId\": \"2CE718D7-41ED-4D4A-AED5-326C3D4383FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B3CE743-2126-47A3-8B7C-822B502CF119\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DEB27E7-30AA-45CC-8934-B89263EF3551\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0005AEF-856E-47EB-BFE4-90C46899394D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"39889A68-6D34-47A6-82FC-CD0BF23D6754\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\\n\\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\\nmemory allocation failure or fault injection (as reported by syzbot [1]),\\nnew pages need to be freed by comparing to the existing pages to avoid\\nmemory leaks.\\n\\nHowever, the old gbuf-\u003epages[] array may not be large enough, which can\\nlead to null-ptr-deref or out-of-bound access.\\n\\nFix this by checking against gbuf-\u003enrpages in advance.\\n\\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: erofs: se corrige el acceso fuera de los l\\u00edmites cuando z_erofs_gbuf_growsize() falla parcialmente Si z_erofs_gbuf_growsize() falla parcialmente en un b\\u00fafer global debido a un error en la asignaci\\u00f3n de memoria o inyecci\\u00f3n de fallas (como lo inform\\u00f3 syzbot [1]), se deben liberar nuevas p\\u00e1ginas compar\\u00e1ndolas con las p\\u00e1ginas existentes para evitar fugas de memoria. Sin embargo, la matriz gbuf-\u0026gt;pages[] anterior puede no ser lo suficientemente grande, lo que puede provocar un acceso fuera de los l\\u00edmites o una desreferencia de ptr nula. Corrija esto verificando con gbuf-\u0026gt;nrpages de antemano. [1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com\"}]",
      "id": "CVE-2024-46688",
      "lastModified": "2024-09-19T18:01:43.037",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-09-13T06:15:13.547",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-46688\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-09-13T06:15:13.547\",\"lastModified\":\"2024-09-19T18:01:43.037\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\\n\\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\\nmemory allocation failure or fault injection (as reported by syzbot [1]),\\nnew pages need to be freed by comparing to the existing pages to avoid\\nmemory leaks.\\n\\nHowever, the old gbuf-\u003epages[] array may not be large enough, which can\\nlead to null-ptr-deref or out-of-bound access.\\n\\nFix this by checking against gbuf-\u003enrpages in advance.\\n\\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: erofs: se corrige el acceso fuera de los l\u00edmites cuando z_erofs_gbuf_growsize() falla parcialmente Si z_erofs_gbuf_growsize() falla parcialmente en un b\u00fafer global debido a un error en la asignaci\u00f3n de memoria o inyecci\u00f3n de fallas (como lo inform\u00f3 syzbot [1]), se deben liberar nuevas p\u00e1ginas compar\u00e1ndolas con las p\u00e1ginas existentes para evitar fugas de memoria. Sin embargo, la matriz gbuf-\u0026gt;pages[] anterior puede no ser lo suficientemente grande, lo que puede provocar un acceso fuera de los l\u00edmites o una desreferencia de ptr nula. Corrija esto verificando con gbuf-\u0026gt;nrpages de antemano. [1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.10\",\"versionEndExcluding\":\"6.10.8\",\"matchCriteriaId\":\"2CE718D7-41ED-4D4A-AED5-326C3D4383FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3CE743-2126-47A3-8B7C-822B502CF119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DEB27E7-30AA-45CC-8934-B89263EF3551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0005AEF-856E-47EB-BFE4-90C46899394D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"39889A68-6D34-47A6-82FC-CD0BF23D6754\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-46688\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-29T15:07:39.843089Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-29T15:07:43.924Z\"}}], \"cna\": {\"title\": \"erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"d6db47e571dcaecaeaafa8840d00ae849ae3907b\", \"lessThan\": \"49c0e081998008cde0c872c0ff9affa1ece4b878\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d6db47e571dcaecaeaafa8840d00ae849ae3907b\", \"lessThan\": \"0005e01e1e875c5e27130c5e2ed0189749d1e08a\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/erofs/zutil.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.10\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.10\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.10.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.10.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/erofs/zutil.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878\"}, {\"url\": \"https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\\n\\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\\nmemory allocation failure or fault injection (as reported by syzbot [1]),\\nnew pages need to be freed by comparing to the existing pages to avoid\\nmemory leaks.\\n\\nHowever, the old gbuf-\u003epages[] array may not be large enough, which can\\nlead to null-ptr-deref or out-of-bound access.\\n\\nFix this by checking against gbuf-\u003enrpages in advance.\\n\\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.10.8\", \"versionStartIncluding\": \"6.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.11\", \"versionStartIncluding\": \"6.10\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T20:34:28.918Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-46688\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-11T20:34:28.918Z\", \"dateReserved\": \"2024-09-11T15:12:18.249Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-09-13T05:29:19.031Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

BDU:2025-03694

Vulnerability from fstec - Published: 20.08.2024

Title

Уязвимость функции z_erofs_gbuf_growsize() файловой системы ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции z_erofs_gbuf_growsize() файловой системы ядра операционной системы Linux связана с чтением за границами буфера. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения

Software Name

Linux

Software Version

от 6.11.0 до 6.11 rc5 (Linux), от 6.10 до 6.10.7 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878 https://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46688-7a5a@gregkh/ https://git.kernel.org/linus/0005e01e1e875c5e27130c5e2ed0189749d1e08a https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.8 Компенсирующие меры: В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.

Reference

https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878 https://www.cve.org/CVERecord?id=CVE-2024-46688 https://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46688-7a5a@gregkh/ https://git.kernel.org/linus/0005e01e1e875c5e27130c5e2ed0189749d1e08a https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.8

CWE

CWE-125, CWE-787

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 6.11.0 \u0434\u043e 6.11 rc5 (Linux), \u043e\u0442 6.10 \u0434\u043e 6.10.7 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878\nhttps://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46688-7a5a@gregkh/\nhttps://git.kernel.org/linus/0005e01e1e875c5e27130c5e2ed0189749d1e08a\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.8\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "20.08.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "02.04.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "02.04.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-03694",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-46688",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.11.0 \u0434\u043e 6.11 rc5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.10 \u0434\u043e 6.10.7 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 z_erofs_gbuf_growsize() \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125), \u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 z_erofs_gbuf_growsize() \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878\nhttps://www.cve.org/CVERecord?id=CVE-2024-46688\nhttps://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46688-7a5a@gregkh/\nhttps://git.kernel.org/linus/0005e01e1e875c5e27130c5e2ed0189749d1e08a\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.8",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125, CWE-787",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

FKIE_CVE-2024-46688

Vulnerability from fkie_nvd - Published: 2024-09-13 06:15 - Updated: 2024-09-19 18:01

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a	Patch
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	6.11
linux	linux_kernel	6.11
linux	linux_kernel	6.11
linux	linux_kernel	6.11

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE718D7-41ED-4D4A-AED5-326C3D4383FB",
              "versionEndExcluding": "6.10.8",
              "versionStartIncluding": "6.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\n\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\nmemory allocation failure or fault injection (as reported by syzbot [1]),\nnew pages need to be freed by comparing to the existing pages to avoid\nmemory leaks.\n\nHowever, the old gbuf-\u003epages[] array may not be large enough, which can\nlead to null-ptr-deref or out-of-bound access.\n\nFix this by checking against gbuf-\u003enrpages in advance.\n\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: erofs: se corrige el acceso fuera de los l\u00edmites cuando z_erofs_gbuf_growsize() falla parcialmente Si z_erofs_gbuf_growsize() falla parcialmente en un b\u00fafer global debido a un error en la asignaci\u00f3n de memoria o inyecci\u00f3n de fallas (como lo inform\u00f3 syzbot [1]), se deben liberar nuevas p\u00e1ginas compar\u00e1ndolas con las p\u00e1ginas existentes para evitar fugas de memoria. Sin embargo, la matriz gbuf-\u0026gt;pages[] anterior puede no ser lo suficientemente grande, lo que puede provocar un acceso fuera de los l\u00edmites o una desreferencia de ptr nula. Corrija esto verificando con gbuf-\u0026gt;nrpages de antemano. [1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com"
    }
  ],
  "id": "CVE-2024-46688",
  "lastModified": "2024-09-19T18:01:43.037",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-09-13T06:15:13.547",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-HRVW-RFGX-8G4M

Vulnerability from github – Published: 2024-09-13 06:30 – Updated: 2024-09-19 18:30

Details

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails

If z_erofs_gbuf_growsize() partially fails on a global buffer due to memory allocation failure or fault injection (as reported by syzbot [1]), new pages need to be freed by comparing to the existing pages to avoid memory leaks.

However, the old gbuf->pages[] array may not be large enough, which can lead to null-ptr-deref or out-of-bound access.

Fix this by checking against gbuf->nrpages in advance.

[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-46688"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-13T06:15:13Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\n\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\nmemory allocation failure or fault injection (as reported by syzbot [1]),\nnew pages need to be freed by comparing to the existing pages to avoid\nmemory leaks.\n\nHowever, the old gbuf-\u003epages[] array may not be large enough, which can\nlead to null-ptr-deref or out-of-bound access.\n\nFix this by checking against gbuf-\u003enrpages in advance.\n\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com",
  "id": "GHSA-hrvw-rfgx-8g4m",
  "modified": "2024-09-19T18:30:51Z",
  "published": "2024-09-13T06:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46688"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

WID-SEC-W-2024-2133

Vulnerability from csaf_certbund - Published: 2024-09-12 22:00 - Updated: 2025-06-04 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen.

Betroffene Betriebssysteme: - Linux

CVE-2024-46673

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46674

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46675

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46676

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46677

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46678

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46679

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46680

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46681

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46682

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46683

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46684

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46685

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46686

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46687

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46688

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46689

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46690

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46691

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46692

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46693

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46694

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46695

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46696

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46697

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46698

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46699

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46700

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46701

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46702

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46703

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46704

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46705

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46706

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46707

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46708

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46709

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46710

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46711

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

CVE-2024-46712

Affected products

Known affected 9 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
IBM QRadar SIEM <7.5.0 UP11 IF02 IBM / QRadar SIEM		<7.5.0 UP11 IF02

References

110 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://ubuntu.com/security/notices/USN-7156-1	external
https://linux.oracle.com/errata/ELSA-2024-10943.html	external
https://ubuntu.com/security/notices/USN-7154-1	external
https://ubuntu.com/security/notices/USN-7155-1	external
https://ubuntu.com/security/notices/USN-7144-1	external
https://linux.oracle.com/errata/ELSA-2024-12868.html	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://ubuntu.com/security/notices/USN-7186-2	external
https://ubuntu.com/security/notices/USN-7194-1	external
https://ubuntu.com/security/notices/USN-7196-1	external
https://ubuntu.com/security/notices/USN-7166-3	external
https://access.redhat.com/errata/RHSA-2024:11486	external
https://linux.oracle.com/errata/ELSA-2024-12887.html	external
https://errata.build.resf.org/RLSA-2024:10944	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://linux.oracle.com/errata/ELSA-2024-11486.html	external
https://ubuntu.com/security/notices/USN-7154-2	external
https://ubuntu.com/security/notices/USN-7186-1	external
https://access.redhat.com/errata/RHSA-2024:10944	external
https://access.redhat.com/errata/RHSA-2024:10943	external
https://access.redhat.com/errata/RHSA-2024:10939	external
https://linux.oracle.com/errata/ELSA-2024-12884.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/202409…	external
https://lore.kernel.org/linux-cve-announce/	external
https://lists.debian.org/debian-security-announce…	external
https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2…	external
https://lists.debian.org/debian-lts-announce/2024…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://ubuntu.com/security/notices/USN-7069-1	external
https://lists.debian.org/debian-lts-announce/2025…	external
https://ubuntu.com/security/notices/USN-7069-2	external
https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-202…	external
https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2…	external
https://ubuntu.com/security/notices/USN-7088-1	external
https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2…	external
https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-202…	external
https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-202…	external
https://ubuntu.com/security/notices/USN-7088-2	external
https://ubuntu.com/security/notices/USN-7088-3	external
https://linux.oracle.com/errata/ELSA-2024-10939.html	external
https://ubuntu.com/security/notices/USN-7100-1	external
https://ubuntu.com/security/notices/USN-7100-2	external
https://linux.oracle.com/errata/ELSA-2024-12813.html	external
https://linux.oracle.com/errata/ELSA-2024-12815.html	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://ubuntu.com/security/notices/USN-7110-1	external
https://ubuntu.com/security/notices/USN-7088-5	external
https://ubuntu.com/security/notices/USN-7119-1	external
https://ubuntu.com/security/notices/USN-7123-1	external
https://ubuntu.com/security/notices/USN-7166-1	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2025:1658	external
https://www.ibm.com/support/pages/node/7184085	external
https://lists.debian.org/debian-lts-announce/2025…	external
https://access.redhat.com/errata/RHSA-2025:6966	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder einen unspezifischen Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-2133 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2133.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-2133 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2133"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7156-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7156-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-10943 vom 2024-12-12",
        "url": "https://linux.oracle.com/errata/ELSA-2024-10943.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7154-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7154-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7155-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7155-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7144-1 vom 2024-12-09",
        "url": "https://ubuntu.com/security/notices/USN-7144-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12868 vom 2024-12-09",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12868.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4316-1 vom 2024-12-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S4I5Z6ALCJLHTP25U3HMJHEXN4DR2USM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7186-2 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7186-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7194-1 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7194-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7196-1 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7196-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7166-3 vom 2024-12-20",
        "url": "https://ubuntu.com/security/notices/USN-7166-3"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:11486 vom 2024-12-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:11486"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12887.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:10944 vom 2024-12-19",
        "url": "https://errata.build.resf.org/RLSA-2024:10944"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-11486 vom 2025-01-07",
        "url": "https://linux.oracle.com/errata/ELSA-2024-11486.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7154-2 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7154-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7186-1 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7186-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10944 vom 2024-12-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:10944"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10943 vom 2024-12-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:10943"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10939 vom 2024-12-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:10939"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12884.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46675 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091335-CVE-2024-46675-ba70@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46676 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091335-CVE-2024-46676-0b05@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46677 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091336-CVE-2024-46677-b53c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46678 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091336-CVE-2024-46678-ca65@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46679 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091336-CVE-2024-46679-3527@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46680 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091336-CVE-2024-46680-f40d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46681 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091337-CVE-2024-46681-6086@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46682 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091337-CVE-2024-46682-df82@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46684 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091337-CVE-2024-46684-d492@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46685 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46685-6606@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46686 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46686-5b18@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46687 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46687-5668@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46688 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091338-CVE-2024-46688-7a5a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46689 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091339-CVE-2024-46689-4c19@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46690 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091339-CVE-2024-46690-38b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46691 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091339-CVE-2024-46691-93e1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46692 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091339-CVE-2024-46692-f287@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46693 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091340-CVE-2024-46693-cbe3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46694 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091340-CVE-2024-46694-0706@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46695 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091340-CVE-2024-46695-affc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46696 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091340-CVE-2024-46696-a8c1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46697 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091341-CVE-2024-46697-d166@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46698 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091341-CVE-2024-46698-357c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46699 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091341-CVE-2024-46699-b1cf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-46700 vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/2024091341-CVE-2024-46700-ed8e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcements vom 2024-09-12",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5782 vom 2024-10-03",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00195.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-071 vom 2024-10-02",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-071.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3912 vom 2024-10-07",
        "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q7MIMQMCXNGMVS32KLTADYTPQCKF5HWU/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019562.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3553-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019560.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3547-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019566.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3565-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019573.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3563-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019579.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3561-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LSUY4BSWS5WR46CHS4FPBIJIRLKHRDHV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3567-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019577.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3569-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6GBL67LQ3MUSYQCQRQH2AZH3XWILTO5A/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3559-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019575.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3564-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R7FS3QARF7WUPH5GFL22NW3G3SDO2C7Z/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3592-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019589.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3591-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019587.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3587-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019588.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3585-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019586.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7069-1 vom 2024-10-16",
        "url": "https://ubuntu.com/security/notices/USN-7069-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4008 vom 2025-01-03",
        "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7069-2 vom 2024-10-17",
        "url": "https://ubuntu.com/security/notices/USN-7069-2"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2024-192 vom 2024-10-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2024-192.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-072 vom 2024-10-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-072.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-1 vom 2024-10-31",
        "url": "https://ubuntu.com/security/notices/USN-7088-1"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2024-056 vom 2024-10-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2024-056.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2024-194 vom 2024-10-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2024-194.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2024-193 vom 2024-10-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2024-193.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-2 vom 2024-11-04",
        "url": "https://ubuntu.com/security/notices/USN-7088-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-3 vom 2024-11-06",
        "url": "https://ubuntu.com/security/notices/USN-7088-3"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-10939 vom 2024-12-12",
        "url": "https://linux.oracle.com/errata/ELSA-2024-10939.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7100-1 vom 2024-11-11",
        "url": "https://ubuntu.com/security/notices/USN-7100-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7100-2 vom 2024-11-12",
        "url": "https://ubuntu.com/security/notices/USN-7100-2"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12813 vom 2024-11-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12813.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12815 vom 2024-11-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12815.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3986-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CIC23R3UQSPF2K4P2CX54TPCX5T7KWQG/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3984-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L52VEDNTEHWEPR56WZN4KZNMEUYGCJX6/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3985-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB6DG7QR5KXDQRV57H4IY2TB2LW42K4S/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7110-1 vom 2024-11-14",
        "url": "https://ubuntu.com/security/notices/USN-7110-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-5 vom 2024-11-14",
        "url": "https://ubuntu.com/security/notices/USN-7088-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7119-1 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7119-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7123-1 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7123-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7166-1 vom 2024-12-17",
        "url": "https://ubuntu.com/security/notices/USN-7166-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0289-1 vom 2025-01-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020239.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1658 vom 2025-02-19",
        "url": "https://access.redhat.com/errata/RHSA-2025:1658"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7184085 vom 2025-02-25",
        "url": "https://www.ibm.com/support/pages/node/7184085"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4075 vom 2025-03-01",
        "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:6966 vom 2025-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:6966"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20247-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021076.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20246-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021078.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20164-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021175.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20163-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021187.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20073-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021282.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20077-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021265.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-06-04T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-05T06:15:10.900+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-2133",
      "initial_release_date": "2024-09-12T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-09-12T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian und Amazon aufgenommen"
        },
        {
          "date": "2024-10-07T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-10-08T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-09T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-15T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-10-17T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Amazon und Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-04T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-05T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-12T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-14T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-09T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-10T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-11T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-12T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-15T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-16T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        },
        {
          "date": "2024-12-18T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat, Oracle Linux, Rocky Enterprise Software Foundation und SUSE aufgenommen"
        },
        {
          "date": "2024-12-19T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-22T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-02T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-01-06T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-09T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-29T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-02-18T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-24T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-03-02T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-05-13T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-06-03T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-04T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "37"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP11 IF02",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP11 IF02",
                  "product_id": "T041397"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP11 IF02",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP11 IF02",
                  "product_id": "T041397-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up11_if02"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T033107",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-46673",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46673"
    },
    {
      "cve": "CVE-2024-46674",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46674"
    },
    {
      "cve": "CVE-2024-46675",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46675"
    },
    {
      "cve": "CVE-2024-46676",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46676"
    },
    {
      "cve": "CVE-2024-46677",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46677"
    },
    {
      "cve": "CVE-2024-46678",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46678"
    },
    {
      "cve": "CVE-2024-46679",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46679"
    },
    {
      "cve": "CVE-2024-46680",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46680"
    },
    {
      "cve": "CVE-2024-46681",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46681"
    },
    {
      "cve": "CVE-2024-46682",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46682"
    },
    {
      "cve": "CVE-2024-46683",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46683"
    },
    {
      "cve": "CVE-2024-46684",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46684"
    },
    {
      "cve": "CVE-2024-46685",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46685"
    },
    {
      "cve": "CVE-2024-46686",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46686"
    },
    {
      "cve": "CVE-2024-46687",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46687"
    },
    {
      "cve": "CVE-2024-46688",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46688"
    },
    {
      "cve": "CVE-2024-46689",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46689"
    },
    {
      "cve": "CVE-2024-46690",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46690"
    },
    {
      "cve": "CVE-2024-46691",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46691"
    },
    {
      "cve": "CVE-2024-46692",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46692"
    },
    {
      "cve": "CVE-2024-46693",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46693"
    },
    {
      "cve": "CVE-2024-46694",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46694"
    },
    {
      "cve": "CVE-2024-46695",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46695"
    },
    {
      "cve": "CVE-2024-46696",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46696"
    },
    {
      "cve": "CVE-2024-46697",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46697"
    },
    {
      "cve": "CVE-2024-46698",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46698"
    },
    {
      "cve": "CVE-2024-46699",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46699"
    },
    {
      "cve": "CVE-2024-46700",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46700"
    },
    {
      "cve": "CVE-2024-46701",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46701"
    },
    {
      "cve": "CVE-2024-46702",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46702"
    },
    {
      "cve": "CVE-2024-46703",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46703"
    },
    {
      "cve": "CVE-2024-46704",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46704"
    },
    {
      "cve": "CVE-2024-46705",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46705"
    },
    {
      "cve": "CVE-2024-46706",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46706"
    },
    {
      "cve": "CVE-2024-46707",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46707"
    },
    {
      "cve": "CVE-2024-46708",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46708"
    },
    {
      "cve": "CVE-2024-46709",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46709"
    },
    {
      "cve": "CVE-2024-46710",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46710"
    },
    {
      "cve": "CVE-2024-46711",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46711"
    },
    {
      "cve": "CVE-2024-46712",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033107",
          "398363",
          "T004914",
          "T032255",
          "T041397"
        ]
      },
      "release_date": "2024-09-12T22:00:00.000+00:00",
      "title": "CVE-2024-46712"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-46688 (GCVE-0-2024-46688)

BDU:2025-03694

FKIE_CVE-2024-46688

GHSA-HRVW-RFGX-8G4M

WID-SEC-W-2024-2133

Tags

Sightings

Nomenclature